Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/fNexqdD6qBumBz-F8mutFsSon6s.roa
File: fNexqdD6qBumBz-F8mutFsSon6s.roa (raw, json)
Hash identifier: Izqak6Ck/rdex8LANT6UL1HsffmSUd76AaTU6B1LRME=
Subject key identifier: 7C:D7:B1:A9:D0:FA:A8:1B:A6:07:3F:85:F2:6B:AD:16:C4:A8:9F:AB
Certificate issuer: /CN=8d3f356a02d9679ce890b5d51e0dec2f3f363361
Certificate serial: 01856F79894416C09D6F08F6769680B9781A
Authority key identifier: 8D:3F:35:6A:02:D9:67:9C:E8:90:B5:D5:1E:0D:EC:2F:3F:36:33:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jT81agLZZ5zokLXVHg3sLz82M2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/fNexqdD6qBumBz-F8mutFsSon6s.roa
Signing time: Sun 01 Jan 2023 22:35:13 +0000
ROA not before: Sun 01 Jan 2023 22:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213042
IP address blocks: 193.163.70.0/24 maxlen: 24
2a11:4e00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:89:44:16:c0:9d:6f:08:f6:76:96:80:b9:78:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d3f356a02d9679ce890b5d51e0dec2f3f363361
Validity
Not Before: Jan 1 22:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cd7b1a9d0faa81ba6073f85f26bad16c4a89fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d9:02:d7:56:8a:78:31:9e:e5:14:16:cf:ca:
30:67:8f:e2:96:06:88:bd:6c:e0:b4:34:2a:24:ed:
90:1a:2a:b3:73:2f:45:03:50:a8:88:15:9b:14:5f:
86:33:2b:62:1a:6a:cb:e6:34:c6:be:77:dd:55:d8:
db:1a:3a:79:8b:54:a9:bd:c4:93:c3:a0:cd:9c:a0:
6a:ae:5e:1b:9c:c1:66:fe:76:93:61:07:39:0a:73:
7d:c1:f7:b5:36:72:e1:0b:14:6c:bb:a4:6e:a3:e6:
b4:3f:b3:98:b2:c8:37:e7:cc:5a:a7:7f:6c:8a:81:
7e:38:7b:4b:cf:12:ab:6d:90:5e:ab:1b:a0:86:05:
86:cc:ba:43:5f:fe:0b:f5:37:44:28:66:09:fb:13:
8a:a5:77:49:3b:ae:f9:6b:e0:c9:72:54:94:d4:e1:
92:68:18:9f:ac:39:33:b0:14:6c:5f:6c:fe:f0:6f:
b4:60:11:35:76:91:94:26:d6:da:d5:76:c7:d3:3c:
44:a0:56:ac:1f:66:97:19:16:45:8c:95:9a:f1:28:
e3:b7:c9:f0:32:f1:c1:20:07:0c:cb:51:91:ab:f9:
55:2c:fb:6e:ea:44:72:ef:e6:6d:7f:68:90:5d:41:
46:46:92:97:f7:5f:e9:70:41:5e:1b:c2:41:70:a7:
3e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D7:B1:A9:D0:FA:A8:1B:A6:07:3F:85:F2:6B:AD:16:C4:A8:9F:AB
X509v3 Authority Key Identifier:
keyid:8D:3F:35:6A:02:D9:67:9C:E8:90:B5:D5:1E:0D:EC:2F:3F:36:33:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jT81agLZZ5zokLXVHg3sLz82M2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/fNexqdD6qBumBz-F8mutFsSon6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/jT81agLZZ5zokLXVHg3sLz82M2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.70.0/24
IPv6:
2a11:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
b4:b9:4b:47:90:94:8f:aa:62:5f:9a:08:e2:9b:83:20:75:b9:
93:01:82:1d:8b:fe:d1:f5:31:4a:1c:4d:0e:c7:5b:46:20:b0:
c3:e7:d9:74:6f:8d:32:2d:08:b1:a3:03:41:c5:b8:6c:f6:03:
b5:ec:76:59:e0:43:7a:01:85:34:0c:79:27:10:16:6d:fc:25:
5a:03:75:f2:19:a9:fb:3b:e4:53:32:3f:6e:6d:bd:d5:71:5b:
8d:b5:3b:f5:82:62:f3:92:fe:4c:5a:e8:6d:91:1c:78:4d:74:
42:dd:c9:f8:54:0b:e4:1a:27:7f:7d:36:ca:40:65:4c:d7:57:
2c:24:32:3a:a9:9f:e8:a5:f8:d8:59:00:5b:d5:a3:ed:30:d6:
19:4b:c0:1f:ca:39:bd:a9:74:0a:0f:02:b2:6c:ed:96:56:cb:
64:49:5c:9d:09:d1:df:06:55:36:4e:5a:8d:f6:27:2b:72:45:
e6:51:e2:dc:68:f0:11:76:93:e1:c6:3f:ac:b6:99:43:98:e2:
21:a2:6e:19:ff:8d:c2:39:f4:0b:9c:ae:c6:b5:36:82:47:21:
9b:7f:b0:78:7a:5d:d3:f7:ee:18:39:d9:a1:df:bd:9c:6b:f1:
0f:4e:35:96:41:92:82:2e:86:d6:c8:9c:fb:90:37:3a:95:4c:
82:8f:e2:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVveYlEFsCdbwj2dpaAuXgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkM2YzNTZhMDJkOTY3OWNlODkwYjVkNTFlMGRlYzJmM2Yz
NjMzNjEwHhcNMjMwMTAxMjIzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Q3YjFhOWQwZmFhODFiYTYwNzNmODVmMjZiYWQxNmM0YTg5ZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltkC11aKeDGe5RQWz8owZ4/ilgaI
vWzgtDQqJO2QGiqzcy9FA1CoiBWbFF+GMytiGmrL5jTGvnfdVdjbGjp5i1SpvcST
w6DNnKBqrl4bnMFm/naTYQc5CnN9wfe1NnLhCxRsu6Ruo+a0P7OYssg358xap39s
ioF+OHtLzxKrbZBeqxughgWGzLpDX/4L9TdEKGYJ+xOKpXdJO675a+DJclSU1OGS
aBifrDkzsBRsX2z+8G+0YBE1dpGUJtba1XbH0zxEoFasH2aXGRZFjJWa8Sjjt8nw
MvHBIAcMy1GRq/lVLPtu6kRy7+Ztf2iQXUFGRpKX91/pcEFeG8JBcKc+8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHzXsanQ+qgbpgc/hfJrrRbEqJ+rMB8GA1UdIwQY
MBaAFI0/NWoC2Wec6JC11R4N7C8/NjNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalQ4MWFnTFpaNXpva0xYVkhnM3NMejgyTTJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NjZjYjEtNzkxNS00ZmZkLTg1NzAt
NmI5M2FmNjEzZDdkLzEvZk5leHFkRDZxQnVtQnotRjhtdXRGc1NvbjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81NjZjYjEtNzkxNS00ZmZkLTg1NzAtNmI5M2FmNjEzZDdk
LzEvalQ4MWFnTFpaNXpva0xYVkhnM3NMejgyTTJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaNGMA0E
AgACMAcDBQMqEU4AMA0GCSqGSIb3DQEBCwUAA4IBAQC0uUtHkJSPqmJfmgjim4Mg
dbmTAYIdi/7R9TFKHE0Ox1tGILDD59l0b40yLQixowNBxbhs9gO17HZZ4EN6AYU0
DHknEBZt/CVaA3XyGan7O+RTMj9ubb3VcVuNtTv1gmLzkv5MWuhtkRx4TXRC3cn4
VAvkGid/fTbKQGVM11csJDI6qZ/opfjYWQBb1aPtMNYZS8Afyjm9qXQKDwKybO2W
VstkSVydCdHfBlU2TlqN9icrckXmUeLcaPARdpPhxj+stplDmOIhom4Z/43COfQL
nK7GtTaCRyGbf7B4el3T9+4YOdmh372ca/EPTjWWQZKCLobWyJz7kDc6lUyCj+Ja
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:26 2024 by rpki-client on console-ams.rpki-client.org