Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/PRlNdRDlcow8C3jXwOuKFCMlG0w.roa
File: PRlNdRDlcow8C3jXwOuKFCMlG0w.roa (raw, json)
Hash identifier: GwWY705qULpdkKJfuSkauXBXB3Vb8UE9Z93HFxVU0zo=
Subject key identifier: 3D:19:4D:75:10:E5:72:8C:3C:0B:78:D7:C0:EB:8A:14:23:25:1B:4C
Certificate issuer: /CN=b443914a48e5dae5a756b1e3b8fbe437ee0d8b0c
Certificate serial: 01856E1455B4968C3154FC30D6A7AE23DC31
Authority key identifier: B4:43:91:4A:48:E5:DA:E5:A7:56:B1:E3:B8:FB:E4:37:EE:0D:8B:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEORSkjl2uWnVrHjuPvkN-4Niww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/PRlNdRDlcow8C3jXwOuKFCMlG0w.roa
Signing time: Sun 01 Jan 2023 16:05:04 +0000
ROA not before: Sun 01 Jan 2023 16:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21239
IP address blocks: 194.0.6.0/24 maxlen: 24
193.109.126.0/24 maxlen: 24
2a02:6e0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:55:b4:96:8c:31:54:fc:30:d6:a7:ae:23:dc:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b443914a48e5dae5a756b1e3b8fbe437ee0d8b0c
Validity
Not Before: Jan 1 16:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d194d7510e5728c3c0b78d7c0eb8a1423251b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:56:ec:0e:44:9f:f4:bf:57:2a:f4:35:0d:77:
ef:0f:62:7d:68:05:41:7a:99:5b:02:1e:48:a4:6a:
70:1c:f3:34:8b:3a:bf:7f:80:59:91:e0:26:dc:51:
36:4a:0a:99:b0:58:75:b3:0c:2a:2e:e4:96:8c:32:
74:24:00:c5:8a:18:e0:13:cd:9a:42:63:4a:37:04:
e6:b4:96:86:ee:be:4e:f4:23:1f:23:84:e5:e6:08:
97:99:d4:a1:df:cc:c9:47:de:a8:c8:ca:5a:d9:78:
9f:42:cf:18:73:7b:29:eb:0c:94:a0:6d:89:a5:fe:
b6:7a:aa:d0:31:19:47:35:8e:0d:bc:43:8f:ff:03:
74:8b:c0:2f:eb:01:bd:cd:22:80:45:b3:5f:ab:62:
9c:1a:a6:e0:65:86:f6:ea:03:6a:55:08:8f:f7:60:
3d:cd:1a:ba:d3:0d:65:d2:a6:f4:80:5d:23:00:7b:
8b:96:28:51:a0:a6:8a:75:d9:44:3e:40:91:95:71:
52:52:2d:bb:b9:be:6f:5b:1c:76:2a:3e:6b:b0:fe:
4c:82:bb:b7:b4:50:0f:61:51:9a:7d:ff:d0:1d:2b:
9e:08:28:46:65:5d:8d:b9:a1:2e:bf:3c:89:b9:e3:
6a:69:48:55:ef:c3:c9:64:32:19:54:84:bb:db:6f:
8d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:19:4D:75:10:E5:72:8C:3C:0B:78:D7:C0:EB:8A:14:23:25:1B:4C
X509v3 Authority Key Identifier:
keyid:B4:43:91:4A:48:E5:DA:E5:A7:56:B1:E3:B8:FB:E4:37:EE:0D:8B:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEORSkjl2uWnVrHjuPvkN-4Niww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/PRlNdRDlcow8C3jXwOuKFCMlG0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/tEORSkjl2uWnVrHjuPvkN-4Niww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.126.0/24
194.0.6.0/24
IPv6:
2a02:6e0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:49:21:e9:76:ab:0c:4e:dd:71:2b:02:f6:51:3c:65:89:23:
cd:da:41:e2:28:d5:63:01:63:6d:8f:47:b1:e7:83:f9:8b:18:
c9:6a:33:69:f9:59:2a:ce:24:a2:fa:48:f9:b6:fd:f4:7f:6a:
de:0f:c0:52:03:27:35:b5:11:53:92:36:11:09:2d:0d:c9:aa:
11:5b:85:74:e7:5e:df:28:f5:7d:f3:93:cc:0e:6a:0a:05:4d:
e5:2c:7e:69:fc:85:bc:f8:3d:d0:1b:d5:3d:c1:06:0d:65:91:
f4:17:9e:a8:d4:d3:2c:1d:da:de:03:b2:5f:f8:49:b9:5b:08:
50:7b:78:c6:96:a7:97:5c:30:18:a0:ec:12:a3:40:7f:16:89:
7f:6d:2a:9a:78:a9:64:b1:fe:ba:47:cb:d5:d5:c1:3e:04:69:
76:a9:eb:d1:fb:6c:88:f1:28:40:cb:c2:56:c4:55:4d:07:d6:
61:0a:78:a5:90:23:30:40:93:b3:21:4b:e7:42:a7:37:d8:83:
7c:b9:a0:36:09:9d:c2:17:40:7c:b2:97:cc:94:47:e5:a0:0e:
d2:a5:3b:a8:e4:7e:15:39:71:29:ed:9d:72:f0:b7:97:2b:19:
f2:cc:dc:c7:81:98:82:ab:b4:11:61:8c:18:c8:3d:69:00:69:
e6:cc:ff:07
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuFFW0lowxVPww1qeuI9wxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NDM5MTRhNDhlNWRhZTVhNzU2YjFlM2I4ZmJlNDM3ZWUw
ZDhiMGMwHhcNMjMwMTAxMTYwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDE5NGQ3NTEwZTU3MjhjM2MwYjc4ZDdjMGViOGExNDIzMjUxYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVbsDkSf9L9XKvQ1DXfvD2J9aAVB
eplbAh5IpGpwHPM0izq/f4BZkeAm3FE2SgqZsFh1swwqLuSWjDJ0JADFihjgE82a
QmNKNwTmtJaG7r5O9CMfI4Tl5giXmdSh38zJR96oyMpa2XifQs8Yc3sp6wyUoG2J
pf62eqrQMRlHNY4NvEOP/wN0i8Av6wG9zSKARbNfq2KcGqbgZYb26gNqVQiP92A9
zRq60w1l0qb0gF0jAHuLlihRoKaKddlEPkCRlXFSUi27ub5vWxx2Kj5rsP5Mgru3
tFAPYVGaff/QHSueCChGZV2NuaEuvzyJueNqaUhV78PJZDIZVIS722+NkwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD0ZTXUQ5XKMPAt418DrihQjJRtMMB8GA1UdIwQY
MBaAFLRDkUpI5drlp1ax47j75DfuDYsMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEVPUlNramwydVduVnJIanVQdmtOLTROaXd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC82OTIwZDItYTdhNi00MWE1LTk2ZTAt
MzE0ZWY3NDZkOGE2LzEvUFJsTmRSRGxjb3c4QzNqWHdPdUtGQ01sRzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC82OTIwZDItYTdhNi00MWE1LTk2ZTAtMzE0ZWY3NDZkOGE2
LzEvdEVPUlNramwydVduVnJIanVQdmtOLTROaXd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwW1+AwQA
wgAGMA0EAgACMAcDBQAqAgbgMA0GCSqGSIb3DQEBCwUAA4IBAQCbSSHpdqsMTt1x
KwL2UTxliSPN2kHiKNVjAWNtj0ex54P5ixjJajNp+VkqziSi+kj5tv30f2reD8BS
Ayc1tRFTkjYRCS0NyaoRW4V0517fKPV985PMDmoKBU3lLH5p/IW8+D3QG9U9wQYN
ZZH0F56o1NMsHdreA7Jf+Em5WwhQe3jGlqeXXDAYoOwSo0B/Fol/bSqaeKlksf66
R8vV1cE+BGl2qevR+2yI8ShAy8JWxFVNB9ZhCnilkCMwQJOzIUvnQqc32IN8uaA2
CZ3CF0B8spfMlEfloA7SpTuo5H4VOXEp7Z1y8LeXKxnyzNzHgZiCq7QRYYwYyD1p
AGnmzP8H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:55 2024 by rpki-client on console-ams.rpki-client.org