Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/aCNQDjHWDeMKcJK2f7ctuuy45G8.roa
File: aCNQDjHWDeMKcJK2f7ctuuy45G8.roa (raw, json)
Hash identifier: xQLLyo3YkgboRDQesrh2QFJMnk9Usl0yO162sQcBQ2A=
Subject key identifier: 68:23:50:0E:31:D6:0D:E3:0A:70:92:B6:7F:B7:2D:BA:EC:B8:E4:6F
Certificate issuer: /CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Certificate serial: 018BCD28AEDCD902AF896BD0C2AB5D8E75B1
Authority key identifier: C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/aCNQDjHWDeMKcJK2f7ctuuy45G8.roa
Signing time: Tue 14 Nov 2023 09:27:57 +0000
ROA not before: Tue 14 Nov 2023 09:27:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21093
IP address blocks: 193.57.107.0/24 maxlen: 24
193.57.106.0/24 maxlen: 24
193.57.110.0/24 maxlen: 24
193.57.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:28:ae:dc:d9:02:af:89:6b:d0:c2:ab:5d:8e:75:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Validity
Not Before: Nov 14 09:27:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6823500e31d60de30a7092b67fb72dbaecb8e46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c8:11:3b:ed:80:6e:22:63:bd:78:37:49:d4:
1d:b9:ed:79:22:68:0d:4a:a0:04:a5:47:56:52:76:
90:64:0a:a5:ee:11:c5:de:95:f3:7d:6c:88:c3:ba:
83:fc:77:50:eb:88:56:bd:5e:97:a7:97:7a:25:0c:
5f:c3:41:53:7f:cb:46:f3:76:e8:45:e9:08:1a:00:
ff:6c:aa:a3:d3:be:00:c3:6f:a6:13:36:b1:71:b6:
f5:d4:6f:62:35:d3:2f:d0:67:90:6d:8b:08:77:bf:
86:6f:57:57:f4:1a:65:cd:ac:5f:8b:7b:c9:28:e5:
2c:ff:35:8c:6c:19:8a:cf:73:f3:06:2c:a0:b3:e8:
f5:7f:02:3f:92:29:a5:d3:5e:8f:64:38:b5:ef:7e:
59:0e:1d:ea:fa:5d:8f:a5:02:ae:6e:8f:20:d2:c4:
a1:3f:fd:24:8d:8f:2f:84:4d:1c:65:b8:f4:30:75:
4c:99:53:11:93:06:c5:da:f6:d5:85:d5:48:87:cb:
90:4c:ab:ab:1e:43:6c:fb:86:5d:fc:1a:70:ff:f6:
1c:35:40:8a:96:57:8f:3b:50:76:4d:1e:d5:fd:8d:
11:dd:ef:22:52:0b:2a:06:93:ff:fb:07:6c:0e:60:
45:8f:fc:e4:b7:9d:a9:4f:8d:6e:21:89:68:cb:cc:
c7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:23:50:0E:31:D6:0D:E3:0A:70:92:B6:7F:B7:2D:BA:EC:B8:E4:6F
X509v3 Authority Key Identifier:
keyid:C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/aCNQDjHWDeMKcJK2f7ctuuy45G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.106.0/23
193.57.109.0-193.57.110.255
Signature Algorithm: sha256WithRSAEncryption
bf:aa:2a:45:cb:a9:4f:14:d8:25:b7:ef:91:18:69:89:47:61:
c9:c2:73:31:80:1b:a4:f7:65:10:a1:5e:b5:f0:74:5c:6b:12:
82:71:34:e8:77:4c:73:86:d0:7f:13:ef:a2:17:0d:a6:9e:ba:
97:71:a3:12:b9:76:dd:d4:4e:9c:f4:df:5a:36:73:86:24:f7:
0b:f8:23:76:ea:f7:e0:53:86:d2:bb:64:d6:31:3e:22:8f:77:
e9:84:0b:0f:2c:68:08:7f:fb:b3:11:2b:56:58:f5:a9:4e:5f:
79:aa:dd:7a:80:64:9a:5f:2a:0c:bd:f5:aa:c6:88:b3:a6:46:
41:eb:71:93:40:35:8f:14:9b:68:8d:2e:cd:7b:45:4a:e9:e2:
49:13:ea:bb:c4:96:02:6c:b1:6e:b5:7e:24:39:ce:72:89:7e:
3f:55:79:85:a9:51:60:d0:82:b2:9c:fd:f6:65:4d:83:bf:51:
83:f6:a6:1d:b8:ab:07:5a:70:ad:f0:7f:ee:a2:34:60:5e:1a:
16:24:fd:80:6b:8e:66:dd:04:b8:22:2e:bd:4e:df:c0:c5:a0:
0b:ab:7c:ee:bd:4a:63:da:e7:70:52:81:7e:85:95:8d:db:3d:
59:90:6c:40:d7:9b:8a:9b:26:79:6b:1a:9d:13:52:83:1f:95:
b6:c8:28:f4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYvNKK7c2QKviWvQwqtdjnWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YzI0ZGU5OTEwMWZhZmRmNzRiY2EyOTNmZDZkOTUwNjBk
NTBhNjMwHhcNMjMxMTE0MDkyNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODIzNTAwZTMxZDYwZGUzMGE3MDkyYjY3ZmI3MmRiYWVjYjhlNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMgRO+2AbiJjvXg3SdQdue15ImgN
SqAEpUdWUnaQZAql7hHF3pXzfWyIw7qD/HdQ64hWvV6Xp5d6JQxfw0FTf8tG83bo
RekIGgD/bKqj074Aw2+mEzaxcbb11G9iNdMv0GeQbYsId7+Gb1dX9Bplzaxfi3vJ
KOUs/zWMbBmKz3PzBiygs+j1fwI/kiml016PZDi1735ZDh3q+l2PpQKubo8g0sSh
P/0kjY8vhE0cZbj0MHVMmVMRkwbF2vbVhdVIh8uQTKurHkNs+4Zd/Bpw//YcNUCK
llePO1B2TR7V/Y0R3e8iUgsqBpP/+wdsDmBFj/zkt52pT41uIYloy8zHTQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGgjUA4x1g3jCnCStn+3LbrsuORvMB8GA1UdIwQY
MBaAFMfCTemRAfr990vKKT/W2VBg1QpjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQt
ZWQ1ZDZjZThkN2U4LzEvYUNOUURqSFdEZU1LY0pLMmY3Y3R1dXk0NUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQtZWQ1ZDZjZThkN2U4
LzEveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBwTlqMAwD
BADBOW0DBADBOW4wDQYJKoZIhvcNAQELBQADggEBAL+qKkXLqU8U2CW375EYaYlH
YcnCczGAG6T3ZRChXrXwdFxrEoJxNOh3THOG0H8T76IXDaaeupdxoxK5dt3UTpz0
31o2c4Yk9wv4I3bq9+BThtK7ZNYxPiKPd+mECw8saAh/+7MRK1ZY9alOX3mq3XqA
ZJpfKgy99arGiLOmRkHrcZNANY8Um2iNLs17RUrp4kkT6rvElgJssW61fiQ5znKJ
fj9VeYWpUWDQgrKc/fZlTYO/UYP2ph24qwdacK3wf+6iNGBeGhYk/YBrjmbdBLgi
Lr1O38DFoAurfO69SmPa53BSgX6FlY3bPVmQbEDXm4qbJnlrGp0TUoMflbbIKPQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:38 2024 by rpki-client on console-fra.rpki-client.org