Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nDKdVprQtRzXFdflC0ojwUf8qgE.roa
File: nDKdVprQtRzXFdflC0ojwUf8qgE.roa (raw, json)
Hash identifier: 5rOSx0WZRdLPGvwUTjt5ZMSSz/Ko2rR4LwFP1zpnF/w=
Subject key identifier: 9C:32:9D:56:9A:D0:B5:1C:D7:15:D7:E5:0B:4A:23:C1:47:FC:AA:01
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB84C2B223D403BC7566794E5489E16
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nDKdVprQtRzXFdflC0ojwUf8qgE.roa
Signing time: Sun 01 Jan 2023 09:44:55 +0000
ROA not before: Sun 01 Jan 2023 09:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 37173
IP address blocks: 193.251.153.0/24 maxlen: 24
193.251.218.0/23 maxlen: 24
193.251.222.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:4c:2b:22:3d:40:3b:c7:56:67:94:e5:48:9e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c329d569ad0b51cd715d7e50b4a23c147fcaa01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d2:88:5d:00:46:a8:53:4a:c3:2e:a6:8c:8b:
ee:85:43:b4:3d:86:cb:01:30:ad:53:2f:0f:f7:65:
e8:f6:5e:5e:ff:ef:ac:28:43:52:a2:42:e5:44:16:
d3:2b:fc:ae:b3:fc:f4:c9:3e:0f:4c:cd:40:34:4c:
8f:2d:60:a8:49:f3:33:b9:88:4d:f7:f8:0b:00:51:
32:bc:c4:8c:de:82:40:95:36:91:75:92:6d:1e:ac:
bf:fd:b0:1d:2b:e1:10:e5:93:b7:c1:de:cb:31:f0:
1d:f2:08:a1:37:19:17:b9:2a:6c:b6:02:fe:3d:11:
19:54:90:f9:5d:3a:93:45:d8:38:a6:6a:5d:3c:25:
45:d8:66:d8:92:f7:56:bc:31:52:ca:cf:56:cb:83:
17:7d:7c:13:3c:f3:41:3b:4a:10:4c:be:4d:23:2d:
39:41:df:2b:15:17:c0:1d:0f:0e:1c:1a:bf:5a:f8:
32:a0:fa:ad:1d:46:19:b9:bd:a6:cf:8e:62:56:c0:
4d:a1:dc:fd:97:c6:42:63:d1:11:55:39:43:bb:c2:
4d:f8:78:41:ed:60:f1:4c:e8:79:b3:fd:31:25:f8:
e5:d6:cd:26:56:31:b0:74:fc:4d:99:7a:a5:5a:0b:
04:28:c3:78:01:ca:73:7c:6b:c0:b3:7e:43:78:0a:
19:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:32:9D:56:9A:D0:B5:1C:D7:15:D7:E5:0B:4A:23:C1:47:FC:AA:01
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nDKdVprQtRzXFdflC0ojwUf8qgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.251.153.0/24
193.251.218.0/23
193.251.222.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:11:50:10:aa:45:32:6e:76:c2:e2:ff:b6:ac:95:1b:af:f5:
54:f0:60:a0:a6:b2:76:2f:02:94:86:2c:67:94:54:30:07:41:
a6:88:4f:69:3d:91:d8:93:da:d8:23:19:ca:24:f8:23:8f:f7:
79:b3:05:91:2f:50:6a:83:35:0d:08:7a:59:e2:37:9e:66:2d:
5f:4d:b1:a4:13:de:dc:93:e3:a9:a6:54:6a:41:3e:d8:f4:c3:
84:58:4b:44:df:ea:df:57:f2:db:57:eb:12:0e:02:e7:50:4e:
a6:b0:92:9f:00:28:13:80:8e:d5:68:41:ea:fd:e4:e4:da:16:
9c:2a:0b:5d:8e:08:ee:ee:2a:a6:10:08:2d:f6:82:77:d5:7a:
c8:de:4d:a2:d4:aa:59:71:0a:bf:9b:19:25:b6:f6:c4:e8:b2:
7d:d2:89:17:dc:de:22:06:62:a8:70:f6:e9:35:50:fa:0d:c9:
d5:c0:34:40:f5:ce:73:78:2f:67:2a:f2:29:70:d3:52:b6:37:
49:fc:f4:61:3c:40:6c:27:22:62:f7:b3:82:2c:0c:a4:65:c1:
3b:83:71:a2:d3:de:28:c6:a9:5e:6c:d5:25:77:ef:ef:d0:dd:
4f:ab:41:97:cc:83:63:ce:0d:52:3c:4d:e6:05:bc:24:a1:e5:
1a:59:ee:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsuEwrIj1AO8dWZ5TlSJ4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzMyOWQ1NjlhZDBiNTFjZDcxNWQ3ZTUwYjRhMjNjMTQ3ZmNhYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9KIXQBGqFNKwy6mjIvuhUO0PYbL
ATCtUy8P92Xo9l5e/++sKENSokLlRBbTK/yus/z0yT4PTM1ANEyPLWCoSfMzuYhN
9/gLAFEyvMSM3oJAlTaRdZJtHqy//bAdK+EQ5ZO3wd7LMfAd8gihNxkXuSpstgL+
PREZVJD5XTqTRdg4pmpdPCVF2GbYkvdWvDFSys9Wy4MXfXwTPPNBO0oQTL5NIy05
Qd8rFRfAHQ8OHBq/WvgyoPqtHUYZub2mz45iVsBNodz9l8ZCY9ERVTlDu8JN+HhB
7WDxTOh5s/0xJfjl1s0mVjGwdPxNmXqlWgsEKMN4AcpzfGvAs35DeAoZXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJwynVaa0LUc1xXX5QtKI8FH/KoBMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvbkRLZFZwclF0UnpYRmRmbEMwb2p3VWY4cWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwfuZAwQB
wfvaAwQBwfveMA0GCSqGSIb3DQEBCwUAA4IBAQAuEVAQqkUybnbC4v+2rJUbr/VU
8GCgprJ2LwKUhixnlFQwB0GmiE9pPZHYk9rYIxnKJPgjj/d5swWRL1BqgzUNCHpZ
4jeeZi1fTbGkE97ck+OpplRqQT7Y9MOEWEtE3+rfV/LbV+sSDgLnUE6msJKfACgT
gI7VaEHq/eTk2hacKgtdjgju7iqmEAgt9oJ31XrI3k2i1KpZcQq/mxkltvbE6LJ9
0okX3N4iBmKocPbpNVD6DcnVwDRA9c5zeC9nKvIpcNNStjdJ/PRhPEBsJyJi97OC
LAykZcE7g3Gi094oxqlebNUld+/v0N1Pq0GXzINjzg1SPE3mBbwkoeUaWe4C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:20 2024 by rpki-client on console-ams.rpki-client.org