Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/76fb22-124c-4866-8e4d-8b792a42d0ef/1/dxH_hKq9QR0ZY48yfJd8m807kfE.roa
File: dxH_hKq9QR0ZY48yfJd8m807kfE.roa (raw, json)
Hash identifier: rVFst+oKiZdrm/aB6rchUBUkbqaAJWVDT0grczhKxWA=
Subject key identifier: 77:11:FF:84:AA:BD:41:1D:19:63:8F:32:7C:97:7C:9B:CD:3B:91:F1
Certificate issuer: /CN=1e5fe0ae25c6eae27763dcdec51a0e10ebc6c374
Certificate serial: 018CC7944C36328D81D504DD3EA9618E154B
Authority key identifier: 1E:5F:E0:AE:25:C6:EA:E2:77:63:DC:DE:C5:1A:0E:10:EB:C6:C3:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hl_griXG6uJ3Y9zexRoOEOvGw3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/76fb22-124c-4866-8e4d-8b792a42d0ef/1/dxH_hKq9QR0ZY48yfJd8m807kfE.roa
Signing time: Tue 02 Jan 2024 00:30:34 +0000
ROA not before: Tue 02 Jan 2024 00:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 193.104.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 11:56:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:4c:36:32:8d:81:d5:04:dd:3e:a9:61:8e:15:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5fe0ae25c6eae27763dcdec51a0e10ebc6c374
Validity
Not Before: Jan 2 00:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7711ff84aabd411d19638f327c977c9bcd3b91f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b5:a4:21:f1:1b:99:6b:b7:d4:24:0c:89:a1:
d4:d3:dd:90:30:fb:88:31:30:54:3f:23:de:e9:7c:
0f:4e:ac:4c:78:ac:f1:81:2d:8b:07:be:7a:a9:c4:
d7:52:04:9f:f5:eb:83:4a:b0:7a:28:72:74:2c:45:
c5:4b:dd:94:96:3a:37:1b:b3:8b:1c:d0:5c:fb:e0:
34:7f:92:87:21:81:64:18:98:31:a2:9b:c6:e0:dc:
05:7d:3a:93:df:55:ec:57:7e:68:52:0f:1a:51:53:
9f:e1:ba:9c:15:e2:a1:e3:ac:67:f9:75:81:97:25:
ec:a1:a1:0c:87:50:3f:70:7a:6f:3e:8d:d5:e9:8c:
68:34:77:5a:00:46:b9:17:17:1b:53:fa:11:f3:ee:
dc:3c:23:90:26:d6:95:51:ee:40:0c:bd:9d:94:88:
66:98:e3:02:ad:1c:2a:0e:2b:7e:65:72:e2:84:5b:
a6:ae:e4:ac:2b:ec:77:0f:aa:a9:08:97:71:13:b5:
97:46:46:fe:82:6f:fe:b9:7c:b2:24:d1:de:23:84:
94:d3:5f:06:a8:f5:be:f6:0f:1d:d9:d2:ac:fa:b6:
44:ed:21:5c:37:93:f2:53:23:99:9b:a6:87:54:40:
99:70:1c:89:1d:cd:67:59:79:75:a3:32:b2:e9:d0:
57:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:11:FF:84:AA:BD:41:1D:19:63:8F:32:7C:97:7C:9B:CD:3B:91:F1
X509v3 Authority Key Identifier:
keyid:1E:5F:E0:AE:25:C6:EA:E2:77:63:DC:DE:C5:1A:0E:10:EB:C6:C3:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hl_griXG6uJ3Y9zexRoOEOvGw3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/76fb22-124c-4866-8e4d-8b792a42d0ef/1/dxH_hKq9QR0ZY48yfJd8m807kfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/76fb22-124c-4866-8e4d-8b792a42d0ef/1/Hl_griXG6uJ3Y9zexRoOEOvGw3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.0.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:ce:b5:d5:d4:1a:54:cb:30:4c:0c:76:25:90:84:80:7b:dc:
13:01:a7:99:be:6a:f2:05:7a:84:6b:b6:86:4d:16:4d:d3:fa:
62:80:07:ab:c6:60:ab:5c:da:e9:95:7b:4e:5d:c5:8c:ed:c3:
cf:74:6d:78:3a:5d:05:87:71:f8:b5:14:00:ab:72:7d:45:10:
25:c3:82:1e:ff:c1:e7:8b:9b:86:4e:82:06:3c:3f:32:66:fd:
d6:12:46:53:5d:19:f1:a2:e9:e8:62:37:e1:a1:96:46:49:f6:
7e:b4:4e:cd:64:3d:be:25:79:42:ca:89:75:e1:0f:b3:c8:15:
03:0b:31:4b:0e:a7:cb:a7:f3:4b:6b:0f:2a:5b:4a:93:93:35:
3c:f3:c3:82:14:e5:80:23:54:56:5c:f2:ea:5c:f6:80:1a:78:
f5:04:57:01:eb:4b:5c:fa:a9:b0:5b:fa:33:f0:15:13:37:51:
49:89:a3:fc:2d:82:00:e2:05:39:62:3b:df:f9:eb:67:1e:13:
b0:44:28:5e:39:22:e2:70:14:ff:76:25:a7:f9:c4:8e:e6:77:
85:90:5e:a3:66:28:ba:e7:a5:3f:42:da:aa:10:16:38:41:58:
85:f2:c2:ca:10:94:bb:66:69:5b:56:7c:35:b1:22:4a:1f:95:
8b:09:92:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlEw2Mo2B1QTdPqlhjhVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWZlMGFlMjVjNmVhZTI3NzYzZGNkZWM1MWEwZTEwZWJj
NmMzNzQwHhcNMjQwMTAyMDAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzExZmY4NGFhYmQ0MTFkMTk2MzhmMzI3Yzk3N2M5YmNkM2I5MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLWkIfEbmWu31CQMiaHU092QMPuI
MTBUPyPe6XwPTqxMeKzxgS2LB756qcTXUgSf9euDSrB6KHJ0LEXFS92Uljo3G7OL
HNBc++A0f5KHIYFkGJgxopvG4NwFfTqT31XsV35oUg8aUVOf4bqcFeKh46xn+XWB
lyXsoaEMh1A/cHpvPo3V6YxoNHdaAEa5FxcbU/oR8+7cPCOQJtaVUe5ADL2dlIhm
mOMCrRwqDit+ZXLihFumruSsK+x3D6qpCJdxE7WXRkb+gm/+uXyyJNHeI4SU018G
qPW+9g8d2dKs+rZE7SFcN5PyUyOZm6aHVECZcByJHc1nWXl1ozKy6dBXvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcR/4SqvUEdGWOPMnyXfJvNO5HxMB8GA1UdIwQY
MBaAFB5f4K4lxurid2Pc3sUaDhDrxsN0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxfZ3JpWEc2dUozWTl6ZXhSb09FT3ZHdzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83NmZiMjItMTI0Yy00ODY2LThlNGQt
OGI3OTJhNDJkMGVmLzEvZHhIX2hLcTlRUjBaWTQ4eWZKZDhtODA3a2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83NmZiMjItMTI0Yy00ODY2LThlNGQtOGI3OTJhNDJkMGVm
LzEvSGxfZ3JpWEc2dUozWTl6ZXhSb09FT3ZHdzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWgAMA0G
CSqGSIb3DQEBCwUAA4IBAQCPzrXV1BpUyzBMDHYlkISAe9wTAaeZvmryBXqEa7aG
TRZN0/pigAerxmCrXNrplXtOXcWM7cPPdG14Ol0Fh3H4tRQAq3J9RRAlw4Ie/8Hn
i5uGToIGPD8yZv3WEkZTXRnxounoYjfhoZZGSfZ+tE7NZD2+JXlCyol14Q+zyBUD
CzFLDqfLp/NLaw8qW0qTkzU888OCFOWAI1RWXPLqXPaAGnj1BFcB60tc+qmwW/oz
8BUTN1FJiaP8LYIA4gU5Yjvf+etnHhOwRCheOSLicBT/diWn+cSO5neFkF6jZii6
56U/QtqqEBY4QViF8sLKEJS7ZmlbVnw1sSJKH5WLCZIM
-----END CERTIFICATE-----
Generated at Mon May 6 14:10:42 2024 by rpki-client on console-ams.rpki-client.org