Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/0PKJeYnLhmGej2ouEl4-ODl4Tm0.roa
File: 0PKJeYnLhmGej2ouEl4-ODl4Tm0.roa (raw, json)
Hash identifier: FiGNa7khp071Hd4ta8G8Aaz/6m7AUvvRogSxnJZJ26k=
Subject key identifier: D0:F2:89:79:89:CB:86:61:9E:8F:6A:2E:12:5E:3E:38:39:78:4E:6D
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 0185727122C4248CF0217FC836C41D5CF49C
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/0PKJeYnLhmGej2ouEl4-ODl4Tm0.roa
Signing time: Mon 02 Jan 2023 12:24:55 +0000
ROA not before: Mon 02 Jan 2023 12:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29063
IP address blocks: 193.221.85.0/24 maxlen: 24
193.221.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:22:c4:24:8c:f0:21:7f:c8:36:c4:1d:5c:f4:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Jan 2 12:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0f2897989cb86619e8f6a2e125e3e3839784e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:61:da:ba:7b:2d:84:d8:a4:f2:6b:db:4f:f1:
26:df:c7:de:26:2d:4f:e6:e5:36:e3:70:d7:95:87:
d5:7d:9d:e3:4c:66:be:a1:22:5c:59:a9:ff:e3:97:
03:1a:f0:ed:f1:7b:8f:87:1a:16:50:6f:fc:b0:b9:
57:a3:f6:97:00:92:49:f6:46:f6:71:06:68:62:80:
69:07:f7:fe:89:c3:f4:e9:a3:d6:a8:39:e7:46:9e:
cb:74:3e:78:a8:97:c0:84:e2:30:06:fc:40:e7:56:
82:2b:e0:c4:a5:d5:bf:e6:96:88:a5:ee:5d:a4:08:
90:65:65:92:05:16:10:95:4a:37:37:37:ae:91:a1:
62:16:aa:51:9b:cd:b6:d3:fa:ae:07:ea:bd:9c:79:
68:cb:6c:36:e5:8e:d6:75:c2:ad:d3:dd:54:7f:a7:
9d:93:67:bd:23:ee:c6:bd:5c:c5:28:4b:fe:90:6f:
11:ed:5e:2e:a3:08:13:98:bc:44:aa:0b:53:b0:12:
76:ff:5f:5d:23:98:e7:fa:87:8c:e6:13:62:c6:42:
2d:4a:45:dd:8c:d9:de:3a:66:5f:a8:a6:8f:ac:59:
9b:8b:03:6c:3d:c3:00:5f:38:67:da:d6:e0:f0:5c:
68:fa:ae:b7:bc:6a:38:b4:dd:37:f7:ab:79:8d:49:
45:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F2:89:79:89:CB:86:61:9E:8F:6A:2E:12:5E:3E:38:39:78:4E:6D
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/0PKJeYnLhmGej2ouEl4-ODl4Tm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.221.84.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:97:a4:fe:80:51:32:56:d9:bc:3f:b1:73:0a:ec:c3:c9:18:
56:91:ec:7b:87:29:40:25:ec:5a:19:5b:89:de:46:d0:fd:4c:
1a:fb:65:53:21:e3:08:0f:be:06:e7:fe:18:1b:66:50:48:f0:
05:96:5b:00:02:e2:cc:90:81:34:47:ae:d3:65:c9:20:ed:8b:
3c:bb:f9:9f:37:47:11:80:e1:ba:df:3d:d4:0b:b0:16:e7:3c:
75:a1:24:9e:6e:94:fe:78:4c:65:a9:19:84:a8:0f:b5:f1:c6:
01:d6:33:ac:a0:97:f4:2b:b1:d3:92:55:54:e0:7c:54:63:2c:
26:3b:c5:f3:60:83:02:b1:d8:9d:ab:32:11:67:4e:61:1d:c9:
54:8a:64:f9:61:fa:4f:46:ed:67:bf:75:53:bf:e7:6c:da:d3:
67:03:0c:a8:c7:0d:ee:13:6f:fb:65:9b:a5:6c:d1:95:b2:61:
8c:a0:27:db:28:04:db:38:0f:25:67:b4:b1:67:e7:00:1c:41:
78:63:b0:82:12:10:0b:9d:75:5e:11:e1:f7:93:7c:2c:28:15:
1c:b9:fd:ea:dd:64:c0:d7:5f:28:c8:51:c1:2a:48:83:40:6e:
9d:1b:b3:b4:5a:38:87:ed:a0:66:aa:ad:79:3f:f5:d4:ea:65:
77:74:d3:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycSLEJIzwIX/INsQdXPScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjMwMTAyMTIyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGYyODk3OTg5Y2I4NjYxOWU4ZjZhMmUxMjVlM2UzODM5Nzg0ZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmHaunsthNik8mvbT/Em38feJi1P
5uU243DXlYfVfZ3jTGa+oSJcWan/45cDGvDt8XuPhxoWUG/8sLlXo/aXAJJJ9kb2
cQZoYoBpB/f+icP06aPWqDnnRp7LdD54qJfAhOIwBvxA51aCK+DEpdW/5paIpe5d
pAiQZWWSBRYQlUo3NzeukaFiFqpRm8220/quB+q9nHloy2w25Y7WdcKt091Uf6ed
k2e9I+7GvVzFKEv+kG8R7V4uowgTmLxEqgtTsBJ2/19dI5jn+oeM5hNixkItSkXd
jNneOmZfqKaPrFmbiwNsPcMAXzhn2tbg8Fxo+q63vGo4tN0396t5jUlFeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDyiXmJy4Zhno9qLhJePjg5eE5tMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvMFBLSmVZbkxobUdlajJvdUVsNC1PRGw0VG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwd1UMA0G
CSqGSIb3DQEBCwUAA4IBAQCkl6T+gFEyVtm8P7FzCuzDyRhWkex7hylAJexaGVuJ
3kbQ/Uwa+2VTIeMID74G5/4YG2ZQSPAFllsAAuLMkIE0R67TZckg7Ys8u/mfN0cR
gOG63z3UC7AW5zx1oSSebpT+eExlqRmEqA+18cYB1jOsoJf0K7HTklVU4HxUYywm
O8XzYIMCsdidqzIRZ05hHclUimT5YfpPRu1nv3VTv+ds2tNnAwyoxw3uE2/7ZZul
bNGVsmGMoCfbKATbOA8lZ7SxZ+cAHEF4Y7CCEhALnXVeEeH3k3wsKBUcuf3q3WTA
118oyFHBKkiDQG6dG7O0WjiH7aBmqq15P/XU6mV3dNMC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:06 2024 by rpki-client on console-fra.rpki-client.org