Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/847cf5-2253-4290-b745-a14744d18a54/1/33CfWx8PneQsiN_HVn3rcQ7kdGM.roa
File: 33CfWx8PneQsiN_HVn3rcQ7kdGM.roa (raw, json)
Hash identifier: WvgnpU4AVVTQEFtN0swkCfwmfXHbMhhxo15iMUOJv1o=
Subject key identifier: DF:70:9F:5B:1F:0F:9D:E4:2C:88:DF:C7:56:7D:EB:71:0E:E4:74:63
Certificate issuer: /CN=d6d93be114f82d0258916a978cacbfb15bb5840a
Certificate serial: 01856DB86F98E0EC5E5F018C9039F93304FA
Authority key identifier: D6:D9:3B:E1:14:F8:2D:02:58:91:6A:97:8C:AC:BF:B1:5B:B5:84:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1tk74RT4LQJYkWqXjKy_sVu1hAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/847cf5-2253-4290-b745-a14744d18a54/1/33CfWx8PneQsiN_HVn3rcQ7kdGM.roa
Signing time: Sun 01 Jan 2023 14:24:41 +0000
ROA not before: Sun 01 Jan 2023 14:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211345
IP address blocks: 193.36.88.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:6f:98:e0:ec:5e:5f:01:8c:90:39:f9:33:04:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6d93be114f82d0258916a978cacbfb15bb5840a
Validity
Not Before: Jan 1 14:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df709f5b1f0f9de42c88dfc7567deb710ee47463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:98:2c:8e:88:9e:e4:4e:ea:0c:6f:50:8c:c3:
30:2b:fa:31:8d:17:5f:0b:9a:97:ae:ff:ac:73:b2:
62:af:5f:1b:48:ba:5c:a6:d2:14:72:f2:05:f3:96:
c5:96:46:e6:8c:3f:a1:c7:b2:67:72:2c:1e:2f:52:
42:b5:72:83:40:b0:b0:76:0b:66:a4:3d:aa:33:fb:
5e:1f:58:22:35:a7:48:f3:0b:8f:af:f2:11:f8:b5:
6a:fb:0d:93:8c:cd:4a:94:20:92:a5:99:b1:ec:aa:
b2:5e:3b:42:9c:81:1d:7a:38:86:96:66:32:bd:fb:
81:8a:67:2e:51:65:93:3d:33:69:5a:3a:7a:ef:dd:
d9:03:d4:68:2a:4a:35:57:f7:eb:53:7a:03:a8:ed:
12:04:a4:84:bf:0a:0f:f8:7a:28:1a:c3:38:b7:ea:
58:4a:23:77:06:30:96:fa:09:44:f2:2e:c9:57:b3:
e9:ab:db:96:64:19:0c:06:99:4b:78:a3:e3:0d:e3:
5d:f2:08:9f:3c:22:c9:6d:5a:44:fe:19:41:ae:93:
cb:a2:fe:1f:97:0d:36:48:7e:74:69:79:69:f8:2e:
50:0b:d3:af:ca:c7:8f:22:ad:07:3d:5b:d8:2e:83:
ca:47:a5:d4:ec:16:66:f8:ee:76:67:d5:41:04:6f:
29:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:70:9F:5B:1F:0F:9D:E4:2C:88:DF:C7:56:7D:EB:71:0E:E4:74:63
X509v3 Authority Key Identifier:
keyid:D6:D9:3B:E1:14:F8:2D:02:58:91:6A:97:8C:AC:BF:B1:5B:B5:84:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1tk74RT4LQJYkWqXjKy_sVu1hAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/847cf5-2253-4290-b745-a14744d18a54/1/33CfWx8PneQsiN_HVn3rcQ7kdGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/847cf5-2253-4290-b745-a14744d18a54/1/1tk74RT4LQJYkWqXjKy_sVu1hAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.88.0/24
Signature Algorithm: sha256WithRSAEncryption
96:08:49:5b:3e:b2:f7:21:c6:65:5d:12:e0:22:42:db:de:12:
cf:b5:34:03:87:6e:8d:ec:96:f6:73:13:8f:25:1f:0e:a8:78:
24:39:b8:69:48:df:d7:48:90:bb:ab:fb:86:85:b6:e7:42:8c:
46:87:69:02:6e:17:4c:a9:5e:ca:48:c0:c4:3a:a0:29:84:26:
94:25:58:bc:16:fb:ae:85:ab:23:3a:bc:c7:50:6e:5b:30:3c:
93:5d:44:4a:31:94:5e:cc:06:fc:a7:34:ff:40:03:65:e8:a7:
c3:aa:6f:7d:40:b2:32:4a:da:fb:86:94:34:02:1b:41:77:66:
c5:6b:f0:e1:97:a6:b5:99:a4:88:98:4a:81:4e:9c:ef:9b:b4:
c7:ab:fc:fe:e7:da:53:5b:d9:83:26:33:73:8f:dd:c9:f1:c2:
92:f6:d0:88:00:e6:03:9a:04:f1:6f:47:5e:5f:34:f0:30:a9:
ed:70:5f:16:02:d0:7b:13:ed:ed:05:8d:58:48:64:d7:c8:3d:
71:18:aa:09:31:be:fa:3f:59:9f:95:fe:b7:1a:8d:d9:ca:2b:
f9:c7:7c:b9:65:77:97:5d:d8:11:32:65:03:6c:51:3c:5a:c2:
eb:f7:02:a6:5f:43:03:5d:d4:73:e6:92:b9:a1:6e:b8:10:aa:
42:5c:3a:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtuG+Y4OxeXwGMkDn5MwT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZDkzYmUxMTRmODJkMDI1ODkxNmE5NzhjYWNiZmIxNWJi
NTg0MGEwHhcNMjMwMTAxMTQyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjcwOWY1YjFmMGY5ZGU0MmM4OGRmYzc1NjdkZWI3MTBlZTQ3NDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5gsjoie5E7qDG9QjMMwK/oxjRdf
C5qXrv+sc7Jir18bSLpcptIUcvIF85bFlkbmjD+hx7JnciweL1JCtXKDQLCwdgtm
pD2qM/teH1giNadI8wuPr/IR+LVq+w2TjM1KlCCSpZmx7KqyXjtCnIEdejiGlmYy
vfuBimcuUWWTPTNpWjp6793ZA9RoKko1V/frU3oDqO0SBKSEvwoP+HooGsM4t+pY
SiN3BjCW+glE8i7JV7Ppq9uWZBkMBplLeKPjDeNd8gifPCLJbVpE/hlBrpPLov4f
lw02SH50aXlp+C5QC9OvysePIq0HPVvYLoPKR6XU7BZm+O52Z9VBBG8pnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9wn1sfD53kLIjfx1Z963EO5HRjMB8GA1UdIwQY
MBaAFNbZO+EU+C0CWJFql4ysv7FbtYQKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXRrNzRSVDRMUUpZa1dxWGpLeV9zVnUxaEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC84NDdjZjUtMjI1My00MjkwLWI3NDUt
YTE0NzQ0ZDE4YTU0LzEvMzNDZld4OFBuZVFzaU5fSFZuM3JjUTdrZEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC84NDdjZjUtMjI1My00MjkwLWI3NDUtYTE0NzQ0ZDE4YTU0
LzEvMXRrNzRSVDRMUUpZa1dxWGpLeV9zVnUxaEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSRYMA0G
CSqGSIb3DQEBCwUAA4IBAQCWCElbPrL3IcZlXRLgIkLb3hLPtTQDh26N7Jb2cxOP
JR8OqHgkObhpSN/XSJC7q/uGhbbnQoxGh2kCbhdMqV7KSMDEOqAphCaUJVi8Fvuu
hasjOrzHUG5bMDyTXURKMZRezAb8pzT/QANl6KfDqm99QLIyStr7hpQ0AhtBd2bF
a/Dhl6a1maSImEqBTpzvm7THq/z+59pTW9mDJjNzj93J8cKS9tCIAOYDmgTxb0de
XzTwMKntcF8WAtB7E+3tBY1YSGTXyD1xGKoJMb76P1mflf63Go3Zyiv5x3y5ZXeX
XdgRMmUDbFE8WsLr9wKmX0MDXdRz5pK5oW64EKpCXDpd
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:15 2024 by rpki-client on console-fra.rpki-client.org