Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a4d97c-214f-4e58-8a1b-9b7ba2515607/1/sxN0yEMUV8x-xFWFRkE8LcofKho.roa
File: sxN0yEMUV8x-xFWFRkE8LcofKho.roa (raw, json)
Hash identifier: cvD6Z83TkaQFdr6ozdeM8TxCUKCLEGh1TW1By5S1lQw=
Subject key identifier: B3:13:74:C8:43:14:57:CC:7E:C4:55:85:46:41:3C:2D:CA:1F:2A:1A
Certificate issuer: /CN=8a6706b33960e1d15fd1770a298e0a555a41a809
Certificate serial: 01857343BF9689058CB2667CFA6DE3406496
Authority key identifier: 8A:67:06:B3:39:60:E1:D1:5F:D1:77:0A:29:8E:0A:55:5A:41:A8:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imcGszlg4dFf0XcKKY4KVVpBqAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a4d97c-214f-4e58-8a1b-9b7ba2515607/1/sxN0yEMUV8x-xFWFRkE8LcofKho.roa
Signing time: Mon 02 Jan 2023 16:14:57 +0000
ROA not before: Mon 02 Jan 2023 16:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209535
IP address blocks: 193.33.40.0/23 maxlen: 24
193.33.6.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:32:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:bf:96:89:05:8c:b2:66:7c:fa:6d:e3:40:64:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a6706b33960e1d15fd1770a298e0a555a41a809
Validity
Not Before: Jan 2 16:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b31374c8431457cc7ec4558546413c2dca1f2a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6b:db:94:ca:05:1d:50:07:01:81:44:68:a3:
45:bb:bc:36:a7:8d:81:b6:4e:0e:50:e1:f8:5d:c9:
b6:59:a8:06:c8:34:2c:68:7a:6a:a0:44:54:98:13:
6b:9e:62:3d:5c:e0:7e:92:01:e7:fa:dd:65:8a:d7:
dd:9c:d5:34:3f:6c:cf:7d:73:d8:36:67:ab:0b:0d:
2d:b0:66:73:7c:8f:ea:09:a4:70:e9:9f:5a:11:33:
8e:3c:c0:e8:14:4a:0c:07:0a:34:13:d0:4d:fd:2c:
8f:4a:3a:98:2e:25:8a:cc:c6:d9:42:74:29:e5:1f:
bb:fd:71:53:b7:3f:74:c8:e7:4b:7f:63:a0:3f:78:
a8:66:90:b3:36:d3:6f:d9:d8:33:55:0e:75:fd:24:
72:cd:17:2b:8a:3a:40:89:8f:d6:26:e7:8b:94:6a:
cf:f8:bd:f5:a9:38:a2:32:80:98:44:53:c1:f5:07:
d9:b0:37:aa:c4:0a:d1:ac:cb:81:d0:19:27:46:c4:
8c:c2:a8:be:54:92:c8:78:c4:de:70:57:57:33:24:
e1:24:6a:ff:8b:5b:c0:14:43:49:76:8d:30:1f:3e:
f6:6e:1b:63:de:3d:80:09:9d:e1:a0:88:28:b6:d0:
b0:52:70:ea:ae:d6:c5:ec:ba:1a:b4:37:c5:4c:5b:
eb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:13:74:C8:43:14:57:CC:7E:C4:55:85:46:41:3C:2D:CA:1F:2A:1A
X509v3 Authority Key Identifier:
keyid:8A:67:06:B3:39:60:E1:D1:5F:D1:77:0A:29:8E:0A:55:5A:41:A8:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imcGszlg4dFf0XcKKY4KVVpBqAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a4d97c-214f-4e58-8a1b-9b7ba2515607/1/sxN0yEMUV8x-xFWFRkE8LcofKho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a4d97c-214f-4e58-8a1b-9b7ba2515607/1/imcGszlg4dFf0XcKKY4KVVpBqAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.6.0/23
193.33.40.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:1a:a8:e9:fb:29:1c:a2:f1:8d:36:6c:d0:5e:4b:7f:aa:5b:
6c:a2:fa:c4:ae:5e:03:c3:a8:cf:77:cc:86:f8:61:01:47:74:
91:97:ab:bd:ba:81:a7:18:b8:c3:a1:62:1b:31:2b:39:96:34:
61:c3:36:0e:5a:af:57:c2:59:a5:e0:f9:e2:22:c5:52:75:8b:
11:86:88:cf:bb:24:e3:de:76:03:2b:f1:28:51:f6:d1:a1:f5:
fb:2e:9b:5d:44:91:a4:61:82:f3:bc:b1:37:e0:f5:f9:b9:ab:
42:d8:33:6c:03:25:96:ab:f1:3d:68:15:47:5b:b8:52:13:eb:
4d:94:73:b6:03:b6:67:40:67:d7:66:f3:39:38:9a:f8:a2:ad:
c6:6f:b3:82:d9:5a:92:47:0a:54:e7:29:96:86:0f:13:e4:61:
c9:c3:4b:4e:e5:78:47:06:6a:e6:e9:04:02:01:c4:d5:dc:64:
04:30:ce:09:05:62:5c:98:64:2c:e8:d2:82:a8:a3:f3:2e:cb:
58:e7:a0:a7:93:18:9b:3b:1b:63:b9:e0:c5:bf:f9:19:b9:1f:
1b:39:be:e2:c5:15:12:68:df:53:46:63:6b:a4:65:6a:33:90:
d8:de:c4:01:ce:c6:1b:ca:cb:05:00:e5:f8:7d:b6:c4:1d:d1:
48:90:f6:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzQ7+WiQWMsmZ8+m3jQGSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjcwNmIzMzk2MGUxZDE1ZmQxNzcwYTI5OGUwYTU1NWE0
MWE4MDkwHhcNMjMwMTAyMTYxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzEzNzRjODQzMTQ1N2NjN2VjNDU1ODU0NjQxM2MyZGNhMWYyYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2vblMoFHVAHAYFEaKNFu7w2p42B
tk4OUOH4Xcm2WagGyDQsaHpqoERUmBNrnmI9XOB+kgHn+t1litfdnNU0P2zPfXPY
NmerCw0tsGZzfI/qCaRw6Z9aETOOPMDoFEoMBwo0E9BN/SyPSjqYLiWKzMbZQnQp
5R+7/XFTtz90yOdLf2OgP3ioZpCzNtNv2dgzVQ51/SRyzRcrijpAiY/WJueLlGrP
+L31qTiiMoCYRFPB9QfZsDeqxArRrMuB0BknRsSMwqi+VJLIeMTecFdXMyThJGr/
i1vAFENJdo0wHz72bhtj3j2ACZ3hoIgottCwUnDqrtbF7LoatDfFTFvr4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLMTdMhDFFfMfsRVhUZBPC3KHyoaMB8GA1UdIwQY
MBaAFIpnBrM5YOHRX9F3CimOClVaQagJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1jR3N6bGc0ZEZmMFhjS0tZNEtWVnBCcUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hNGQ5N2MtMjE0Zi00ZTU4LThhMWIt
OWI3YmEyNTE1NjA3LzEvc3hOMHlFTVVWOHgteEZXRlJrRThMY29mS2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hNGQ5N2MtMjE0Zi00ZTU4LThhMWItOWI3YmEyNTE1NjA3
LzEvaW1jR3N6bGc0ZEZmMFhjS0tZNEtWVnBCcUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwSEGAwQB
wSEoMA0GCSqGSIb3DQEBCwUAA4IBAQAuGqjp+ykcovGNNmzQXkt/qltsovrErl4D
w6jPd8yG+GEBR3SRl6u9uoGnGLjDoWIbMSs5ljRhwzYOWq9Xwlml4PniIsVSdYsR
hojPuyTj3nYDK/EoUfbRofX7LptdRJGkYYLzvLE34PX5uatC2DNsAyWWq/E9aBVH
W7hSE+tNlHO2A7ZnQGfXZvM5OJr4oq3Gb7OC2VqSRwpU5ymWhg8T5GHJw0tO5XhH
Bmrm6QQCAcTV3GQEMM4JBWJcmGQs6NKCqKPzLstY56CnkxibOxtjueDFv/kZuR8b
Ob7ixRUSaN9TRmNrpGVqM5DY3sQBzsYbyssFAOX4fbbEHdFIkPYv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:53 2024 by rpki-client on console-ams.rpki-client.org