Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/DbH21w-SWcf74-6fzEkqgLnXbAM.roa
File: DbH21w-SWcf74-6fzEkqgLnXbAM.roa (raw, json)
Hash identifier: h+CBGs3wgZd2swkHT2bWipkXWsdTRb6xLmVGL/FIFU4=
Subject key identifier: 0D:B1:F6:D7:0F:92:59:C7:FB:E3:EE:9F:CC:49:2A:80:B9:D7:6C:03
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 0186CB21C8889C464971552EC8989EB2AC72
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/DbH21w-SWcf74-6fzEkqgLnXbAM.roa
Signing time: Fri 10 Mar 2023 10:47:14 +0000
ROA not before: Fri 10 Mar 2023 10:47:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2286
IP address blocks: 193.251.192.0/22 maxlen: 22
193.251.196.0/23 maxlen: 23
193.251.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Jun 2023 09:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cb:21:c8:88:9c:46:49:71:55:2e:c8:98:9e:b2:ac:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Mar 10 10:47:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0db1f6d70f9259c7fbe3ee9fcc492a80b9d76c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f3:bb:e0:bc:8e:81:c2:8b:28:1e:5f:c8:ae:
85:af:98:5c:b7:37:90:1e:cb:98:c9:09:d0:91:64:
68:93:04:d4:9a:c8:ce:32:1e:80:7d:ff:b9:26:4b:
81:0e:c4:36:ef:de:5e:7f:34:86:0e:4e:18:e6:15:
30:0e:44:17:4e:e0:5c:ee:7c:da:a9:4a:de:75:24:
dd:f0:f5:c0:38:29:9a:4b:19:ba:fa:ca:12:76:04:
a7:63:87:53:4b:f4:a6:23:40:2a:4d:9a:d9:e5:ba:
01:30:92:a0:86:c8:8e:f2:c2:a9:79:ac:c4:55:c2:
24:60:52:97:56:5e:d1:3d:8a:02:e7:ee:73:dd:c0:
88:8e:20:dd:86:c3:a8:44:2c:fe:f2:4d:cd:07:91:
58:e1:ce:c6:7f:f1:6d:b8:d3:dc:ea:84:78:1c:2f:
bb:9d:d9:3c:a2:a3:1d:51:70:31:4f:bf:55:14:7b:
8e:a1:97:01:5c:25:c9:70:4a:3d:e0:ea:43:ff:2d:
64:bd:03:6f:a2:d7:88:f8:12:32:7e:87:af:47:34:
7d:b5:15:98:3f:4a:5c:50:06:7e:b4:8c:d6:b1:66:
c1:33:79:f7:c2:f6:60:7c:83:62:c4:fe:e4:ac:b5:
00:d6:92:9d:66:d5:74:fb:17:05:e1:7a:71:71:83:
53:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B1:F6:D7:0F:92:59:C7:FB:E3:EE:9F:CC:49:2A:80:B9:D7:6C:03
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/DbH21w-SWcf74-6fzEkqgLnXbAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.251.192.0-193.251.197.255
193.251.224.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:50:7c:09:f5:06:60:ff:60:a3:eb:87:23:bd:0e:e3:eb:50:
6a:98:49:e2:89:d1:7f:21:7d:ea:bd:d8:d9:a2:16:5f:79:6b:
79:b8:03:c4:1d:b7:5d:5d:41:e7:10:d2:fa:75:37:29:99:b0:
18:2c:47:0b:ba:4e:86:30:6e:b7:40:c2:d4:e2:25:a5:48:f7:
64:25:a6:92:48:53:33:a9:24:a8:d2:70:39:4b:f6:98:34:c7:
21:a7:64:3d:a1:ac:38:96:f1:67:73:47:d2:3d:76:07:26:0e:
84:cd:58:b8:60:0b:12:21:c7:6d:5e:f2:80:e6:a1:8e:c1:51:
7d:94:c6:09:95:0d:82:0a:d0:81:9f:29:7b:55:b8:50:ff:a9:
b9:52:71:bf:5b:a7:1a:c6:74:7f:b8:14:9a:5d:f1:7b:17:91:
70:21:20:7e:6e:57:d3:05:01:92:83:e4:29:2c:7f:de:9c:e8:
a7:d9:40:67:a9:bd:77:81:5e:f8:2e:5c:e1:d8:af:58:28:d4:
16:d6:de:2a:30:be:89:c1:74:0f:bb:3c:f8:f1:2d:8d:fa:6c:
9e:89:17:06:7f:7c:86:d3:7d:5b:f3:e1:a2:ed:30:88:81:d6:
d6:07:ce:7f:fd:62:3d:a3:ee:8c:4f:df:ef:52:51:66:a5:a1:
35:d1:9b:ac
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYbLIciInEZJcVUuyJiesqxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMzEwMTA0NzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGIxZjZkNzBmOTI1OWM3ZmJlM2VlOWZjYzQ5MmE4MGI5ZDc2YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPO74LyOgcKLKB5fyK6Fr5hctzeQ
HsuYyQnQkWRokwTUmsjOMh6Aff+5JkuBDsQ2795efzSGDk4Y5hUwDkQXTuBc7nza
qUredSTd8PXAOCmaSxm6+soSdgSnY4dTS/SmI0AqTZrZ5boBMJKghsiO8sKpeazE
VcIkYFKXVl7RPYoC5+5z3cCIjiDdhsOoRCz+8k3NB5FY4c7Gf/FtuNPc6oR4HC+7
ndk8oqMdUXAxT79VFHuOoZcBXCXJcEo94OpD/y1kvQNvoteI+BIyfoevRzR9tRWY
P0pcUAZ+tIzWsWbBM3n3wvZgfINixP7krLUA1pKdZtV0+xcF4XpxcYNTIQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA2x9tcPklnH++Pun8xJKoC512wDMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvRGJIMjF3LVNXY2Y3NC02ZnpFa3FnTG5YYkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAbB+8AD
BAHB+8QDBALB++AwDQYJKoZIhvcNAQELBQADggEBAFxQfAn1BmD/YKPrhyO9DuPr
UGqYSeKJ0X8hfeq92NmiFl95a3m4A8Qdt11dQecQ0vp1NymZsBgsRwu6ToYwbrdA
wtTiJaVI92QlppJIUzOpJKjScDlL9pg0xyGnZD2hrDiW8WdzR9I9dgcmDoTNWLhg
CxIhx21e8oDmoY7BUX2UxgmVDYIK0IGfKXtVuFD/qblScb9bpxrGdH+4FJpd8XsX
kXAhIH5uV9MFAZKD5Cksf96c6KfZQGepvXeBXvguXOHYr1go1BbW3iowvonBdA+7
PPjxLY36bJ6JFwZ/fIbTfVvz4aLtMIiB1tYHzn/9Yj2j7oxP3+9SUWaloTXRm6w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org