Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1ccf80-0925-40e0-8714-c4d9be137eea/1/4TFQORzXNrsrGlVr73V8QTIbrfA.roa
File: 4TFQORzXNrsrGlVr73V8QTIbrfA.roa (raw, json)
Hash identifier: V/ZS96778KGjJabyTpAx9eGf0Qo3ity5SR34YsATwxY=
Subject key identifier: E1:31:50:39:1C:D7:36:BB:2B:1A:55:6B:EF:75:7C:41:32:1B:AD:F0
Certificate issuer: /CN=3bccdb0db7cf4664ecc7dbdd1801c87ce0d847cf
Certificate serial: 0185724C7FF5BABC027E4744DC6351312047
Authority key identifier: 3B:CC:DB:0D:B7:CF:46:64:EC:C7:DB:DD:18:01:C8:7C:E0:D8:47:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O8zbDbfPRmTsx9vdGAHIfODYR88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1ccf80-0925-40e0-8714-c4d9be137eea/1/4TFQORzXNrsrGlVr73V8QTIbrfA.roa
Signing time: Mon 02 Jan 2023 11:44:54 +0000
ROA not before: Mon 02 Jan 2023 11:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13054
IP address blocks: 193.101.168.0/21 maxlen: 21
193.101.168.0/22 maxlen: 22
193.101.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:7f:f5:ba:bc:02:7e:47:44:dc:63:51:31:20:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bccdb0db7cf4664ecc7dbdd1801c87ce0d847cf
Validity
Not Before: Jan 2 11:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e13150391cd736bb2b1a556bef757c41321badf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:96:89:fc:61:68:c5:f8:79:61:d7:02:b9:85:
dd:43:bb:b1:15:28:3f:91:7e:ed:9c:e1:82:e4:94:
9f:01:0b:46:bf:52:bc:31:d9:02:af:b3:0d:f3:93:
6b:76:64:e3:c2:12:6c:39:57:f3:75:d8:57:88:ef:
56:07:e4:0a:4d:85:83:ce:e9:d3:ef:ab:5b:18:3e:
7e:f8:41:8c:86:cf:87:a8:e3:ae:76:c2:f6:e9:6a:
99:98:b8:88:05:1a:65:c5:4d:df:71:c4:92:70:b8:
43:c2:8c:b6:e1:84:62:91:a4:7c:ca:7c:f7:c6:1b:
99:16:59:ee:2e:ad:de:d3:be:17:5e:63:1e:c5:75:
57:eb:24:2f:85:3d:be:58:33:28:a0:00:e1:b2:b5:
b8:07:a8:e7:9a:69:21:91:4b:65:bf:43:89:c6:92:
dc:aa:63:5e:bd:f4:24:f9:6e:74:68:6c:26:74:e2:
30:9d:a8:96:26:d8:0d:77:75:2e:5b:d5:97:e8:cc:
68:e7:66:65:58:e9:99:ce:ae:09:f6:ca:95:25:71:
d8:8e:d5:8a:82:e3:be:fe:56:41:1a:bf:76:9f:12:
2a:06:8c:45:bf:c2:8f:ca:11:6c:45:33:d0:13:ae:
ca:67:80:98:c3:a7:b3:85:c4:45:44:f5:29:5c:f3:
92:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:31:50:39:1C:D7:36:BB:2B:1A:55:6B:EF:75:7C:41:32:1B:AD:F0
X509v3 Authority Key Identifier:
keyid:3B:CC:DB:0D:B7:CF:46:64:EC:C7:DB:DD:18:01:C8:7C:E0:D8:47:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8zbDbfPRmTsx9vdGAHIfODYR88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1ccf80-0925-40e0-8714-c4d9be137eea/1/4TFQORzXNrsrGlVr73V8QTIbrfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1ccf80-0925-40e0-8714-c4d9be137eea/1/O8zbDbfPRmTsx9vdGAHIfODYR88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.101.168.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:73:f5:31:ec:1f:5d:85:f2:3b:ad:02:87:3c:4f:c0:5e:fc:
99:81:07:b0:24:20:25:9c:0f:03:73:98:67:b7:d1:8d:3d:fa:
12:6f:6b:26:59:9c:06:0f:17:70:91:60:d2:d0:63:48:6b:56:
bf:b7:a3:14:62:76:bf:d7:d5:98:bd:52:ea:b0:d2:5e:23:a7:
ba:c2:92:45:31:7e:41:92:af:83:ac:0d:b8:c9:e4:cb:69:d5:
a1:81:73:5a:9b:59:d4:2b:4e:f2:10:3b:c2:49:95:55:44:99:
e6:57:c9:4c:02:a0:d5:10:04:02:8f:91:87:7c:83:2b:d4:55:
00:45:bb:38:6a:e5:c4:41:24:c0:cc:ee:81:97:30:e5:3b:52:
37:b3:41:7b:04:c4:ac:d3:18:c4:f6:b9:4d:2c:22:2d:68:95:
de:c6:5c:49:3c:b5:5e:4f:b1:66:b6:8e:ff:b8:05:cf:ff:d1:
24:60:0b:8a:75:c3:79:d9:9e:56:2f:8f:71:99:f9:ef:f7:93:
8a:ab:3a:4a:c3:1c:ae:b9:0f:38:91:85:50:f8:c7:22:dd:5d:
e0:61:c4:e4:7c:47:a2:a7:82:73:05:24:92:37:ad:9e:2a:1f:
3d:69:d2:71:a4:9c:00:82:60:ec:ed:59:06:fa:6f:24:f2:7e:
db:01:4a:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTH/1urwCfkdE3GNRMSBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiY2NkYjBkYjdjZjQ2NjRlY2M3ZGJkZDE4MDFjODdjZTBk
ODQ3Y2YwHhcNMjMwMTAyMTE0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTMxNTAzOTFjZDczNmJiMmIxYTU1NmJlZjc1N2M0MTMyMWJhZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJaJ/GFoxfh5YdcCuYXdQ7uxFSg/
kX7tnOGC5JSfAQtGv1K8MdkCr7MN85NrdmTjwhJsOVfzddhXiO9WB+QKTYWDzunT
76tbGD5++EGMhs+HqOOudsL26WqZmLiIBRplxU3fccSScLhDwoy24YRikaR8ynz3
xhuZFlnuLq3e074XXmMexXVX6yQvhT2+WDMooADhsrW4B6jnmmkhkUtlv0OJxpLc
qmNevfQk+W50aGwmdOIwnaiWJtgNd3UuW9WX6Mxo52ZlWOmZzq4J9sqVJXHYjtWK
guO+/lZBGr92nxIqBoxFv8KPyhFsRTPQE67KZ4CYw6ezhcRFRPUpXPOS6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOExUDkc1za7KxpVa+91fEEyG63wMB8GA1UdIwQY
MBaAFDvM2w23z0Zk7Mfb3RgByHzg2EfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzh6YkRiZlBSbVRzeDl2ZEdBSElmT0RZUjg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xY2NmODAtMDkyNS00MGUwLTg3MTQt
YzRkOWJlMTM3ZWVhLzEvNFRGUU9SelhOcnNyR2xWcjczVjhRVElicmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xY2NmODAtMDkyNS00MGUwLTg3MTQtYzRkOWJlMTM3ZWVh
LzEvTzh6YkRiZlBSbVRzeDl2ZEdBSElmT0RZUjg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwWWoMA0G
CSqGSIb3DQEBCwUAA4IBAQCqc/Ux7B9dhfI7rQKHPE/AXvyZgQewJCAlnA8Dc5hn
t9GNPfoSb2smWZwGDxdwkWDS0GNIa1a/t6MUYna/19WYvVLqsNJeI6e6wpJFMX5B
kq+DrA24yeTLadWhgXNam1nUK07yEDvCSZVVRJnmV8lMAqDVEAQCj5GHfIMr1FUA
Rbs4auXEQSTAzO6BlzDlO1I3s0F7BMSs0xjE9rlNLCItaJXexlxJPLVeT7Fmto7/
uAXP/9EkYAuKdcN52Z5WL49xmfnv95OKqzpKwxyuuQ84kYVQ+Mci3V3gYcTkfEei
p4JzBSSSN62eKh89adJxpJwAgmDs7VkG+m8k8n7bAUpo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:47 2024 by rpki-client on console-ams.rpki-client.org