Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/02BAcDqhYqnHdtc0OIdu915z0xY.roa
File: 02BAcDqhYqnHdtc0OIdu915z0xY.roa (raw, json)
Hash identifier: ytwLwrYr0cSS7LqsxOVXA2Q1GSuSS9dr3rxEd01sap4=
Subject key identifier: D3:60:40:70:3A:A1:62:A9:C7:76:D7:34:38:87:6E:F7:5E:73:D3:16
Certificate issuer: /CN=64950e4e58d6ac27f80f09a5ed2f3028b81ae8ca
Certificate serial: 018CC8DD014EDD07F56B5AE0B59D27318171
Authority key identifier: 64:95:0E:4E:58:D6:AC:27:F8:0F:09:A5:ED:2F:30:28:B8:1A:E8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZJUOTljWrCf4Dwml7S8wKLga6Mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/02BAcDqhYqnHdtc0OIdu915z0xY.roa
Signing time: Tue 02 Jan 2024 06:29:36 +0000
ROA not before: Tue 02 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43997
IP address blocks: 193.35.149.0/24 maxlen: 24
193.35.150.0/23 maxlen: 23
193.35.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 14:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:01:4e:dd:07:f5:6b:5a:e0:b5:9d:27:31:81:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64950e4e58d6ac27f80f09a5ed2f3028b81ae8ca
Validity
Not Before: Jan 2 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d36040703aa162a9c776d73438876ef75e73d316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7e:96:88:80:71:50:11:15:3e:d9:65:54:2c:
b5:c4:83:02:93:6e:f4:3a:fe:20:56:40:e2:a5:7e:
8d:a0:55:33:c4:d5:ef:78:a2:0a:89:fe:f3:27:22:
7e:b2:80:0e:af:6a:27:85:a7:6b:c7:e8:7d:1d:1b:
4a:7a:94:cc:d4:ce:44:de:5f:86:a2:99:df:77:09:
48:b5:38:e8:a8:ac:eb:21:48:18:60:1b:70:89:d2:
2b:62:0e:93:17:ac:e1:f3:59:48:02:ae:0a:a4:3e:
35:de:26:41:bf:d7:ea:6a:ed:f7:f9:ce:9a:dd:d9:
be:d2:f7:cd:bc:7e:8c:3c:95:a3:e0:04:1b:2e:64:
f0:38:74:f2:58:73:01:6b:9b:6c:64:fc:e5:1d:36:
13:76:37:89:e5:39:4e:a6:ea:60:5e:a0:19:46:e9:
f2:cc:a9:c2:f7:d3:f9:07:14:83:0d:d9:39:39:e9:
57:f5:b1:ab:79:e8:f1:16:54:12:58:ed:ad:a3:95:
b6:15:95:9f:4a:4e:f4:eb:8c:56:41:58:60:6f:a3:
26:60:0c:f4:5f:1f:ef:e5:87:21:6a:36:1c:8d:31:
a1:e5:a9:3d:cd:85:a7:5a:13:13:7c:ee:08:7e:f3:
8d:55:50:a7:b7:9e:23:f8:30:14:d9:93:8e:b7:66:
ed:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:60:40:70:3A:A1:62:A9:C7:76:D7:34:38:87:6E:F7:5E:73:D3:16
X509v3 Authority Key Identifier:
keyid:64:95:0E:4E:58:D6:AC:27:F8:0F:09:A5:ED:2F:30:28:B8:1A:E8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZJUOTljWrCf4Dwml7S8wKLga6Mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/02BAcDqhYqnHdtc0OIdu915z0xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/ZJUOTljWrCf4Dwml7S8wKLga6Mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.148.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:f8:fa:00:63:e7:57:fe:f2:b0:bf:9a:8c:95:df:21:41:e6:
ff:b6:c6:d0:8b:43:89:11:0f:62:92:10:71:f7:78:6c:00:45:
dd:6a:fd:f6:01:7f:66:49:ae:ae:79:46:ec:69:8b:07:9f:e5:
19:a3:d0:5f:a8:15:15:2c:46:ba:41:6f:f2:5d:b9:b9:36:d8:
0d:b4:5e:37:e1:4b:8b:76:64:51:16:17:28:25:3e:72:0c:32:
57:d2:91:89:64:45:ed:70:63:04:24:d6:f9:13:46:2b:f1:7f:
bc:46:03:38:d9:5f:a1:14:8c:de:0d:2b:ee:da:90:dd:ce:a3:
c3:46:4e:28:28:c2:3f:0c:e3:b9:65:aa:f4:f9:41:5b:cc:ef:
fe:99:b9:00:b8:c9:8d:c9:69:7e:9b:5d:e6:04:ef:73:7d:cb:
c7:f3:45:7c:c0:d6:54:e7:be:0f:73:ff:59:f5:c3:14:d7:d5:
58:31:73:98:19:5d:35:ae:a0:aa:33:2d:7b:27:d8:05:16:bb:
26:44:f3:82:e5:58:e6:9b:f5:e7:88:5e:84:14:0e:f5:0d:b6:
77:10:f5:01:7c:7b:86:c5:9a:d6:64:52:5c:b7:3f:24:b7:3e:
18:35:57:55:3c:b5:fc:e3:7f:6e:a4:b0:2c:3d:f9:89:40:b4:
48:3b:bd:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3QFO3Qf1a1rgtZ0nMYFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0OTUwZTRlNThkNmFjMjdmODBmMDlhNWVkMmYzMDI4Yjgx
YWU4Y2EwHhcNMjQwMTAyMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzYwNDA3MDNhYTE2MmE5Yzc3NmQ3MzQzODg3NmVmNzVlNzNkMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX6WiIBxUBEVPtllVCy1xIMCk270
Ov4gVkDipX6NoFUzxNXveKIKif7zJyJ+soAOr2onhadrx+h9HRtKepTM1M5E3l+G
opnfdwlItTjoqKzrIUgYYBtwidIrYg6TF6zh81lIAq4KpD413iZBv9fqau33+c6a
3dm+0vfNvH6MPJWj4AQbLmTwOHTyWHMBa5tsZPzlHTYTdjeJ5TlOpupgXqAZRuny
zKnC99P5BxSDDdk5OelX9bGreejxFlQSWO2to5W2FZWfSk7064xWQVhgb6MmYAz0
Xx/v5YchajYcjTGh5ak9zYWnWhMTfO4IfvONVVCnt54j+DAU2ZOOt2btgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNNgQHA6oWKpx3bXNDiHbvdec9MWMB8GA1UdIwQY
MBaAFGSVDk5Y1qwn+A8Jpe0vMCi4GujKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkpVT1RsaldyQ2Y0RHdtbDdTOHdLTGdhNk1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zMDAyMTEtMDkwOS00MjA2LTkxMzYt
ZTY2ZDQxMWZhNmEwLzEvMDJCQWNEcWhZcW5IZHRjME9JZHU5MTV6MHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zMDAyMTEtMDkwOS00MjA2LTkxMzYtZTY2ZDQxMWZhNmEw
LzEvWkpVT1RsaldyQ2Y0RHdtbDdTOHdLTGdhNk1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSOUMA0G
CSqGSIb3DQEBCwUAA4IBAQDJ+PoAY+dX/vKwv5qMld8hQeb/tsbQi0OJEQ9ikhBx
93hsAEXdav32AX9mSa6ueUbsaYsHn+UZo9BfqBUVLEa6QW/yXbm5NtgNtF434UuL
dmRRFhcoJT5yDDJX0pGJZEXtcGMEJNb5E0Yr8X+8RgM42V+hFIzeDSvu2pDdzqPD
Rk4oKMI/DOO5Zar0+UFbzO/+mbkAuMmNyWl+m13mBO9zfcvH80V8wNZU574Pc/9Z
9cMU19VYMXOYGV01rqCqMy17J9gFFrsmRPOC5Vjmm/XniF6EFA71DbZ3EPUBfHuG
xZrWZFJctz8ktz4YNVdVPLX8439upLAsPfmJQLRIO732
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:57 2024 by rpki-client on console-ams.rpki-client.org