Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ilFyUnYOxQTSfmRYUf4bW4XcLbQ.roa
File: ilFyUnYOxQTSfmRYUf4bW4XcLbQ.roa (raw, json)
Hash identifier: qTbwumBH6JWYl74pEUcDDtbRtnbzT44qQ9r8YlmO5h0=
Subject key identifier: 8A:51:72:52:76:0E:C5:04:D2:7E:64:58:51:FE:1B:5B:85:DC:2D:B4
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 0188FFC67A7166D52D710B541DDE534981D8
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ilFyUnYOxQTSfmRYUf4bW4XcLbQ.roa
Signing time: Wed 28 Jun 2023 02:12:57 +0000
ROA not before: Wed 28 Jun 2023 02:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1290
IP address blocks: 193.82.192.0/19 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
195.152.0.0/15 maxlen: 15
193.117.32.0/19 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Oct 2023 01:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ff:c6:7a:71:66:d5:2d:71:0b:54:1d:de:53:49:81:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Jun 28 02:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a517252760ec504d27e645851fe1b5b85dc2db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fc:f9:79:38:fc:1a:be:ef:da:83:c7:12:9e:
6f:f5:a7:34:3c:f6:a3:2f:72:56:44:f6:8b:bb:31:
ee:96:d6:e3:e5:a0:1f:89:be:71:d8:b0:04:69:5c:
7c:d9:bc:f5:3a:b6:00:7f:cd:4c:32:e3:0b:8b:1c:
05:61:1f:87:f0:41:c7:e7:f1:70:3c:13:a7:b8:99:
9b:bc:c4:b7:7c:61:43:3f:d8:d5:ef:51:86:cf:fc:
40:91:b2:9d:1d:cc:fa:6f:3a:b5:16:ff:4d:c0:01:
03:14:65:32:19:70:ff:a2:ee:d8:5c:1d:d7:53:b5:
ec:31:a4:fd:ee:49:f0:f2:be:5c:43:e6:5b:c6:06:
50:7c:2c:89:84:f3:b9:4d:6f:b0:95:63:b7:85:5c:
18:31:cc:55:94:f0:e3:d3:65:7f:30:99:43:18:3e:
ea:0f:9f:9f:21:a0:71:bf:70:68:10:e7:bf:14:4d:
13:3a:c7:32:aa:97:80:1d:ca:92:9b:1b:f2:c8:28:
e7:31:e7:75:44:f1:2c:12:40:9f:df:39:1f:13:47:
68:e5:83:ce:01:48:d9:44:8a:f7:11:b2:ab:51:18:
bb:0d:94:ee:3d:c4:e1:ac:ef:69:8f:f9:c3:f8:44:
5f:a6:21:09:bb:83:d1:c2:22:70:94:39:fe:3d:36:
5a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:51:72:52:76:0E:C5:04:D2:7E:64:58:51:FE:1B:5B:85:DC:2D:B4
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ilFyUnYOxQTSfmRYUf4bW4XcLbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.152.0.0/15
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
83:de:10:1a:f9:4f:7e:8f:ec:61:4c:3f:89:e5:80:49:1c:50:
aa:ea:35:99:03:0b:43:60:15:05:02:11:ff:c8:d0:5b:67:b7:
84:73:3a:a9:7e:ca:48:1d:e2:09:4d:3a:68:30:ca:34:fd:15:
d9:bd:2b:ee:b6:14:ed:c6:29:51:7f:32:5f:b8:df:82:da:17:
e6:a6:f6:92:38:04:78:07:a0:42:3f:7f:7b:89:7c:33:c8:12:
67:bd:09:87:01:c6:01:30:38:1e:96:9f:8e:f4:7f:d9:4a:e0:
1a:1b:44:33:be:43:58:8c:d3:c0:eb:68:3e:c6:c1:66:91:80:
39:0c:c7:e9:cf:e8:d3:0f:d2:15:af:03:29:cd:c2:8e:ab:84:
fc:be:52:a4:93:b1:75:bd:af:f0:7f:44:22:b0:a0:4d:49:b4:
a6:9a:ee:fc:14:92:00:c5:e0:48:33:b7:0a:48:6a:c9:34:90:
0d:4b:54:6b:d6:8a:a0:60:29:0b:fd:e4:5b:25:4b:31:6f:2f:
49:1a:34:22:bb:5d:d7:a2:36:33:b1:c5:a9:54:52:71:ab:de:
a0:79:2f:96:05:63:b2:3f:3c:17:08:a8:ad:72:ea:4f:25:c9:
e4:d9:29:1e:c9:a3:0d:fe:09:a8:03:a8:0c:48:39:6d:ca:ef:
d3:60:dc:a8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYj/xnpxZtUtcQtUHd5TSYHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjMwNjI4MDIxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTUxNzI1Mjc2MGVjNTA0ZDI3ZTY0NTg1MWZlMWI1Yjg1ZGMyZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/z5eTj8Gr7v2oPHEp5v9ac0PPaj
L3JWRPaLuzHultbj5aAfib5x2LAEaVx82bz1OrYAf81MMuMLixwFYR+H8EHH5/Fw
PBOnuJmbvMS3fGFDP9jV71GGz/xAkbKdHcz6bzq1Fv9NwAEDFGUyGXD/ou7YXB3X
U7XsMaT97knw8r5cQ+ZbxgZQfCyJhPO5TW+wlWO3hVwYMcxVlPDj02V/MJlDGD7q
D5+fIaBxv3BoEOe/FE0TOscyqpeAHcqSmxvyyCjnMed1RPEsEkCf3zkfE0do5YPO
AUjZRIr3EbKrURi7DZTuPcThrO9pj/nD+ERfpiEJu4PRwiJwlDn+PTZarwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIpRclJ2DsUE0n5kWFH+G1uF3C20MB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvaWxGeVVuWU94UVRTZm1SWVVmNGJXNFhjTGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfMAwDBAXBUmAD
BAXBUoADBAXBUsADBAXBdSADAwHDmDANBAIAAjAHAwUAKgIWIDANBgkqhkiG9w0B
AQsFAAOCAQEAg94QGvlPfo/sYUw/ieWASRxQquo1mQMLQ2AVBQIR/8jQW2e3hHM6
qX7KSB3iCU06aDDKNP0V2b0r7rYU7cYpUX8yX7jfgtoX5qb2kjgEeAegQj9/e4l8
M8gSZ70JhwHGATA4HpafjvR/2UrgGhtEM75DWIzTwOtoPsbBZpGAOQzH6c/o0w/S
Fa8DKc3CjquE/L5SpJOxdb2v8H9EIrCgTUm0ppru/BSSAMXgSDO3CkhqyTSQDUtU
a9aKoGApC/3kWyVLMW8vSRo0Irtd16I2M7HFqVRScaveoHkvlgVjsj88FwiorXLq
TyXJ5NkpHsmjDf4JqAOoDEg5bcrv02DcqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:07 2024 by rpki-client on console-ams.rpki-client.org