Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b09530-9ca0-4407-8a05-bbd7b0aba6ab/1/U9W0iaCFX3MK766fo-hc6gvaFQk.roa
File: U9W0iaCFX3MK766fo-hc6gvaFQk.roa (raw, json)
Hash identifier: CgD7lY2p8UeQqHKDZswu4RDEdMf6CZqaXrR8molU28E=
Subject key identifier: 53:D5:B4:89:A0:85:5F:73:0A:EF:AE:9F:A3:E8:5C:EA:0B:DA:15:09
Certificate issuer: /CN=aca8ecfee51f68d5f803aae6fbfc1fdc4190262a
Certificate serial: 01857283629323C93F15478DEDA215FFCADC
Authority key identifier: AC:A8:EC:FE:E5:1F:68:D5:F8:03:AA:E6:FB:FC:1F:DC:41:90:26:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKjs_uUfaNX4A6rm-_wf3EGQJio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b09530-9ca0-4407-8a05-bbd7b0aba6ab/1/U9W0iaCFX3MK766fo-hc6gvaFQk.roa
Signing time: Mon 02 Jan 2023 12:44:51 +0000
ROA not before: Mon 02 Jan 2023 12:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210035
IP address blocks: 193.203.227.0/24 maxlen: 24
2a12:7d40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:62:93:23:c9:3f:15:47:8d:ed:a2:15:ff:ca:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca8ecfee51f68d5f803aae6fbfc1fdc4190262a
Validity
Not Before: Jan 2 12:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53d5b489a0855f730aefae9fa3e85cea0bda1509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:37:65:f8:98:16:09:55:de:8e:58:40:19:a1:
d5:6a:47:e5:83:28:6b:33:4f:2a:1b:6c:2e:cb:f9:
93:c5:58:d7:5d:85:c7:b3:b8:59:69:a5:96:9e:da:
f9:38:d4:da:1f:93:fb:ea:05:e9:5f:6d:e9:98:9d:
6e:5f:b2:6a:f3:fb:57:27:06:aa:aa:37:04:4e:7c:
e4:b5:c2:4e:3d:11:a7:4b:fd:30:56:98:0b:17:df:
d0:03:23:07:79:a1:e5:07:fb:71:6b:90:c5:30:c8:
99:93:e5:1f:a5:3b:67:7c:fc:d3:a1:19:16:9e:90:
6c:67:cf:3b:5b:71:bd:83:c1:55:d4:3f:b3:e2:49:
33:9c:f5:e0:24:64:d4:c3:85:ba:f0:c7:3b:32:dd:
6d:9b:aa:7e:f2:45:2e:b6:e4:0c:93:4c:f1:cf:b5:
0f:12:98:63:2c:92:05:46:bb:01:a4:79:78:f0:7d:
90:90:35:ad:66:ef:0f:c9:55:81:d0:30:c7:9a:ff:
7d:4f:a6:01:b3:30:97:86:b3:ca:3a:5d:42:be:5c:
2c:12:31:df:ba:21:8f:00:79:84:98:fe:f5:91:5a:
4f:a7:cc:e5:6b:0a:39:fe:c5:09:68:9c:68:b1:a2:
c8:9e:60:fe:f4:a1:ec:62:c8:ad:1c:2b:cf:3b:ff:
0c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D5:B4:89:A0:85:5F:73:0A:EF:AE:9F:A3:E8:5C:EA:0B:DA:15:09
X509v3 Authority Key Identifier:
keyid:AC:A8:EC:FE:E5:1F:68:D5:F8:03:AA:E6:FB:FC:1F:DC:41:90:26:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKjs_uUfaNX4A6rm-_wf3EGQJio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b09530-9ca0-4407-8a05-bbd7b0aba6ab/1/U9W0iaCFX3MK766fo-hc6gvaFQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b09530-9ca0-4407-8a05-bbd7b0aba6ab/1/rKjs_uUfaNX4A6rm-_wf3EGQJio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.227.0/24
IPv6:
2a12:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
0e:25:44:89:8d:cf:2a:48:28:b7:ed:ba:6f:41:fd:f5:74:a6:
db:fa:3c:8c:9b:61:3a:94:be:ae:76:31:84:3a:ef:66:7d:6b:
90:28:c0:5f:16:4b:0f:a6:d1:70:04:37:b6:ef:ee:cb:da:d8:
80:cd:c9:1e:18:ae:79:3c:23:4f:90:87:c9:11:0c:07:fb:8a:
7d:b2:37:28:e2:58:0e:68:42:8a:bd:77:b3:3f:a2:fa:6b:fa:
09:a6:1b:a9:22:56:a0:a5:87:df:5b:f8:92:2a:1c:cf:95:69:
18:eb:30:7f:ba:0f:73:ae:bc:ff:bf:f6:41:29:b5:4d:74:87:
c6:fc:1d:6e:40:d3:d3:e0:01:f2:59:59:2b:f5:c7:ae:aa:cc:
5d:77:e9:1c:d0:d8:a8:a5:c7:bf:7a:6d:29:d9:1e:43:fe:5b:
21:43:a6:14:25:d0:2b:ae:82:4c:a6:b5:8a:40:91:94:d3:2c:
17:7a:5d:cd:89:0a:fa:1c:29:f6:52:9d:3c:42:03:52:f5:a6:
e1:c0:d3:b1:7e:0f:d9:11:a6:c6:d5:fb:97:38:bf:55:f3:10:
e0:76:11:a8:a1:03:6a:39:b5:0d:7d:e3:0b:56:7d:b2:80:f7:
ae:6f:83:76:2e:4b:ba:10:bc:30:87:c5:65:ed:08:d6:40:06:
e5:5f:b3:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyg2KTI8k/FUeN7aIV/8rcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYThlY2ZlZTUxZjY4ZDVmODAzYWFlNmZiZmMxZmRjNDE5
MDI2MmEwHhcNMjMwMTAyMTI0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Q1YjQ4OWEwODU1ZjczMGFlZmFlOWZhM2U4NWNlYTBiZGExNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzdl+JgWCVXejlhAGaHVakflgyhr
M08qG2wuy/mTxVjXXYXHs7hZaaWWntr5ONTaH5P76gXpX23pmJ1uX7Jq8/tXJwaq
qjcETnzktcJOPRGnS/0wVpgLF9/QAyMHeaHlB/txa5DFMMiZk+UfpTtnfPzToRkW
npBsZ887W3G9g8FV1D+z4kkznPXgJGTUw4W68Mc7Mt1tm6p+8kUutuQMk0zxz7UP
EphjLJIFRrsBpHl48H2QkDWtZu8PyVWB0DDHmv99T6YBszCXhrPKOl1CvlwsEjHf
uiGPAHmEmP71kVpPp8zlawo5/sUJaJxosaLInmD+9KHsYsitHCvPO/8MiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFPVtImghV9zCu+un6PoXOoL2hUJMB8GA1UdIwQY
MBaAFKyo7P7lH2jV+AOq5vv8H9xBkCYqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktqc191VWZhTlg0QTZybS1fd2YzRUdRSmlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iMDk1MzAtOWNhMC00NDA3LThhMDUt
YmJkN2IwYWJhNmFiLzEvVTlXMGlhQ0ZYM01LNzY2Zm8taGM2Z3ZhRlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iMDk1MzAtOWNhMC00NDA3LThhMDUtYmJkN2IwYWJhNmFi
LzEvcktqc191VWZhTlg0QTZybS1fd2YzRUdRSmlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwcvjMA0E
AgACMAcDBQAqEn1AMA0GCSqGSIb3DQEBCwUAA4IBAQAOJUSJjc8qSCi37bpvQf31
dKbb+jyMm2E6lL6udjGEOu9mfWuQKMBfFksPptFwBDe27+7L2tiAzckeGK55PCNP
kIfJEQwH+4p9sjco4lgOaEKKvXezP6L6a/oJphupIlagpYffW/iSKhzPlWkY6zB/
ug9zrrz/v/ZBKbVNdIfG/B1uQNPT4AHyWVkr9ceuqsxdd+kc0Niopce/em0p2R5D
/lshQ6YUJdArroJMprWKQJGU0ywXel3NiQr6HCn2Up08QgNS9abhwNOxfg/ZEabG
1fuXOL9V8xDgdhGooQNqObUNfeMLVn2ygPeub4N2Lku6ELwwh8Vl7QjWQAblX7OJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:20 2024 by rpki-client on console-ams.rpki-client.org