Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/839925-1555-4ff6-bc46-7feab48eee61/1/V1MDMck8IyQlYvTSMZKUpz244Do.roa
File: V1MDMck8IyQlYvTSMZKUpz244Do.roa (raw, json)
Hash identifier: cZXQdHIzRdWV4QRy/NyUjDfAHXn1WXxLl5xtaBfX6eQ=
Subject key identifier: 57:53:03:31:C9:3C:23:24:25:62:F4:D2:31:92:94:A7:3D:B8:E0:3A
Certificate issuer: /CN=5b95a94adad3a2896c72074d667c1b62075958cb
Certificate serial: 01856C0A3AF4F4ECDE6D25A09E2CA6F2BAF0
Authority key identifier: 5B:95:A9:4A:DA:D3:A2:89:6C:72:07:4D:66:7C:1B:62:07:59:58:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W5WpStrToolscgdNZnwbYgdZWMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/839925-1555-4ff6-bc46-7feab48eee61/1/V1MDMck8IyQlYvTSMZKUpz244Do.roa
Signing time: Sun 01 Jan 2023 06:34:47 +0000
ROA not before: Sun 01 Jan 2023 06:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34933
IP address blocks: 193.238.226.0/24 maxlen: 24
193.238.225.0/24 maxlen: 24
193.238.224.0/24 maxlen: 24
193.238.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:3a:f4:f4:ec:de:6d:25:a0:9e:2c:a6:f2:ba:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b95a94adad3a2896c72074d667c1b62075958cb
Validity
Not Before: Jan 1 06:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57530331c93c23242562f4d2319294a73db8e03a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0b:c5:3c:75:71:fa:d9:88:c7:7e:c2:3e:a1:
25:c1:b4:f7:af:c3:3a:6e:b4:32:88:61:96:9e:91:
a1:9c:e6:c3:be:7d:18:ff:ea:0b:30:d3:c1:c6:30:
50:22:73:13:8d:5d:58:27:c7:82:35:4a:34:bf:ff:
c1:1d:e3:1f:81:34:13:7f:ae:a2:c2:dd:ad:1e:fe:
e9:9e:7c:98:e4:7c:64:f0:c8:60:b6:e8:1f:99:bb:
00:8c:68:53:62:56:66:e9:88:50:2a:d7:81:b4:ee:
5f:7b:ec:55:98:5f:87:70:8e:06:bc:4b:47:e4:46:
ff:72:c6:ef:f7:dc:f4:31:52:cc:06:2e:1f:06:09:
8b:8d:ec:11:1b:a8:31:a0:24:6d:93:86:eb:80:5a:
20:84:e7:35:00:b9:30:92:25:39:75:69:ec:30:0b:
5a:c6:c2:ef:b6:2c:d3:dd:29:b4:38:80:a2:1e:1d:
db:af:78:4b:0a:27:60:1a:51:96:4d:7f:06:fc:25:
73:1c:6c:51:74:b3:a0:19:b4:c2:47:61:7b:53:b6:
cd:84:fb:fe:b9:de:c1:c4:72:8e:d9:03:42:43:b8:
8e:e9:eb:9f:bb:bd:55:26:3c:4c:34:be:9a:9d:1b:
0c:75:df:81:40:44:58:50:4b:44:30:88:6b:df:2b:
fe:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:53:03:31:C9:3C:23:24:25:62:F4:D2:31:92:94:A7:3D:B8:E0:3A
X509v3 Authority Key Identifier:
keyid:5B:95:A9:4A:DA:D3:A2:89:6C:72:07:4D:66:7C:1B:62:07:59:58:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W5WpStrToolscgdNZnwbYgdZWMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/839925-1555-4ff6-bc46-7feab48eee61/1/V1MDMck8IyQlYvTSMZKUpz244Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/839925-1555-4ff6-bc46-7feab48eee61/1/W5WpStrToolscgdNZnwbYgdZWMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.238.224.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:ca:36:00:2a:90:99:25:6a:da:aa:a0:92:35:2d:7f:64:8d:
7d:b6:3b:b9:e0:2c:1d:7c:49:7f:5d:dd:9a:59:70:40:58:d6:
a1:9e:84:86:d6:3f:d8:7f:9f:ab:9c:2c:3f:6c:fa:b6:90:59:
80:b9:f7:b2:49:f8:10:05:df:27:52:8a:ff:df:c7:ac:88:45:
6c:0a:94:1c:2e:a7:66:22:3d:bb:fc:e0:e6:19:6e:64:30:38:
fd:13:09:3d:e6:f6:4f:17:41:a5:15:b2:21:87:bf:e8:f0:b9:
e8:7b:e0:a8:91:8f:81:50:64:c7:8a:90:c9:b3:16:1c:d8:0e:
f9:52:b3:8d:d5:87:e7:08:7d:8c:5f:6d:d9:a8:75:97:a6:96:
02:90:be:5f:03:ba:ff:8a:e3:ac:e6:50:31:df:46:31:a1:99:
11:b5:b2:1a:bc:15:65:34:79:f8:d1:b2:59:f9:dc:fa:d9:71:
47:dc:d6:fd:04:94:e0:d2:24:30:0d:1a:35:5b:fa:3e:e2:42:
5d:51:df:2d:9e:74:41:7a:84:37:0f:a2:31:7e:55:b8:56:f9:
c4:f7:e4:a2:73:ad:75:d1:bc:14:83:88:d2:12:0d:36:3e:52:
99:7b:e8:b2:59:2f:db:88:7f:2a:d0:c7:e8:d7:c8:e6:60:90:
00:eb:d6:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCjr09OzebSWgniym8rrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViOTVhOTRhZGFkM2EyODk2YzcyMDc0ZDY2N2MxYjYyMDc1
OTU4Y2IwHhcNMjMwMTAxMDYzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzUzMDMzMWM5M2MyMzI0MjU2MmY0ZDIzMTkyOTRhNzNkYjhlMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwvFPHVx+tmIx37CPqElwbT3r8M6
brQyiGGWnpGhnObDvn0Y/+oLMNPBxjBQInMTjV1YJ8eCNUo0v//BHeMfgTQTf66i
wt2tHv7pnnyY5Hxk8MhgtugfmbsAjGhTYlZm6YhQKteBtO5fe+xVmF+HcI4GvEtH
5Eb/csbv99z0MVLMBi4fBgmLjewRG6gxoCRtk4brgFoghOc1ALkwkiU5dWnsMAta
xsLvtizT3Sm0OICiHh3br3hLCidgGlGWTX8G/CVzHGxRdLOgGbTCR2F7U7bNhPv+
ud7BxHKO2QNCQ7iO6eufu71VJjxMNL6anRsMdd+BQERYUEtEMIhr3yv+qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFdTAzHJPCMkJWL00jGSlKc9uOA6MB8GA1UdIwQY
MBaAFFuVqUra06KJbHIHTWZ8G2IHWVjLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzVXcFN0clRvb2xzY2dkTlpud2JZZ2RaV01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84Mzk5MjUtMTU1NS00ZmY2LWJjNDYt
N2ZlYWI0OGVlZTYxLzEvVjFNRE1jazhJeVFsWXZUU01aS1VwejI0NERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84Mzk5MjUtMTU1NS00ZmY2LWJjNDYtN2ZlYWI0OGVlZTYx
LzEvVzVXcFN0clRvb2xzY2dkTlpud2JZZ2RaV01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwe7gMA0G
CSqGSIb3DQEBCwUAA4IBAQCbyjYAKpCZJWraqqCSNS1/ZI19tju54CwdfEl/Xd2a
WXBAWNahnoSG1j/Yf5+rnCw/bPq2kFmAufeySfgQBd8nUor/38esiEVsCpQcLqdm
Ij27/ODmGW5kMDj9Ewk95vZPF0GlFbIhh7/o8Lnoe+CokY+BUGTHipDJsxYc2A75
UrON1YfnCH2MX23ZqHWXppYCkL5fA7r/iuOs5lAx30YxoZkRtbIavBVlNHn40bJZ
+dz62XFH3Nb9BJTg0iQwDRo1W/o+4kJdUd8tnnRBeoQ3D6IxflW4VvnE9+Sic611
0bwUg4jSEg02PlKZe+iyWS/biH8q0Mfo18jmYJAA69ay
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:34 2024 by rpki-client on console-ams.rpki-client.org