Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/1e1ac6-fcd6-4ae8-ad77-51e4bba6bf5b/1/1-Va6MukQhK5SuTFDqNZx0hgmQ38.roa
File: 1-Va6MukQhK5SuTFDqNZx0hgmQ38.roa (raw, json)
Hash identifier: NGjN7gAX6s8V0JvFDaQ3kTaNG7U0V5eRPBNu13vKp/E=
Subject key identifier: F9:56:BA:32:E9:10:84:AE:52:B9:31:43:A8:D6:71:D2:18:26:43:7F
Certificate issuer: /CN=4f2f3bc99a79503e09757477e8ef643e11886c8b
Certificate serial: 018570798E0329DABA9A9A4D688AF9D5D3B2
Authority key identifier: 4F:2F:3B:C9:9A:79:50:3E:09:75:74:77:E8:EF:64:3E:11:88:6C:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ty87yZp5UD4JdXR36O9kPhGIbIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/1e1ac6-fcd6-4ae8-ad77-51e4bba6bf5b/1/1-Va6MukQhK5SuTFDqNZx0hgmQ38.roa
Signing time: Mon 02 Jan 2023 03:14:52 +0000
ROA not before: Mon 02 Jan 2023 03:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207741
IP address blocks: 193.192.0.0/24 maxlen: 24
212.102.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:8e:03:29:da:ba:9a:9a:4d:68:8a:f9:d5:d3:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f2f3bc99a79503e09757477e8ef643e11886c8b
Validity
Not Before: Jan 2 03:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f956ba32e91084ae52b93143a8d671d21826437f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7c:4e:23:e4:cc:8b:1c:eb:6c:20:d5:25:a8:
ae:e8:a8:ee:d2:08:36:28:12:f0:cc:0d:37:ae:9f:
df:a9:af:fd:bf:dc:1a:73:74:a9:d8:71:27:6c:da:
d6:0b:19:09:22:22:4c:55:b9:49:6c:aa:f3:ba:2c:
f4:69:a6:f5:ca:65:e4:88:39:3a:51:69:4d:41:44:
23:79:04:f3:75:f4:39:ee:c0:81:d7:f6:05:d1:62:
f5:cf:78:8f:cf:0b:f3:83:9e:ac:53:de:ae:b5:25:
5b:dd:67:72:e7:f6:3a:c7:c8:8a:8d:59:d7:21:b6:
7d:ea:c9:5a:e4:40:e4:c3:0a:e3:90:19:d1:35:bf:
fb:f6:cf:50:4f:3e:ca:2d:45:98:dc:94:2f:17:f2:
ad:4f:d7:63:cc:88:be:62:0e:9c:92:37:ee:45:19:
7a:98:13:bf:e5:29:b0:53:1b:af:22:fe:2a:31:b4:
db:dd:25:79:42:9e:11:07:1a:7a:67:83:72:a8:8f:
8f:71:0e:90:9d:b3:a3:7f:e3:a6:47:29:e7:b4:cc:
22:fd:29:0b:e2:f1:37:20:9f:a5:e7:67:54:23:15:
91:7f:d3:be:84:be:c7:c4:e7:de:64:76:e1:51:20:
75:48:23:89:f5:d2:c9:80:00:93:3e:e4:28:8d:fe:
3f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:56:BA:32:E9:10:84:AE:52:B9:31:43:A8:D6:71:D2:18:26:43:7F
X509v3 Authority Key Identifier:
keyid:4F:2F:3B:C9:9A:79:50:3E:09:75:74:77:E8:EF:64:3E:11:88:6C:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ty87yZp5UD4JdXR36O9kPhGIbIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/1e1ac6-fcd6-4ae8-ad77-51e4bba6bf5b/1/1-Va6MukQhK5SuTFDqNZx0hgmQ38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/1e1ac6-fcd6-4ae8-ad77-51e4bba6bf5b/1/Ty87yZp5UD4JdXR36O9kPhGIbIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.192.0.0/24
212.102.117.0/24
Signature Algorithm: sha256WithRSAEncryption
91:e0:cc:40:16:cc:a1:84:b4:a0:db:82:4f:c4:e9:3d:5a:a4:
e4:7a:b1:c3:5a:31:22:e3:0d:64:2b:5e:16:9b:10:c7:b7:3c:
41:14:81:7a:c5:a1:a9:4a:0c:12:f0:ab:64:16:c7:c6:2a:61:
3c:78:be:16:de:7e:c5:a8:a1:ed:4a:a4:6e:38:c5:c6:0c:c5:
bf:4a:b4:6a:ea:1f:23:68:49:db:51:e1:73:30:26:63:10:a9:
df:2f:d8:72:aa:43:b0:a1:11:33:b6:ad:ab:97:8a:ee:9b:ec:
c4:47:41:fc:a0:83:81:e6:7d:ca:02:ad:e3:26:80:42:f5:83:
5a:20:ed:bf:e4:b8:b4:4d:8d:69:3d:75:07:de:ed:1b:be:75:
e9:0e:20:18:4b:a9:9a:04:07:e5:ab:58:b7:d8:4d:ee:c7:bb:
43:42:9b:ed:60:5f:a8:09:f5:1a:4c:70:ee:d2:34:12:29:50:
18:ca:12:ee:94:21:25:1a:be:d1:12:44:bf:9e:82:34:2f:e3:
3b:70:b2:88:52:47:79:ce:8c:26:a7:5a:3f:9e:52:f3:d3:64:
ca:da:88:3a:d2:fc:b1:8a:00:20:32:cf:b7:eb:b9:92:5a:98:
5c:3f:2b:86:d0:a0:37:af:a7:f5:29:b7:cf:c9:4c:58:d5:1c:
59:74:a8:44
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVweY4DKdq6mppNaIr51dOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMmYzYmM5OWE3OTUwM2UwOTc1NzQ3N2U4ZWY2NDNlMTE4
ODZjOGIwHhcNMjMwMTAyMDMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTU2YmEzMmU5MTA4NGFlNTJiOTMxNDNhOGQ2NzFkMjE4MjY0MzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHxOI+TMixzrbCDVJaiu6Kju0gg2
KBLwzA03rp/fqa/9v9wac3Sp2HEnbNrWCxkJIiJMVblJbKrzuiz0aab1ymXkiDk6
UWlNQUQjeQTzdfQ57sCB1/YF0WL1z3iPzwvzg56sU96utSVb3Wdy5/Y6x8iKjVnX
IbZ96sla5EDkwwrjkBnRNb/79s9QTz7KLUWY3JQvF/KtT9djzIi+Yg6ckjfuRRl6
mBO/5SmwUxuvIv4qMbTb3SV5Qp4RBxp6Z4NyqI+PcQ6QnbOjf+OmRynntMwi/SkL
4vE3IJ+l52dUIxWRf9O+hL7HxOfeZHbhUSB1SCOJ9dLJgACTPuQojf4/WQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPlWujLpEISuUrkxQ6jWcdIYJkN/MB8GA1UdIwQY
MBaAFE8vO8maeVA+CXV0d+jvZD4RiGyLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHk4N3lacDVVRDRKZFhSMzZPOWtQaEdJYklzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8xZTFhYzYtZmNkNi00YWU4LWFkNzct
NTFlNGJiYTZiZjViLzEvMS1WYTZNdWtRaEs1U3VURkRxTlp4MGhnbVEzOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvMWUxYWM2LWZjZDYtNGFlOC1hZDc3LTUxZTRiYmE2YmY1
Yi8xL1R5ODd5WnA1VUQ0SmRYUjM2TzlrUGhHSWJJcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMHAAAME
ANRmdTANBgkqhkiG9w0BAQsFAAOCAQEAkeDMQBbMoYS0oNuCT8TpPVqk5Hqxw1ox
IuMNZCteFpsQx7c8QRSBesWhqUoMEvCrZBbHxiphPHi+Ft5+xaih7UqkbjjFxgzF
v0q0auofI2hJ21HhczAmYxCp3y/YcqpDsKERM7atq5eK7pvsxEdB/KCDgeZ9ygKt
4yaAQvWDWiDtv+S4tE2NaT11B97tG7516Q4gGEupmgQH5atYt9hN7se7Q0Kb7WBf
qAn1Gkxw7tI0EilQGMoS7pQhJRq+0RJEv56CNC/jO3CyiFJHec6MJqdaP55S89Nk
ytqIOtL8sYoAIDLPt+u5klqYXD8rhtCgN6+n9Sm3z8lMWNUcWXSoRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:40 2024 by rpki-client on console-fra.rpki-client.org