Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/tsECx0Za3K869-RRRlnrVd0nohA.roa
File: tsECx0Za3K869-RRRlnrVd0nohA.roa (raw, json)
Hash identifier: VBUA7gEOPC42AV8zU1hekJFu6umKKCrjs3h37vAjmF4=
Subject key identifier: B6:C1:02:C7:46:5A:DC:AF:3A:F7:E4:51:46:59:EB:55:DD:27:A2:10
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018D13D7F4409C14B1F76456EA7EBBF267BA
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/tsECx0Za3K869-RRRlnrVd0nohA.roa
Signing time: Tue 16 Jan 2024 19:55:36 +0000
ROA not before: Tue 16 Jan 2024 19:55:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 193.56.185.0/24 maxlen: 24
193.160.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 19:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:f4:40:9c:14:b1:f7:64:56:ea:7e:bb:f2:67:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 16 19:55:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6c102c7465adcaf3af7e4514659eb55dd27a210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9f:5a:a5:c3:67:b7:88:25:64:f0:19:c4:4f:
99:e1:0d:7f:9e:81:1c:4d:2e:92:a3:ef:e3:b9:05:
15:be:b1:ca:28:43:62:6f:c8:d7:30:db:5b:5a:a7:
a8:fc:b6:01:40:3a:f8:a0:3b:bb:5f:8e:2a:fc:b4:
dc:bb:f7:a9:49:c9:a9:b9:8f:90:da:90:57:67:b4:
9b:76:78:87:9b:9d:1a:79:f0:10:8f:c3:59:e8:30:
74:a9:0b:88:a6:87:cd:fa:8f:6b:74:1b:a4:52:2a:
6d:c8:d5:b0:81:52:21:f6:ed:51:d8:5f:2e:d6:48:
13:b9:2b:4a:09:0c:e3:5a:16:b9:4b:41:12:bc:9b:
ab:19:1d:8b:b3:7e:69:0b:24:b0:a3:f2:18:79:c2:
35:c8:cd:bc:50:9f:a6:07:41:87:cc:59:cb:5e:ef:
63:c0:40:9c:42:40:ff:9c:0f:2e:31:56:cc:ca:2b:
e2:c3:6f:3c:25:0c:5c:6a:e6:c2:e5:41:c4:d4:1e:
5d:b4:f4:c1:da:3b:8b:44:93:f1:19:95:ae:ba:ee:
6a:25:89:7b:cf:ed:26:30:7d:4f:b1:00:25:92:3d:
8b:a7:a5:78:f3:d2:4c:a7:a9:97:0c:76:e9:ac:ee:
f4:f9:a6:62:e8:85:c5:95:76:ce:a7:e9:ef:e6:1b:
11:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C1:02:C7:46:5A:DC:AF:3A:F7:E4:51:46:59:EB:55:DD:27:A2:10
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/tsECx0Za3K869-RRRlnrVd0nohA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.185.0/24
193.160.211.0/24
Signature Algorithm: sha256WithRSAEncryption
43:0b:ba:26:81:95:94:79:d2:b9:31:40:9c:bf:9c:0d:b1:de:
b7:5c:6b:33:ac:28:4b:15:df:95:66:4b:08:12:3a:80:3a:84:
f8:82:0b:7d:3b:5f:74:39:10:be:6b:5e:c1:15:d5:cc:06:67:
e5:21:c8:ff:c1:f2:d0:7d:72:32:90:98:5f:fe:d7:08:b7:19:
00:1f:2a:f2:60:73:57:fe:b9:ae:c8:e8:e8:03:1d:4b:b6:0d:
34:0e:13:fe:51:55:b5:3c:03:23:cc:24:e9:d8:ab:4b:58:29:
fc:c0:5c:e1:d3:b8:e3:0d:6d:33:a9:b6:10:71:ee:2e:7d:d1:
88:58:ff:3d:68:c7:0f:9f:25:fb:0b:4a:8b:e8:67:9b:52:46:
73:d0:1c:6f:ac:15:3c:2d:ab:18:c9:2c:e6:e0:27:10:0a:ab:
71:59:a6:39:cb:1c:86:3e:cb:c6:bc:3b:cc:1c:2d:fc:e8:62:
59:5e:aa:2f:16:8f:0a:8f:52:5e:0f:e8:13:67:b8:18:d7:94:
69:80:0e:d6:e9:0a:97:eb:1d:81:3f:61:d1:d4:13:ec:f0:22:
09:9b:20:4f:01:c6:e1:76:45:90:b9:42:1f:d9:0f:fe:c1:5d:
4f:2e:fb:47:64:e7:d2:83:38:a2:48:5f:53:89:01:48:9e:c1:
47:0c:56:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0T1/RAnBSx92RW6n678me6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMTE2MTk1NTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmMxMDJjNzQ2NWFkY2FmM2FmN2U0NTE0NjU5ZWI1NWRkMjdhMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ9apcNnt4glZPAZxE+Z4Q1/noEc
TS6So+/juQUVvrHKKENib8jXMNtbWqeo/LYBQDr4oDu7X44q/LTcu/epScmpuY+Q
2pBXZ7SbdniHm50aefAQj8NZ6DB0qQuIpofN+o9rdBukUiptyNWwgVIh9u1R2F8u
1kgTuStKCQzjWha5S0ESvJurGR2Ls35pCySwo/IYecI1yM28UJ+mB0GHzFnLXu9j
wECcQkD/nA8uMVbMyiviw288JQxcaubC5UHE1B5dtPTB2juLRJPxGZWuuu5qJYl7
z+0mMH1PsQAlkj2Lp6V489JMp6mXDHbprO70+aZi6IXFlXbOp+nv5hsRhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLbBAsdGWtyvOvfkUUZZ61XdJ6IQMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvdHNFQ3gwWmEzSzg2OS1SUlJsbnJWZDBub2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwTi5AwQA
waDTMA0GCSqGSIb3DQEBCwUAA4IBAQBDC7omgZWUedK5MUCcv5wNsd63XGszrChL
Fd+VZksIEjqAOoT4ggt9O190ORC+a17BFdXMBmflIcj/wfLQfXIykJhf/tcItxkA
HyryYHNX/rmuyOjoAx1Ltg00DhP+UVW1PAMjzCTp2KtLWCn8wFzh07jjDW0zqbYQ
ce4ufdGIWP89aMcPnyX7C0qL6GebUkZz0BxvrBU8LasYySzm4CcQCqtxWaY5yxyG
PsvGvDvMHC386GJZXqovFo8Kj1JeD+gTZ7gY15RpgA7W6QqX6x2BP2HR1BPs8CIJ
myBPAcbhdkWQuUIf2Q/+wV1PLvtHZOfSgziiSF9TiQFInsFHDFYH
-----END CERTIFICATE-----
Generated at Sun Jan 21 19:56:23 2024 by rpki-client on console-ams.rpki-client.org