Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/565ea1-2a36-4403-941e-f0d40f029673/1/tGYscKbzHtWE-9FZpAF62GYKaOk.roa
File: tGYscKbzHtWE-9FZpAF62GYKaOk.roa (raw, json)
Hash identifier: 4yjdltTDQBgk6bnQ6RGvvNmUX09Rmvo2EhG2RlTSGbc=
Subject key identifier: B4:66:2C:70:A6:F3:1E:D5:84:FB:D1:59:A4:01:7A:D8:66:0A:68:E9
Certificate issuer: /CN=e7d68a9eb86a8264e9ddc3122849b80cc342f5dc
Certificate serial: 0185735F0FEC06AB0F627E99DDBCCE5FF953
Authority key identifier: E7:D6:8A:9E:B8:6A:82:64:E9:DD:C3:12:28:49:B8:0C:C3:42:F5:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59aKnrhqgmTp3cMSKEm4DMNC9dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/565ea1-2a36-4403-941e-f0d40f029673/1/tGYscKbzHtWE-9FZpAF62GYKaOk.roa
Signing time: Mon 02 Jan 2023 16:44:47 +0000
ROA not before: Mon 02 Jan 2023 16:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42641
IP address blocks: 193.142.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:5f:0f:ec:06:ab:0f:62:7e:99:dd:bc:ce:5f:f9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d68a9eb86a8264e9ddc3122849b80cc342f5dc
Validity
Not Before: Jan 2 16:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4662c70a6f31ed584fbd159a4017ad8660a68e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:44:63:3f:16:b3:d1:53:11:45:93:46:43:7c:
c1:b1:09:63:eb:25:0f:7e:4e:e0:56:13:17:4e:43:
fd:e3:60:6d:2b:85:e0:85:89:20:78:29:3a:5f:83:
f7:52:9b:91:30:59:50:b2:0d:5b:f5:37:a1:c1:45:
09:6e:1a:9b:b9:db:f5:32:58:c9:60:8f:e8:c9:61:
d2:3a:de:b0:f8:0e:85:a7:df:15:a4:b8:c5:83:cc:
fb:78:1a:3c:46:24:e9:51:7c:ff:25:2b:6b:a8:d3:
72:d2:54:a1:c8:23:25:61:72:2d:1a:31:2a:fd:43:
9c:2e:68:72:77:78:86:7e:46:9a:bb:ee:41:2e:7b:
7c:58:0b:40:7b:f4:0c:d9:17:d8:1f:fe:40:91:52:
0c:96:e0:52:9c:72:55:d9:42:c0:78:31:2a:04:77:
c1:ed:94:60:28:8d:df:ae:58:e2:34:53:58:d0:94:
22:9a:da:cf:3d:36:b1:83:1d:b4:eb:44:64:6b:75:
f4:53:cd:26:8e:b1:b0:45:5d:22:3f:b1:cf:85:9f:
58:df:0d:93:6e:28:d6:00:ad:d6:06:85:ba:5c:b8:
6f:1e:71:27:aa:be:18:92:7a:6c:5d:9c:5e:07:b7:
d0:89:20:70:18:1f:19:4e:04:85:0c:d9:8e:9a:e8:
a2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:66:2C:70:A6:F3:1E:D5:84:FB:D1:59:A4:01:7A:D8:66:0A:68:E9
X509v3 Authority Key Identifier:
keyid:E7:D6:8A:9E:B8:6A:82:64:E9:DD:C3:12:28:49:B8:0C:C3:42:F5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59aKnrhqgmTp3cMSKEm4DMNC9dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/565ea1-2a36-4403-941e-f0d40f029673/1/tGYscKbzHtWE-9FZpAF62GYKaOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/565ea1-2a36-4403-941e-f0d40f029673/1/59aKnrhqgmTp3cMSKEm4DMNC9dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.219.0/24
Signature Algorithm: sha256WithRSAEncryption
41:93:12:9b:68:b7:85:95:3c:fb:70:b5:af:f2:35:f0:84:6d:
8b:22:1e:96:38:c3:61:f5:43:14:80:8d:f0:f2:f1:03:d8:d9:
c6:77:c3:94:69:75:77:ec:60:5b:75:43:b7:2c:9c:10:a9:a9:
cc:fd:10:25:d1:db:2e:dd:3b:87:c5:43:a1:22:f2:6d:01:76:
07:ad:d9:80:7a:57:72:66:6b:9f:b6:51:34:f4:4b:93:b3:0e:
eb:61:d7:c9:09:db:fb:dd:a7:7d:38:ee:d9:3c:77:20:f0:aa:
f1:ab:5f:fb:7f:28:d5:33:40:e2:2f:ef:c4:cd:2e:66:c3:2b:
23:78:53:85:4f:22:a5:13:2b:62:1a:62:bd:ba:9d:b5:17:f6:
2d:6e:7f:bf:e4:7a:5d:e3:49:78:a1:8f:3d:4d:7b:18:4c:ca:
c6:aa:e6:eb:33:12:4b:c4:85:4b:73:91:a4:23:91:3e:3e:28:
86:79:91:6d:b3:ab:89:c1:3b:a6:9d:61:35:2b:75:5c:9e:a1:
9b:7a:5a:64:6f:3c:f3:42:e2:a0:81:ab:7e:b4:28:3b:1a:b0:
d9:84:93:80:e7:fe:89:f3:8c:9a:fe:8c:8d:fc:ee:ca:11:13:
fb:e6:c8:c1:0a:87:90:91:c7:29:d4:5f:4e:d4:ef:ac:90:cb:
89:87:7c:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzXw/sBqsPYn6Z3bzOX/lTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZDY4YTllYjg2YTgyNjRlOWRkYzMxMjI4NDliODBjYzM0
MmY1ZGMwHhcNMjMwMTAyMTY0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDY2MmM3MGE2ZjMxZWQ1ODRmYmQxNTlhNDAxN2FkODY2MGE2OGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgERjPxaz0VMRRZNGQ3zBsQlj6yUP
fk7gVhMXTkP942BtK4XghYkgeCk6X4P3UpuRMFlQsg1b9TehwUUJbhqbudv1MljJ
YI/oyWHSOt6w+A6Fp98VpLjFg8z7eBo8RiTpUXz/JStrqNNy0lShyCMlYXItGjEq
/UOcLmhyd3iGfkaau+5BLnt8WAtAe/QM2RfYH/5AkVIMluBSnHJV2ULAeDEqBHfB
7ZRgKI3frljiNFNY0JQimtrPPTaxgx2060Rka3X0U80mjrGwRV0iP7HPhZ9Y3w2T
bijWAK3WBoW6XLhvHnEnqr4YknpsXZxeB7fQiSBwGB8ZTgSFDNmOmuiiewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRmLHCm8x7VhPvRWaQBethmCmjpMB8GA1UdIwQY
MBaAFOfWip64aoJk6d3DEihJuAzDQvXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTlhS25yaHFnbVRwM2NNU0tFbTRETU5DOWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81NjVlYTEtMmEzNi00NDAzLTk0MWUt
ZjBkNDBmMDI5NjczLzEvdEdZc2NLYnpIdFdFLTlGWnBBRjYyR1lLYU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81NjVlYTEtMmEzNi00NDAzLTk0MWUtZjBkNDBmMDI5Njcz
LzEvNTlhS25yaHFnbVRwM2NNU0tFbTRETU5DOWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY7bMA0G
CSqGSIb3DQEBCwUAA4IBAQBBkxKbaLeFlTz7cLWv8jXwhG2LIh6WOMNh9UMUgI3w
8vED2NnGd8OUaXV37GBbdUO3LJwQqanM/RAl0dsu3TuHxUOhIvJtAXYHrdmAeldy
ZmuftlE09EuTsw7rYdfJCdv73ad9OO7ZPHcg8Krxq1/7fyjVM0DiL+/EzS5mwysj
eFOFTyKlEytiGmK9up21F/Ytbn+/5Hpd40l4oY89TXsYTMrGqubrMxJLxIVLc5Gk
I5E+PiiGeZFts6uJwTumnWE1K3VcnqGbelpkbzzzQuKggat+tCg7GrDZhJOA5/6J
84ya/oyN/O7KERP75sjBCoeQkccp1F9O1O+skMuJh3x9
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:00 2024 by rpki-client on console-fra.rpki-client.org