Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/lY466jNCm1nb8UYLgOP0jP3G56w.roa
File: lY466jNCm1nb8UYLgOP0jP3G56w.roa (raw, json)
Hash identifier: B7GwhMhjt1Rel/cxi9rcZ2LuzKoR9lE28du4W85lPsg=
Subject key identifier: 95:8E:3A:EA:33:42:9B:59:DB:F1:46:0B:80:E3:F4:8C:FD:C6:E7:AC
Certificate issuer: /CN=89e21a2b8a25b971bdb741a0aae325992304194e
Certificate serial: 018A67BA295B9216EEF6E5CAEB6173D1314D
Authority key identifier: 89:E2:1A:2B:8A:25:B9:71:BD:B7:41:A0:AA:E3:25:99:23:04:19:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ieIaK4oluXG9t0GgquMlmSMEGU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/lY466jNCm1nb8UYLgOP0jP3G56w.roa
Signing time: Tue 05 Sep 2023 23:42:48 +0000
ROA not before: Tue 05 Sep 2023 23:42:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397966
IP address blocks: 193.25.214.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:67:ba:29:5b:92:16:ee:f6:e5:ca:eb:61:73:d1:31:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89e21a2b8a25b971bdb741a0aae325992304194e
Validity
Not Before: Sep 5 23:42:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=958e3aea33429b59dbf1460b80e3f48cfdc6e7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:df:2d:aa:4e:d4:3f:4d:78:de:40:b6:f0:cf:
47:ba:3b:9b:ec:8d:0f:63:92:06:7a:58:d4:37:b6:
16:08:c2:8b:9e:9b:84:49:e7:5b:c3:63:fa:e4:5a:
ac:11:a4:b6:6e:a6:d1:0a:77:9a:de:c7:0d:ac:d5:
b8:cc:d5:75:a9:fd:2c:22:c8:c9:de:12:24:29:65:
37:8c:97:ab:ad:00:6b:01:47:03:14:1b:c8:f2:3f:
67:4a:a7:b5:6b:03:8d:21:a2:1f:bc:d4:fb:0d:cf:
6c:6e:1a:88:db:81:86:fb:3a:6d:6f:bb:d6:eb:40:
9b:39:3b:bf:0b:f5:c1:a4:4d:89:bc:32:f2:01:2b:
39:c0:8a:a9:fb:8e:7d:bd:fb:af:8f:e2:6c:8f:c9:
b7:f6:74:04:d3:41:8e:76:d6:4b:9c:01:29:b5:d4:
37:90:22:d3:da:e3:d9:6d:06:d9:a4:ad:a1:91:56:
cf:30:87:6a:d0:e1:1f:8c:fb:0a:8a:e5:91:6f:f3:
75:54:60:b7:7a:ce:2b:00:95:54:df:3a:f0:1d:22:
a0:69:d9:48:1f:12:4a:46:59:a6:08:49:68:87:39:
4f:ab:6d:81:c1:b7:ba:dd:be:47:13:97:41:d0:92:
fa:26:7e:4b:b8:f4:aa:62:12:6d:c7:32:46:bf:c7:
8e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8E:3A:EA:33:42:9B:59:DB:F1:46:0B:80:E3:F4:8C:FD:C6:E7:AC
X509v3 Authority Key Identifier:
keyid:89:E2:1A:2B:8A:25:B9:71:BD:B7:41:A0:AA:E3:25:99:23:04:19:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ieIaK4oluXG9t0GgquMlmSMEGU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/lY466jNCm1nb8UYLgOP0jP3G56w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ieIaK4oluXG9t0GgquMlmSMEGU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.214.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:12:10:65:80:0e:28:ae:23:68:76:dd:14:29:34:c2:b3:94:
b1:fa:49:a2:38:8d:86:80:bd:66:8c:e7:ed:10:3d:34:9b:f3:
78:55:51:b5:3e:9e:6b:cc:ab:d1:1f:a3:e3:6a:8f:bd:fe:0a:
63:80:cd:68:a1:85:b0:e0:82:19:90:90:a9:f2:57:6a:50:c8:
d0:f7:87:e0:4d:ca:e3:8c:5d:56:db:1a:78:44:a7:66:63:74:
3d:db:d0:70:6e:e8:be:09:73:7d:3f:18:60:9d:ce:4d:3a:0e:
5c:93:ad:07:70:fe:a5:83:c0:23:88:a1:6b:00:85:c8:66:5a:
2d:7c:30:c7:ae:43:38:30:17:01:94:00:14:82:cf:e0:76:a2:
df:6b:6b:28:a4:ae:d5:24:ba:89:71:2f:45:2e:cd:d0:74:5a:
67:e9:64:d1:e3:78:4b:d0:82:c0:bd:ef:31:4a:04:54:bb:16:
a2:82:85:f1:52:2a:12:0d:ef:ae:a6:57:03:35:43:d8:7a:df:
5e:29:a2:55:24:39:25:43:4e:45:41:06:8b:5e:c8:15:ec:1b:
ec:97:63:4e:ce:2e:6b:8b:d2:cb:c1:3d:fa:67:df:47:bf:dc:
79:e4:f9:c7:04:20:e2:3f:1d:02:cb:7e:3f:4a:c4:a7:6f:c9:
ef:b9:c7:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpnuilbkhbu9uXK62Fz0TFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZTIxYTJiOGEyNWI5NzFiZGI3NDFhMGFhZTMyNTk5MjMw
NDE5NGUwHhcNMjMwOTA1MjM0MjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NThlM2FlYTMzNDI5YjU5ZGJmMTQ2MGI4MGUzZjQ4Y2ZkYzZlN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt8tqk7UP0143kC28M9Hujub7I0P
Y5IGeljUN7YWCMKLnpuESedbw2P65FqsEaS2bqbRCnea3scNrNW4zNV1qf0sIsjJ
3hIkKWU3jJerrQBrAUcDFBvI8j9nSqe1awONIaIfvNT7Dc9sbhqI24GG+zptb7vW
60CbOTu/C/XBpE2JvDLyASs5wIqp+459vfuvj+Jsj8m39nQE00GOdtZLnAEptdQ3
kCLT2uPZbQbZpK2hkVbPMIdq0OEfjPsKiuWRb/N1VGC3es4rAJVU3zrwHSKgadlI
HxJKRlmmCElohzlPq22Bwbe63b5HE5dB0JL6Jn5LuPSqYhJtxzJGv8eO3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWOOuozQptZ2/FGC4Dj9Iz9xuesMB8GA1UdIwQY
MBaAFIniGiuKJblxvbdBoKrjJZkjBBlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWVJYUs0b2x1WEc5dDBHZ3F1TWxtU01FR1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80MDY5OTEtNWJlMy00YTA1LWFjYjIt
MWFkNDdjY2QyZDlhLzEvbFk0NjZqTkNtMW5iOFVZTGdPUDBqUDNHNTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80MDY5OTEtNWJlMy00YTA1LWFjYjItMWFkNDdjY2QyZDlh
LzEvaWVJYUs0b2x1WEc5dDBHZ3F1TWxtU01FR1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRnWMA0G
CSqGSIb3DQEBCwUAA4IBAQAKEhBlgA4oriNodt0UKTTCs5Sx+kmiOI2GgL1mjOft
ED00m/N4VVG1Pp5rzKvRH6Pjao+9/gpjgM1ooYWw4IIZkJCp8ldqUMjQ94fgTcrj
jF1W2xp4RKdmY3Q929Bwbui+CXN9Pxhgnc5NOg5ck60HcP6lg8AjiKFrAIXIZlot
fDDHrkM4MBcBlAAUgs/gdqLfa2sopK7VJLqJcS9FLs3QdFpn6WTR43hL0ILAve8x
SgRUuxaigoXxUioSDe+uplcDNUPYet9eKaJVJDklQ05FQQaLXsgV7Bvsl2NOzi5r
i9LLwT36Z99Hv9x55PnHBCDiPx0Cy34/SsSnb8nvucfI
-----END CERTIFICATE-----
Generated at Thu Sep 14 07:36:57 2023 by rpki-client on console-ams.rpki-client.org