Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/2cb63f-1613-459b-8115-554cabb9ad05/1/8twekKuGXQeHD-Ihg5TOPwjuGE8.roa
File: 8twekKuGXQeHD-Ihg5TOPwjuGE8.roa (raw, json)
Hash identifier: 59kCynCFLxPW/vwk9RAIW99yL/iPgHS41ukhVrLXkRE=
Subject key identifier: F2:DC:1E:90:AB:86:5D:07:87:0F:E2:21:83:94:CE:3F:08:EE:18:4F
Certificate issuer: /CN=1f94d1a29cce26153b934fb47c2ee21674bb85cb
Certificate serial: 01856D418BDB9EF05CDF43D55A47A505092B
Authority key identifier: 1F:94:D1:A2:9C:CE:26:15:3B:93:4F:B4:7C:2E:E2:16:74:BB:85:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H5TRopzOJhU7k0-0fC7iFnS7hcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/2cb63f-1613-459b-8115-554cabb9ad05/1/8twekKuGXQeHD-Ihg5TOPwjuGE8.roa
Signing time: Sun 01 Jan 2023 12:14:50 +0000
ROA not before: Sun 01 Jan 2023 12:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212636
IP address blocks: 193.23.52.0/24 maxlen: 24
2a10:5ac0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:8b:db:9e:f0:5c:df:43:d5:5a:47:a5:05:09:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f94d1a29cce26153b934fb47c2ee21674bb85cb
Validity
Not Before: Jan 1 12:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2dc1e90ab865d07870fe2218394ce3f08ee184f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7b:4a:8f:aa:af:90:dc:a6:e1:ec:9a:dd:f7:
b3:7b:5c:4f:07:97:87:08:50:15:d3:6c:e8:d7:e6:
9a:0a:de:c8:f7:02:a4:e4:79:55:82:49:5b:67:a2:
83:eb:7f:87:6c:a7:99:39:af:14:54:73:9a:12:51:
d8:83:d8:a4:14:49:c9:0f:1b:9b:30:d3:39:a6:bb:
43:44:01:77:f1:79:f5:4b:4b:b9:94:fc:87:ac:b0:
24:ac:d5:e9:30:d5:db:c9:20:56:19:ae:d5:5c:3b:
83:44:41:5c:0d:30:28:76:96:03:e0:2b:79:20:60:
fc:f6:ad:26:70:42:09:4d:8b:d1:25:cd:09:ea:d6:
94:3c:59:ed:68:36:37:e5:c8:cc:4a:1b:51:3c:fb:
84:e6:52:c8:0a:e5:2b:47:9d:34:a6:65:e4:11:8f:
86:8a:19:ac:4b:9a:51:73:d5:cc:eb:ff:56:e3:18:
60:a4:ee:e8:1b:17:2e:96:e7:7e:fe:bc:33:f2:92:
38:1d:c1:d6:e8:54:88:ac:8b:f1:8b:0a:30:7f:d8:
fb:73:35:d5:9d:4d:cb:ba:a5:6a:78:d7:4a:12:e5:
a6:75:73:cc:87:89:26:ea:3f:e1:ca:9f:a1:1a:76:
c2:a8:c2:b3:12:b1:b9:0e:96:46:cb:be:68:2b:b0:
90:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DC:1E:90:AB:86:5D:07:87:0F:E2:21:83:94:CE:3F:08:EE:18:4F
X509v3 Authority Key Identifier:
keyid:1F:94:D1:A2:9C:CE:26:15:3B:93:4F:B4:7C:2E:E2:16:74:BB:85:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H5TRopzOJhU7k0-0fC7iFnS7hcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2cb63f-1613-459b-8115-554cabb9ad05/1/8twekKuGXQeHD-Ihg5TOPwjuGE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2cb63f-1613-459b-8115-554cabb9ad05/1/H5TRopzOJhU7k0-0fC7iFnS7hcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.52.0/24
IPv6:
2a10:5ac0::/29
Signature Algorithm: sha256WithRSAEncryption
b8:2d:c1:82:d9:0a:07:ef:81:93:38:ed:ed:50:47:46:a0:3e:
67:ec:43:ee:85:c8:42:b8:e0:5a:46:3c:c7:74:12:fd:69:bf:
b7:c7:52:0e:9c:f7:74:c3:49:b9:ce:fb:69:02:5d:de:94:64:
6c:f7:1b:8d:dc:40:99:c4:e7:82:40:b3:62:06:52:8d:7e:47:
5c:64:ed:85:82:c4:e7:d1:50:a6:cb:f2:5e:d6:1d:38:2c:f8:
3e:59:de:ce:2a:f8:0e:56:78:db:ce:c1:7c:3c:6d:ac:e4:9e:
b8:43:4a:4b:52:3b:de:7c:86:a7:20:e9:c5:2d:e9:f9:79:5b:
7a:e9:90:e3:51:d6:20:dd:ea:f4:6a:7f:51:28:40:64:29:c5:
5b:d4:bb:8d:01:bb:4a:c1:8b:72:27:7c:60:05:d0:62:8a:a4:
f4:33:10:fc:b4:b3:d0:fb:f7:03:19:9c:46:bf:94:fc:17:75:
d1:0e:19:75:c3:30:4b:40:dd:bf:bd:54:2e:60:fd:7d:ca:d5:
9e:c1:d9:7e:30:29:4f:13:36:fb:83:b9:e9:0d:d1:ca:13:c8:
45:d0:de:fa:7b:af:24:0e:56:6d:ea:06:80:a2:c7:8d:c9:ef:
02:55:03:17:38:06:12:26:c2:c8:9e:32:d8:99:3b:39:a4:53:
25:54:ae:b7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtQYvbnvBc30PVWkelBQkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOTRkMWEyOWNjZTI2MTUzYjkzNGZiNDdjMmVlMjE2NzRi
Yjg1Y2IwHhcNMjMwMTAxMTIxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRjMWU5MGFiODY1ZDA3ODcwZmUyMjE4Mzk0Y2UzZjA4ZWUxODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXtKj6qvkNym4eya3feze1xPB5eH
CFAV02zo1+aaCt7I9wKk5HlVgklbZ6KD63+HbKeZOa8UVHOaElHYg9ikFEnJDxub
MNM5prtDRAF38Xn1S0u5lPyHrLAkrNXpMNXbySBWGa7VXDuDREFcDTAodpYD4Ct5
IGD89q0mcEIJTYvRJc0J6taUPFntaDY35cjMShtRPPuE5lLICuUrR500pmXkEY+G
ihmsS5pRc9XM6/9W4xhgpO7oGxculud+/rwz8pI4HcHW6FSIrIvxiwowf9j7czXV
nU3LuqVqeNdKEuWmdXPMh4km6j/hyp+hGnbCqMKzErG5DpZGy75oK7CQBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPLcHpCrhl0Hhw/iIYOUzj8I7hhPMB8GA1UdIwQY
MBaAFB+U0aKcziYVO5NPtHwu4hZ0u4XLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDVUUm9wek9KaFU3azAtMGZDN2lGblM3aGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8yY2I2M2YtMTYxMy00NTliLTgxMTUt
NTU0Y2FiYjlhZDA1LzEvOHR3ZWtLdUdYUWVIRC1JaGc1VE9Qd2p1R0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8yY2I2M2YtMTYxMy00NTliLTgxMTUtNTU0Y2FiYjlhZDA1
LzEvSDVUUm9wek9KaFU3azAtMGZDN2lGblM3aGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRc0MA0E
AgACMAcDBQMqEFrAMA0GCSqGSIb3DQEBCwUAA4IBAQC4LcGC2QoH74GTOO3tUEdG
oD5n7EPuhchCuOBaRjzHdBL9ab+3x1IOnPd0w0m5zvtpAl3elGRs9xuN3ECZxOeC
QLNiBlKNfkdcZO2FgsTn0VCmy/Je1h04LPg+Wd7OKvgOVnjbzsF8PG2s5J64Q0pL
UjvefIanIOnFLen5eVt66ZDjUdYg3er0an9RKEBkKcVb1LuNAbtKwYtyJ3xgBdBi
iqT0MxD8tLPQ+/cDGZxGv5T8F3XRDhl1wzBLQN2/vVQuYP19ytWewdl+MClPEzb7
g7npDdHKE8hF0N76e68kDlZt6gaAoseNye8CVQMXOAYSJsLInjLYmTs5pFMlVK63
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:43 2024 by rpki-client on console-fra.rpki-client.org