Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/0879d8-f216-45ab-bf87-23e1dadf106c/1/lWztM8GdfLQMBVEdWeytbaAiH1I.roa
File: lWztM8GdfLQMBVEdWeytbaAiH1I.roa (raw, json)
Hash identifier: yak48DDZfe5G91kPECWPtPS9o/Vl7xeCmI1XCo2BaTg=
Subject key identifier: 95:6C:ED:33:C1:9D:7C:B4:0C:05:51:1D:59:EC:AD:6D:A0:22:1F:52
Certificate issuer: /CN=f4dc26c626c51c5def6f2466f38f55b25029642f
Certificate serial: 01857343A7A69F5EA522D8D9D47DDE11C732
Authority key identifier: F4:DC:26:C6:26:C5:1C:5D:EF:6F:24:66:F3:8F:55:B2:50:29:64:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NwmxibFHF3vbyRm849VslApZC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/0879d8-f216-45ab-bf87-23e1dadf106c/1/lWztM8GdfLQMBVEdWeytbaAiH1I.roa
Signing time: Mon 02 Jan 2023 16:14:51 +0000
ROA not before: Mon 02 Jan 2023 16:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210364
IP address blocks: 193.200.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:a7:a6:9f:5e:a5:22:d8:d9:d4:7d:de:11:c7:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4dc26c626c51c5def6f2466f38f55b25029642f
Validity
Not Before: Jan 2 16:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=956ced33c19d7cb40c05511d59ecad6da0221f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:49:30:0e:75:00:0c:7b:2e:9b:0e:0f:4f:0f:
c3:64:61:bf:24:39:68:cd:04:74:e7:17:bb:a7:d0:
0c:82:e0:83:d4:e4:f3:b4:24:81:17:9d:44:1f:71:
33:ae:b7:eb:ee:ba:dd:8a:14:ea:e8:d8:05:b6:c6:
0f:96:06:77:19:d6:46:ed:e2:20:4b:01:15:c1:0a:
31:2c:21:ab:5d:40:a1:50:d9:f9:15:ba:35:eb:7f:
2d:4f:e5:8a:20:74:e9:dc:29:ea:40:da:f3:28:e3:
e8:fd:e7:76:48:d7:b4:26:ec:37:02:8a:a5:ce:b6:
3a:fb:7d:d1:87:94:cb:ac:90:7b:02:ff:cd:fe:8e:
34:64:d1:40:60:99:dc:02:4e:46:84:bb:5b:ad:bd:
17:e4:cc:49:4b:b1:55:a6:d4:01:05:db:0e:1b:ce:
60:49:d6:ef:c1:3b:b5:21:8b:f6:69:72:93:3d:f4:
f0:94:37:2e:af:33:be:fb:a4:f2:d3:97:b3:03:f5:
43:4b:c7:4b:ef:26:3c:12:17:03:da:b8:70:39:b1:
d0:48:ed:b2:ec:25:2a:33:d7:43:ac:40:32:b7:44:
7b:22:76:84:a2:0d:7e:48:dc:8e:11:88:a5:86:6c:
ad:c4:05:aa:05:a7:83:f2:7f:cb:e5:de:2f:31:ff:
ec:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6C:ED:33:C1:9D:7C:B4:0C:05:51:1D:59:EC:AD:6D:A0:22:1F:52
X509v3 Authority Key Identifier:
keyid:F4:DC:26:C6:26:C5:1C:5D:EF:6F:24:66:F3:8F:55:B2:50:29:64:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NwmxibFHF3vbyRm849VslApZC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/0879d8-f216-45ab-bf87-23e1dadf106c/1/lWztM8GdfLQMBVEdWeytbaAiH1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/0879d8-f216-45ab-bf87-23e1dadf106c/1/9NwmxibFHF3vbyRm849VslApZC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.33.0/24
Signature Algorithm: sha256WithRSAEncryption
06:d8:d8:f7:ac:4b:f3:b7:e3:79:12:70:1c:aa:eb:47:03:8b:
8c:9d:d6:97:82:80:18:68:9b:1e:9d:4a:24:90:54:1f:6e:e3:
16:c2:e8:1b:f0:ee:d1:80:31:fd:27:09:c4:40:fc:67:a1:78:
a3:a3:c6:83:11:0e:04:1a:9c:7c:3a:9d:69:76:ce:52:a8:6a:
ff:84:c5:04:3a:f9:2f:77:85:00:56:c5:3e:d2:af:c4:91:58:
8f:00:63:a7:ea:69:76:89:1f:70:9f:14:f5:26:c3:4b:4d:c7:
28:45:0a:f1:29:42:1a:f3:4a:a3:9d:83:e6:68:18:09:79:c7:
ab:25:85:a2:2d:81:93:44:24:17:ec:73:10:9d:67:65:47:e6:
59:ab:71:88:ae:85:81:ea:14:48:fd:65:80:7f:1e:d3:e8:40:
26:c1:77:58:f5:37:6b:d0:63:e0:9d:8e:e9:01:b2:40:ca:94:
ff:d9:d9:ed:55:32:09:9e:c7:1a:7a:d1:22:09:23:68:d0:7e:
4e:89:24:f6:bb:15:90:0d:2d:b3:30:ca:70:70:99:96:0f:c5:
29:a3:2e:65:68:36:55:6c:a3:92:7b:f0:c3:04:d4:ec:67:67:
d0:af:a7:d8:84:6e:12:e3:e3:12:9f:08:d0:41:93:7a:c7:cf:
fa:b7:fa:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzQ6emn16lItjZ1H3eEccyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZGMyNmM2MjZjNTFjNWRlZjZmMjQ2NmYzOGY1NWIyNTAy
OTY0MmYwHhcNMjMwMTAyMTYxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZjZWQzM2MxOWQ3Y2I0MGMwNTUxMWQ1OWVjYWQ2ZGEwMjIxZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEkwDnUADHsumw4PTw/DZGG/JDlo
zQR05xe7p9AMguCD1OTztCSBF51EH3Ezrrfr7rrdihTq6NgFtsYPlgZ3GdZG7eIg
SwEVwQoxLCGrXUChUNn5Fbo1638tT+WKIHTp3CnqQNrzKOPo/ed2SNe0Juw3Aoql
zrY6+33Rh5TLrJB7Av/N/o40ZNFAYJncAk5GhLtbrb0X5MxJS7FVptQBBdsOG85g
SdbvwTu1IYv2aXKTPfTwlDcurzO++6Ty05ezA/VDS8dL7yY8EhcD2rhwObHQSO2y
7CUqM9dDrEAyt0R7InaEog1+SNyOEYilhmytxAWqBaeD8n/L5d4vMf/s5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVs7TPBnXy0DAVRHVnsrW2gIh9SMB8GA1UdIwQY
MBaAFPTcJsYmxRxd728kZvOPVbJQKWQvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU53bXhpYkZIRjN2YnlSbTg0OVZzbEFwWkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wODc5ZDgtZjIxNi00NWFiLWJmODct
MjNlMWRhZGYxMDZjLzEvbFd6dE04R2RmTFFNQlZFZFdleXRiYUFpSDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wODc5ZDgtZjIxNi00NWFiLWJmODctMjNlMWRhZGYxMDZj
LzEvOU53bXhpYkZIRjN2YnlSbTg0OVZzbEFwWkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcghMA0G
CSqGSIb3DQEBCwUAA4IBAQAG2Nj3rEvzt+N5EnAcqutHA4uMndaXgoAYaJsenUok
kFQfbuMWwugb8O7RgDH9JwnEQPxnoXijo8aDEQ4EGpx8Op1pds5SqGr/hMUEOvkv
d4UAVsU+0q/EkViPAGOn6ml2iR9wnxT1JsNLTccoRQrxKUIa80qjnYPmaBgJecer
JYWiLYGTRCQX7HMQnWdlR+ZZq3GIroWB6hRI/WWAfx7T6EAmwXdY9Tdr0GPgnY7p
AbJAypT/2dntVTIJnscaetEiCSNo0H5OiST2uxWQDS2zMMpwcJmWD8Upoy5laDZV
bKOSe/DDBNTsZ2fQr6fYhG4S4+MSnwjQQZN6x8/6t/pM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:12 2024 by rpki-client on console-fra.rpki-client.org