Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/ux5WshmtF_fglv_A3S-8Vb-cFCg.roa
File: ux5WshmtF_fglv_A3S-8Vb-cFCg.roa (raw, json)
Hash identifier: bJvm8VIhOOcfPgbcjaPGiyGzZXF62wfv7sxtXpg+h0I=
Subject key identifier: BB:1E:56:B2:19:AD:17:F7:E0:96:FF:C0:DD:2F:BC:55:BF:9C:14:28
Certificate issuer: /CN=29f9670ee2a30eac8c0a39dc47ff7a8cd2473b00
Certificate serial: 01857772FA7117BE90748633F0DD3019049D
Authority key identifier: 29:F9:67:0E:E2:A3:0E:AC:8C:0A:39:DC:47:FF:7A:8C:D2:47:3B:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KflnDuKjDqyMCjncR_96jNJHOwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/ux5WshmtF_fglv_A3S-8Vb-cFCg.roa
Signing time: Tue 03 Jan 2023 11:45:01 +0000
ROA not before: Tue 03 Jan 2023 11:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209114
IP address blocks: 193.33.120.0/24 maxlen: 24
2a12:6e40::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 13 Jan 2023 11:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:72:fa:71:17:be:90:74:86:33:f0:dd:30:19:04:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f9670ee2a30eac8c0a39dc47ff7a8cd2473b00
Validity
Not Before: Jan 3 11:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb1e56b219ad17f7e096ffc0dd2fbc55bf9c1428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1a:ea:24:ad:ce:2e:6d:e1:64:cd:8f:8f:b1:
1b:8b:0f:75:d9:e2:77:aa:3f:b1:26:35:37:f0:29:
ff:7a:9c:d2:a7:bc:c9:63:f8:74:46:6b:8e:0d:93:
f1:2d:66:ae:76:a1:00:11:60:48:92:d8:6a:9d:86:
81:20:6c:6c:8c:00:a8:c1:44:7a:14:b0:36:c5:8d:
04:52:79:a5:bd:b0:e3:49:b1:fc:1d:34:2c:7c:43:
0f:30:75:52:de:6f:4f:76:b3:f1:27:16:b7:86:db:
c1:25:e2:57:9a:3c:a2:ac:fa:82:26:c1:72:f4:37:
db:20:27:1c:e9:5c:f6:a1:83:c1:68:b8:6a:c4:46:
da:f7:a5:a1:05:0d:2a:c7:59:b6:a4:d0:a6:63:a1:
2a:6d:a0:a3:fa:3b:11:43:e8:2a:ba:41:e5:a9:c1:
c9:ad:15:ce:e1:33:98:c8:ae:86:01:e3:52:0f:62:
55:ff:e5:e3:dc:f1:26:85:38:3e:30:8b:f0:6b:14:
b6:79:ae:d9:b7:89:fe:f2:cf:07:47:45:d4:fd:f7:
7c:a6:3c:35:67:13:fb:4a:27:30:b4:d5:41:68:f7:
13:88:5c:aa:30:e3:2a:d1:6d:4b:3e:e7:8d:15:b8:
89:28:98:a2:19:ff:2e:fa:e0:d4:25:23:07:17:f4:
a1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:1E:56:B2:19:AD:17:F7:E0:96:FF:C0:DD:2F:BC:55:BF:9C:14:28
X509v3 Authority Key Identifier:
keyid:29:F9:67:0E:E2:A3:0E:AC:8C:0A:39:DC:47:FF:7A:8C:D2:47:3B:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KflnDuKjDqyMCjncR_96jNJHOwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/ux5WshmtF_fglv_A3S-8Vb-cFCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/KflnDuKjDqyMCjncR_96jNJHOwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.120.0/24
IPv6:
2a12:6e40::/29
Signature Algorithm: sha256WithRSAEncryption
97:1d:00:3b:9c:90:ca:5e:c2:94:66:d1:c6:70:c9:a9:40:da:
e3:42:58:b4:08:ec:ba:c7:2f:f4:3d:90:8f:e3:23:0e:32:89:
41:fa:c7:45:c4:39:37:44:b0:db:a9:57:2f:27:c3:8c:b9:a8:
43:aa:fe:e4:5a:26:f9:de:10:5c:60:35:35:32:50:0b:98:1b:
c4:82:4c:e2:75:4d:d2:73:d0:e2:88:00:43:55:2f:0f:92:8c:
9c:dc:d8:3b:8c:56:b0:8b:60:be:97:3b:d9:f7:75:a5:de:17:
7b:7a:b6:ad:d5:7c:1b:b9:bd:d6:18:18:4e:02:ec:6a:96:2f:
65:9a:45:46:52:dd:f6:a6:9b:53:ab:5f:ea:75:c7:84:0f:ec:
85:ca:7c:94:88:11:eb:2c:e3:c2:6e:85:a1:2b:1a:a5:34:69:
e4:51:19:b5:71:62:05:f0:7f:f9:10:71:d0:34:c8:ae:45:89:
3c:54:fc:28:1f:9b:56:67:fb:5f:ed:8c:ff:6a:a5:ef:c4:2c:
83:d8:af:00:f1:71:89:57:a4:a5:d6:46:fc:bb:d2:14:88:aa:
8c:a6:d6:1d:dc:01:4f:a3:e0:74:88:88:43:f4:f4:f8:fc:f0:
9e:e8:58:48:fa:21:de:44:04:d3:cf:34:67:24:36:d3:8a:0f:
26:90:6f:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYV3cvpxF76QdIYz8N0wGQSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Zjk2NzBlZTJhMzBlYWM4YzBhMzlkYzQ3ZmY3YThjZDI0
NzNiMDAwHhcNMjMwMTAzMTE0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjFlNTZiMjE5YWQxN2Y3ZTA5NmZmYzBkZDJmYmM1NWJmOWMxNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohrqJK3OLm3hZM2Pj7Ebiw912eJ3
qj+xJjU38Cn/epzSp7zJY/h0RmuODZPxLWaudqEAEWBIkthqnYaBIGxsjACowUR6
FLA2xY0EUnmlvbDjSbH8HTQsfEMPMHVS3m9PdrPxJxa3htvBJeJXmjyirPqCJsFy
9DfbICcc6Vz2oYPBaLhqxEba96WhBQ0qx1m2pNCmY6EqbaCj+jsRQ+gqukHlqcHJ
rRXO4TOYyK6GAeNSD2JV/+Xj3PEmhTg+MIvwaxS2ea7Zt4n+8s8HR0XU/fd8pjw1
ZxP7SicwtNVBaPcTiFyqMOMq0W1LPueNFbiJKJiiGf8u+uDUJSMHF/ShewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLseVrIZrRf34Jb/wN0vvFW/nBQoMB8GA1UdIwQY
MBaAFCn5Zw7iow6sjAo53Ef/eozSRzsAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZsbkR1S2pEcXlNQ2puY1JfOTZqTkpIT3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8yZmY3NmQtZjExNi00NDMwLTg0MDct
NmUyOWVmZGZkNGUzLzEvdXg1V3NobXRGX2ZnbHZfQTNTLThWYi1jRkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8yZmY3NmQtZjExNi00NDMwLTg0MDctNmUyOWVmZGZkNGUz
LzEvS2ZsbkR1S2pEcXlNQ2puY1JfOTZqTkpIT3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSF4MA0E
AgACMAcDBQMqEm5AMA0GCSqGSIb3DQEBCwUAA4IBAQCXHQA7nJDKXsKUZtHGcMmp
QNrjQli0COy6xy/0PZCP4yMOMolB+sdFxDk3RLDbqVcvJ8OMuahDqv7kWib53hBc
YDU1MlALmBvEgkzidU3Sc9DiiABDVS8Pkoyc3Ng7jFawi2C+lzvZ93Wl3hd7erat
1Xwbub3WGBhOAuxqli9lmkVGUt32pptTq1/qdceED+yFynyUiBHrLOPCboWhKxql
NGnkURm1cWIF8H/5EHHQNMiuRYk8VPwoH5tWZ/tf7Yz/aqXvxCyD2K8A8XGJV6Sl
1kb8u9IUiKqMptYd3AFPo+B0iIhD9PT4/PCe6FhI+iHeRATTzzRnJDbTig8mkG/W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:30 2024 by rpki-client on console-ams.rpki-client.org