Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/IRCtffaoZOjCWHQLdFQ2vnLAp8g.roa
File: IRCtffaoZOjCWHQLdFQ2vnLAp8g.roa (raw, json)
Hash identifier: 0xkhxHkTbM0exKIog5IflWgberKAhVUF7MX7UItylcQ=
Subject key identifier: 21:10:AD:7D:F6:A8:64:E8:C2:58:74:0B:74:54:36:BE:72:C0:A7:C8
Certificate issuer: /CN=31c6bbaf409f5fd6d709c4d7d24344a292a3caa5
Certificate serial: 01856C2EDE2DC3C821F2109D9F0242601668
Authority key identifier: 31:C6:BB:AF:40:9F:5F:D6:D7:09:C4:D7:D2:43:44:A2:92:A3:CA:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/IRCtffaoZOjCWHQLdFQ2vnLAp8g.roa
Signing time: Sun 01 Jan 2023 07:14:48 +0000
ROA not before: Sun 01 Jan 2023 07:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203384
IP address blocks: 193.223.224.0/20 maxlen: 24
193.73.106.0/23 maxlen: 24
193.223.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:2e:de:2d:c3:c8:21:f2:10:9d:9f:02:42:60:16:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31c6bbaf409f5fd6d709c4d7d24344a292a3caa5
Validity
Not Before: Jan 1 07:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2110ad7df6a864e8c258740b745436be72c0a7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cb:76:b0:a8:27:48:03:8b:22:32:27:37:f9:
62:35:c6:01:1f:f6:a5:ef:bd:57:22:a8:f1:75:ee:
7c:6d:e4:0b:76:da:0a:e0:7a:f9:b4:7f:59:25:d9:
2a:15:d8:14:83:9c:85:44:16:af:19:0e:7a:ec:bd:
37:c6:c9:fe:ac:02:45:8e:eb:f9:ff:00:e1:87:4b:
8f:bd:06:2b:a5:4e:a7:46:e7:f9:f0:ea:48:bd:19:
f1:40:8b:99:05:4f:05:b3:e4:9d:ce:bd:bc:56:16:
f7:d0:ea:7e:b4:b0:41:0f:7b:06:24:87:b1:bc:49:
c3:73:80:f1:f2:42:48:a3:19:40:33:74:b8:0b:7f:
c7:37:16:81:75:4a:b7:27:37:7d:78:b9:4f:dc:5a:
a7:6f:27:1e:ff:6e:5c:68:6d:1e:6c:8e:53:89:aa:
de:19:a4:1f:aa:ee:81:0b:62:79:1c:04:26:f1:fe:
b4:a5:13:a3:c5:aa:5e:49:01:cf:b3:12:36:37:b3:
f8:1b:c3:19:f7:f4:13:22:a8:c3:ed:26:a7:85:a4:
69:bf:34:e7:82:a6:36:65:f4:a1:85:3a:ef:9a:53:
21:37:c4:3a:06:9e:e8:13:da:91:56:16:61:34:3e:
fe:c4:54:f7:8d:bf:f8:06:90:b5:19:a2:ad:45:ca:
bc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:10:AD:7D:F6:A8:64:E8:C2:58:74:0B:74:54:36:BE:72:C0:A7:C8
X509v3 Authority Key Identifier:
keyid:31:C6:BB:AF:40:9F:5F:D6:D7:09:C4:D7:D2:43:44:A2:92:A3:CA:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/IRCtffaoZOjCWHQLdFQ2vnLAp8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/Mca7r0CfX9bXCcTX0kNEopKjyqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.73.106.0/23
193.223.192.0/20
193.223.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:95:0f:cb:21:32:af:50:b1:10:6f:34:5e:18:5e:9d:7c:fe:
b5:c6:a0:80:b1:82:95:a1:50:63:b1:6e:7f:17:3c:a1:aa:ab:
e0:16:55:af:d3:f1:d7:cc:02:80:45:4c:b5:90:cb:80:5c:6f:
63:91:d0:63:0e:77:37:ca:fc:17:6b:8e:6a:8a:ba:f0:95:c6:
bf:fd:40:05:62:10:e9:2d:0c:6c:09:de:9d:43:4f:3b:7e:65:
86:62:75:63:e7:55:f4:f6:ae:00:e6:dd:01:4f:92:ed:b8:78:
9e:47:60:88:6a:ae:ba:4e:ec:6a:90:52:86:09:ce:b3:21:6d:
7b:c3:4b:c8:7b:24:4b:e6:dd:de:7f:0e:20:00:0f:88:91:70:
e5:00:4c:2f:eb:b9:2a:e3:a7:d2:4b:b4:f3:e5:d8:83:1b:03:
2a:8e:d6:f0:90:f6:7e:1c:e1:97:72:ca:76:92:44:62:a6:7d:
b6:b0:36:8d:59:70:92:4d:7b:c1:68:1d:6c:3c:53:f3:d8:f1:
17:24:5d:20:32:21:1f:eb:27:de:91:3d:51:8c:04:b1:20:14:
01:76:13:aa:42:21:6f:5c:78:b8:a0:53:c0:18:99:67:80:17:
12:d0:58:3e:4f:71:a1:98:2c:56:c3:5e:a0:1b:8c:aa:6a:28:
41:eb:fe:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsLt4tw8gh8hCdnwJCYBZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYzZiYmFmNDA5ZjVmZDZkNzA5YzRkN2QyNDM0NGEyOTJh
M2NhYTUwHhcNMjMwMTAxMDcxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTEwYWQ3ZGY2YTg2NGU4YzI1ODc0MGI3NDU0MzZiZTcyYzBhN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8t2sKgnSAOLIjInN/liNcYBH/al
771XIqjxde58beQLdtoK4Hr5tH9ZJdkqFdgUg5yFRBavGQ567L03xsn+rAJFjuv5
/wDhh0uPvQYrpU6nRuf58OpIvRnxQIuZBU8Fs+Sdzr28Vhb30Op+tLBBD3sGJIex
vEnDc4Dx8kJIoxlAM3S4C3/HNxaBdUq3Jzd9eLlP3Fqnbyce/25caG0ebI5Tiare
GaQfqu6BC2J5HAQm8f60pROjxapeSQHPsxI2N7P4G8MZ9/QTIqjD7SanhaRpvzTn
gqY2ZfShhTrvmlMhN8Q6Bp7oE9qRVhZhND7+xFT3jb/4BpC1GaKtRcq8lQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCEQrX32qGTowlh0C3RUNr5ywKfIMB8GA1UdIwQY
MBaAFDHGu69An1/W1wnE19JDRKKSo8qlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWNhN3IwQ2ZYOWJYQ2NUWDBrTkVvcEtqeXFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9jYmY5M2MtNmRkYS00ODI0LTgwMzMt
NDFjM2NmOTA4ZTk3LzEvSVJDdGZmYW9aT2pDV0hRTGRGUTJ2bkxBcDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9jYmY5M2MtNmRkYS00ODI0LTgwMzMtNDFjM2NmOTA4ZTk3
LzEvTWNhN3IwQ2ZYOWJYQ2NUWDBrTkVvcEtqeXFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwUlqAwQE
wd/AAwQEwd/gMA0GCSqGSIb3DQEBCwUAA4IBAQB/lQ/LITKvULEQbzReGF6dfP61
xqCAsYKVoVBjsW5/FzyhqqvgFlWv0/HXzAKARUy1kMuAXG9jkdBjDnc3yvwXa45q
irrwlca//UAFYhDpLQxsCd6dQ087fmWGYnVj51X09q4A5t0BT5LtuHieR2CIaq66
TuxqkFKGCc6zIW17w0vIeyRL5t3efw4gAA+IkXDlAEwv67kq46fSS7Tz5diDGwMq
jtbwkPZ+HOGXcsp2kkRipn22sDaNWXCSTXvBaB1sPFPz2PEXJF0gMiEf6yfekT1R
jASxIBQBdhOqQiFvXHi4oFPAGJlngBcS0Fg+T3GhmCxWw16gG4yqaihB6/6q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:07 2024 by rpki-client on console-fra.rpki-client.org