Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/18YdPe50bgB2YoqIho6iFZDFors.roa
File: 18YdPe50bgB2YoqIho6iFZDFors.roa (raw, json)
Hash identifier: fuanf6ThxE/9dWK+GcCeNNcEXhVT+UvJgOuQeAkKrdQ=
Subject key identifier: D7:C6:1D:3D:EE:74:6E:00:76:62:8A:88:86:8E:A2:15:90:C5:A2:BB
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB82FDA9CB295E4B309710220477D6E
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/18YdPe50bgB2YoqIho6iFZDFors.roa
Signing time: Sun 01 Jan 2023 09:44:48 +0000
ROA not before: Sun 01 Jan 2023 09:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 193.253.149.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:2f:da:9c:b2:95:e4:b3:09:71:02:20:47:7d:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7c61d3dee746e0076628a88868ea21590c5a2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:08:5c:d2:73:f5:e1:77:e8:81:85:97:95:0b:
72:60:53:26:86:f8:20:55:53:e3:c8:49:c3:7b:5c:
8d:99:9f:6a:10:d9:ac:28:ca:45:9b:a0:96:25:4a:
a2:7e:70:03:5e:c3:4b:7e:03:e5:7b:0c:4f:b5:cc:
69:d0:4a:c2:24:d2:95:eb:75:1b:aa:bf:5a:a8:29:
23:7a:51:5f:db:c2:d4:42:69:cd:f1:33:c3:35:27:
6b:5f:8b:dc:f5:29:48:3f:da:40:58:10:a7:8b:6b:
51:e9:0b:79:0f:62:4c:ca:2b:06:f4:76:27:0b:3a:
8e:73:54:5b:2a:1e:32:66:ae:90:ff:f5:22:91:d5:
d3:51:2d:07:34:e3:47:9d:e2:bd:cd:c9:4d:cc:62:
1f:fc:f4:d0:c3:f4:cf:88:05:9e:fb:e6:f8:30:10:
8a:5c:12:5a:62:26:24:aa:7a:75:51:25:11:c7:dd:
ec:83:bc:5e:f9:93:70:39:8f:e3:33:dc:ba:c0:1d:
2e:6c:11:c3:d7:5c:d9:35:de:f2:ab:00:ad:26:34:
51:a8:38:36:01:2b:75:b9:00:9c:0e:2f:25:9f:94:
e8:5e:2f:2f:a4:42:5d:24:80:19:c1:89:ad:5b:60:
1f:dc:4b:f5:e0:6c:62:5e:9b:60:d8:4c:f6:f3:02:
c1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C6:1D:3D:EE:74:6E:00:76:62:8A:88:86:8E:A2:15:90:C5:A2:BB
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/18YdPe50bgB2YoqIho6iFZDFors.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.253.149.0/24
Signature Algorithm: sha256WithRSAEncryption
38:cf:fb:00:8d:b6:70:02:1a:e8:24:20:d5:5c:2b:5c:6e:bf:
6b:be:53:cf:87:06:d9:d8:75:b7:92:67:9f:ba:7d:7f:5b:a6:
28:25:a0:81:b8:fb:35:82:c8:af:c7:16:e9:e1:68:df:ac:85:
9a:a4:4d:1a:8a:58:86:69:3a:ca:14:1f:26:b7:6c:ae:b5:57:
ab:64:72:00:b1:d1:d8:74:f6:5f:e0:21:be:83:0e:12:a9:3c:
13:19:e4:10:17:ce:21:65:fa:f1:e4:b3:e2:4f:14:63:81:8e:
8c:88:60:9d:b9:e2:87:9d:86:bd:3d:4c:a2:5e:1f:97:30:63:
48:de:71:da:57:75:26:f7:b8:3f:dd:8d:48:87:e7:ab:b3:8c:
6f:b8:cb:8f:18:af:02:9f:f7:4e:3d:a3:9e:13:6d:e3:8e:d9:
54:58:05:98:e9:63:13:62:a9:72:60:71:18:52:0f:c3:61:6a:
6a:6c:7e:81:af:a9:ac:17:73:6e:b4:b5:2b:ef:c0:1e:3c:1c:
60:db:19:5d:0e:75:50:a5:bf:d6:56:8f:7f:82:0a:7d:6e:85:
af:35:e4:8e:74:9a:7f:12:d6:93:26:f7:2f:01:76:9a:c8:b3:
dd:4c:5b:57:43:2c:64:7f:3b:5e:bb:88:c8:3b:39:55:d1:7b:
8b:ad:52:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuC/anLKV5LMJcQIgR31uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2M2MWQzZGVlNzQ2ZTAwNzY2MjhhODg4NjhlYTIxNTkwYzVhMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwhc0nP14XfogYWXlQtyYFMmhvgg
VVPjyEnDe1yNmZ9qENmsKMpFm6CWJUqifnADXsNLfgPlewxPtcxp0ErCJNKV63Ub
qr9aqCkjelFf28LUQmnN8TPDNSdrX4vc9SlIP9pAWBCni2tR6Qt5D2JMyisG9HYn
CzqOc1RbKh4yZq6Q//UikdXTUS0HNONHneK9zclNzGIf/PTQw/TPiAWe++b4MBCK
XBJaYiYkqnp1USURx93sg7xe+ZNwOY/jM9y6wB0ubBHD11zZNd7yqwCtJjRRqDg2
ASt1uQCcDi8ln5ToXi8vpEJdJIAZwYmtW2Af3Ev14GxiXptg2Ez28wLBMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfGHT3udG4AdmKKiIaOohWQxaK7MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvMThZZFBlNTBiZ0IyWW9xSWhvNmlGWkRGb3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwf2VMA0G
CSqGSIb3DQEBCwUAA4IBAQA4z/sAjbZwAhroJCDVXCtcbr9rvlPPhwbZ2HW3kmef
un1/W6YoJaCBuPs1gsivxxbp4WjfrIWapE0ailiGaTrKFB8mt2yutVerZHIAsdHY
dPZf4CG+gw4SqTwTGeQQF84hZfrx5LPiTxRjgY6MiGCdueKHnYa9PUyiXh+XMGNI
3nHaV3Um97g/3Y1Ih+ers4xvuMuPGK8Cn/dOPaOeE23jjtlUWAWY6WMTYqlyYHEY
Ug/DYWpqbH6Br6msF3NutLUr78AePBxg2xldDnVQpb/WVo9/ggp9boWvNeSOdJp/
EtaTJvcvAXaayLPdTFtXQyxkfzteu4jIOzlV0XuLrVIn
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:25 2024 by rpki-client on console-ams.rpki-client.org