Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/ASNivtDI71aoVcZxto1n9BigXzg.roa
File: ASNivtDI71aoVcZxto1n9BigXzg.roa (raw, json)
Hash identifier: ZZcVTcrjcJLwPBf9vFLrKezydI2fChjTbOwLt4F/OR8=
Subject key identifier: 01:23:62:BE:D0:C8:EF:56:A8:55:C6:71:B6:8D:67:F4:18:A0:5F:38
Certificate issuer: /CN=c25cb7132c19f7d51f002ed4ad811aecf5b20f57
Certificate serial: 018AB29EF7CFC74502FBFEEE518CC010A603
Authority key identifier: C2:5C:B7:13:2C:19:F7:D5:1F:00:2E:D4:AD:81:1A:EC:F5:B2:0F:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/ASNivtDI71aoVcZxto1n9BigXzg.roa
Signing time: Wed 20 Sep 2023 12:44:37 +0000
ROA not before: Wed 20 Sep 2023 12:44:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3245
IP address blocks: 193.68.0.0/19 maxlen: 19
193.68.128.0/17 maxlen: 17
192.92.129.0/24 maxlen: 24
185.143.80.0/22 maxlen: 22
193.68.96.0/19 maxlen: 19
2a02:6a80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:9e:f7:cf:c7:45:02:fb:fe:ee:51:8c:c0:10:a6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c25cb7132c19f7d51f002ed4ad811aecf5b20f57
Validity
Not Before: Sep 20 12:44:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=012362bed0c8ef56a855c671b68d67f418a05f38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f8:33:b6:b0:e7:9e:af:9d:93:42:2d:fc:64:
c8:0c:61:e7:a5:f5:77:c6:10:6a:bf:5b:62:da:9f:
97:eb:bc:ac:35:0d:e7:6c:2f:8b:2c:96:63:42:7d:
54:65:f0:18:fc:af:ea:73:1b:7e:30:58:3a:1a:21:
0a:b1:00:6d:ea:d8:50:57:c0:76:02:60:41:e2:de:
a6:a4:02:64:77:76:39:0b:88:b6:54:74:0e:19:64:
ab:19:21:5d:4d:f3:e8:12:60:06:f0:59:66:6b:8c:
c8:0f:d6:24:c0:8e:07:57:b6:0f:6e:63:dd:6c:57:
96:50:ef:a6:e2:2e:bc:8f:d4:fd:a1:0c:9d:ee:19:
1f:b8:02:97:a5:6e:5f:da:bb:c0:cf:23:c7:cb:9b:
5e:99:13:8d:94:05:59:4e:6d:26:48:98:e3:1e:ff:
ee:44:30:3c:b7:7b:f3:ba:30:d1:00:2b:d5:4c:10:
01:9e:c9:18:94:b9:54:be:40:a2:f3:13:6d:35:44:
d1:c9:1f:49:e1:6e:02:6f:fd:af:51:e2:d3:6f:b6:
11:7c:10:d9:e9:ff:32:e3:5f:01:78:de:fd:b8:25:
43:f6:f5:c9:15:eb:35:b5:b6:19:93:f4:4d:cf:9f:
a0:30:25:08:aa:60:c6:1d:09:ae:98:39:92:31:1c:
01:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:23:62:BE:D0:C8:EF:56:A8:55:C6:71:B6:8D:67:F4:18:A0:5F:38
X509v3 Authority Key Identifier:
keyid:C2:5C:B7:13:2C:19:F7:D5:1F:00:2E:D4:AD:81:1A:EC:F5:B2:0F:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/ASNivtDI71aoVcZxto1n9BigXzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/wly3EywZ99UfAC7UrYEa7PWyD1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.80.0/22
192.92.129.0/24
193.68.0.0/19
193.68.96.0-193.68.255.255
IPv6:
2a02:6a80::/32
Signature Algorithm: sha256WithRSAEncryption
42:c9:44:f5:bd:0d:31:05:2b:a8:a6:05:a2:e0:36:cd:3a:da:
6a:af:d4:8e:a3:2e:79:72:d7:18:09:86:99:a4:d7:e9:2b:2b:
52:df:98:9e:4b:e4:e4:c1:a0:9d:0f:be:a0:5e:85:67:98:71:
9f:10:8c:47:46:8c:8c:bb:d5:a0:a3:a0:9f:25:63:2a:bc:b7:
48:26:52:8b:e8:28:73:a8:a2:4c:13:15:a6:3e:fe:59:eb:0c:
8e:bf:85:96:5c:66:47:b0:50:36:65:5b:7a:8e:db:ef:bd:b4:
89:88:fb:99:94:ca:6d:48:bb:b0:e5:aa:46:e2:bf:d2:54:ad:
43:a1:25:53:a5:62:06:3b:c4:48:8b:f5:e3:b1:4a:8e:4d:9b:
00:79:dd:e8:3f:c9:2e:7c:46:db:3d:e2:6d:2c:3b:f2:7b:f5:
63:b6:a5:17:f8:7a:fd:33:f8:c4:d7:58:a0:d0:f1:09:6d:8e:
87:af:79:92:94:52:7b:86:c6:6c:62:77:49:b8:2a:d6:9b:bc:
50:51:91:ae:ab:9b:f8:14:34:cb:3e:db:a8:75:d1:b9:76:5a:
74:73:65:75:e3:43:3c:18:0d:da:4a:34:ca:87:f7:d3:5e:17:
df:af:76:76:38:8b:69:c4:d3:cb:91:fc:cd:f6:29:0d:85:9c:
ce:1e:35:0f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYqynvfPx0UC+/7uUYzAEKYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNWNiNzEzMmMxOWY3ZDUxZjAwMmVkNGFkODExYWVjZjVi
MjBmNTcwHhcNMjMwOTIwMTI0NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTIzNjJiZWQwYzhlZjU2YTg1NWM2NzFiNjhkNjdmNDE4YTA1ZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvgztrDnnq+dk0It/GTIDGHnpfV3
xhBqv1ti2p+X67ysNQ3nbC+LLJZjQn1UZfAY/K/qcxt+MFg6GiEKsQBt6thQV8B2
AmBB4t6mpAJkd3Y5C4i2VHQOGWSrGSFdTfPoEmAG8Flma4zID9YkwI4HV7YPbmPd
bFeWUO+m4i68j9T9oQyd7hkfuAKXpW5f2rvAzyPHy5temRONlAVZTm0mSJjjHv/u
RDA8t3vzujDRACvVTBABnskYlLlUvkCi8xNtNUTRyR9J4W4Cb/2vUeLTb7YRfBDZ
6f8y418BeN79uCVD9vXJFes1tbYZk/RNz5+gMCUIqmDGHQmumDmSMRwBpQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAEjYr7QyO9WqFXGcbaNZ/QYoF84MB8GA1UdIwQY
MBaAFMJctxMsGffVHwAu1K2BGuz1sg9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2x5M0V5d1o5OVVmQUM3VXJZRWE3UFd5RDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMjcyMDMtOWQ0OC00OWE1LWFmMjUt
NDlkNDBhMTNjYmMyLzEvQVNOaXZ0REk3MWFvVmNaeHRvMW45QmlnWHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iMjcyMDMtOWQ0OC00OWE1LWFmMjUtNDlkNDBhMTNjYmMy
LzEvd2x5M0V5d1o5OVVmQUM3VXJZRWE3UFd5RDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwQCuY9QAwQA
wFyBAwQFwUQAMAsDBAXBRGADAwDBRDANBAIAAjAHAwUAKgJqgDANBgkqhkiG9w0B
AQsFAAOCAQEAQslE9b0NMQUrqKYFouA2zTraaq/UjqMueXLXGAmGmaTX6SsrUt+Y
nkvk5MGgnQ++oF6FZ5hxnxCMR0aMjLvVoKOgnyVjKry3SCZSi+goc6iiTBMVpj7+
WesMjr+FllxmR7BQNmVbeo7b7720iYj7mZTKbUi7sOWqRuK/0lStQ6ElU6ViBjvE
SIv147FKjk2bAHnd6D/JLnxG2z3ibSw78nv1Y7alF/h6/TP4xNdYoNDxCW2Oh695
kpRSe4bGbGJ3Sbgq1pu8UFGRrqub+BQ0yz7bqHXRuXZadHNldeNDPBgN2ko0yof3
014X3692djiLacTTy5H8zfYpDYWczh41Dw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:34 2024 by rpki-client on console-fra.rpki-client.org