Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/5b28e1-f70c-42d4-838c-e08d53f09612/1/iUM25zuHtBfOdRsQc2G4SMjMj3w.roa
File: iUM25zuHtBfOdRsQc2G4SMjMj3w.roa (raw, json)
Hash identifier: NClqUBWnrwwhrVmdNzbzVkn3n13TUxnb54Xzgv03k/k=
Subject key identifier: 89:43:36:E7:3B:87:B4:17:CE:75:1B:10:73:61:B8:48:C8:CC:8F:7C
Certificate issuer: /CN=f7ee5c1c804c33fde33d9b08b919f73d31d0b6d9
Certificate serial: 01856DE6670D3FAF9D4FEE69DE72C7F83EF2
Authority key identifier: F7:EE:5C:1C:80:4C:33:FD:E3:3D:9B:08:B9:19:F7:3D:31:D0:B6:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9-5cHIBMM_3jPZsIuRn3PTHQttk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/5b28e1-f70c-42d4-838c-e08d53f09612/1/iUM25zuHtBfOdRsQc2G4SMjMj3w.roa
Signing time: Sun 01 Jan 2023 15:14:54 +0000
ROA not before: Sun 01 Jan 2023 15:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39357
IP address blocks: 193.84.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:67:0d:3f:af:9d:4f:ee:69:de:72:c7:f8:3e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7ee5c1c804c33fde33d9b08b919f73d31d0b6d9
Validity
Not Before: Jan 1 15:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=894336e73b87b417ce751b107361b848c8cc8f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f1:2b:0e:64:c0:b1:e8:64:2c:e8:10:a9:c8:
89:24:42:96:6c:1e:3b:1c:cd:9d:67:91:55:17:d0:
2d:f3:08:f8:1a:09:84:8c:4d:f8:1c:19:8a:27:d5:
a3:8b:8b:6f:7c:f0:1c:2e:54:8a:9d:17:0e:4e:db:
2a:65:b1:15:d8:c3:ea:19:66:a5:b4:81:16:76:8f:
a2:eb:2b:c3:ec:c9:dc:71:16:f5:30:da:55:bf:ae:
2e:fe:23:8f:bb:6f:f0:95:37:d5:02:01:b5:5f:ec:
a8:c5:fe:3c:1a:15:fc:30:09:b9:7e:ab:b1:e6:90:
95:ad:b8:36:48:ae:f8:9e:57:f4:f4:df:f9:92:de:
b7:6e:e8:74:40:38:a2:e5:24:cd:e1:91:c9:37:aa:
f1:74:13:4d:fd:c3:4f:3a:ae:d6:b6:a7:0f:a3:2f:
d5:53:8b:47:0e:a4:32:20:ce:f5:5d:d4:7e:5c:12:
e0:51:13:48:57:c3:01:af:e9:34:fa:f8:9c:99:5c:
30:82:e9:ca:49:59:c4:d7:64:6f:9c:14:54:28:22:
96:a2:ad:06:5d:b8:e1:9f:e3:bb:71:ed:2e:bf:81:
79:53:76:d7:c3:74:b3:93:43:d2:34:16:a3:d8:7a:
6b:88:32:3d:94:57:b7:c3:1a:de:14:2b:ec:71:1d:
4d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:43:36:E7:3B:87:B4:17:CE:75:1B:10:73:61:B8:48:C8:CC:8F:7C
X509v3 Authority Key Identifier:
keyid:F7:EE:5C:1C:80:4C:33:FD:E3:3D:9B:08:B9:19:F7:3D:31:D0:B6:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-5cHIBMM_3jPZsIuRn3PTHQttk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/5b28e1-f70c-42d4-838c-e08d53f09612/1/iUM25zuHtBfOdRsQc2G4SMjMj3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/5b28e1-f70c-42d4-838c-e08d53f09612/1/9-5cHIBMM_3jPZsIuRn3PTHQttk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.86.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:5f:26:fd:5d:ca:40:84:33:1a:3c:2e:cb:03:27:f0:33:15:
a8:cd:56:bf:95:65:d9:b7:64:87:22:c9:5b:f4:13:cd:65:e5:
3d:0d:7c:88:90:2d:6f:a8:9c:6b:a1:50:69:c9:c6:eb:63:da:
51:4d:35:cb:29:63:59:e6:c6:cf:0d:c0:b9:52:74:80:c3:cd:
27:1b:c2:ff:3e:40:70:15:9e:6a:1b:35:d9:65:63:bc:8b:c4:
00:c4:d4:63:2d:c2:a9:1b:54:e1:53:44:bd:d6:ef:16:37:10:
2b:36:7a:5b:60:29:c4:b5:27:e4:1c:22:e0:3e:b7:45:fc:6e:
30:81:35:72:8c:a2:2e:3f:43:a0:76:10:65:19:d6:a0:57:9d:
8a:d5:e3:c5:2c:9e:10:cd:42:06:1f:c8:0b:ed:44:2d:cc:ca:
48:15:26:71:76:ce:75:f9:7c:7a:62:5e:ab:8c:a5:8e:51:e8:
9a:c8:e7:1e:f2:a0:98:c7:46:93:40:56:c3:2a:f1:3a:84:fa:
c5:6e:a3:53:69:ae:17:3b:55:8a:42:11:04:ab:56:29:75:bc:
c2:0e:aa:ac:83:8d:28:10:1f:b1:ac:d4:cd:da:3a:6b:58:be:
24:90:17:03:54:09:3d:62:57:9f:9f:cf:d2:b0:44:20:f4:e6:
02:66:75:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5mcNP6+dT+5p3nLH+D7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZWU1YzFjODA0YzMzZmRlMzNkOWIwOGI5MTlmNzNkMzFk
MGI2ZDkwHhcNMjMwMTAxMTUxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQzMzZlNzNiODdiNDE3Y2U3NTFiMTA3MzYxYjg0OGM4Y2M4ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/ErDmTAsehkLOgQqciJJEKWbB47
HM2dZ5FVF9At8wj4GgmEjE34HBmKJ9Wji4tvfPAcLlSKnRcOTtsqZbEV2MPqGWal
tIEWdo+i6yvD7MnccRb1MNpVv64u/iOPu2/wlTfVAgG1X+yoxf48GhX8MAm5fqux
5pCVrbg2SK74nlf09N/5kt63buh0QDii5STN4ZHJN6rxdBNN/cNPOq7WtqcPoy/V
U4tHDqQyIM71XdR+XBLgURNIV8MBr+k0+vicmVwwgunKSVnE12RvnBRUKCKWoq0G
Xbjhn+O7ce0uv4F5U3bXw3Szk0PSNBaj2HpriDI9lFe3wxreFCvscR1NYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlDNuc7h7QXznUbEHNhuEjIzI98MB8GA1UdIwQY
MBaAFPfuXByATDP94z2bCLkZ9z0x0LbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOS01Y0hJQk1NXzNqUFpzSXVSbjNQVEhRdHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy81YjI4ZTEtZjcwYy00MmQ0LTgzOGMt
ZTA4ZDUzZjA5NjEyLzEvaVVNMjV6dUh0QmZPZFJzUWMyRzRTTWpNajN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy81YjI4ZTEtZjcwYy00MmQ0LTgzOGMtZTA4ZDUzZjA5NjEy
LzEvOS01Y0hJQk1NXzNqUFpzSXVSbjNQVEhRdHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwVRWMA0G
CSqGSIb3DQEBCwUAA4IBAQAdXyb9XcpAhDMaPC7LAyfwMxWozVa/lWXZt2SHIslb
9BPNZeU9DXyIkC1vqJxroVBpycbrY9pRTTXLKWNZ5sbPDcC5UnSAw80nG8L/PkBw
FZ5qGzXZZWO8i8QAxNRjLcKpG1ThU0S91u8WNxArNnpbYCnEtSfkHCLgPrdF/G4w
gTVyjKIuP0OgdhBlGdagV52K1ePFLJ4QzUIGH8gL7UQtzMpIFSZxds51+Xx6Yl6r
jKWOUeiayOce8qCYx0aTQFbDKvE6hPrFbqNTaa4XO1WKQhEEq1YpdbzCDqqsg40o
EB+xrNTN2jprWL4kkBcDVAk9Ylefn8/SsEQg9OYCZnXL
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:54 2024 by rpki-client on console-fra.rpki-client.org