Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/lEiBgXANvqa016I1zj9_cOqwc04.roa
File: lEiBgXANvqa016I1zj9_cOqwc04.roa (raw, json)
Hash identifier: YBX9+gdsFhMNG7gHHN+oJqcRVbq7pTCKhJpS7Sppu8k=
Subject key identifier: 94:48:81:81:70:0D:BE:A6:B4:D7:A2:35:CE:3F:7F:70:EA:B0:73:4E
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0185723A31D910E65A36CB60262A1F95EF87
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/lEiBgXANvqa016I1zj9_cOqwc04.roa
Signing time: Mon 02 Jan 2023 11:24:54 +0000
ROA not before: Mon 02 Jan 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8328
IP address blocks: 193.172.126.0/24 maxlen: 24
193.173.100.0/24 maxlen: 24
193.172.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:31:d9:10:e6:5a:36:cb:60:26:2a:1f:95:ef:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94488181700dbea6b4d7a235ce3f7f70eab0734e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:4c:33:c0:91:42:26:ca:ca:ac:c8:98:72:14:
aa:bc:9d:df:47:c9:44:16:34:b0:ce:83:17:47:30:
4b:e6:dc:be:8c:5d:03:c1:53:7b:d8:f3:ca:87:25:
93:2c:96:06:26:ac:8c:cf:d0:cf:6f:fc:76:cd:fb:
b1:ba:d1:a2:39:21:94:e3:37:cc:4b:75:25:5a:b7:
15:39:90:a2:66:72:62:af:da:18:f2:ef:c5:09:93:
dd:82:05:20:3b:23:2f:a7:cf:4c:51:e8:15:bf:64:
f2:3e:a0:b5:21:41:83:f3:13:d2:8a:8b:d8:ae:10:
fe:1d:4b:c5:e0:b2:08:37:6d:2d:61:31:73:f9:6e:
3e:f2:cc:ba:87:93:b7:0e:d0:94:7e:91:23:5a:b8:
75:e9:d7:31:f9:36:c5:15:c6:44:8d:ef:56:ef:95:
6a:cc:e7:36:7b:31:17:d0:2d:36:34:9a:25:4a:bb:
71:5a:89:72:1c:20:27:2b:a1:73:1a:8e:5c:a8:e0:
88:df:84:a5:35:04:1d:45:d4:ee:75:3a:f5:a2:6d:
fd:fb:0b:02:47:e2:ad:ad:bd:0e:41:7d:14:d4:d6:
67:40:a1:46:d4:d0:98:2a:65:e6:a1:f5:ad:1d:3c:
58:ff:4d:bc:7d:44:7a:3f:e1:f4:cb:2e:ee:a1:ae:
e9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:48:81:81:70:0D:BE:A6:B4:D7:A2:35:CE:3F:7F:70:EA:B0:73:4E
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/lEiBgXANvqa016I1zj9_cOqwc04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.172.126.0/24
193.172.193.0/24
193.173.100.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:b0:9b:e1:28:02:cd:c0:d8:01:95:bb:a6:f6:6b:ea:31:54:
47:76:88:22:f5:e2:8f:52:c0:53:60:6a:a1:5d:5b:ab:37:9a:
5f:36:8c:5e:17:7a:f5:ef:e8:9d:d5:86:1b:1e:a8:e5:a2:48:
ea:ad:81:5d:cd:c6:d7:59:93:c6:d4:65:d2:a7:f6:a6:0c:86:
04:9d:e3:ea:b1:ca:6b:61:a4:a8:a2:3b:d7:69:0f:b9:83:bf:
e1:ac:41:ba:3c:cd:46:e2:9e:45:2d:7d:0e:49:19:9c:c1:04:
77:92:d0:90:5a:37:05:96:0b:5a:ee:a5:40:94:e9:a4:5d:05:
b0:42:05:e8:13:93:c1:c0:0f:10:e7:d5:74:67:be:51:8d:07:
bd:b2:9d:c7:9b:43:85:dd:d9:fb:90:e5:b9:22:d5:25:ee:f4:
bc:4c:5a:54:a6:58:f3:59:15:26:6a:7c:3e:53:f8:95:6a:bb:
89:fa:dc:b1:da:c6:1b:a1:b8:86:7f:55:98:9c:ea:98:d7:8a:
0d:75:e2:51:bc:f2:35:4a:49:6a:be:f4:55:03:57:ca:96:14:
46:4a:3d:1e:30:08:95:95:cb:20:62:86:24:34:b8:6e:33:90:
a2:4f:da:1f:d5:52:f2:72:44:14:cb:49:77:bb:84:38:98:d5:
d5:18:6f:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyOjHZEOZaNstgJiofle+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjMwMTAyMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQ4ODE4MTcwMGRiZWE2YjRkN2EyMzVjZTNmN2Y3MGVhYjA3MzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0wzwJFCJsrKrMiYchSqvJ3fR8lE
FjSwzoMXRzBL5ty+jF0DwVN72PPKhyWTLJYGJqyMz9DPb/x2zfuxutGiOSGU4zfM
S3UlWrcVOZCiZnJir9oY8u/FCZPdggUgOyMvp89MUegVv2TyPqC1IUGD8xPSiovY
rhD+HUvF4LIIN20tYTFz+W4+8sy6h5O3DtCUfpEjWrh16dcx+TbFFcZEje9W75Vq
zOc2ezEX0C02NJolSrtxWolyHCAnK6FzGo5cqOCI34SlNQQdRdTudTr1om39+wsC
R+Ktrb0OQX0U1NZnQKFG1NCYKmXmofWtHTxY/028fUR6P+H0yy7uoa7pNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJRIgYFwDb6mtNeiNc4/f3DqsHNOMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvbEVpQmdYQU52cWEwMTZJMXpqOV9jT3F3YzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwax+AwQA
wazBAwQAwa1kMA0GCSqGSIb3DQEBCwUAA4IBAQBKsJvhKALNwNgBlbum9mvqMVRH
dogi9eKPUsBTYGqhXVurN5pfNoxeF3r17+id1YYbHqjlokjqrYFdzcbXWZPG1GXS
p/amDIYEnePqscprYaSoojvXaQ+5g7/hrEG6PM1G4p5FLX0OSRmcwQR3ktCQWjcF
lgta7qVAlOmkXQWwQgXoE5PBwA8Q59V0Z75RjQe9sp3Hm0OF3dn7kOW5ItUl7vS8
TFpUpljzWRUmanw+U/iVaruJ+tyx2sYbobiGf1WYnOqY14oNdeJRvPI1SklqvvRV
A1fKlhRGSj0eMAiVlcsgYoYkNLhuM5CiT9of1VLyckQUy0l3u4Q4mNXVGG+A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org