Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/qEAwIv41SBDBrok9tXblAq1LEzw.roa
File: qEAwIv41SBDBrok9tXblAq1LEzw.roa (raw, json)
Hash identifier: /33CxjNDgvpM7cEkYIrVft3hwiyQAsD/P4ihARoX7aA=
Subject key identifier: A8:40:30:22:FE:35:48:10:C1:AE:89:3D:B5:76:E5:02:AD:4B:13:3C
Certificate issuer: /CN=96ff45e6de48bfc0397dacad83a84831db7952d1
Certificate serial: 018570FBB30D92416834251B71A54CC6CEA0
Authority key identifier: 96:FF:45:E6:DE:48:BF:C0:39:7D:AC:AD:83:A8:48:31:DB:79:52:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/qEAwIv41SBDBrok9tXblAq1LEzw.roa
Signing time: Mon 02 Jan 2023 05:37:01 +0000
ROA not before: Mon 02 Jan 2023 05:37:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202498
IP address blocks: 193.143.64.0/24 maxlen: 24
193.143.65.0/24 maxlen: 24
193.143.66.0/24 maxlen: 24
193.143.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:b3:0d:92:41:68:34:25:1b:71:a5:4c:c6:ce:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96ff45e6de48bfc0397dacad83a84831db7952d1
Validity
Not Before: Jan 2 05:37:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8403022fe354810c1ae893db576e502ad4b133c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:38:65:7b:b0:fa:e1:ab:6a:9f:ff:3f:eb:6d:
15:1f:dc:5c:44:7b:e6:59:51:c9:a5:a1:eb:fb:58:
64:61:42:f8:d2:23:2c:cc:46:51:35:a3:04:70:08:
52:4f:2f:05:f4:22:ee:2f:5b:8b:a1:8b:b4:85:f7:
8e:e6:31:f2:53:bc:21:2e:18:ac:85:b7:1c:fe:63:
91:32:aa:79:a0:08:16:f4:69:c4:47:b9:1a:0c:58:
78:4e:c1:47:f4:ad:34:1b:8e:8e:f7:71:41:83:e8:
ff:9e:cb:3b:9c:0d:d1:79:59:13:e4:cb:c1:13:7e:
bc:63:b4:03:92:f5:6e:bd:75:9c:c1:f6:e3:1b:cf:
37:e0:35:b0:b4:77:97:1b:91:81:0f:e4:cf:4f:dd:
2d:ee:07:b4:20:b6:82:fe:63:49:b7:40:f2:e3:71:
e4:78:2b:fd:f4:84:7e:c0:6a:4d:54:df:af:c3:35:
c0:62:0a:bd:f1:16:6a:ec:e9:46:28:22:66:52:f3:
df:47:ef:45:dc:f0:f7:f3:6d:9d:f9:10:e1:4d:3f:
7c:6e:bb:38:63:4f:a3:a0:36:84:56:d0:42:2e:ef:
d8:87:67:2e:0a:ba:58:6c:34:cf:f9:6c:71:56:7a:
73:52:1d:78:8b:64:d9:c4:88:55:7a:5d:a3:f3:83:
bb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:40:30:22:FE:35:48:10:C1:AE:89:3D:B5:76:E5:02:AD:4B:13:3C
X509v3 Authority Key Identifier:
keyid:96:FF:45:E6:DE:48:BF:C0:39:7D:AC:AD:83:A8:48:31:DB:79:52:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/qEAwIv41SBDBrok9tXblAq1LEzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/lv9F5t5Iv8A5faytg6hIMdt5UtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.64.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:e0:b4:98:1d:71:e9:fd:69:a0:3b:f5:10:7d:21:7d:55:ed:
e3:f4:8f:eb:3e:44:63:d2:92:d8:d1:8b:81:60:12:72:d3:27:
eb:f2:93:c1:aa:a3:5d:03:2c:f9:4c:94:23:d7:59:06:9e:5f:
30:70:e7:b0:52:49:3b:f7:4a:dc:02:d3:62:6f:01:e5:d8:cd:
a4:7a:17:ff:03:1b:64:a9:7d:87:6a:63:34:22:38:fe:08:e8:
7d:3e:61:62:97:de:2a:98:13:70:75:5a:43:39:35:a4:51:ca:
7c:31:f4:9c:da:b5:76:38:d1:0e:ef:cb:5e:42:20:8a:61:1f:
d9:7f:74:7a:d3:97:52:a2:7d:26:24:da:21:36:3b:f4:52:1d:
5a:7b:af:c5:66:c5:2e:b1:c0:fa:8f:8d:40:04:df:92:92:4c:
18:a5:7d:51:28:0e:3f:44:a0:18:9a:1a:f6:b6:c7:47:6d:57:
d6:9d:f1:67:39:95:a7:85:8b:64:72:5c:6d:a2:c8:eb:53:f2:
e7:b8:05:32:0d:1a:29:b6:31:4d:d7:35:e8:e0:1d:48:e5:0c:
91:a9:a3:a6:81:33:41:f2:47:ca:26:07:90:9e:51:1b:da:91:
cc:58:71:22:c5:aa:d6:38:a7:50:fb:72:67:ee:22:61:d1:98:
44:2a:2f:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+7MNkkFoNCUbcaVMxs6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZmY0NWU2ZGU0OGJmYzAzOTdkYWNhZDgzYTg0ODMxZGI3
OTUyZDEwHhcNMjMwMTAyMDUzNzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQwMzAyMmZlMzU0ODEwYzFhZTg5M2RiNTc2ZTUwMmFkNGIxMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzhle7D64atqn/8/620VH9xcRHvm
WVHJpaHr+1hkYUL40iMszEZRNaMEcAhSTy8F9CLuL1uLoYu0hfeO5jHyU7whLhis
hbcc/mORMqp5oAgW9GnER7kaDFh4TsFH9K00G46O93FBg+j/nss7nA3ReVkT5MvB
E368Y7QDkvVuvXWcwfbjG8834DWwtHeXG5GBD+TPT90t7ge0ILaC/mNJt0Dy43Hk
eCv99IR+wGpNVN+vwzXAYgq98RZq7OlGKCJmUvPfR+9F3PD3822d+RDhTT98brs4
Y0+joDaEVtBCLu/Yh2cuCrpYbDTP+WxxVnpzUh14i2TZxIhVel2j84O7VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhAMCL+NUgQwa6JPbV25QKtSxM8MB8GA1UdIwQY
MBaAFJb/RebeSL/AOX2srYOoSDHbeVLRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHY5RjV0NUl2OEE1ZmF5dGc2aElNZHQ1VXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82YzdiMjgtZjJjZS00NDVmLThmOTAt
MGY1ZDM3OTdhMzI1LzEvcUVBd0l2NDFTQkRCcm9rOXRYYmxBcTFMRXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82YzdiMjgtZjJjZS00NDVmLThmOTAtMGY1ZDM3OTdhMzI1
LzEvbHY5RjV0NUl2OEE1ZmF5dGc2aElNZHQ1VXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwY9AMA0G
CSqGSIb3DQEBCwUAA4IBAQDF4LSYHXHp/WmgO/UQfSF9Ve3j9I/rPkRj0pLY0YuB
YBJy0yfr8pPBqqNdAyz5TJQj11kGnl8wcOewUkk790rcAtNibwHl2M2kehf/Axtk
qX2HamM0Ijj+COh9PmFil94qmBNwdVpDOTWkUcp8MfSc2rV2ONEO78teQiCKYR/Z
f3R605dSon0mJNohNjv0Uh1ae6/FZsUuscD6j41ABN+SkkwYpX1RKA4/RKAYmhr2
tsdHbVfWnfFnOZWnhYtkclxtosjrU/LnuAUyDRoptjFN1zXo4B1I5QyRqaOmgTNB
8kfKJgeQnlEb2pHMWHEixarWOKdQ+3Jn7iJh0ZhEKi8+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org