Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/45g4s7nK1yMktOqkPRHZfQlM4Ss.roa
File: 45g4s7nK1yMktOqkPRHZfQlM4Ss.roa (raw, json)
Hash identifier: DuhUNLv4+puFxJDQDJdPLuVdBUjZtE7QIz9m79hDETc=
Subject key identifier: E3:98:38:B3:B9:CA:D7:23:24:B4:EA:A4:3D:11:D9:7D:09:4C:E1:2B
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 0188D31711A1B435A6255013B66C6E6932AF
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/45g4s7nK1yMktOqkPRHZfQlM4Ss.roa
Signing time: Mon 19 Jun 2023 09:58:04 +0000
ROA not before: Mon 19 Jun 2023 09:58:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2286
IP address blocks: 193.251.192.0/22 maxlen: 24
193.251.196.0/23 maxlen: 24
193.251.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:17:11:a1:b4:35:a6:25:50:13:b6:6c:6e:69:32:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jun 19 09:58:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e39838b3b9cad72324b4eaa43d11d97d094ce12b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:8e:fa:c2:01:c6:28:27:c9:46:7f:b7:dd:a7:
46:0c:08:c8:d2:b4:e2:a6:47:f4:23:e2:01:ce:f7:
ba:a7:67:36:7d:ae:86:74:b4:57:36:b3:f6:15:67:
1b:e6:22:01:13:d8:c7:21:6e:d0:79:69:78:dd:88:
71:56:1c:34:5b:e6:f0:6e:75:71:bb:39:79:f7:f9:
4e:da:46:2b:1b:64:e7:d5:77:21:6e:0d:ba:00:dc:
d8:e2:15:e4:5b:55:77:2b:39:3c:94:ab:52:18:1d:
fc:15:35:72:ce:78:4b:74:f4:ce:7f:b2:cf:b3:89:
59:b6:10:c0:06:ea:b1:c3:ca:32:22:a1:c3:a8:35:
28:51:6a:ae:22:c9:85:9a:b0:f8:d4:1b:62:01:f0:
9f:97:b5:ed:a0:f5:15:29:c9:6e:68:19:8f:34:d4:
3f:35:2a:74:68:6a:8f:b3:f1:b7:4d:a3:7a:e5:f1:
d7:e7:23:dd:6d:b5:89:8b:d7:bc:5a:d8:2a:f9:4d:
e0:fd:ec:e1:42:f9:71:af:4d:e7:64:7d:9a:70:29:
8d:55:4b:70:ac:17:10:f3:f9:72:d1:d2:4b:11:62:
83:67:58:89:f8:73:b1:82:8a:d6:63:aa:79:70:80:
fe:38:59:d8:da:cd:3b:0d:15:93:f3:88:2b:75:a4:
3b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:98:38:B3:B9:CA:D7:23:24:B4:EA:A4:3D:11:D9:7D:09:4C:E1:2B
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/45g4s7nK1yMktOqkPRHZfQlM4Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.251.192.0-193.251.197.255
193.251.224.0/22
Signature Algorithm: sha256WithRSAEncryption
59:e9:83:29:30:d7:1d:26:a3:a6:3a:30:bf:4b:fe:00:30:af:
6e:4d:ef:aa:16:36:57:a6:fb:51:9c:f5:1a:96:4b:a4:d8:e2:
ea:3a:a5:59:43:85:c7:8b:d3:c2:2d:dd:8e:a0:36:4b:9c:03:
cc:26:0a:4a:f6:d5:d1:c1:fe:ac:dd:7e:1e:10:ab:4f:04:8c:
6e:b4:85:44:f6:e3:3a:92:a5:be:36:86:3f:c7:b7:f3:e7:77:
fc:c6:59:95:81:c3:74:c6:44:ae:b5:18:15:43:22:62:0c:fb:
87:09:28:17:af:ab:b4:52:08:81:60:5e:d3:ee:fd:9c:6e:3c:
00:17:62:e4:38:6d:84:19:7a:62:66:a2:80:92:fe:80:01:43:
4c:3b:1e:a6:75:f9:13:7b:31:95:16:55:9d:59:74:d6:ae:c1:
9b:88:d0:44:36:96:ba:bf:a0:93:cc:54:0b:7f:92:12:51:0a:
bc:51:e6:93:d0:1a:42:32:16:ad:06:b3:d4:01:15:26:1c:cc:
48:ae:19:5a:f5:13:0b:f9:d4:03:ed:cf:08:19:93:39:38:e9:
25:50:51:72:26:8f:90:4b:5f:ab:59:50:d8:50:67:38:1d:e4:
bc:62:60:8d:63:6d:17:ca:92:ac:51:1c:c8:42:9b:92:e2:76:
40:d2:ec:e0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYjTFxGhtDWmJVATtmxuaTKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwNjE5MDk1ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk4MzhiM2I5Y2FkNzIzMjRiNGVhYTQzZDExZDk3ZDA5NGNlMTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Y76wgHGKCfJRn+33adGDAjI0rTi
pkf0I+IBzve6p2c2fa6GdLRXNrP2FWcb5iIBE9jHIW7QeWl43YhxVhw0W+bwbnVx
uzl59/lO2kYrG2Tn1Xchbg26ANzY4hXkW1V3Kzk8lKtSGB38FTVyznhLdPTOf7LP
s4lZthDABuqxw8oyIqHDqDUoUWquIsmFmrD41BtiAfCfl7XtoPUVKcluaBmPNNQ/
NSp0aGqPs/G3TaN65fHX5yPdbbWJi9e8Wtgq+U3g/ezhQvlxr03nZH2acCmNVUtw
rBcQ8/ly0dJLEWKDZ1iJ+HOxgorWY6p5cID+OFnY2s07DRWT84grdaQ7tQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOOYOLO5ytcjJLTqpD0R2X0JTOErMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvNDVnNHM3bksxeU1rdE9xa1BSSFpmUWxNNFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAbB+8AD
BAHB+8QDBALB++AwDQYJKoZIhvcNAQELBQADggEBAFnpgykw1x0mo6Y6ML9L/gAw
r25N76oWNlem+1Gc9RqWS6TY4uo6pVlDhceL08It3Y6gNkucA8wmCkr21dHB/qzd
fh4Qq08EjG60hUT24zqSpb42hj/Ht/Pnd/zGWZWBw3TGRK61GBVDImIM+4cJKBev
q7RSCIFgXtPu/ZxuPAAXYuQ4bYQZemJmooCS/oABQ0w7HqZ1+RN7MZUWVZ1ZdNau
wZuI0EQ2lrq/oJPMVAt/khJRCrxR5pPQGkIyFq0Gs9QBFSYczEiuGVr1Ewv51APt
zwgZkzk46SVQUXImj5BLX6tZUNhQZzgd5LxiYI1jbRfKkqxRHMhCm5LidkDS7OA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org