Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/Z7yTxVeh4DiIjIH7Cb7OXLpszGI.roa
File: Z7yTxVeh4DiIjIH7Cb7OXLpszGI.roa (raw, json)
Hash identifier: C2sARMS/oYEa3e8myT+YTfKcJRGVuIOK8ji0/dO3G0M=
Subject key identifier: 67:BC:93:C5:57:A1:E0:38:88:8C:81:FB:09:BE:CE:5C:BA:6C:CC:62
Certificate issuer: /CN=abc2de820e02f3c3f86e5b8c9c49ddc49325123f
Certificate serial: 018BED21DDA3214066419738C83127A9A6B2
Authority key identifier: AB:C2:DE:82:0E:02:F3:C3:F8:6E:5B:8C:9C:49:DD:C4:93:25:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8Legg4C88P4bluMnEndxJMlEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/Z7yTxVeh4DiIjIH7Cb7OXLpszGI.roa
Signing time: Mon 20 Nov 2023 14:28:21 +0000
ROA not before: Mon 20 Nov 2023 14:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201072
IP address blocks: 193.57.185.0/24 maxlen: 24
193.57.186.0/24 maxlen: 24
193.57.189.0/24 maxlen: 24
193.57.188.0/24 maxlen: 24
193.57.187.0/24 maxlen: 24
193.57.190.0/24 maxlen: 24
193.57.199.0/24 maxlen: 24
193.57.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:21:dd:a3:21:40:66:41:97:38:c8:31:27:a9:a6:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc2de820e02f3c3f86e5b8c9c49ddc49325123f
Validity
Not Before: Nov 20 14:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67bc93c557a1e038888c81fb09bece5cba6ccc62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:27:82:e8:cf:f0:08:5b:3b:66:6b:42:2b:60:
40:52:a5:c8:64:8d:26:3c:43:b7:86:12:45:28:31:
65:3d:ea:77:80:ee:7a:71:3e:f4:22:84:39:b6:01:
d5:4f:0c:be:99:6f:91:d2:8c:d9:95:b4:f8:b8:18:
13:41:82:5e:06:7a:48:b4:dc:26:c4:81:02:7f:ba:
4c:4a:2d:20:1d:79:27:20:04:4b:93:96:8f:a2:fc:
ff:09:6e:06:dd:54:29:38:7f:ca:12:bb:24:80:d5:
4f:e5:00:44:9a:7f:50:28:40:a6:59:96:e3:cc:a1:
42:c5:ef:f7:d0:1b:45:5a:3e:84:3b:5b:df:47:6f:
05:58:c9:5e:7b:f7:e4:b4:17:31:28:82:7d:77:c4:
3d:e5:5e:7f:44:7a:ec:57:2b:4d:00:19:de:18:5d:
81:44:26:ca:c3:7d:fd:c8:9f:bf:5c:6a:e3:9e:ce:
70:06:8a:13:4b:56:f3:32:50:46:d9:af:d9:a4:1a:
6b:f2:76:d1:f7:81:4c:2e:e4:54:da:65:78:5e:a9:
7e:2d:91:43:cd:70:58:89:7e:14:8b:42:fa:e9:96:
55:bc:f8:4b:8d:6c:53:f8:f8:97:a3:c3:fe:5b:9b:
2c:a1:3c:56:2e:1f:0e:ba:f6:8f:6e:6e:24:c0:d7:
dd:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:BC:93:C5:57:A1:E0:38:88:8C:81:FB:09:BE:CE:5C:BA:6C:CC:62
X509v3 Authority Key Identifier:
keyid:AB:C2:DE:82:0E:02:F3:C3:F8:6E:5B:8C:9C:49:DD:C4:93:25:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8Legg4C88P4bluMnEndxJMlEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/Z7yTxVeh4DiIjIH7Cb7OXLpszGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/q8Legg4C88P4bluMnEndxJMlEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.185.0-193.57.190.255
193.57.199.0/24
193.57.204.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:81:6b:fc:43:fa:d7:32:e7:2c:02:82:8a:88:47:be:ca:47:
76:fd:ab:c0:a6:8b:37:14:10:a1:75:f6:bb:74:14:18:1e:bd:
8b:a8:37:98:01:8a:4f:9e:5f:3d:e2:c2:37:3a:06:d5:84:fd:
c6:b3:1f:e0:09:68:05:31:a5:6a:3c:7e:30:33:c8:25:60:fb:
3a:8c:52:2e:62:01:8a:ea:c7:fd:d8:fb:6b:e3:43:a0:1d:1d:
00:a3:00:18:3b:86:37:b0:04:f9:f8:c8:ef:6d:17:e3:ab:1f:
14:c3:14:cf:73:72:d4:9b:1a:b6:92:70:a2:50:09:8b:fb:d9:
82:6c:a5:f4:b4:23:7b:bf:ff:31:f2:5b:78:ee:1d:6c:d8:2e:
56:1c:ca:79:b2:99:1a:98:24:0b:94:c4:f2:d8:8c:58:c4:67:
cd:1c:be:b3:5e:55:c7:32:3a:a3:0b:ba:ac:3b:18:cd:72:95:
85:2a:74:ea:af:dc:ac:09:1e:6d:ec:39:cb:1e:e2:0a:b5:98:
4c:ff:4d:91:5c:70:9e:95:cb:95:60:97:d2:6d:1b:0b:29:21:
38:04:0c:a2:fa:07:ba:87:e8:68:67:cd:7e:ff:3a:94:e6:a0:
eb:66:62:21:5b:55:78:9f:74:f5:1c:ce:6d:a8:67:ad:8b:c9:
42:49:e3:69
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYvtId2jIUBmQZc4yDEnqaayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzJkZTgyMGUwMmYzYzNmODZlNWI4YzljNDlkZGM0OTMy
NTEyM2YwHhcNMjMxMTIwMTQyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2JjOTNjNTU3YTFlMDM4ODg4YzgxZmIwOWJlY2U1Y2JhNmNjYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yeC6M/wCFs7ZmtCK2BAUqXIZI0m
PEO3hhJFKDFlPep3gO56cT70IoQ5tgHVTwy+mW+R0ozZlbT4uBgTQYJeBnpItNwm
xIECf7pMSi0gHXknIARLk5aPovz/CW4G3VQpOH/KErskgNVP5QBEmn9QKECmWZbj
zKFCxe/30BtFWj6EO1vfR28FWMlee/fktBcxKIJ9d8Q95V5/RHrsVytNABneGF2B
RCbKw339yJ+/XGrjns5wBooTS1bzMlBG2a/ZpBpr8nbR94FMLuRU2mV4Xql+LZFD
zXBYiX4Ui0L66ZZVvPhLjWxT+PiXo8P+W5ssoTxWLh8OuvaPbm4kwNfdbwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGe8k8VXoeA4iIyB+wm+zly6bMxiMB8GA1UdIwQY
MBaAFKvC3oIOAvPD+G5bjJxJ3cSTJRI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThMZWdnNEM4OFA0Ymx1TW5FbmR4Sk1sRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81Njc0OGUtYzI5Ny00ZGU3LThlOTYt
ODk3ODMzMTdlYTI5LzEvWjd5VHhWZWg0RGlJaklIN0NiN09YTHBzekdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81Njc0OGUtYzI5Ny00ZGU3LThlOTYtODk3ODMzMTdlYTI5
LzEvcThMZWdnNEM4OFA0Ymx1TW5FbmR4Sk1sRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADBObkD
BADBOb4DBADBOccDBADBOcwwDQYJKoZIhvcNAQELBQADggEBAF+Ba/xD+tcy5ywC
goqIR77KR3b9q8CmizcUEKF19rt0FBgevYuoN5gBik+eXz3iwjc6BtWE/cazH+AJ
aAUxpWo8fjAzyCVg+zqMUi5iAYrqx/3Y+2vjQ6AdHQCjABg7hjewBPn4yO9tF+Or
HxTDFM9zctSbGraScKJQCYv72YJspfS0I3u//zHyW3juHWzYLlYcynmymRqYJAuU
xPLYjFjEZ80cvrNeVccyOqMLuqw7GM1ylYUqdOqv3KwJHm3sOcse4gq1mEz/TZFc
cJ6Vy5Vgl9JtGwspITgEDKL6B7qH6GhnzX7/OpTmoOtmYiFbVXifdPUczm2oZ62L
yUJJ42k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:37 2024 by rpki-client on console-ams.rpki-client.org