Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0c258a-5203-43e6-9672-fd9c74906baa/1/AD3Bx9rfaZRi0O0gHBGthUJYWIA.roa
File: AD3Bx9rfaZRi0O0gHBGthUJYWIA.roa (raw, json)
Hash identifier: qp1uoicFbZh6FcjBK9vwhvsmoVrq6o3wkol1vm423OY=
Subject key identifier: 00:3D:C1:C7:DA:DF:69:94:62:D0:ED:20:1C:11:AD:85:42:58:58:80
Certificate issuer: /CN=13d62220648d6eee42ac92c396bf2d1e81ae65f7
Certificate serial: 01856F4292BBB12454C0E9237BD70F542F47
Authority key identifier: 13:D6:22:20:64:8D:6E:EE:42:AC:92:C3:96:BF:2D:1E:81:AE:65:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9YiIGSNbu5CrJLDlr8tHoGuZfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0c258a-5203-43e6-9672-fd9c74906baa/1/AD3Bx9rfaZRi0O0gHBGthUJYWIA.roa
Signing time: Sun 01 Jan 2023 21:35:11 +0000
ROA not before: Sun 01 Jan 2023 21:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31276
IP address blocks: 193.24.236.0/22 maxlen: 22
194.147.128.0/22 maxlen: 22
2a07:ea80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:92:bb:b1:24:54:c0:e9:23:7b:d7:0f:54:2f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d62220648d6eee42ac92c396bf2d1e81ae65f7
Validity
Not Before: Jan 1 21:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=003dc1c7dadf699462d0ed201c11ad8542585880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:65:fb:ac:48:86:ef:4b:e9:3f:00:1e:1b:b6:
f4:25:81:66:bb:e6:82:f8:60:96:ea:09:f8:a5:11:
42:4e:cb:bf:fa:6a:b6:4d:8d:59:55:c1:f6:e0:e6:
61:0b:84:bc:00:d0:a7:0f:a3:1f:88:a6:3b:d0:d6:
e1:8c:36:d7:e8:3d:03:4c:05:59:e1:84:b6:d1:a1:
9b:92:13:aa:37:a3:be:a0:22:48:2c:ad:f2:c2:9f:
14:14:5c:ae:93:2c:3f:fc:f8:7c:77:6c:82:7d:22:
0f:6b:c4:11:24:64:b4:2f:01:72:99:74:9f:4f:f4:
35:08:b6:79:95:c2:65:53:18:20:b4:20:76:10:d2:
43:ea:a9:e7:cb:e0:11:ba:15:f7:a4:34:34:6e:32:
f4:cb:9c:02:05:18:0a:fd:42:16:93:85:78:b9:41:
83:ca:b9:51:3a:1a:89:8b:45:9e:58:9a:c4:10:6f:
8e:12:35:02:4e:28:d2:87:59:15:f9:97:14:20:d0:
3a:1e:43:7c:73:7e:91:6b:27:4f:39:9b:29:96:12:
30:84:86:e1:9d:92:a8:1c:40:b2:82:32:6e:63:70:
c1:ca:bf:b3:4d:0b:e4:b8:ed:cb:b2:cf:26:d4:f6:
87:d6:c9:43:85:22:ad:ee:b6:1f:da:78:db:1e:3d:
14:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3D:C1:C7:DA:DF:69:94:62:D0:ED:20:1C:11:AD:85:42:58:58:80
X509v3 Authority Key Identifier:
keyid:13:D6:22:20:64:8D:6E:EE:42:AC:92:C3:96:BF:2D:1E:81:AE:65:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9YiIGSNbu5CrJLDlr8tHoGuZfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0c258a-5203-43e6-9672-fd9c74906baa/1/AD3Bx9rfaZRi0O0gHBGthUJYWIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0c258a-5203-43e6-9672-fd9c74906baa/1/E9YiIGSNbu5CrJLDlr8tHoGuZfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.24.236.0/22
194.147.128.0/22
IPv6:
2a07:ea80::/29
Signature Algorithm: sha256WithRSAEncryption
6d:b1:45:1e:e7:2b:28:6e:06:37:fc:88:19:27:6a:d6:c4:cd:
62:04:14:3f:f5:b5:9d:b0:84:4a:8d:7f:65:f8:17:ba:7d:4b:
c4:60:c1:a5:38:b4:50:ee:27:87:1a:3f:83:7b:0e:20:aa:f8:
b2:2b:bf:25:51:dc:94:73:b3:f9:3f:92:68:33:b4:59:b2:f4:
9f:3a:a4:0b:dc:51:05:fd:17:89:b5:95:04:21:93:51:af:04:
8a:a2:4f:d7:13:5c:cf:b2:99:94:f1:fa:86:11:94:da:ed:25:
7a:bc:85:43:47:6e:c8:8b:41:d1:d1:79:45:b0:94:a7:a0:98:
00:6b:ec:86:c1:b0:7a:11:85:2e:ed:af:fe:ae:0b:0a:6a:dc:
ea:40:a9:18:92:2e:da:4b:af:39:7d:ca:61:a4:f0:4b:19:fd:
ae:a4:7d:1d:ae:9c:29:3c:34:17:5f:60:77:d4:51:03:fe:bf:
88:1e:37:91:df:60:59:d6:c4:9d:8c:da:29:9c:92:a2:85:07:
15:94:5a:35:97:59:9b:72:12:4b:0a:d0:d4:ba:7b:78:51:7a:
56:9b:9c:da:9a:50:2f:86:3a:00:87:5c:99:c7:b8:ee:78:b3:
46:50:3e:7e:ca:3a:74:21:c9:bd:de:59:72:48:0b:c7:1b:68:
d4:f3:f6:ec
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvQpK7sSRUwOkje9cPVC9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDYyMjIwNjQ4ZDZlZWU0MmFjOTJjMzk2YmYyZDFlODFh
ZTY1ZjcwHhcNMjMwMTAxMjEzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDNkYzFjN2RhZGY2OTk0NjJkMGVkMjAxYzExYWQ4NTQyNTg1ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGX7rEiG70vpPwAeG7b0JYFmu+aC
+GCW6gn4pRFCTsu/+mq2TY1ZVcH24OZhC4S8ANCnD6MfiKY70NbhjDbX6D0DTAVZ
4YS20aGbkhOqN6O+oCJILK3ywp8UFFyukyw//Ph8d2yCfSIPa8QRJGS0LwFymXSf
T/Q1CLZ5lcJlUxggtCB2ENJD6qnny+ARuhX3pDQ0bjL0y5wCBRgK/UIWk4V4uUGD
yrlROhqJi0WeWJrEEG+OEjUCTijSh1kV+ZcUINA6HkN8c36RaydPOZsplhIwhIbh
nZKoHECygjJuY3DByr+zTQvkuO3Lss8m1PaH1slDhSKt7rYf2njbHj0UewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAA9wcfa32mUYtDtIBwRrYVCWFiAMB8GA1UdIwQY
MBaAFBPWIiBkjW7uQqySw5a/LR6BrmX3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlZaUlHU05idTVDckpMRGxyOHRIb0d1WmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wYzI1OGEtNTIwMy00M2U2LTk2NzIt
ZmQ5Yzc0OTA2YmFhLzEvQUQzQng5cmZhWlJpME8wZ0hCR3RoVUpZV0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wYzI1OGEtNTIwMy00M2U2LTk2NzItZmQ5Yzc0OTA2YmFh
LzEvRTlZaUlHU05idTVDckpMRGxyOHRIb0d1WmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwRjsAwQC
wpOAMA0EAgACMAcDBQMqB+qAMA0GCSqGSIb3DQEBCwUAA4IBAQBtsUUe5ysobgY3
/IgZJ2rWxM1iBBQ/9bWdsIRKjX9l+Be6fUvEYMGlOLRQ7ieHGj+Dew4gqviyK78l
UdyUc7P5P5JoM7RZsvSfOqQL3FEF/ReJtZUEIZNRrwSKok/XE1zPspmU8fqGEZTa
7SV6vIVDR27Ii0HR0XlFsJSnoJgAa+yGwbB6EYUu7a/+rgsKatzqQKkYki7aS685
fcphpPBLGf2upH0drpwpPDQXX2B31FED/r+IHjeR32BZ1sSdjNopnJKihQcVlFo1
l1mbchJLCtDUunt4UXpWm5zamlAvhjoAh1yZx7jueLNGUD5+yjp0Icm93llySAvH
G2jU8/bs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org