Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/75ca1a-6828-4e6d-9fea-5e47cf199dff/1/av7L0d7fnSiC8kWG63en8ggEAnk.roa
File: av7L0d7fnSiC8kWG63en8ggEAnk.roa (raw, json)
Hash identifier: 5Fny7noK8+ofcLlGaQLih4MRFnPccttoB3pYgJGo5bg=
Subject key identifier: 6A:FE:CB:D1:DE:DF:9D:28:82:F2:45:86:EB:77:A7:F2:08:04:02:79
Certificate issuer: /CN=367465ffdba3c05c21be5b15f0d915efccb069e5
Certificate serial: 018572D5DD7DE0161FB6DFF5FA734CEB1F67
Authority key identifier: 36:74:65:FF:DB:A3:C0:5C:21:BE:5B:15:F0:D9:15:EF:CC:B0:69:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NnRl_9ujwFwhvlsV8NkV78ywaeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/75ca1a-6828-4e6d-9fea-5e47cf199dff/1/av7L0d7fnSiC8kWG63en8ggEAnk.roa
Signing time: Mon 02 Jan 2023 14:14:56 +0000
ROA not before: Mon 02 Jan 2023 14:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199802
IP address blocks: 193.8.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:dd:7d:e0:16:1f:b6:df:f5:fa:73:4c:eb:1f:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=367465ffdba3c05c21be5b15f0d915efccb069e5
Validity
Not Before: Jan 2 14:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6afecbd1dedf9d2882f24586eb77a7f208040279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:64:dc:07:22:57:48:d4:a5:04:0e:ef:5d:0a:
9a:28:34:6c:ad:16:e8:75:e6:bc:5c:09:5f:17:ae:
53:6d:f5:99:53:90:7c:2b:d1:11:2f:ee:b3:0b:8c:
ff:e6:61:42:38:46:bb:e6:ac:91:77:71:ae:42:c8:
94:db:7f:33:60:b0:d1:1f:6b:cf:73:04:6d:fe:bf:
ec:71:d0:40:dc:d5:21:d2:22:01:a0:ea:e5:9b:a3:
f7:9d:bd:98:98:52:64:a4:30:e5:07:09:e5:ec:e4:
f4:b1:0c:6b:a6:2a:75:74:73:bc:2b:22:f0:95:47:
62:97:3b:34:b0:70:5e:cf:8e:0d:f3:6b:b3:24:a4:
e8:0b:c6:cb:5f:75:0b:d7:14:23:65:d6:1b:bf:9b:
2e:ff:11:bb:be:c5:26:2e:44:a5:73:3b:60:54:85:
de:e5:18:62:69:2a:2a:01:c6:c3:dc:df:af:f4:8e:
66:31:04:fc:bf:07:d0:9f:38:34:79:84:3f:22:bf:
cf:94:f4:33:4b:82:17:96:b9:32:ac:e5:c2:12:09:
46:dc:d5:49:ca:c1:83:3a:46:70:34:26:c6:ba:4d:
54:82:3d:a5:97:b7:83:02:e5:06:23:01:bc:e1:89:
a3:80:0c:e8:c5:7a:dc:c4:97:28:71:af:4e:5c:4c:
28:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:FE:CB:D1:DE:DF:9D:28:82:F2:45:86:EB:77:A7:F2:08:04:02:79
X509v3 Authority Key Identifier:
keyid:36:74:65:FF:DB:A3:C0:5C:21:BE:5B:15:F0:D9:15:EF:CC:B0:69:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NnRl_9ujwFwhvlsV8NkV78ywaeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/75ca1a-6828-4e6d-9fea-5e47cf199dff/1/av7L0d7fnSiC8kWG63en8ggEAnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/75ca1a-6828-4e6d-9fea-5e47cf199dff/1/NnRl_9ujwFwhvlsV8NkV78ywaeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.174.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:d5:1f:6e:95:32:a2:55:6c:b6:13:da:42:0c:6e:03:e0:ee:
d6:4c:9d:bd:7c:e4:90:0e:d9:2f:0b:99:55:4c:e7:f9:c0:a8:
d6:1e:12:e6:38:50:f9:d5:ec:a4:fe:c5:44:d2:b5:39:8e:b2:
2e:f9:ab:05:8c:c6:09:66:05:9b:65:56:fb:28:57:d0:e7:7f:
e3:13:ad:7d:cd:dc:a3:1d:ef:e5:86:aa:f0:76:3d:8e:b1:29:
53:58:2a:46:19:80:86:f8:c7:dc:57:41:e2:4c:ac:f4:a0:41:
37:73:20:c8:96:6c:84:f0:87:f4:bb:d0:b1:42:a4:06:77:3a:
d2:e2:e4:0d:76:f9:d0:d3:a4:cb:0d:5d:12:d9:ca:8e:3e:07:
ae:95:12:d3:20:38:37:db:bc:96:e1:d1:78:e2:67:d1:f8:b3:
48:81:71:4e:f3:0c:c2:06:8c:43:d1:80:30:d1:11:f7:19:33:
c0:d6:62:5c:07:b6:e4:70:4b:b6:ab:6e:f6:50:34:a5:8e:8c:
ea:c6:52:1d:a2:b5:5b:92:bb:a9:48:d3:79:be:dc:35:b0:c3:
a5:a7:bc:f2:cf:6b:14:d1:49:08:fa:f6:b0:3f:bd:c5:67:e1:
dd:97:06:12:01:b1:bb:72:1e:dd:02:83:21:88:0b:00:bd:01:
31:c9:e7:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy1d194BYftt/1+nNM6x9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NzQ2NWZmZGJhM2MwNWMyMWJlNWIxNWYwZDkxNWVmY2Ni
MDY5ZTUwHhcNMjMwMTAyMTQxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWZlY2JkMWRlZGY5ZDI4ODJmMjQ1ODZlYjc3YTdmMjA4MDQwMjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmTcByJXSNSlBA7vXQqaKDRsrRbo
dea8XAlfF65TbfWZU5B8K9ERL+6zC4z/5mFCOEa75qyRd3GuQsiU238zYLDRH2vP
cwRt/r/scdBA3NUh0iIBoOrlm6P3nb2YmFJkpDDlBwnl7OT0sQxrpip1dHO8KyLw
lUdilzs0sHBez44N82uzJKToC8bLX3UL1xQjZdYbv5su/xG7vsUmLkSlcztgVIXe
5RhiaSoqAcbD3N+v9I5mMQT8vwfQnzg0eYQ/Ir/PlPQzS4IXlrkyrOXCEglG3NVJ
ysGDOkZwNCbGuk1Ugj2ll7eDAuUGIwG84YmjgAzoxXrcxJcoca9OXEwo8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGr+y9He350ogvJFhut3p/IIBAJ5MB8GA1UdIwQY
MBaAFDZ0Zf/bo8BcIb5bFfDZFe/MsGnlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm5SbF85dWp3RndodmxzVjhOa1Y3OHl3YWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NWNhMWEtNjgyOC00ZTZkLTlmZWEt
NWU0N2NmMTk5ZGZmLzEvYXY3TDBkN2ZuU2lDOGtXRzYzZW44Z2dFQW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NWNhMWEtNjgyOC00ZTZkLTlmZWEtNWU0N2NmMTk5ZGZm
LzEvTm5SbF85dWp3RndodmxzVjhOa1Y3OHl3YWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQiuMA0G
CSqGSIb3DQEBCwUAA4IBAQB91R9ulTKiVWy2E9pCDG4D4O7WTJ29fOSQDtkvC5lV
TOf5wKjWHhLmOFD51eyk/sVE0rU5jrIu+asFjMYJZgWbZVb7KFfQ53/jE619zdyj
He/lhqrwdj2OsSlTWCpGGYCG+MfcV0HiTKz0oEE3cyDIlmyE8If0u9CxQqQGdzrS
4uQNdvnQ06TLDV0S2cqOPgeulRLTIDg327yW4dF44mfR+LNIgXFO8wzCBoxD0YAw
0RH3GTPA1mJcB7bkcEu2q272UDSljozqxlIdorVbkrupSNN5vtw1sMOlp7zyz2sU
0UkI+vawP73FZ+HdlwYSAbG7ch7dAoMhiAsAvQExyecR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:49 2024 by rpki-client on console-ams.rpki-client.org