Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/alCXIrNK8CQ70auhA9lBxnULabM.roa
File: alCXIrNK8CQ70auhA9lBxnULabM.roa (raw, json)
Hash identifier: KsbaWhcdTj8Vaj0SMj8hP6wa/MnoHvxdaADYex1RGSs=
Subject key identifier: 6A:50:97:22:B3:4A:F0:24:3B:D1:AB:A1:03:D9:41:C6:75:0B:69:B3
Certificate issuer: /CN=6df86a1f570ae31529022aa4f61efd9ec2b97d05
Certificate serial: 0185729EFB8FE0B09D244868CFF532776D15
Authority key identifier: 6D:F8:6A:1F:57:0A:E3:15:29:02:2A:A4:F6:1E:FD:9E:C2:B9:7D:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/alCXIrNK8CQ70auhA9lBxnULabM.roa
Signing time: Mon 02 Jan 2023 13:14:59 +0000
ROA not before: Mon 02 Jan 2023 13:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207573
IP address blocks: 193.41.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:fb:8f:e0:b0:9d:24:48:68:cf:f5:32:77:6d:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df86a1f570ae31529022aa4f61efd9ec2b97d05
Validity
Not Before: Jan 2 13:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a509722b34af0243bd1aba103d941c6750b69b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1b:63:13:74:aa:23:04:ed:cd:e4:b5:b8:a1:
04:68:b3:72:b3:6d:9d:ed:cc:39:c1:b5:af:c1:8c:
7c:8c:90:b3:8e:c3:1c:c8:8f:c3:7a:fb:65:36:eb:
60:0c:84:91:12:cb:5c:b6:9a:31:fa:af:5e:54:b3:
d6:f2:35:2b:d9:39:bb:71:92:44:ab:6e:97:ef:e9:
11:2e:9c:26:d4:39:f4:dd:1d:d9:c9:2a:84:f5:b3:
91:9c:82:74:de:dc:44:55:b2:f8:f6:22:91:f1:fc:
d8:22:27:a1:e1:0a:40:21:ee:86:a1:c7:67:21:88:
6f:53:b7:a0:75:03:de:bc:68:eb:f9:22:56:ad:49:
5f:c6:1a:68:9d:83:77:f4:19:ce:ac:4d:93:ec:49:
ca:b3:e1:ed:fe:4e:af:82:41:f5:d2:4c:51:6f:69:
bb:ba:15:1d:d0:bd:d7:16:98:77:26:d2:a8:ea:3b:
c6:3e:7f:7e:5d:78:79:f0:a9:b6:ac:5b:d7:e8:b1:
3e:83:79:52:4c:91:8d:6b:40:f2:0c:60:4b:47:bf:
63:e5:c9:ee:9c:7f:9e:96:d0:42:07:1e:6f:59:dd:
4e:0d:ee:87:e5:f4:51:e8:8d:d6:7b:1e:66:0f:8f:
9c:f9:72:29:ea:2a:3d:81:e4:dd:a5:1b:d4:28:9f:
89:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:50:97:22:B3:4A:F0:24:3B:D1:AB:A1:03:D9:41:C6:75:0B:69:B3
X509v3 Authority Key Identifier:
keyid:6D:F8:6A:1F:57:0A:E3:15:29:02:2A:A4:F6:1E:FD:9E:C2:B9:7D:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/alCXIrNK8CQ70auhA9lBxnULabM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.59.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:37:9f:19:5d:76:d4:ce:45:43:ff:7e:19:e5:68:18:35:68:
46:57:5d:4f:63:74:0b:ce:10:d0:75:f3:7c:f4:43:e1:e7:0d:
17:06:0a:78:a6:67:3a:bb:1f:c6:f2:56:9b:b0:5b:dd:52:f5:
88:18:0c:bd:4e:2e:59:d2:4e:cd:6a:11:a8:f2:49:f3:4c:19:
c2:bb:51:58:65:e7:a8:4b:4c:04:4b:1c:da:e5:bb:e0:70:6c:
a2:b3:ca:25:c6:23:fb:50:93:16:e5:10:59:b4:27:83:ec:52:
ba:d7:d5:10:54:d5:82:99:d7:b8:73:be:03:8b:8e:15:0c:32:
86:fa:95:2c:7f:ab:cd:be:5b:81:2b:99:b2:86:79:0f:7f:8a:
aa:30:7a:40:48:bf:e1:5f:73:4c:16:6b:6f:82:9c:3d:8a:78:
a8:2c:94:06:a3:40:2e:c0:34:d3:6c:61:13:a1:27:7c:df:f4:
28:99:f0:b9:17:c3:ba:6b:67:1e:96:00:0d:c1:a9:2d:bf:a6:
ce:8e:ee:78:cf:a3:1a:f1:69:7d:8d:34:18:c3:b3:f4:9d:90:
fc:10:af:43:0c:ea:40:fc:c8:5e:b8:7e:b4:9a:13:02:16:84:
94:31:41:2c:6c:2c:fd:6e:01:71:03:51:96:89:37:d2:22:f9:
dc:62:07:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynvuP4LCdJEhoz/Uyd20VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjg2YTFmNTcwYWUzMTUyOTAyMmFhNGY2MWVmZDllYzJi
OTdkMDUwHhcNMjMwMTAyMTMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTUwOTcyMmIzNGFmMDI0M2JkMWFiYTEwM2Q5NDFjNjc1MGI2OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBtjE3SqIwTtzeS1uKEEaLNys22d
7cw5wbWvwYx8jJCzjsMcyI/DevtlNutgDISREstctpox+q9eVLPW8jUr2Tm7cZJE
q26X7+kRLpwm1Dn03R3ZySqE9bORnIJ03txEVbL49iKR8fzYIieh4QpAIe6Gocdn
IYhvU7egdQPevGjr+SJWrUlfxhponYN39BnOrE2T7EnKs+Ht/k6vgkH10kxRb2m7
uhUd0L3XFph3JtKo6jvGPn9+XXh58Km2rFvX6LE+g3lSTJGNa0DyDGBLR79j5cnu
nH+eltBCBx5vWd1ODe6H5fRR6I3Wex5mD4+c+XIp6io9geTdpRvUKJ+JKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpQlyKzSvAkO9GroQPZQcZ1C2mzMB8GA1UdIwQY
MBaAFG34ah9XCuMVKQIqpPYe/Z7CuX0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82YWRkMzUtYTk4My00MDExLWFmOGEt
N2FhYzJkODQ3OTU1LzEvYWxDWElyTks4Q1E3MGF1aEE5bEJ4blVMYWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS82YWRkMzUtYTk4My00MDExLWFmOGEtN2FhYzJkODQ3OTU1
LzEvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSk7MA0G
CSqGSIb3DQEBCwUAA4IBAQDNN58ZXXbUzkVD/34Z5WgYNWhGV11PY3QLzhDQdfN8
9EPh5w0XBgp4pmc6ux/G8labsFvdUvWIGAy9Ti5Z0k7NahGo8knzTBnCu1FYZeeo
S0wESxza5bvgcGyis8olxiP7UJMW5RBZtCeD7FK619UQVNWCmde4c74Di44VDDKG
+pUsf6vNvluBK5myhnkPf4qqMHpASL/hX3NMFmtvgpw9inioLJQGo0AuwDTTbGET
oSd83/QomfC5F8O6a2celgANwaktv6bOju54z6Ma8Wl9jTQYw7P0nZD8EK9DDOpA
/MheuH60mhMCFoSUMUEsbCz9bgFxA1GWiTfSIvncYgdk
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:46 2024 by rpki-client on console-fra.rpki-client.org