Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/AcRUMxmazwuGM_pK2Y4fMC196E8.roa
File: AcRUMxmazwuGM_pK2Y4fMC196E8.roa (raw, json)
Hash identifier: LCCyBqR0S7KPfjSFBrGnNvaGZ/Q5ZMngibU121d4xsI=
Subject key identifier: 01:C4:54:33:19:9A:CF:0B:86:33:FA:4A:D9:8E:1F:30:2D:7D:E8:4F
Certificate issuer: /CN=39732dcd0c35426144f9f026754179dfaebe8958
Certificate serial: 01856CC142789D4BB2B0784A91898123EB82
Authority key identifier: 39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/AcRUMxmazwuGM_pK2Y4fMC196E8.roa
Signing time: Sun 01 Jan 2023 09:54:42 +0000
ROA not before: Sun 01 Jan 2023 09:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41817
IP address blocks: 193.200.2.0/24 maxlen: 24
2a0f:97c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:42:78:9d:4b:b2:b0:78:4a:91:89:81:23:eb:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39732dcd0c35426144f9f026754179dfaebe8958
Validity
Not Before: Jan 1 09:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01c45433199acf0b8633fa4ad98e1f302d7de84f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7b:c3:aa:18:e7:1f:c5:dd:79:2e:5b:a8:dd:
3e:1e:c4:3a:4a:ec:1f:3e:ec:86:2a:45:2f:23:30:
31:e3:0d:21:a5:4a:34:9a:bc:93:b8:50:88:4d:70:
2f:3a:b8:08:81:24:1f:ca:4a:4c:f5:ed:8d:fc:85:
4c:97:5e:93:a2:4e:2c:ec:7a:fa:02:2b:be:81:2a:
6b:6f:b8:ce:4b:e5:e4:c7:1d:eb:da:73:a1:6f:3c:
b0:e6:5c:86:53:1f:b4:56:9e:53:b6:cc:e2:0a:0b:
6f:c8:ee:85:a0:3f:1a:48:33:88:a4:b5:e5:2f:04:
a7:5a:5c:0c:06:f7:3b:b8:40:f3:81:50:70:d5:77:
c1:cc:f0:c1:02:e2:f8:fd:9c:c6:41:bf:1f:e3:eb:
42:78:89:e1:d4:ed:25:5d:18:46:0f:00:5d:79:b4:
3a:56:dc:2d:31:fb:85:64:91:55:95:b1:65:72:2a:
44:1c:c4:99:42:13:b1:19:04:fd:d1:d3:83:80:5d:
a6:e3:c5:30:76:42:22:fb:6b:13:b7:0a:3c:df:e6:
cb:c8:36:19:c4:6b:ba:f8:73:ac:31:79:0e:a4:cc:
df:c9:c9:fd:dc:15:6e:56:28:0b:00:a9:0d:31:bb:
82:3d:fe:55:53:6a:9f:78:00:3f:c4:0c:24:9a:d4:
ea:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C4:54:33:19:9A:CF:0B:86:33:FA:4A:D9:8E:1F:30:2D:7D:E8:4F
X509v3 Authority Key Identifier:
keyid:39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/AcRUMxmazwuGM_pK2Y4fMC196E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/OXMtzQw1QmFE-fAmdUF5366-iVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.2.0/24
IPv6:
2a0f:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
47:a7:92:b2:5a:db:22:ba:e2:3b:15:aa:d3:a1:a8:b1:66:be:
80:ec:f0:54:28:d3:2c:12:92:6d:4a:01:61:5d:19:51:35:69:
dd:b0:9c:cf:b4:62:48:46:51:49:60:48:51:63:95:a8:36:da:
22:9c:83:7d:67:48:6c:e3:b1:ef:62:c9:b3:e5:b9:cc:cb:fc:
c4:16:e0:ed:70:3e:5b:45:41:f1:eb:7f:c6:a3:9c:66:4c:58:
43:71:df:b1:7a:65:09:af:d5:71:54:d6:7f:99:10:d0:de:0f:
e8:23:dc:00:48:09:b1:47:8c:02:77:bd:08:6c:1f:1b:c7:18:
2a:44:08:4e:7e:b7:fe:7c:93:cf:90:4a:69:12:c0:70:cb:2a:
91:4a:2c:1c:06:8c:31:9d:29:27:9a:35:51:c6:10:04:a9:3e:
8f:51:90:8b:80:7b:f4:02:0b:f1:ed:9f:4d:35:ad:7a:86:07:
12:ff:d9:36:f0:4d:9d:52:98:8d:0c:81:b7:9c:7f:2f:34:3d:
6d:32:59:29:e1:66:c9:47:1e:52:a9:d0:97:5b:a6:8e:b3:3b:
70:0e:03:99:d6:e4:df:18:ca:86:a2:27:d6:6f:07:ae:cb:8e:
00:45:ef:63:02:d9:85:60:d3:36:f0:59:30:e3:df:33:20:08:
54:d6:19:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVswUJ4nUuysHhKkYmBI+uCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzMyZGNkMGMzNTQyNjE0NGY5ZjAyNjc1NDE3OWRmYWVi
ZTg5NTgwHhcNMjMwMTAxMDk1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWM0NTQzMzE5OWFjZjBiODYzM2ZhNGFkOThlMWYzMDJkN2RlODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3vDqhjnH8XdeS5bqN0+HsQ6Suwf
PuyGKkUvIzAx4w0hpUo0mryTuFCITXAvOrgIgSQfykpM9e2N/IVMl16Tok4s7Hr6
Aiu+gSprb7jOS+Xkxx3r2nOhbzyw5lyGUx+0Vp5TtsziCgtvyO6FoD8aSDOIpLXl
LwSnWlwMBvc7uEDzgVBw1XfBzPDBAuL4/ZzGQb8f4+tCeInh1O0lXRhGDwBdebQ6
VtwtMfuFZJFVlbFlcipEHMSZQhOxGQT90dODgF2m48UwdkIi+2sTtwo83+bLyDYZ
xGu6+HOsMXkOpMzfycn93BVuVigLAKkNMbuCPf5VU2qfeAA/xAwkmtTqVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAHEVDMZms8LhjP6StmOHzAtfehPMB8GA1UdIwQY
MBaAFDlzLc0MNUJhRPnwJnVBed+uvolYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hNdHpRdzFRbUZFLWZBbWRVRjUzNjYtaVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMzcxMDYtZDA4ZC00YWEwLWFjODIt
ZjYwYWYyYTgyMDYwLzEvQWNSVU14bWF6d3VHTV9wSzJZNGZNQzE5NkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMzcxMDYtZDA4ZC00YWEwLWFjODItZjYwYWYyYTgyMDYw
LzEvT1hNdHpRdzFRbUZFLWZBbWRVRjUzNjYtaVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwcgCMA0E
AgACMAcDBQMqD5fAMA0GCSqGSIb3DQEBCwUAA4IBAQBHp5KyWtsiuuI7FarToaix
Zr6A7PBUKNMsEpJtSgFhXRlRNWndsJzPtGJIRlFJYEhRY5WoNtoinIN9Z0hs47Hv
Ysmz5bnMy/zEFuDtcD5bRUHx63/Go5xmTFhDcd+xemUJr9VxVNZ/mRDQ3g/oI9wA
SAmxR4wCd70IbB8bxxgqRAhOfrf+fJPPkEppEsBwyyqRSiwcBowxnSknmjVRxhAE
qT6PUZCLgHv0Agvx7Z9NNa16hgcS/9k28E2dUpiNDIG3nH8vND1tMlkp4WbJRx5S
qdCXW6aOsztwDgOZ1uTfGMqGoifWbweuy44ARe9jAtmFYNM28Fkw498zIAhU1hlG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:42 2024 by rpki-client on console-fra.rpki-client.org