Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/ce1537-3892-4684-a65e-8ef8887e2d1c/1/1L8IH8WgirgRbNKucaV0ct2bqOU.roa
File: 1L8IH8WgirgRbNKucaV0ct2bqOU.roa (raw, json)
Hash identifier: TyQcMWX1kqged9uk4MuOkW3afcRRIx03QWQVaIX+xWA=
Subject key identifier: D4:BF:08:1F:C5:A0:8A:B8:11:6C:D2:AE:71:A5:74:72:DD:9B:A8:E5
Certificate issuer: /CN=4043e3f7024589b962ade81cf4456306f4d35e68
Certificate serial: 018572710A4435C27C509A3693540B2BAC3C
Authority key identifier: 40:43:E3:F7:02:45:89:B9:62:AD:E8:1C:F4:45:63:06:F4:D3:5E:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QEPj9wJFibliregc9EVjBvTTXmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/ce1537-3892-4684-a65e-8ef8887e2d1c/1/1L8IH8WgirgRbNKucaV0ct2bqOU.roa
Signing time: Mon 02 Jan 2023 12:24:48 +0000
ROA not before: Mon 02 Jan 2023 12:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21263
IP address blocks: 193.102.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:0a:44:35:c2:7c:50:9a:36:93:54:0b:2b:ac:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4043e3f7024589b962ade81cf4456306f4d35e68
Validity
Not Before: Jan 2 12:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4bf081fc5a08ab8116cd2ae71a57472dd9ba8e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:84:b6:de:2b:db:05:fb:48:fa:23:f0:bc:e1:
45:e7:b2:a1:b9:bf:5b:bf:ec:0f:39:64:06:64:a3:
e2:12:84:6b:31:e9:c3:01:40:40:57:85:7a:10:fb:
aa:fe:09:07:ea:ff:74:c4:00:38:bb:ea:da:c9:e0:
f5:6b:e3:a6:66:08:bf:53:1a:e1:70:10:23:26:b6:
27:75:04:9e:7f:8d:35:9b:61:a1:aa:6f:bc:3b:b4:
b2:70:f7:cd:53:13:9e:92:c1:be:2e:af:a6:6c:c0:
d9:13:c2:99:01:e5:77:51:6e:a5:7a:84:2f:05:42:
f0:10:98:02:32:17:e2:e5:7a:78:2e:b0:23:1a:e8:
b8:d0:ac:f0:ab:da:98:07:d1:21:d1:2f:cd:2a:0a:
da:9d:a9:14:23:d2:cf:ef:86:9f:94:7d:17:e2:09:
24:31:a2:f4:63:fb:12:8c:00:90:4f:97:6a:c0:48:
f7:04:98:93:d2:5f:b8:8a:f9:63:56:a7:0b:92:93:
a5:d6:7f:32:eb:c5:68:8e:0f:cd:fd:6c:0d:35:d5:
07:2e:88:8b:e0:9e:36:25:dc:16:c5:58:d0:9b:da:
ff:ac:96:cc:9c:4c:03:97:30:f8:52:81:3c:eb:3f:
8b:70:dc:0d:ff:b9:67:41:8e:d1:b5:45:80:d1:13:
de:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:BF:08:1F:C5:A0:8A:B8:11:6C:D2:AE:71:A5:74:72:DD:9B:A8:E5
X509v3 Authority Key Identifier:
keyid:40:43:E3:F7:02:45:89:B9:62:AD:E8:1C:F4:45:63:06:F4:D3:5E:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEPj9wJFibliregc9EVjBvTTXmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/ce1537-3892-4684-a65e-8ef8887e2d1c/1/1L8IH8WgirgRbNKucaV0ct2bqOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/ce1537-3892-4684-a65e-8ef8887e2d1c/1/QEPj9wJFibliregc9EVjBvTTXmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.102.75.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:a3:24:45:67:a2:23:8e:3f:6b:d0:1d:f7:4d:a5:5c:26:d9:
63:c2:4f:8a:1b:c5:7f:48:f3:a1:a2:cb:a9:1d:dd:06:6c:ac:
0c:80:76:cb:e0:2d:73:ff:19:dd:43:9b:49:d8:67:b1:e4:a0:
b7:b7:03:3f:b9:aa:b9:aa:e8:2f:01:ae:4d:9d:83:c7:82:d7:
ef:f6:70:0c:35:32:15:c5:4b:eb:30:d2:5a:ec:bf:c0:49:14:
00:44:90:ea:5d:9c:86:2b:77:0c:56:0f:2d:8d:f0:bc:e0:94:
40:55:2a:68:53:ed:ab:db:c6:e6:f7:59:25:d0:3c:48:79:61:
d2:f6:8b:bd:ac:e0:51:d3:06:9b:24:fa:0d:87:82:09:b8:db:
cf:af:45:56:f6:a5:31:d6:8c:81:a2:b8:67:29:c2:30:e8:32:
c5:a6:a1:10:96:0a:35:78:f1:2c:5e:fe:0b:80:fe:0a:a4:df:
a8:f9:ff:c4:b9:ba:c5:e8:97:43:3d:fa:7f:0b:84:da:d4:98:
52:f1:95:d4:67:05:4e:68:39:76:67:a7:36:92:e6:75:84:c8:
5e:56:9b:94:36:ff:82:9f:d4:5b:b7:40:7d:60:3e:21:9a:42:
47:93:50:8c:88:2c:af:a5:7f:65:bd:ec:44:f7:69:0a:33:24:
3e:c9:48:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycQpENcJ8UJo2k1QLK6w8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDNlM2Y3MDI0NTg5Yjk2MmFkZTgxY2Y0NDU2MzA2ZjRk
MzVlNjgwHhcNMjMwMTAyMTIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGJmMDgxZmM1YTA4YWI4MTE2Y2QyYWU3MWE1NzQ3MmRkOWJhOGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoS23ivbBftI+iPwvOFF57Khub9b
v+wPOWQGZKPiEoRrMenDAUBAV4V6EPuq/gkH6v90xAA4u+rayeD1a+OmZgi/Uxrh
cBAjJrYndQSef401m2Ghqm+8O7SycPfNUxOeksG+Lq+mbMDZE8KZAeV3UW6leoQv
BULwEJgCMhfi5Xp4LrAjGui40Kzwq9qYB9Eh0S/NKgranakUI9LP74aflH0X4gkk
MaL0Y/sSjACQT5dqwEj3BJiT0l+4ivljVqcLkpOl1n8y68Vojg/N/WwNNdUHLoiL
4J42JdwWxVjQm9r/rJbMnEwDlzD4UoE86z+LcNwN/7lnQY7RtUWA0RPe+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNS/CB/FoIq4EWzSrnGldHLdm6jlMB8GA1UdIwQY
MBaAFEBD4/cCRYm5Yq3oHPRFYwb0015oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVQajl3SkZpYmxpcmVnYzlFVmpCdlRUWG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9jZTE1MzctMzg5Mi00Njg0LWE2NWUt
OGVmODg4N2UyZDFjLzEvMUw4SUg4V2dpcmdSYk5LdWNhVjBjdDJicU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9jZTE1MzctMzg5Mi00Njg0LWE2NWUtOGVmODg4N2UyZDFj
LzEvUUVQajl3SkZpYmxpcmVnYzlFVmpCdlRUWG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWZLMA0G
CSqGSIb3DQEBCwUAA4IBAQCKoyRFZ6Ijjj9r0B33TaVcJtljwk+KG8V/SPOhosup
Hd0GbKwMgHbL4C1z/xndQ5tJ2Gex5KC3twM/uaq5qugvAa5NnYPHgtfv9nAMNTIV
xUvrMNJa7L/ASRQARJDqXZyGK3cMVg8tjfC84JRAVSpoU+2r28bm91kl0DxIeWHS
9ou9rOBR0wabJPoNh4IJuNvPr0VW9qUx1oyBorhnKcIw6DLFpqEQlgo1ePEsXv4L
gP4KpN+o+f/EubrF6JdDPfp/C4Ta1JhS8ZXUZwVOaDl2Z6c2kuZ1hMheVpuUNv+C
n9Rbt0B9YD4hmkJHk1CMiCyvpX9lvexE92kKMyQ+yUhu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:58 2024 by rpki-client on console-fra.rpki-client.org