Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/64ed62-a8ef-4802-a1b4-9f97b0fc4832/1/O1jKzyk643IuQSM9nTQE_nvMVdI.roa
File: O1jKzyk643IuQSM9nTQE_nvMVdI.roa (raw, json)
Hash identifier: G0Tl1JzBVunkvOjTFfcVYWyltQgmZ0poy7YfGi0x96E=
Subject key identifier: 3B:58:CA:CF:29:3A:E3:72:2E:41:23:3D:9D:34:04:FE:7B:CC:55:D2
Certificate issuer: /CN=e2454c456ce68ba8fecad542aab9610b1ecc12e2
Certificate serial: 018570DE56938BA474356E3DA584CF8C429A
Authority key identifier: E2:45:4C:45:6C:E6:8B:A8:FE:CA:D5:42:AA:B9:61:0B:1E:CC:12:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kVMRWzmi6j-ytVCqrlhCx7MEuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/64ed62-a8ef-4802-a1b4-9f97b0fc4832/1/O1jKzyk643IuQSM9nTQE_nvMVdI.roa
Signing time: Mon 02 Jan 2023 05:04:57 +0000
ROA not before: Mon 02 Jan 2023 05:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2119
IP address blocks: 193.161.208.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:56:93:8b:a4:74:35:6e:3d:a5:84:cf:8c:42:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2454c456ce68ba8fecad542aab9610b1ecc12e2
Validity
Not Before: Jan 2 05:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b58cacf293ae3722e41233d9d3404fe7bcc55d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0a:ab:be:b0:fa:68:f0:f7:d7:23:82:e7:f8:
e3:fa:77:61:3d:61:f3:2c:45:77:fb:07:95:75:1b:
e1:33:c7:2e:ea:87:ea:0e:39:03:f0:53:e9:7c:c7:
25:a6:b0:c4:06:f9:47:72:96:6d:9d:23:99:00:df:
ff:b5:7a:36:2e:1f:dc:d6:df:b2:db:55:a9:8f:5d:
a5:76:94:45:cb:05:be:c4:09:34:ae:df:2a:19:c1:
05:3b:74:21:4f:e8:0d:8b:a7:c6:54:58:56:40:7b:
97:29:b6:fe:c1:9a:01:3b:2c:78:89:0f:6d:af:7f:
59:6a:82:87:80:1f:9a:de:7d:ea:12:fe:db:85:ec:
ae:72:9b:e6:41:e5:56:25:11:64:b3:88:0f:6c:16:
54:f4:ea:6d:88:ef:4b:08:4e:63:9c:d1:b9:b1:46:
ca:64:4f:d1:04:74:59:39:4d:b0:95:08:fc:f7:a6:
6c:34:9a:a1:da:f6:fa:d2:50:8c:ea:3d:c1:95:92:
0f:67:7d:c5:78:14:6b:63:68:71:ef:94:7d:52:46:
6d:f9:ba:88:d4:77:46:22:6c:d0:f9:b9:1a:53:e8:
b3:ac:11:21:1a:7e:a4:16:93:a7:5a:6b:6c:08:bc:
91:3a:fb:8a:5b:25:02:9e:9b:c2:c0:06:95:5c:be:
6d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:58:CA:CF:29:3A:E3:72:2E:41:23:3D:9D:34:04:FE:7B:CC:55:D2
X509v3 Authority Key Identifier:
keyid:E2:45:4C:45:6C:E6:8B:A8:FE:CA:D5:42:AA:B9:61:0B:1E:CC:12:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kVMRWzmi6j-ytVCqrlhCx7MEuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/64ed62-a8ef-4802-a1b4-9f97b0fc4832/1/O1jKzyk643IuQSM9nTQE_nvMVdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/64ed62-a8ef-4802-a1b4-9f97b0fc4832/1/4kVMRWzmi6j-ytVCqrlhCx7MEuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.161.208.0/22
Signature Algorithm: sha256WithRSAEncryption
11:63:a7:12:2d:49:68:ce:69:4f:16:e9:38:eb:0d:84:c8:05:
94:3c:4d:9a:08:aa:7d:b8:c5:3a:2b:1e:af:df:72:62:0a:66:
41:d9:ab:82:8f:45:e1:4e:da:c4:56:99:58:30:3f:43:4d:47:
38:29:be:29:9b:a2:9a:96:5f:82:15:a2:ae:a4:5b:3c:ba:b5:
16:e6:f4:61:9a:a6:5d:5c:7a:b9:da:92:4b:43:24:96:3a:b7:
f6:5c:12:e4:68:42:bc:bc:7d:87:23:36:50:5f:54:bd:41:27:
06:b4:68:5c:75:00:2b:de:0a:57:36:a0:fd:43:9e:e0:ba:de:
8e:9d:58:7b:e2:3c:10:7d:1a:45:f7:87:37:07:a4:82:f5:5e:
40:f4:20:ff:29:87:6d:59:fe:7a:11:8c:25:2c:14:bd:9b:d7:
2f:9e:be:c9:d5:6e:78:13:c0:98:33:5d:63:0f:a5:01:2b:3e:
8f:5e:e1:79:62:74:0f:f7:4e:c9:c6:82:4a:dc:19:99:3a:74:
12:22:50:d8:f1:25:b2:8b:f3:da:66:91:ec:0b:a2:0c:09:9d:
44:c7:8c:d5:63:5c:7f:bf:db:70:dd:e3:c5:16:29:a6:cf:4e:
04:eb:ea:e0:4c:8a:ac:9d:b8:4f:f1:86:a1:21:e7:d5:7e:54:
43:29:f3:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3laTi6R0NW49pYTPjEKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNDU0YzQ1NmNlNjhiYThmZWNhZDU0MmFhYjk2MTBiMWVj
YzEyZTIwHhcNMjMwMTAyMDUwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjU4Y2FjZjI5M2FlMzcyMmU0MTIzM2Q5ZDM0MDRmZTdiY2M1NWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QqrvrD6aPD31yOC5/jj+ndhPWHz
LEV3+weVdRvhM8cu6ofqDjkD8FPpfMclprDEBvlHcpZtnSOZAN//tXo2Lh/c1t+y
21Wpj12ldpRFywW+xAk0rt8qGcEFO3QhT+gNi6fGVFhWQHuXKbb+wZoBOyx4iQ9t
r39ZaoKHgB+a3n3qEv7bheyucpvmQeVWJRFks4gPbBZU9OptiO9LCE5jnNG5sUbK
ZE/RBHRZOU2wlQj896ZsNJqh2vb60lCM6j3BlZIPZ33FeBRrY2hx75R9UkZt+bqI
1HdGImzQ+bkaU+izrBEhGn6kFpOnWmtsCLyROvuKWyUCnpvCwAaVXL5t0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtYys8pOuNyLkEjPZ00BP57zFXSMB8GA1UdIwQY
MBaAFOJFTEVs5ouo/srVQqq5YQsezBLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtWTVJXem1pNmoteXRWQ3FybGhDeDdNRXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82NGVkNjItYThlZi00ODAyLWExYjQt
OWY5N2IwZmM0ODMyLzEvTzFqS3p5azY0M0l1UVNNOW5UUUVfbnZNVmRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS82NGVkNjItYThlZi00ODAyLWExYjQtOWY5N2IwZmM0ODMy
LzEvNGtWTVJXem1pNmoteXRWQ3FybGhDeDdNRXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwaHQMA0G
CSqGSIb3DQEBCwUAA4IBAQARY6cSLUlozmlPFuk46w2EyAWUPE2aCKp9uMU6Kx6v
33JiCmZB2auCj0XhTtrEVplYMD9DTUc4Kb4pm6Kall+CFaKupFs8urUW5vRhmqZd
XHq52pJLQySWOrf2XBLkaEK8vH2HIzZQX1S9QScGtGhcdQAr3gpXNqD9Q57gut6O
nVh74jwQfRpF94c3B6SC9V5A9CD/KYdtWf56EYwlLBS9m9cvnr7J1W54E8CYM11j
D6UBKz6PXuF5YnQP907JxoJK3BmZOnQSIlDY8SWyi/PaZpHsC6IMCZ1Ex4zVY1x/
v9tw3ePFFimmz04E6+rgTIqsnbhP8YahIefVflRDKfPT
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:04 2024 by rpki-client on console-fra.rpki-client.org