Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Itm6Uwytdrnlei0gHtnMAHktOdE.roa
File: Itm6Uwytdrnlei0gHtnMAHktOdE.roa (raw, json)
Hash identifier: x13IKC9PGMoD7X1u3JaUtFvg20BMnt2CZLTNeP63Y5o=
Subject key identifier: 22:D9:BA:53:0C:AD:76:B9:E5:7A:2D:20:1E:D9:CC:00:79:2D:39:D1
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01857103101BF6A815096E8912CA952856A7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Itm6Uwytdrnlei0gHtnMAHktOdE.roa
Signing time: Mon 02 Jan 2023 05:45:04 +0000
ROA not before: Mon 02 Jan 2023 05:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60068
IP address blocks: 193.19.108.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:10:1b:f6:a8:15:09:6e:89:12:ca:95:28:56:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22d9ba530cad76b9e57a2d201ed9cc00792d39d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a9:05:ee:22:8a:ec:3b:4f:65:21:eb:e3:98:
2d:d0:8b:40:0d:34:0e:8c:13:4e:6a:81:28:2a:65:
99:1e:b3:f1:8c:97:26:2c:6c:b2:2e:31:91:f9:46:
bd:01:94:0d:36:60:1a:fe:73:42:51:ff:30:8f:c8:
de:f3:64:0c:1c:d1:84:ee:31:99:e8:c6:e3:95:75:
82:2d:ea:0a:f9:11:da:23:70:e0:21:5f:f2:41:2f:
e3:bc:a2:09:4c:a1:cb:b8:12:2d:c7:7e:f8:2c:ca:
3f:8b:2f:2c:cf:cf:55:97:3d:c1:ec:3f:cf:47:a8:
a7:aa:57:d5:92:5f:c1:e1:c2:91:bf:23:a5:a2:42:
f3:d2:41:66:75:38:69:58:79:d2:f6:19:e6:0f:09:
d2:13:f5:b0:1b:92:9e:10:a4:c2:a1:31:81:ea:a5:
ad:12:66:5e:06:1a:50:34:3a:92:fb:7b:0e:52:9c:
36:90:59:75:1f:21:6f:de:37:0d:70:0c:cb:63:cd:
62:ec:c3:3c:0e:8f:6f:9e:12:27:fd:0e:f1:d7:f2:
96:69:46:e2:73:12:7a:6c:0a:1e:49:6c:80:a2:a1:
b3:fa:72:84:45:05:f0:2f:0b:b1:00:4a:23:c4:ec:
7f:c9:6a:66:c5:a3:73:db:b9:87:28:fb:03:8f:8b:
52:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D9:BA:53:0C:AD:76:B9:E5:7A:2D:20:1E:D9:CC:00:79:2D:39:D1
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Itm6Uwytdrnlei0gHtnMAHktOdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.108.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:29:47:0b:8c:a1:43:bc:b0:2f:db:b2:f3:dd:f5:99:b1:5b:
10:5b:a1:13:68:f3:1e:84:e8:ec:d6:74:56:11:9a:b3:bc:e5:
6e:4b:d3:a6:51:bc:49:63:a4:16:82:a7:61:87:ea:a5:e3:57:
f9:df:6b:64:22:37:10:95:fb:4b:62:64:fa:2a:7c:d8:8e:5a:
94:88:5d:b6:8f:f6:23:7c:89:2d:08:a1:aa:06:90:3c:75:a7:
0f:c5:8d:b8:06:87:77:58:08:bb:b7:77:3b:71:60:cf:ae:1d:
14:2a:b8:b9:ac:19:37:1e:aa:82:55:4a:a4:fa:0d:91:c6:68:
2a:47:46:f0:7e:13:89:c3:93:0c:1c:f2:ce:c0:b6:b4:42:d3:
29:ee:05:5b:89:61:eb:be:c8:2a:d1:f4:a2:64:8f:6e:76:ff:
70:07:ff:82:54:e5:dd:de:52:64:e7:00:9d:95:75:3b:df:b9:
ed:ae:79:9c:bf:a3:8f:1f:35:11:25:0c:c2:0c:56:4f:5f:72:
4b:be:39:86:1a:2e:68:be:0f:ae:8a:c0:96:9e:c9:1c:33:51:
53:83:74:81:72:96:a6:03:23:8d:f8:63:83:25:7f:0b:af:9c:
d0:7d:6e:be:b8:27:e4:28:a9:02:d3:af:13:22:61:36:2e:5e:
45:4e:35:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAxAb9qgVCW6JEsqVKFanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmQ5YmE1MzBjYWQ3NmI5ZTU3YTJkMjAxZWQ5Y2MwMDc5MmQzOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6kF7iKK7DtPZSHr45gt0ItADTQO
jBNOaoEoKmWZHrPxjJcmLGyyLjGR+Ua9AZQNNmAa/nNCUf8wj8je82QMHNGE7jGZ
6MbjlXWCLeoK+RHaI3DgIV/yQS/jvKIJTKHLuBItx374LMo/iy8sz89Vlz3B7D/P
R6inqlfVkl/B4cKRvyOlokLz0kFmdThpWHnS9hnmDwnSE/WwG5KeEKTCoTGB6qWt
EmZeBhpQNDqS+3sOUpw2kFl1HyFv3jcNcAzLY81i7MM8Do9vnhIn/Q7x1/KWaUbi
cxJ6bAoeSWyAoqGz+nKERQXwLwuxAEojxOx/yWpmxaNz27mHKPsDj4tSUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCLZulMMrXa55XotIB7ZzAB5LTnRMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSXRtNlV3eXRkcm5sZWkwZ0h0bk1BSGt0T2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRNsMA0G
CSqGSIb3DQEBCwUAA4IBAQA7KUcLjKFDvLAv27Lz3fWZsVsQW6ETaPMehOjs1nRW
EZqzvOVuS9OmUbxJY6QWgqdhh+ql41f532tkIjcQlftLYmT6KnzYjlqUiF22j/Yj
fIktCKGqBpA8dacPxY24Bod3WAi7t3c7cWDPrh0UKri5rBk3HqqCVUqk+g2Rxmgq
R0bwfhOJw5MMHPLOwLa0QtMp7gVbiWHrvsgq0fSiZI9udv9wB/+CVOXd3lJk5wCd
lXU737ntrnmcv6OPHzURJQzCDFZPX3JLvjmGGi5ovg+uisCWnskcM1FTg3SBcpam
AyON+GODJX8Lr5zQfW6+uCfkKKkC068TImE2Ll5FTjXO
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org