Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b9bda3-b611-4338-bbe8-a7dd16343297/1/dD3r6T6Pra2oIXPmaAGJH7MkOWM.roa
File: dD3r6T6Pra2oIXPmaAGJH7MkOWM.roa (raw, json)
Hash identifier: tq8exAATVaOMqoTdNyC3zC1l+KdnMsIvCE8bg2pjfMQ=
Subject key identifier: 74:3D:EB:E9:3E:8F:AD:AD:A8:21:73:E6:68:01:89:1F:B3:24:39:63
Certificate issuer: /CN=a4a015b2d3d3e909b602f9fdd4f6f6f618873c58
Certificate serial: 01856DB877553981E3675E7A5C19D5D279A3
Authority key identifier: A4:A0:15:B2:D3:D3:E9:09:B6:02:F9:FD:D4:F6:F6:F6:18:87:3C:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKAVstPT6Qm2Avn91Pb29hiHPFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b9bda3-b611-4338-bbe8-a7dd16343297/1/dD3r6T6Pra2oIXPmaAGJH7MkOWM.roa
Signing time: Sun 01 Jan 2023 14:24:43 +0000
ROA not before: Sun 01 Jan 2023 14:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31424
IP address blocks: 195.191.132.0/23 maxlen: 23
193.17.194.0/24 maxlen: 24
2001:67c:358::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:77:55:39:81:e3:67:5e:7a:5c:19:d5:d2:79:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4a015b2d3d3e909b602f9fdd4f6f6f618873c58
Validity
Not Before: Jan 1 14:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=743debe93e8fadada82173e66801891fb3243963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8a:4d:07:b3:27:1b:f9:a8:9d:2a:03:bb:8e:
1e:cd:9e:89:e9:fe:61:a9:8e:75:ca:89:87:90:4a:
b3:0b:92:d1:9f:45:d9:23:12:91:3f:23:06:e9:e6:
a6:d1:9d:d4:30:33:b4:4f:79:9e:0b:b8:ed:5d:da:
53:46:16:ba:26:38:2a:93:4e:51:64:32:3f:d9:ba:
e9:ac:af:6e:89:e8:6f:db:64:27:11:6d:69:f8:6a:
dc:5d:62:26:a7:53:3c:7a:af:d2:cc:66:41:09:c8:
c8:d0:22:bc:1c:c3:59:84:cb:3f:5e:0f:5c:f5:3b:
78:32:18:5c:87:ed:e3:e5:a8:1d:58:e2:89:6d:9c:
30:a0:e3:e3:3d:1a:d6:fd:76:34:66:b2:8d:cb:df:
33:8e:ae:d7:e7:10:86:90:02:70:5d:79:05:28:d9:
bd:bd:67:90:31:43:55:46:d1:eb:91:99:43:32:a1:
7e:91:0e:94:bd:85:f6:46:fe:b2:4d:ae:7d:62:68:
11:02:7c:ec:fa:18:2c:4c:cc:73:90:bd:c9:bb:f4:
91:16:91:3b:19:d9:ca:66:a4:9c:0a:ff:1a:c7:13:
a0:51:fa:e3:9e:cb:85:ce:18:72:30:2b:d7:19:91:
2c:32:c3:54:5e:3a:b9:4b:67:64:6f:3b:93:79:df:
01:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:3D:EB:E9:3E:8F:AD:AD:A8:21:73:E6:68:01:89:1F:B3:24:39:63
X509v3 Authority Key Identifier:
keyid:A4:A0:15:B2:D3:D3:E9:09:B6:02:F9:FD:D4:F6:F6:F6:18:87:3C:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKAVstPT6Qm2Avn91Pb29hiHPFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b9bda3-b611-4338-bbe8-a7dd16343297/1/dD3r6T6Pra2oIXPmaAGJH7MkOWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b9bda3-b611-4338-bbe8-a7dd16343297/1/pKAVstPT6Qm2Avn91Pb29hiHPFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.194.0/24
195.191.132.0/23
IPv6:
2001:67c:358::/48
Signature Algorithm: sha256WithRSAEncryption
08:65:88:03:0b:b3:f4:5b:14:15:24:c7:95:da:41:62:c9:18:
31:5c:8d:c8:de:6c:98:68:82:2f:7c:37:ea:18:47:01:67:ff:
2f:ba:d0:83:ed:d3:4b:06:ae:0e:d9:95:9e:2c:8f:a3:7a:e7:
08:c5:63:8b:1c:97:6b:ec:b1:44:20:94:ec:f6:9c:71:88:f1:
78:99:ba:06:4c:a3:d4:8b:46:94:c3:6c:c5:17:22:83:e3:10:
b9:61:be:5c:62:ae:6e:15:e4:02:5a:fa:f2:f2:04:8a:21:de:
31:f3:8c:67:ed:fc:b5:0e:fb:99:2c:3b:6c:94:c5:36:42:7e:
9c:38:a5:a3:b9:6a:dd:9b:d6:25:1c:2d:20:91:73:82:08:bb:
91:44:fd:51:82:51:90:a9:b2:85:22:9b:3c:fe:2f:00:fb:f1:
1c:2f:f7:6a:67:a2:b6:2d:53:89:0f:d8:5b:c1:8a:8e:77:cf:
8c:2f:27:ef:ba:43:55:68:d0:d2:d8:ab:b3:24:70:8d:3c:e4:
86:1f:85:3c:f1:25:97:f5:df:36:36:32:6d:d5:f2:a8:05:a3:
48:be:02:5d:f7:d4:f3:d0:32:46:3e:e8:1c:41:73:11:1f:85:
54:1a:f9:09:8c:57:5b:32:d0:1c:56:c8:d2:4e:8b:2c:41:df:
d9:65:ea:2d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtuHdVOYHjZ156XBnV0nmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YTAxNWIyZDNkM2U5MDliNjAyZjlmZGQ0ZjZmNmY2MTg4
NzNjNTgwHhcNMjMwMTAxMTQyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDNkZWJlOTNlOGZhZGFkYTgyMTczZTY2ODAxODkxZmIzMjQzOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4pNB7MnG/monSoDu44ezZ6J6f5h
qY51yomHkEqzC5LRn0XZIxKRPyMG6eam0Z3UMDO0T3meC7jtXdpTRha6Jjgqk05R
ZDI/2brprK9uiehv22QnEW1p+GrcXWImp1M8eq/SzGZBCcjI0CK8HMNZhMs/Xg9c
9Tt4Mhhch+3j5agdWOKJbZwwoOPjPRrW/XY0ZrKNy98zjq7X5xCGkAJwXXkFKNm9
vWeQMUNVRtHrkZlDMqF+kQ6UvYX2Rv6yTa59YmgRAnzs+hgsTMxzkL3Ju/SRFpE7
GdnKZqScCv8axxOgUfrjnsuFzhhyMCvXGZEsMsNUXjq5S2dkbzuTed8BawIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHQ96+k+j62tqCFz5mgBiR+zJDljMB8GA1UdIwQY
MBaAFKSgFbLT0+kJtgL5/dT29vYYhzxYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtBVnN0UFQ2UW0yQXZuOTFQYjI5aGlIUEZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iOWJkYTMtYjYxMS00MzM4LWJiZTgt
YTdkZDE2MzQzMjk3LzEvZEQzcjZUNlByYTJvSVhQbWFBR0pIN01rT1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iOWJkYTMtYjYxMS00MzM4LWJiZTgtYTdkZDE2MzQzMjk3
LzEvcEtBVnN0UFQ2UW0yQXZuOTFQYjI5aGlIUEZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwRHCAwQB
w7+EMA8EAgACMAkDBwAgAQZ8A1gwDQYJKoZIhvcNAQELBQADggEBAAhliAMLs/Rb
FBUkx5XaQWLJGDFcjcjebJhogi98N+oYRwFn/y+60IPt00sGrg7ZlZ4sj6N65wjF
Y4scl2vssUQglOz2nHGI8XiZugZMo9SLRpTDbMUXIoPjELlhvlxirm4V5AJa+vLy
BIoh3jHzjGft/LUO+5ksO2yUxTZCfpw4paO5at2b1iUcLSCRc4IIu5FE/VGCUZCp
soUimzz+LwD78Rwv92pnorYtU4kP2FvBio53z4wvJ++6Q1Vo0NLYq7MkcI085IYf
hTzxJZf13zY2Mm3V8qgFo0i+Al331PPQMkY+6BxBcxEfhVQa+QmMV1sy0BxWyNJO
iyxB39ll6i0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:24 2024 by rpki-client on console-fra.rpki-client.org