Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/OxhwXzkST7CN2fWNcefEkL3pMUQ.roa
File: OxhwXzkST7CN2fWNcefEkL3pMUQ.roa (raw, json)
Hash identifier: Y2zNSC2VspFOO8i2wmxzJadGtgfSpHzleO3IrpJ94SM=
Subject key identifier: 3B:18:70:5F:39:12:4F:B0:8D:D9:F5:8D:71:E7:C4:90:BD:E9:31:44
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 0185720C4287000C4C0A1B9A789907C679DC
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/OxhwXzkST7CN2fWNcefEkL3pMUQ.roa
Signing time: Mon 02 Jan 2023 10:34:44 +0000
ROA not before: Mon 02 Jan 2023 10:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43824
IP address blocks: 193.41.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:42:87:00:0c:4c:0a:1b:9a:78:99:07:c6:79:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 2 10:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b18705f39124fb08dd9f58d71e7c490bde93144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:27:99:1a:91:5c:01:93:e1:23:44:e5:ce:35:
35:e8:75:f8:e3:22:05:24:1d:d9:ed:dd:c3:10:5d:
da:9a:e4:78:e4:52:22:6f:e4:e3:31:ad:8a:b5:c1:
67:9b:00:ff:60:08:40:39:bc:f6:bc:c4:96:d6:f9:
c9:6b:05:90:e5:01:46:7e:c9:57:cd:6d:bd:c0:e7:
de:3b:a3:72:e9:2f:b0:0f:ad:ab:24:4f:a7:e4:b7:
77:20:1a:ed:37:70:71:da:33:b6:4d:6c:b4:cc:53:
6f:4f:6f:44:24:ee:85:b8:ef:44:84:f4:f7:51:e0:
6f:28:5f:bc:c9:2e:a2:25:70:a4:97:27:11:01:a9:
bb:e3:fd:58:1c:2d:ff:c5:c8:d8:64:de:cc:eb:4c:
db:a8:36:d5:d6:07:b4:d3:88:0d:63:47:d4:34:85:
55:b2:83:a6:56:07:eb:21:95:de:52:05:fb:73:4f:
5d:23:eb:8e:94:22:c0:af:0a:f0:20:18:da:cb:28:
aa:f8:cc:69:05:58:25:6c:20:23:49:cf:ed:f5:c3:
50:a8:a4:38:92:88:e1:80:8a:7e:6f:d7:be:ce:bb:
17:db:7c:60:05:2a:87:44:7a:d2:93:e8:b3:28:ce:
a8:71:73:4c:6f:e1:d8:84:7c:89:ef:1a:d5:eb:64:
26:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:18:70:5F:39:12:4F:B0:8D:D9:F5:8D:71:E7:C4:90:BD:E9:31:44
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/OxhwXzkST7CN2fWNcefEkL3pMUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.217.0/24
Signature Algorithm: sha256WithRSAEncryption
97:bd:ff:3d:17:71:5e:53:7c:a5:9a:3c:0f:a9:68:fb:4d:8f:
9a:11:db:8d:30:21:f6:de:8e:a1:88:96:e2:ee:ed:c0:8d:37:
ce:d7:cf:a9:72:18:29:81:d4:b5:cb:6e:00:60:ca:45:2a:05:
16:2b:37:5f:ba:ff:5f:a1:ed:d8:78:51:65:95:b2:49:24:2b:
e8:3a:81:6b:b8:a8:04:91:2d:ca:ef:72:1a:10:3a:cb:f5:b4:
30:84:93:75:2b:e5:90:58:b5:2a:56:d7:e7:67:da:07:ce:f1:
92:e2:11:82:5d:22:08:48:50:1e:0b:15:c4:6c:bf:b9:bc:4e:
c1:d1:bc:a9:5f:6c:17:4f:cc:6c:5d:28:e4:ae:be:09:f9:d0:
5f:2d:b0:bb:e4:67:0c:c0:30:91:e8:16:e5:a5:c0:53:00:28:
78:3b:c0:1f:f5:50:9d:4d:58:ab:75:ad:c5:b1:83:bf:d9:8a:
c0:f6:92:53:7c:0a:4a:c1:9b:17:55:a0:f6:b0:a8:aa:3d:a1:
ae:ef:33:d8:2c:53:db:77:20:79:dd:22:81:80:6b:80:a1:d4:
d1:67:46:35:64:23:65:cd:18:51:ac:c7:48:6e:37:a1:a6:00:
7d:04:fd:58:5d:d6:4d:4f:ce:75:9c:00:50:9b:e0:45:22:3f:
cf:d3:48:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDEKHAAxMChuaeJkHxnncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjMwMTAyMTAzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjE4NzA1ZjM5MTI0ZmIwOGRkOWY1OGQ3MWU3YzQ5MGJkZTkzMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiieZGpFcAZPhI0TlzjU16HX44yIF
JB3Z7d3DEF3amuR45FIib+TjMa2KtcFnmwD/YAhAObz2vMSW1vnJawWQ5QFGfslX
zW29wOfeO6Ny6S+wD62rJE+n5Ld3IBrtN3Bx2jO2TWy0zFNvT29EJO6FuO9EhPT3
UeBvKF+8yS6iJXCklycRAam74/1YHC3/xcjYZN7M60zbqDbV1ge004gNY0fUNIVV
soOmVgfrIZXeUgX7c09dI+uOlCLArwrwIBjayyiq+MxpBVglbCAjSc/t9cNQqKQ4
kojhgIp+b9e+zrsX23xgBSqHRHrSk+izKM6ocXNMb+HYhHyJ7xrV62QmpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsYcF85Ek+wjdn1jXHnxJC96TFEMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvT3hod1h6a1NUN0NOMmZXTmNlZkVrTDNwTVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSnZMA0G
CSqGSIb3DQEBCwUAA4IBAQCXvf89F3FeU3ylmjwPqWj7TY+aEduNMCH23o6hiJbi
7u3AjTfO18+pchgpgdS1y24AYMpFKgUWKzdfuv9foe3YeFFllbJJJCvoOoFruKgE
kS3K73IaEDrL9bQwhJN1K+WQWLUqVtfnZ9oHzvGS4hGCXSIISFAeCxXEbL+5vE7B
0bypX2wXT8xsXSjkrr4J+dBfLbC75GcMwDCR6BblpcBTACh4O8Af9VCdTVirda3F
sYO/2YrA9pJTfApKwZsXVaD2sKiqPaGu7zPYLFPbdyB53SKBgGuAodTRZ0Y1ZCNl
zRhRrMdIbjehpgB9BP1YXdZNT851nABQm+BFIj/P00ib
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:18 2024 by rpki-client on console-fra.rpki-client.org