Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/014245-8685-4af3-9387-a0f5742b1b04/1/kDoBSo9KzYTJqMbLBdlRmA4Z6CY.roa
File: kDoBSo9KzYTJqMbLBdlRmA4Z6CY.roa (raw, json)
Hash identifier: pQdh9m+/NdTESy7Ik8VKWEjdl112QHURY+UtQp93w4A=
Subject key identifier: 90:3A:01:4A:8F:4A:CD:84:C9:A8:C6:CB:05:D9:51:98:0E:19:E8:26
Certificate issuer: /CN=a509e86576c065e14bfbee8f652ab6c279ccde12
Certificate serial: 01856E38D210323DE181ECCF5765E9F62C3F
Authority key identifier: A5:09:E8:65:76:C0:65:E1:4B:FB:EE:8F:65:2A:B6:C2:79:CC:DE:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQnoZXbAZeFL--6PZSq2wnnM3hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/014245-8685-4af3-9387-a0f5742b1b04/1/kDoBSo9KzYTJqMbLBdlRmA4Z6CY.roa
Signing time: Sun 01 Jan 2023 16:44:55 +0000
ROA not before: Sun 01 Jan 2023 16:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24940
IP address blocks: 193.163.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:d2:10:32:3d:e1:81:ec:cf:57:65:e9:f6:2c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a509e86576c065e14bfbee8f652ab6c279ccde12
Validity
Not Before: Jan 1 16:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=903a014a8f4acd84c9a8c6cb05d951980e19e826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c0:44:ea:c6:5c:a5:64:bd:25:fe:35:75:42:
96:42:42:28:0a:d9:c5:2f:78:37:02:4a:ac:53:51:
0d:d2:cf:b0:04:7b:b8:c5:06:5c:c4:3c:33:e3:51:
ea:42:95:f4:b6:44:c5:60:37:f0:98:c4:86:3a:02:
d7:fb:ab:88:14:de:cb:de:d7:0a:94:07:a3:71:69:
a1:e9:09:ed:9d:56:48:e9:73:7a:37:8b:23:94:07:
12:82:49:59:bf:87:d5:63:e6:f3:6a:6f:0f:27:79:
f3:40:86:23:96:a2:67:22:10:4e:a9:ae:6c:47:a0:
b6:a5:ff:19:ef:7f:36:c7:c2:4d:ec:23:60:06:2c:
2d:ae:18:68:ff:16:f1:3d:ac:b3:6e:42:d4:8c:89:
ca:ad:81:08:8f:a9:d3:75:11:48:51:60:f1:6e:f9:
84:50:60:4e:4e:8a:9e:33:31:03:59:8f:53:20:5f:
a2:63:cb:f5:c7:aa:6e:77:0c:96:5e:41:b5:5e:bd:
82:0a:8b:e1:a0:8c:8e:0f:45:be:65:31:ac:7c:fd:
32:98:07:78:90:0a:fb:ef:93:3f:3d:53:37:25:e4:
b5:3d:2e:63:d5:41:c6:24:d9:54:ed:5a:8d:64:d1:
d3:8d:cf:6c:17:07:46:71:e4:9d:12:a9:ef:66:1b:
85:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3A:01:4A:8F:4A:CD:84:C9:A8:C6:CB:05:D9:51:98:0E:19:E8:26
X509v3 Authority Key Identifier:
keyid:A5:09:E8:65:76:C0:65:E1:4B:FB:EE:8F:65:2A:B6:C2:79:CC:DE:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQnoZXbAZeFL--6PZSq2wnnM3hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/014245-8685-4af3-9387-a0f5742b1b04/1/kDoBSo9KzYTJqMbLBdlRmA4Z6CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/014245-8685-4af3-9387-a0f5742b1b04/1/pQnoZXbAZeFL--6PZSq2wnnM3hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.198.0/24
Signature Algorithm: sha256WithRSAEncryption
25:dd:bf:4c:40:c9:59:ed:66:e2:d1:65:7f:08:a7:0c:25:c5:
06:d1:e8:4e:eb:c9:84:83:8c:4c:d2:d4:50:a0:eb:17:b3:41:
07:b4:6e:65:b5:1f:87:f6:e9:46:89:5f:30:ef:87:bd:48:61:
91:47:86:1b:2f:d3:cb:20:7e:ff:c4:1c:d7:b8:00:7d:ba:4b:
17:e3:41:30:d7:44:a2:72:5c:06:5f:9c:b2:b6:2b:10:b7:eb:
99:4c:83:81:10:ba:71:db:93:ac:f5:66:54:36:a5:a5:43:f0:
55:4a:9d:fe:c3:dd:b2:f8:65:d6:0e:aa:82:53:04:9e:05:14:
25:41:95:cb:01:bd:53:ba:e8:b8:dc:26:34:0e:c0:8d:e8:4f:
4e:bb:90:1b:48:fd:e6:76:be:44:13:f2:c5:d1:c5:9a:2e:87:
eb:b6:7f:69:98:d1:83:ab:50:bb:c2:49:45:ab:3d:8b:15:88:
ad:6c:04:35:13:ba:0e:bb:9e:d8:80:61:93:27:a7:52:fc:a6:
8e:2e:a4:3e:25:a6:8a:31:41:ed:e0:ae:1f:08:dd:ca:de:87:
f8:ea:9a:36:5a:31:69:da:b2:07:39:19:0b:b1:df:4a:e7:e7:
73:57:65:73:1d:3c:6b:73:8a:f7:fa:99:f5:ab:eb:1c:22:4e:
76:78:e6:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuONIQMj3hgezPV2Xp9iw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MDllODY1NzZjMDY1ZTE0YmZiZWU4ZjY1MmFiNmMyNzlj
Y2RlMTIwHhcNMjMwMTAxMTY0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDNhMDE0YThmNGFjZDg0YzlhOGM2Y2IwNWQ5NTE5ODBlMTllODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsBE6sZcpWS9Jf41dUKWQkIoCtnF
L3g3AkqsU1EN0s+wBHu4xQZcxDwz41HqQpX0tkTFYDfwmMSGOgLX+6uIFN7L3tcK
lAejcWmh6QntnVZI6XN6N4sjlAcSgklZv4fVY+bzam8PJ3nzQIYjlqJnIhBOqa5s
R6C2pf8Z7382x8JN7CNgBiwtrhho/xbxPayzbkLUjInKrYEIj6nTdRFIUWDxbvmE
UGBOToqeMzEDWY9TIF+iY8v1x6pudwyWXkG1Xr2CCovhoIyOD0W+ZTGsfP0ymAd4
kAr775M/PVM3JeS1PS5j1UHGJNlU7VqNZNHTjc9sFwdGceSdEqnvZhuFiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJA6AUqPSs2EyajGywXZUZgOGegmMB8GA1UdIwQY
MBaAFKUJ6GV2wGXhS/vuj2UqtsJ5zN4SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFFub1pYYkFaZUZMLS02UFpTcTJ3bm5NM2hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wMTQyNDUtODY4NS00YWYzLTkzODct
YTBmNTc0MmIxYjA0LzEva0RvQlNvOUt6WVRKcU1iTEJkbFJtQTRaNkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8wMTQyNDUtODY4NS00YWYzLTkzODctYTBmNTc0MmIxYjA0
LzEvcFFub1pYYkFaZUZMLS02UFpTcTJ3bm5NM2hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaPGMA0G
CSqGSIb3DQEBCwUAA4IBAQAl3b9MQMlZ7Wbi0WV/CKcMJcUG0ehO68mEg4xM0tRQ
oOsXs0EHtG5ltR+H9ulGiV8w74e9SGGRR4YbL9PLIH7/xBzXuAB9uksX40Ew10Si
clwGX5yytisQt+uZTIOBELpx25Os9WZUNqWlQ/BVSp3+w92y+GXWDqqCUwSeBRQl
QZXLAb1Tuui43CY0DsCN6E9Ou5AbSP3mdr5EE/LF0cWaLofrtn9pmNGDq1C7wklF
qz2LFYitbAQ1E7oOu57YgGGTJ6dS/KaOLqQ+JaaKMUHt4K4fCN3K3of46po2WjFp
2rIHORkLsd9K5+dzV2VzHTxrc4r3+pn1q+scIk52eOYg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:44 2024 by rpki-client on console-fra.rpki-client.org