Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/4b2c23-f535-4b6d-a445-e04dac61ce9d/1/bD422yZ9Q6pW_GI88xAX820Ufyg.roa
File: bD422yZ9Q6pW_GI88xAX820Ufyg.roa (raw, json)
Hash identifier: 5RyINEKIqVunCl4zB46Y1nJZVBRNKdYh5GbJV4YUqoQ=
Subject key identifier: 6C:3E:36:DB:26:7D:43:AA:56:FC:62:3C:F3:10:17:F3:6D:14:7F:28
Certificate issuer: /CN=b68f940f1cc577f370f28428850dc7bf7418f121
Certificate serial: 0189D8C99AE899448D810FB8513E2F32C17D
Authority key identifier: B6:8F:94:0F:1C:C5:77:F3:70:F2:84:28:85:0D:C7:BF:74:18:F1:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/to-UDxzFd_Nw8oQohQ3Hv3QY8SE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/4b2c23-f535-4b6d-a445-e04dac61ce9d/1/bD422yZ9Q6pW_GI88xAX820Ufyg.roa
Signing time: Wed 09 Aug 2023 05:33:58 +0000
ROA not before: Wed 09 Aug 2023 05:33:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16024
IP address blocks: 193.26.125.0/24 maxlen: 24
2001:67c:cd8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d8:c9:9a:e8:99:44:8d:81:0f:b8:51:3e:2f:32:c1:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b68f940f1cc577f370f28428850dc7bf7418f121
Validity
Not Before: Aug 9 05:33:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c3e36db267d43aa56fc623cf31017f36d147f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:05:2a:66:f6:f3:1f:02:00:10:4d:bc:00:6e:
e4:1b:6b:57:2a:71:d5:4b:f6:71:bf:79:0f:8d:ed:
2d:6e:52:de:8b:35:58:f0:cc:a6:97:60:27:0d:16:
0b:51:bb:77:d7:d3:6a:6f:15:d3:2b:7c:09:0a:72:
4e:b1:4c:48:57:95:17:14:b7:56:99:0d:d1:77:03:
a0:85:c6:b7:be:6d:f4:51:3a:b4:33:d4:9f:b7:98:
86:e2:79:59:4e:f1:ac:1f:98:18:6d:f9:19:1b:e0:
99:38:af:44:99:0b:6c:13:27:63:bc:16:c5:e9:66:
32:cb:f2:14:ad:44:47:52:78:ac:99:a0:c0:94:32:
fd:2b:25:b8:20:ef:38:f0:ee:b0:b3:3a:3a:c3:2c:
42:09:a0:c9:cb:57:f9:d5:8b:83:a8:bf:aa:ce:78:
94:57:d3:de:45:61:7c:30:5e:e3:da:98:01:88:ce:
91:87:9b:4b:e4:7d:1f:52:0f:8a:05:56:7c:24:ab:
99:21:97:be:62:f2:f1:5c:2d:c0:a9:45:31:5f:6a:
46:4b:e3:09:8f:f5:b3:ab:17:15:fb:6a:8f:a7:29:
5b:47:c8:26:bd:00:95:c8:46:ba:fc:5b:68:d9:fa:
f3:bb:19:69:21:96:8d:f4:8c:26:45:ec:78:2e:2e:
29:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3E:36:DB:26:7D:43:AA:56:FC:62:3C:F3:10:17:F3:6D:14:7F:28
X509v3 Authority Key Identifier:
keyid:B6:8F:94:0F:1C:C5:77:F3:70:F2:84:28:85:0D:C7:BF:74:18:F1:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/to-UDxzFd_Nw8oQohQ3Hv3QY8SE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4b2c23-f535-4b6d-a445-e04dac61ce9d/1/bD422yZ9Q6pW_GI88xAX820Ufyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4b2c23-f535-4b6d-a445-e04dac61ce9d/1/to-UDxzFd_Nw8oQohQ3Hv3QY8SE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.125.0/24
IPv6:
2001:67c:cd8::/48
Signature Algorithm: sha256WithRSAEncryption
44:e9:fd:5a:b6:77:18:18:4d:90:54:bc:4b:9c:8c:cf:d5:2b:
ce:30:1c:75:82:f7:aa:40:e2:6c:64:78:f2:16:d5:3d:79:73:
60:6f:68:93:c2:6d:97:d3:1f:2d:90:c9:b6:5f:c4:37:d1:0b:
d8:d1:5f:9a:f6:e1:f0:f5:29:f9:ad:22:03:0e:d0:8a:20:4e:
b2:c4:37:b8:dd:95:3c:d5:b8:95:f4:e7:2f:76:54:0d:9b:e2:
a6:42:cd:9b:f7:c6:53:e0:04:7e:c9:c9:ed:02:ba:1a:1b:60:
2f:b9:f4:61:c7:35:cc:5a:27:1b:42:88:54:b8:7d:91:cb:51:
3b:aa:ec:ee:c7:c9:d8:60:cc:fb:bf:3f:0e:bb:e1:f2:a7:61:
82:7b:1f:74:bb:d2:0c:6d:61:8b:98:f8:51:4a:c2:96:ed:bc:
87:ca:3c:78:a1:19:e3:9c:65:c8:23:af:9b:df:c9:6f:a2:83:
01:78:b6:48:f9:35:eb:e5:b3:90:05:a1:94:0d:66:dc:15:3d:
ad:98:cb:e1:af:11:98:cd:24:57:c8:e6:55:0c:c7:54:63:e8:
98:0c:0a:5e:21:5d:ca:2b:51:5e:8c:7b:37:34:d3:ed:66:61:
02:e2:0a:1d:67:c1:5d:d6:88:21:1e:ec:ea:f2:ef:9a:5a:ed:
85:7e:ad:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnYyZromUSNgQ+4UT4vMsF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OGY5NDBmMWNjNTc3ZjM3MGYyODQyODg1MGRjN2JmNzQx
OGYxMjEwHhcNMjMwODA5MDUzMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNlMzZkYjI2N2Q0M2FhNTZmYzYyM2NmMzEwMTdmMzZkMTQ3ZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQUqZvbzHwIAEE28AG7kG2tXKnHV
S/Zxv3kPje0tblLeizVY8Myml2AnDRYLUbt319NqbxXTK3wJCnJOsUxIV5UXFLdW
mQ3RdwOghca3vm30UTq0M9Sft5iG4nlZTvGsH5gYbfkZG+CZOK9EmQtsEydjvBbF
6WYyy/IUrURHUnismaDAlDL9KyW4IO848O6wszo6wyxCCaDJy1f51YuDqL+qzniU
V9PeRWF8MF7j2pgBiM6Rh5tL5H0fUg+KBVZ8JKuZIZe+YvLxXC3AqUUxX2pGS+MJ
j/WzqxcV+2qPpylbR8gmvQCVyEa6/Fto2frzuxlpIZaN9IwmRex4Li4p8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGw+NtsmfUOqVvxiPPMQF/NtFH8oMB8GA1UdIwQY
MBaAFLaPlA8cxXfzcPKEKIUNx790GPEhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG8tVUR4ekZkX053OG9Rb2hRM0h2M1FZOFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC80YjJjMjMtZjUzNS00YjZkLWE0NDUt
ZTA0ZGFjNjFjZTlkLzEvYkQ0MjJ5WjlRNnBXX0dJODh4QVg4MjBVZnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC80YjJjMjMtZjUzNS00YjZkLWE0NDUtZTA0ZGFjNjFjZTlk
LzEvdG8tVUR4ekZkX053OG9Rb2hRM0h2M1FZOFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwRp9MA8E
AgACMAkDBwAgAQZ8DNgwDQYJKoZIhvcNAQELBQADggEBAETp/Vq2dxgYTZBUvEuc
jM/VK84wHHWC96pA4mxkePIW1T15c2BvaJPCbZfTHy2QybZfxDfRC9jRX5r24fD1
KfmtIgMO0IogTrLEN7jdlTzVuJX05y92VA2b4qZCzZv3xlPgBH7Jye0CuhobYC+5
9GHHNcxaJxtCiFS4fZHLUTuq7O7HydhgzPu/Pw674fKnYYJ7H3S70gxtYYuY+FFK
wpbtvIfKPHihGeOcZcgjr5vfyW+igwF4tkj5Nevls5AFoZQNZtwVPa2Yy+GvEZjN
JFfI5lUMx1Rj6JgMCl4hXcorUV6Mezc00+1mYQLiCh1nwV3WiCEe7Ory75pa7YV+
reA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:01 2024 by rpki-client on console-fra.rpki-client.org