Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/d2e826-5acb-47d6-92a4-43bb19f2e53b/1/5kBXTRkRG4oC5COWJbDCrLXn-fU.roa
File: 5kBXTRkRG4oC5COWJbDCrLXn-fU.roa (raw, json)
Hash identifier: U427XJWGfzy9Iy6Ugn7dn4/QACDZ6+zUbct05dbsevw=
Subject key identifier: E6:40:57:4D:19:11:1B:8A:02:E4:23:96:25:B0:C2:AC:B5:E7:F9:F5
Certificate issuer: /CN=b38594146202e2f6c3456b0696ff18562f1b9f81
Certificate serial: 0186563310CCFA7BC632A50D891E6C1B6230
Authority key identifier: B3:85:94:14:62:02:E2:F6:C3:45:6B:06:96:FF:18:56:2F:1B:9F:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4WUFGIC4vbDRWsGlv8YVi8bn4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/d2e826-5acb-47d6-92a4-43bb19f2e53b/1/5kBXTRkRG4oC5COWJbDCrLXn-fU.roa
Signing time: Wed 15 Feb 2023 17:50:32 +0000
ROA not before: Wed 15 Feb 2023 17:50:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25111
IP address blocks: 193.0.57.0/24 maxlen: 24
193.0.56.0/24 maxlen: 24
193.0.60.0/24 maxlen: 24
193.0.59.0/24 maxlen: 24
2001:67c:184::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:56:33:10:cc:fa:7b:c6:32:a5:0d:89:1e:6c:1b:62:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38594146202e2f6c3456b0696ff18562f1b9f81
Validity
Not Before: Feb 15 17:50:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e640574d19111b8a02e4239625b0c2acb5e7f9f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6d:2e:7b:45:4d:a9:69:2f:f0:f0:ce:c7:23:
7a:23:d2:29:9a:33:85:31:2c:60:6d:1e:8d:83:ea:
e5:88:5b:7e:aa:92:f4:7d:80:46:72:11:d4:4c:45:
05:99:e1:91:1f:c5:ac:a1:6e:47:02:1e:6f:c3:32:
96:31:b2:79:c1:9c:5f:ce:c3:fd:5d:b2:33:dd:00:
b7:42:88:97:c0:45:4b:10:20:2e:6b:1e:58:0f:88:
da:1d:74:0d:30:a6:ca:1e:32:db:07:88:ed:46:7e:
de:2e:d3:c2:68:15:1f:a9:05:6b:5a:2e:49:f5:9e:
09:b5:e9:81:71:19:ea:d5:63:ff:9a:82:db:b6:6c:
55:46:91:a5:29:66:3a:87:3e:ac:e7:41:4f:81:28:
b7:9e:0a:0d:c4:be:51:f9:b3:b6:b0:02:ea:77:6c:
3c:99:e3:8b:7e:2a:85:ff:c0:2c:7d:05:70:bd:bd:
25:6e:ce:70:b3:b6:a2:63:8d:76:f6:bc:50:83:7f:
56:8c:30:be:48:33:a3:16:f5:1d:fa:5a:df:c3:3d:
78:f4:1a:25:d7:7e:88:98:15:17:65:56:ab:aa:00:
fc:5f:32:80:98:2b:44:23:8e:f4:b9:81:ce:29:53:
3f:69:60:d1:5f:cb:82:4f:84:a1:f5:45:ca:c8:f7:
a8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:40:57:4D:19:11:1B:8A:02:E4:23:96:25:B0:C2:AC:B5:E7:F9:F5
X509v3 Authority Key Identifier:
keyid:B3:85:94:14:62:02:E2:F6:C3:45:6B:06:96:FF:18:56:2F:1B:9F:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4WUFGIC4vbDRWsGlv8YVi8bn4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/d2e826-5acb-47d6-92a4-43bb19f2e53b/1/5kBXTRkRG4oC5COWJbDCrLXn-fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/d2e826-5acb-47d6-92a4-43bb19f2e53b/1/s4WUFGIC4vbDRWsGlv8YVi8bn4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.56.0/23
193.0.59.0-193.0.60.255
IPv6:
2001:67c:184::/48
Signature Algorithm: sha256WithRSAEncryption
4c:0a:fa:a3:fc:3e:47:35:5c:51:ca:b0:05:96:5a:8a:f6:3c:
f7:12:b5:94:2b:83:74:29:b6:e6:3a:f2:54:61:f3:1b:c0:21:
48:b4:f0:56:7e:ac:f8:62:6d:4d:71:bc:cf:3c:10:08:3d:82:
d3:36:b7:3f:4a:7a:86:60:3b:a0:a9:1f:90:26:90:3f:01:94:
72:7c:78:77:37:e3:bb:7b:e9:df:7c:08:78:90:ef:2b:f2:55:
77:85:75:8c:dc:7b:34:44:4a:d5:7d:61:c0:2d:01:16:b1:d2:
6e:51:25:a9:da:1d:12:fe:06:af:08:c5:4c:87:de:bc:08:4b:
19:3a:50:2f:b8:7c:7d:7b:17:8e:d6:f2:7d:ad:3f:85:90:01:
bc:52:8d:f5:2c:18:4f:7f:1f:b0:2f:99:b6:bc:0b:dc:22:9c:
e1:76:5c:b1:ec:f1:41:11:e7:16:09:0e:c2:58:61:66:59:05:
76:e5:56:96:a9:ce:27:30:69:92:28:c1:a8:3c:d5:44:b7:6f:
e3:4c:59:b7:b0:78:38:98:58:ee:83:d8:4d:15:69:cb:ad:df:
76:1c:71:73:dd:4f:21:bf:92:96:9f:a8:35:21:bf:cb:74:99:
57:d8:72:f7:84:20:f5:e3:ff:46:e5:af:b1:f3:2a:b7:b5:74:
40:19:b5:f5
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYZWMxDM+nvGMqUNiR5sG2IwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzODU5NDE0NjIwMmUyZjZjMzQ1NmIwNjk2ZmYxODU2MmYx
YjlmODEwHhcNMjMwMjE1MTc1MDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQwNTc0ZDE5MTExYjhhMDJlNDIzOTYyNWIwYzJhY2I1ZTdmOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiG0ue0VNqWkv8PDOxyN6I9IpmjOF
MSxgbR6Ng+rliFt+qpL0fYBGchHUTEUFmeGRH8WsoW5HAh5vwzKWMbJ5wZxfzsP9
XbIz3QC3QoiXwEVLECAuax5YD4jaHXQNMKbKHjLbB4jtRn7eLtPCaBUfqQVrWi5J
9Z4JtemBcRnq1WP/moLbtmxVRpGlKWY6hz6s50FPgSi3ngoNxL5R+bO2sALqd2w8
meOLfiqF/8AsfQVwvb0lbs5ws7aiY4129rxQg39WjDC+SDOjFvUd+lrfwz149Bol
136ImBUXZVarqgD8XzKAmCtEI470uYHOKVM/aWDRX8uCT4Sh9UXKyPeo1QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFOZAV00ZERuKAuQjliWwwqy15/n1MB8GA1UdIwQY
MBaAFLOFlBRiAuL2w0VrBpb/GFYvG5+BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczRXVUZHSUM0dmJEUldzR2x2OFlWaThibjRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9kMmU4MjYtNWFjYi00N2Q2LTkyYTQt
NDNiYjE5ZjJlNTNiLzEvNWtCWFRSa1JHNG9DNUNPV0piRENyTFhuLWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9kMmU4MjYtNWFjYi00N2Q2LTkyYTQtNDNiYjE5ZjJlNTNi
LzEvczRXVUZHSUM0dmJEUldzR2x2OFlWaThibjRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQBwQA4MAwD
BADBADsDBADBADwwDwQCAAIwCQMHACABBnwBhDANBgkqhkiG9w0BAQsFAAOCAQEA
TAr6o/w+RzVcUcqwBZZaivY89xK1lCuDdCm25jryVGHzG8AhSLTwVn6s+GJtTXG8
zzwQCD2C0za3P0p6hmA7oKkfkCaQPwGUcnx4dzfju3vp33wIeJDvK/JVd4V1jNx7
NERK1X1hwC0BFrHSblElqdodEv4GrwjFTIfevAhLGTpQL7h8fXsXjtbyfa0/hZAB
vFKN9SwYT38fsC+ZtrwL3CKc4XZcsezxQRHnFgkOwlhhZlkFduVWlqnOJzBpkijB
qDzVRLdv40xZt7B4OJhY7oPYTRVpy63fdhxxc91PIb+Slp+oNSG/y3SZV9hy94Qg
9eP/RuWvsfMqt7V0QBm19Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:45 2023 by rpki-client on console-ams.rpki-client.org