Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/e3ujv58Tgss0SO9SR4OKcVeZQck.roa
File: e3ujv58Tgss0SO9SR4OKcVeZQck.roa (raw, json)
Hash identifier: ey1MHRpEPyr/11oakSaThZHCFNgX5O6DYFoxQGQMtuk=
Subject key identifier: 7B:7B:A3:BF:9F:13:82:CB:34:48:EF:52:47:83:8A:71:57:99:41:C9
Certificate issuer: /CN=a30f6fb6f5c80ca4a603827c96b3bdf60ad563aa
Certificate serial: 01856F1DA96CF9460A372892CA9DE95037F7
Authority key identifier: A3:0F:6F:B6:F5:C8:0C:A4:A6:03:82:7C:96:B3:BD:F6:0A:D5:63:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/e3ujv58Tgss0SO9SR4OKcVeZQck.roa
Signing time: Sun 01 Jan 2023 20:54:52 +0000
ROA not before: Sun 01 Jan 2023 20:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207063
IP address blocks: 193.177.129.0/24 maxlen: 24
193.177.128.0/24 maxlen: 24
193.177.128.0/22 maxlen: 24
2a0c:dec0:3008::/48 maxlen: 48
2a0c:dec0:f100::/48 maxlen: 48
2a0c:dec0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:a9:6c:f9:46:0a:37:28:92:ca:9d:e9:50:37:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a30f6fb6f5c80ca4a603827c96b3bdf60ad563aa
Validity
Not Before: Jan 1 20:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b7ba3bf9f1382cb3448ef5247838a71579941c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:99:2b:35:91:9b:2c:94:24:a1:d9:36:c6:2b:
ff:d1:17:89:15:02:2f:72:f0:09:36:1f:65:ff:e5:
f6:b3:5d:4a:1e:75:af:41:9c:55:66:a9:b4:db:2f:
3d:ee:aa:26:e3:3a:2c:3d:5a:ae:26:02:8b:ee:05:
c9:7d:76:c2:4b:3e:a3:fa:ab:45:2c:99:4c:96:48:
6b:c1:3a:e4:25:b7:2c:bc:1e:2c:35:7e:91:97:4e:
79:07:9a:3b:2f:ad:8b:58:de:c9:b3:a3:0c:20:65:
01:84:5e:71:ad:df:68:6b:b6:f1:f7:f5:d4:e1:5c:
f4:dc:85:c4:bc:99:87:e2:1e:ea:77:2d:7b:a8:6c:
ed:43:52:97:65:de:9a:78:68:a4:ac:2f:1b:27:86:
f6:ea:3b:33:ff:46:35:bb:0d:f0:cc:cb:a2:98:78:
ac:c6:8d:82:57:6c:e0:5e:ff:23:aa:0d:37:f1:34:
57:79:79:60:e4:73:55:10:d2:b8:32:a6:11:5a:fb:
77:a7:12:0c:66:2c:27:30:a5:68:28:19:cb:51:55:
80:ca:71:3a:32:6c:6c:cd:fe:9b:9d:de:cb:9c:2b:
8c:54:96:4f:34:e8:85:a0:31:4b:1f:43:f0:11:66:
2d:8b:fb:5d:88:16:86:e2:1d:98:9c:96:20:65:84:
e4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:7B:A3:BF:9F:13:82:CB:34:48:EF:52:47:83:8A:71:57:99:41:C9
X509v3 Authority Key Identifier:
keyid:A3:0F:6F:B6:F5:C8:0C:A4:A6:03:82:7C:96:B3:BD:F6:0A:D5:63:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/e3ujv58Tgss0SO9SR4OKcVeZQck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/ow9vtvXIDKSmA4J8lrO99grVY6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.177.128.0/22
IPv6:
2a0c:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
84:55:ea:b2:69:a5:9c:15:da:18:60:5d:b7:04:42:12:5c:27:
84:f7:17:8c:d2:9b:a7:fc:ad:fb:48:03:b4:60:0e:55:50:fd:
85:3e:e5:cb:b8:07:3c:f6:58:69:52:51:78:cf:4c:07:3d:42:
31:ee:20:04:7d:9e:00:20:1e:d3:d0:9a:76:67:95:c5:60:5d:
24:a4:9f:84:b5:9f:b8:a5:56:d0:6d:d8:54:f3:e6:0c:78:7d:
81:7d:91:95:6f:d4:69:40:66:d4:a0:e7:a9:16:4d:b1:da:29:
86:18:ee:22:17:1f:39:c4:03:f8:0a:1e:e2:f5:e3:0d:8e:b4:
ce:7a:96:66:f2:a4:ee:a1:36:c4:34:db:17:84:d9:63:4d:97:
80:05:f0:d9:b6:7f:1f:b6:be:96:71:42:21:ad:6f:00:5e:07:
16:7b:67:cf:25:76:10:f2:50:bf:11:1c:3b:6a:1d:ed:02:47:
a8:05:73:08:91:67:e8:9e:29:88:fe:66:09:6c:4e:ec:a0:a1:
7f:ff:e8:e0:cf:de:61:cf:37:cc:4d:26:85:8f:51:7e:4a:db:
f5:16:63:46:36:30:e3:db:52:b0:c3:2b:64:25:f1:4a:7a:f6:
c2:73:d0:33:e1:8b:cf:63:b3:00:15:62:95:b3:b1:9a:f0:c6:
21:56:fe:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvHals+UYKNyiSyp3pUDf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMGY2ZmI2ZjVjODBjYTRhNjAzODI3Yzk2YjNiZGY2MGFk
NTYzYWEwHhcNMjMwMTAxMjA1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjdiYTNiZjlmMTM4MmNiMzQ0OGVmNTI0NzgzOGE3MTU3OTk0MWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJkrNZGbLJQkodk2xiv/0ReJFQIv
cvAJNh9l/+X2s11KHnWvQZxVZqm02y897qom4zosPVquJgKL7gXJfXbCSz6j+qtF
LJlMlkhrwTrkJbcsvB4sNX6Rl055B5o7L62LWN7Js6MMIGUBhF5xrd9oa7bx9/XU
4Vz03IXEvJmH4h7qdy17qGztQ1KXZd6aeGikrC8bJ4b26jsz/0Y1uw3wzMuimHis
xo2CV2zgXv8jqg038TRXeXlg5HNVENK4MqYRWvt3pxIMZiwnMKVoKBnLUVWAynE6
Mmxszf6bnd7LnCuMVJZPNOiFoDFLH0PwEWYti/tdiBaG4h2YnJYgZYTkDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHt7o7+fE4LLNEjvUkeDinFXmUHJMB8GA1UdIwQY
MBaAFKMPb7b1yAykpgOCfJazvfYK1WOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3c5dnR2WElES1NtQTRKOGxyTzk5Z3JWWTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kN2U2NjgtZjA3ZS00MzhiLTlmYTgt
ODBhYjc3OWVlZDEwLzEvZTN1anY1OFRnc3MwU085U1I0T0tjVmVaUWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kN2U2NjgtZjA3ZS00MzhiLTlmYTgtODBhYjc3OWVlZDEw
LzEvb3c5dnR2WElES1NtQTRKOGxyTzk5Z3JWWTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwbGAMA0E
AgACMAcDBQMqDN7AMA0GCSqGSIb3DQEBCwUAA4IBAQCEVeqyaaWcFdoYYF23BEIS
XCeE9xeM0pun/K37SAO0YA5VUP2FPuXLuAc89lhpUlF4z0wHPUIx7iAEfZ4AIB7T
0Jp2Z5XFYF0kpJ+EtZ+4pVbQbdhU8+YMeH2BfZGVb9RpQGbUoOepFk2x2imGGO4i
Fx85xAP4Ch7i9eMNjrTOepZm8qTuoTbENNsXhNljTZeABfDZtn8ftr6WcUIhrW8A
XgcWe2fPJXYQ8lC/ERw7ah3tAkeoBXMIkWfonimI/mYJbE7soKF//+jgz95hzzfM
TSaFj1F+Stv1FmNGNjDj21KwwytkJfFKevbCc9Az4YvPY7MAFWKVs7Ga8MYhVv5S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:40 2024 by rpki-client on console-fra.rpki-client.org