Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/IyUHOLVpxyO_QSM_GdD94J7Effg.roa
File: IyUHOLVpxyO_QSM_GdD94J7Effg.roa (raw, json)
Hash identifier: +ePYdiitAZLnZJ8nMyUQlWEHmhnofAwMSsx/tTGu+7k=
Subject key identifier: 23:25:07:38:B5:69:C7:23:BF:41:23:3F:19:D0:FD:E0:9E:C4:7D:F8
Certificate issuer: /CN=eee416590585a5d351dbbca1f0b3ca9f62ab785d
Certificate serial: 018BD27DBC08C691FA099DDA8CDC91BA4785
Authority key identifier: EE:E4:16:59:05:85:A5:D3:51:DB:BC:A1:F0:B3:CA:9F:62:AB:78:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7uQWWQWFpdNR27yh8LPKn2KreF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/IyUHOLVpxyO_QSM_GdD94J7Effg.roa
Signing time: Wed 15 Nov 2023 10:18:57 +0000
ROA not before: Wed 15 Nov 2023 10:18:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209242
IP address blocks: 193.57.123.0/24 maxlen: 24
193.57.116.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:7d:bc:08:c6:91:fa:09:9d:da:8c:dc:91:ba:47:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eee416590585a5d351dbbca1f0b3ca9f62ab785d
Validity
Not Before: Nov 15 10:18:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23250738b569c723bf41233f19d0fde09ec47df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:14:70:ad:bd:0f:4a:14:2a:5c:fd:2f:bf:4a:
4d:b1:37:00:8f:39:c6:35:e3:96:a0:fd:6a:17:68:
cb:7b:b5:16:39:0f:8d:d5:39:c6:27:87:be:10:88:
07:ba:59:32:79:73:7e:7d:34:6a:d0:25:67:b5:55:
ca:7b:a9:8b:ed:c0:ad:44:ee:88:98:c4:14:63:e9:
aa:ac:57:dc:fb:f9:4a:a3:13:4d:64:f1:0f:d4:d9:
65:7a:d3:29:c6:66:8a:dc:22:b5:14:9c:d2:11:6f:
a3:f1:67:79:7a:cb:f0:df:34:f5:9a:4e:a2:9e:9c:
a8:16:3b:dd:36:02:c4:ab:b5:e7:63:68:e9:cb:9c:
68:41:99:ab:55:ab:4e:52:16:85:bb:bb:dc:d8:b2:
78:eb:65:ca:85:6b:df:38:c9:46:c2:25:a6:c6:56:
af:54:0c:42:20:91:f0:04:10:6a:b2:b7:e8:5e:a1:
36:01:89:d7:f5:fe:20:e3:7d:18:ce:f6:77:4e:65:
b5:aa:08:4e:0d:7b:b4:82:6b:dc:63:44:e7:ce:4e:
01:75:c7:ee:49:cd:7a:1c:eb:15:21:fb:bf:cc:fb:
81:59:e8:2a:16:0a:13:5b:a3:ef:8b:cf:96:ff:44:
05:0f:59:2a:a7:b4:d3:dc:72:44:c9:d9:cb:90:65:
49:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:25:07:38:B5:69:C7:23:BF:41:23:3F:19:D0:FD:E0:9E:C4:7D:F8
X509v3 Authority Key Identifier:
keyid:EE:E4:16:59:05:85:A5:D3:51:DB:BC:A1:F0:B3:CA:9F:62:AB:78:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7uQWWQWFpdNR27yh8LPKn2KreF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/IyUHOLVpxyO_QSM_GdD94J7Effg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/7uQWWQWFpdNR27yh8LPKn2KreF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.116.0/24
193.57.123.0/24
Signature Algorithm: sha256WithRSAEncryption
64:61:d3:53:bd:a0:db:91:29:65:be:5c:7b:fd:3e:e8:50:c1:
ab:3f:cc:6f:b0:7a:aa:ed:84:3a:f2:cc:2f:2b:8b:35:be:7c:
a8:5c:bb:f6:52:a5:4b:64:12:4f:88:49:50:bc:cc:89:ef:aa:
55:3b:91:94:93:b2:db:0e:12:9d:79:db:f3:a3:c7:81:f0:9a:
bc:b6:81:79:7e:0a:5f:ed:2f:4a:c4:57:45:f5:46:bb:02:a8:
93:48:2c:a5:de:af:dc:ad:43:12:fa:65:90:26:18:fd:81:61:
80:20:0e:81:86:fa:ea:dd:83:df:dd:00:ad:22:0e:13:77:74:
01:0e:e3:fe:5e:16:69:28:89:55:9f:4d:22:a6:c4:b8:66:dd:
67:de:ec:46:43:99:a6:37:cb:11:f5:c6:59:7e:a8:9f:48:31:
b8:2d:58:95:5e:98:46:63:e2:f0:b8:18:86:f6:8e:31:bd:1e:
30:ee:07:00:a9:fd:6b:41:78:fe:2b:49:32:3a:c8:7b:42:cb:
2d:7d:0c:4c:de:22:8d:f4:d8:0d:5a:b8:7c:49:ef:36:a4:c6:
13:45:58:ba:bf:cc:a9:e8:2c:e7:3c:b1:d8:c1:c5:b6:3d:70:
d8:f4:af:80:7b:26:fd:cf:74:58:e3:de:21:ed:b5:f8:00:a3:
9e:aa:23:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvSfbwIxpH6CZ3ajNyRukeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZTQxNjU5MDU4NWE1ZDM1MWRiYmNhMWYwYjNjYTlmNjJh
Yjc4NWQwHhcNMjMxMTE1MTAxODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzI1MDczOGI1NjljNzIzYmY0MTIzM2YxOWQwZmRlMDllYzQ3ZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRRwrb0PShQqXP0vv0pNsTcAjznG
NeOWoP1qF2jLe7UWOQ+N1TnGJ4e+EIgHulkyeXN+fTRq0CVntVXKe6mL7cCtRO6I
mMQUY+mqrFfc+/lKoxNNZPEP1NlletMpxmaK3CK1FJzSEW+j8Wd5esvw3zT1mk6i
npyoFjvdNgLEq7XnY2jpy5xoQZmrVatOUhaFu7vc2LJ462XKhWvfOMlGwiWmxlav
VAxCIJHwBBBqsrfoXqE2AYnX9f4g430YzvZ3TmW1qghODXu0gmvcY0Tnzk4Bdcfu
Sc16HOsVIfu/zPuBWegqFgoTW6Pvi8+W/0QFD1kqp7TT3HJEydnLkGVJ8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCMlBzi1accjv0EjPxnQ/eCexH34MB8GA1UdIwQY
MBaAFO7kFlkFhaXTUdu8ofCzyp9iq3hdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3VRV1dRV0ZwZE5SMjd5aDhMUEtuMktyZUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jNmFiOTQtNjViMy00NzFjLWIwOGMt
MDc2YTc1MGI4NTQxLzEvSXlVSE9MVnB4eU9fUVNNX0dkRDk0SjdFZmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jNmFiOTQtNjViMy00NzFjLWIwOGMtMDc2YTc1MGI4NTQx
LzEvN3VRV1dRV0ZwZE5SMjd5aDhMUEtuMktyZUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwTl0AwQA
wTl7MA0GCSqGSIb3DQEBCwUAA4IBAQBkYdNTvaDbkSllvlx7/T7oUMGrP8xvsHqq
7YQ68swvK4s1vnyoXLv2UqVLZBJPiElQvMyJ76pVO5GUk7LbDhKdedvzo8eB8Jq8
toF5fgpf7S9KxFdF9Ua7AqiTSCyl3q/crUMS+mWQJhj9gWGAIA6Bhvrq3YPf3QCt
Ig4Td3QBDuP+XhZpKIlVn00ipsS4Zt1n3uxGQ5mmN8sR9cZZfqifSDG4LViVXphG
Y+LwuBiG9o4xvR4w7gcAqf1rQXj+K0kyOsh7QsstfQxM3iKN9NgNWrh8Se82pMYT
RVi6v8yp6CznPLHYwcW2PXDY9K+Aeyb9z3RY494h7bX4AKOeqiMB
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:19 2024 by rpki-client on console-ams.rpki-client.org