Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/rI4iX9qzDoMP4Lxkd-r5cU0C-9U.roa
File: rI4iX9qzDoMP4Lxkd-r5cU0C-9U.roa (raw, json)
Hash identifier: K0EIXWjezvRnXcktS31w8/gYP9YgM0v912+duCOw0fk=
Subject key identifier: AC:8E:22:5F:DA:B3:0E:83:0F:E0:BC:64:77:EA:F9:71:4D:02:FB:D5
Certificate issuer: /CN=d1bbf3680cdae6c267a98d03d08f6b23d0ed1d46
Certificate serial: 0187FF8835ACD1DC7F17B787A3D5712D2303
Authority key identifier: D1:BB:F3:68:0C:DA:E6:C2:67:A9:8D:03:D0:8F:6B:23:D0:ED:1D:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0bvzaAza5sJnqY0D0I9rI9DtHUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/rI4iX9qzDoMP4Lxkd-r5cU0C-9U.roa
Signing time: Tue 09 May 2023 08:02:09 +0000
ROA not before: Tue 09 May 2023 08:02:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209714
IP address blocks: 193.168.152.0/24 maxlen: 24
193.168.154.0/24 maxlen: 24
193.168.155.0/24 maxlen: 24
193.168.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ff:88:35:ac:d1:dc:7f:17:b7:87:a3:d5:71:2d:23:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1bbf3680cdae6c267a98d03d08f6b23d0ed1d46
Validity
Not Before: May 9 08:02:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac8e225fdab30e830fe0bc6477eaf9714d02fbd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:48:6d:ff:b0:e8:a1:a5:24:57:11:54:3d:57:
1a:71:32:24:2d:b4:f0:1e:3f:95:03:0f:95:3f:ce:
4c:d2:a8:02:59:90:79:06:ae:fd:f7:04:75:30:05:
31:78:a0:00:f3:3c:47:c0:74:54:b3:1c:c2:25:f2:
15:d2:f5:4d:8a:5c:e2:40:0c:df:f5:c6:9b:1d:c8:
db:66:ba:de:51:fb:3b:07:cf:90:02:da:b6:37:e2:
3f:a0:49:aa:f7:55:bd:67:78:bc:3b:cd:c5:d9:34:
08:ac:36:e0:15:4b:70:a7:63:5b:05:30:9a:88:5a:
14:c0:ec:e0:77:dd:c7:31:6e:1f:5d:2e:98:5e:9b:
0c:17:90:4d:9c:ee:af:6b:90:26:6c:cb:02:4f:6e:
dd:4a:d4:21:ff:5c:cf:ca:52:97:43:e7:1f:cb:39:
85:1b:fd:2d:93:ec:27:41:6d:20:bb:3e:0a:a8:bd:
b7:6d:63:b7:57:42:73:d1:fa:42:29:28:ed:40:22:
b6:4f:4c:96:f6:3c:f8:24:d4:ff:ab:d6:ac:ab:3c:
c5:3a:7e:68:aa:2f:12:1d:ef:9a:37:f6:0e:18:56:
54:20:d8:ff:fd:eb:a5:f7:24:87:74:cf:60:25:a8:
f7:cf:62:d1:f7:81:ba:bc:6b:de:56:85:14:9b:4b:
e9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8E:22:5F:DA:B3:0E:83:0F:E0:BC:64:77:EA:F9:71:4D:02:FB:D5
X509v3 Authority Key Identifier:
keyid:D1:BB:F3:68:0C:DA:E6:C2:67:A9:8D:03:D0:8F:6B:23:D0:ED:1D:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bvzaAza5sJnqY0D0I9rI9DtHUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/rI4iX9qzDoMP4Lxkd-r5cU0C-9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/0bvzaAza5sJnqY0D0I9rI9DtHUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.152.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:02:e3:46:d9:5d:0e:49:f5:39:50:e9:f9:b7:5c:fb:ee:5d:
cf:e3:7a:60:37:ab:73:89:5a:b4:08:f4:b9:a0:56:19:4b:52:
2a:45:4e:c2:dd:6f:ec:35:4f:2d:3c:28:27:45:be:57:fa:25:
1c:4d:1e:1e:4f:23:a9:a7:53:82:fb:8a:de:a2:59:9a:de:9b:
39:aa:60:9c:50:83:9a:cb:3e:05:88:5c:34:41:1f:dd:6a:94:
91:f7:57:4d:18:32:6d:d6:4d:51:8e:4a:3a:c6:c3:51:d9:b8:
30:9a:3a:79:5d:46:a4:9f:84:ad:41:29:63:3a:43:c1:2d:70:
9e:20:78:0c:6f:81:16:56:ad:c9:e5:88:df:dd:4a:05:2e:c6:
d0:90:bb:be:e1:e0:db:ba:78:03:38:9a:25:1c:0d:29:cc:03:
69:96:23:4c:57:22:dd:06:fa:78:14:d5:98:62:5d:1f:68:43:
53:16:60:e1:57:1a:d5:7e:14:ac:37:bd:75:9b:7b:7c:07:d4:
cc:9d:a5:dd:b3:ef:9f:ce:fc:31:07:67:c5:b2:d7:26:50:e7:
19:a0:44:fe:c4:08:6a:50:23:bf:63:f1:4a:50:28:a6:07:65:
3d:db:e2:22:8d:17:b0:ff:b0:92:0d:1f:75:69:52:30:98:b0:
79:9d:6d:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf/iDWs0dx/F7eHo9VxLSMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYmJmMzY4MGNkYWU2YzI2N2E5OGQwM2QwOGY2YjIzZDBl
ZDFkNDYwHhcNMjMwNTA5MDgwMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzhlMjI1ZmRhYjMwZTgzMGZlMGJjNjQ3N2VhZjk3MTRkMDJmYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUht/7DooaUkVxFUPVcacTIkLbTw
Hj+VAw+VP85M0qgCWZB5Bq799wR1MAUxeKAA8zxHwHRUsxzCJfIV0vVNilziQAzf
9cabHcjbZrreUfs7B8+QAtq2N+I/oEmq91W9Z3i8O83F2TQIrDbgFUtwp2NbBTCa
iFoUwOzgd93HMW4fXS6YXpsMF5BNnO6va5AmbMsCT27dStQh/1zPylKXQ+cfyzmF
G/0tk+wnQW0guz4KqL23bWO3V0Jz0fpCKSjtQCK2T0yW9jz4JNT/q9asqzzFOn5o
qi8SHe+aN/YOGFZUINj//eul9ySHdM9gJaj3z2LR94G6vGveVoUUm0vpxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKyOIl/asw6DD+C8ZHfq+XFNAvvVMB8GA1UdIwQY
MBaAFNG782gM2ubCZ6mNA9CPayPQ7R1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGJ2emFBemE1c0pucVkwRDBJOXJJOUR0SFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kNTJlODQtZWI4NC00NWMyLWI2YzUt
NTFjMWZhYTQ3MThmLzEvckk0aVg5cXpEb01QNEx4a2QtcjVjVTBDLTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kNTJlODQtZWI4NC00NWMyLWI2YzUtNTFjMWZhYTQ3MThm
LzEvMGJ2emFBemE1c0pucVkwRDBJOXJJOUR0SFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwaiYMA0G
CSqGSIb3DQEBCwUAA4IBAQAbAuNG2V0OSfU5UOn5t1z77l3P43pgN6tziVq0CPS5
oFYZS1IqRU7C3W/sNU8tPCgnRb5X+iUcTR4eTyOpp1OC+4reolma3ps5qmCcUIOa
yz4FiFw0QR/dapSR91dNGDJt1k1Rjko6xsNR2bgwmjp5XUakn4StQSljOkPBLXCe
IHgMb4EWVq3J5Yjf3UoFLsbQkLu+4eDbungDOJolHA0pzANpliNMVyLdBvp4FNWY
Yl0faENTFmDhVxrVfhSsN711m3t8B9TMnaXds++fzvwxB2fFstcmUOcZoET+xAhq
UCO/Y/FKUCimB2U92+IijRew/7CSDR91aVIwmLB5nW1S
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:40 2024 by rpki-client on console-ams.rpki-client.org