Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/RNjyxFQI2v_VzgUExCJQVIU76Hg.roa
File: RNjyxFQI2v_VzgUExCJQVIU76Hg.roa (raw, json)
Hash identifier: l9h7gTmc/gksUvBrtwCIBZhLmmGKwYzH3hD7U9iaU00=
Subject key identifier: 44:D8:F2:C4:54:08:DA:FF:D5:CE:05:04:C4:22:50:54:85:3B:E8:78
Certificate issuer: /CN=d90d2681514aefee9d3c86e1eae35736c84d1c09
Certificate serial: 018CCA2A77AF105E89F9A61ED83C79938984
Authority key identifier: D9:0D:26:81:51:4A:EF:EE:9D:3C:86:E1:EA:E3:57:36:C8:4D:1C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/RNjyxFQI2v_VzgUExCJQVIU76Hg.roa
Signing time: Tue 02 Jan 2024 12:33:49 +0000
ROA not before: Tue 02 Jan 2024 12:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13101
IP address blocks: 193.143.2.0/23 maxlen: 23
193.143.6.0/23 maxlen: 23
199.175.220.0/22 maxlen: 22
103.204.204.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 20 Feb 2024 07:03:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:77:af:10:5e:89:f9:a6:1e:d8:3c:79:93:89:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d90d2681514aefee9d3c86e1eae35736c84d1c09
Validity
Not Before: Jan 2 12:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44d8f2c45408daffd5ce0504c4225054853be878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:76:11:45:97:58:6e:4c:63:1f:7c:49:f3:ee:
72:19:12:74:c8:68:0a:87:78:c9:41:dd:1a:18:f2:
b1:87:45:98:f5:08:2e:8b:22:29:41:e5:ae:35:59:
55:2d:65:2a:ea:a5:30:70:66:f4:fb:08:12:40:e7:
86:90:01:c2:ed:88:37:22:2f:ac:b4:cf:bb:1c:f0:
56:ec:5c:35:98:69:91:e0:f0:51:95:b4:f9:4b:a1:
bd:9c:13:48:ed:0c:5d:c8:2f:53:9c:9f:0e:ce:f2:
0b:50:e5:a7:e6:b0:0e:6f:11:41:b9:aa:40:6a:9d:
74:f0:b8:67:e7:0c:e2:34:53:40:51:70:33:92:74:
b8:87:52:a5:19:86:ab:6b:16:3a:1e:4d:5a:0c:04:
5e:cb:be:25:2a:3b:8b:55:3b:f1:18:13:b3:9b:5a:
3e:bc:c1:0a:4d:f0:15:6f:f9:4f:c8:a9:2b:5d:5c:
1f:ca:67:f2:f8:45:97:80:93:a6:06:db:0a:6c:8c:
09:12:8c:dd:c2:93:c1:9b:8f:26:a0:d5:c0:50:05:
ff:ab:52:74:9a:b3:e6:4b:de:f8:47:19:dc:b3:38:
9c:c4:20:92:8e:3d:08:f9:52:af:3c:27:22:d3:08:
4d:e4:ed:2b:5e:a0:d7:c9:5e:91:88:f3:de:cf:42:
30:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D8:F2:C4:54:08:DA:FF:D5:CE:05:04:C4:22:50:54:85:3B:E8:78
X509v3 Authority Key Identifier:
keyid:D9:0D:26:81:51:4A:EF:EE:9D:3C:86:E1:EA:E3:57:36:C8:4D:1C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/RNjyxFQI2v_VzgUExCJQVIU76Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.204.204.0/22
193.143.2.0/23
193.143.6.0/23
199.175.220.0/22
Signature Algorithm: sha256WithRSAEncryption
96:1a:f0:70:82:5a:63:6e:82:c2:5f:f5:3b:93:ae:a3:5b:ea:
27:77:66:f8:49:e6:60:58:70:8c:28:fa:b4:56:21:d7:77:be:
06:a4:db:fa:13:a9:0a:1e:db:0e:fd:45:4e:fc:82:e9:ff:e5:
f7:e2:ce:c4:a7:ef:46:e3:8b:64:4e:63:35:c3:bc:7c:6b:0c:
6e:ee:bf:f2:7e:36:4f:49:f5:16:72:af:01:55:fd:29:36:f9:
e7:ef:70:89:40:25:ef:7a:1e:88:6b:f6:80:cd:84:4b:92:6c:
49:cd:6e:bb:e9:32:ba:cf:47:4e:fd:89:f2:4e:5f:17:9d:bd:
71:33:60:87:43:07:b5:24:0a:3a:74:96:ff:ad:0f:52:44:a5:
04:9a:81:9c:72:83:fb:9b:66:4d:3a:57:a2:48:9b:4f:58:f0:
02:2c:f0:7c:de:10:81:99:a1:3d:84:8f:f0:b9:6d:bf:9c:cf:
47:1d:2c:75:03:1a:31:f7:0b:da:1e:89:7b:00:84:16:bf:17:
ac:a3:6a:9a:13:ea:f6:17:f8:16:5d:8b:db:85:27:c9:66:f4:
1f:f7:fb:7c:9f:a4:fa:a7:1a:b1:da:76:ee:cd:92:94:c9:51:
12:c9:5e:03:05:68:a6:2b:f1:7e:24:97:9d:af:db:54:91:b2:
38:69:ec:12
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKnevEF6J+aYe2Dx5k4mEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGQyNjgxNTE0YWVmZWU5ZDNjODZlMWVhZTM1NzM2Yzg0
ZDFjMDkwHhcNMjQwMTAyMTIzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ4ZjJjNDU0MDhkYWZmZDVjZTA1MDRjNDIyNTA1NDg1M2JlODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinYRRZdYbkxjH3xJ8+5yGRJ0yGgK
h3jJQd0aGPKxh0WY9QguiyIpQeWuNVlVLWUq6qUwcGb0+wgSQOeGkAHC7Yg3Ii+s
tM+7HPBW7Fw1mGmR4PBRlbT5S6G9nBNI7QxdyC9TnJ8OzvILUOWn5rAObxFBuapA
ap108Lhn5wziNFNAUXAzknS4h1KlGYaraxY6Hk1aDARey74lKjuLVTvxGBOzm1o+
vMEKTfAVb/lPyKkrXVwfymfy+EWXgJOmBtsKbIwJEozdwpPBm48moNXAUAX/q1J0
mrPmS974RxncszicxCCSjj0I+VKvPCci0whN5O0rXqDXyV6RiPPez0IwJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFETY8sRUCNr/1c4FBMQiUFSFO+h4MB8GA1UdIwQY
MBaAFNkNJoFRSu/unTyG4erjVzbITRwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlEwbWdWRks3LTZkUEliaDZ1TlhOc2hOSEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lMGQ5NTYtN2I4Ny00ZWRkLWI5NDQt
MWQwZjI5YjRiOTdmLzEvUk5qeXhGUUkydl9WemdVRXhDSlFWSVU3NkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lMGQ5NTYtN2I4Ny00ZWRkLWI5NDQtMWQwZjI5YjRiOTdm
LzEvMlEwbWdWRks3LTZkUEliaDZ1TlhOc2hOSEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCZ8zMAwQB
wY8CAwQBwY8GAwQCx6/cMA0GCSqGSIb3DQEBCwUAA4IBAQCWGvBwglpjboLCX/U7
k66jW+ond2b4SeZgWHCMKPq0ViHXd74GpNv6E6kKHtsO/UVO/ILp/+X34s7Ep+9G
44tkTmM1w7x8awxu7r/yfjZPSfUWcq8BVf0pNvnn73CJQCXveh6Ia/aAzYRLkmxJ
zW676TK6z0dO/YnyTl8Xnb1xM2CHQwe1JAo6dJb/rQ9SRKUEmoGccoP7m2ZNOlei
SJtPWPACLPB83hCBmaE9hI/wuW2/nM9HHSx1Axox9wvaHol7AIQWvxeso2qaE+r2
F/gWXYvbhSfJZvQf9/t8n6T6pxqx2nbuzZKUyVESyV4DBWimK/F+JJedr9tUkbI4
aewS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:43 2024 by rpki-client on console-fra.rpki-client.org