Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/yweqbX8BVMrrZezNNNGkXWnKkMA.roa
File: yweqbX8BVMrrZezNNNGkXWnKkMA.roa (raw, json)
Hash identifier: AdaBCgIrTTmWFJ45GI88BMIi1i+hGYZvKVDc7hnnBQc=
Subject key identifier: CB:07:AA:6D:7F:01:54:CA:EB:65:EC:CD:34:D1:A4:5D:69:CA:90:C0
Certificate issuer: /CN=f6af433974df373b70abd76b13e1c70c775f554b
Certificate serial: 018C59D9AA481968FF2F9E97EAD6B2185DF3
Authority key identifier: F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/yweqbX8BVMrrZezNNNGkXWnKkMA.roa
Signing time: Mon 11 Dec 2023 17:08:06 +0000
ROA not before: Mon 11 Dec 2023 17:08:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 193.187.255.0/24 maxlen: 24
2a12:3e80:402::/48 maxlen: 48
2a12:3e80:200::/40 maxlen: 40
2a12:3e80:300::/40 maxlen: 40
2a12:3e80:500::/40 maxlen: 40
2a12:3e80:200::/39 maxlen: 48
2a12:3e80::/40 maxlen: 48
2a12:3e80:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:d9:aa:48:19:68:ff:2f:9e:97:ea:d6:b2:18:5d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6af433974df373b70abd76b13e1c70c775f554b
Validity
Not Before: Dec 11 17:08:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb07aa6d7f0154caeb65eccd34d1a45d69ca90c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:46:fa:e5:b3:c1:fb:4b:66:29:db:94:4f:5d:
81:3e:fb:b1:82:a7:dd:dd:91:4d:c7:8f:29:5f:f7:
48:b3:1e:f0:d1:44:61:de:9a:a6:49:5c:98:5c:38:
ad:3a:7f:ef:f4:99:d7:44:66:dd:d9:20:7c:39:25:
4d:dd:28:bf:51:76:8a:1b:11:4a:c4:1a:11:21:e2:
db:5b:ca:7e:c0:a6:20:cd:f5:a6:0e:fe:47:25:4f:
16:b5:ea:f3:ff:94:b4:10:44:ac:b4:07:ed:21:49:
94:c8:61:30:63:e3:11:3c:1a:ef:1e:4d:a4:fa:c9:
d8:0c:62:16:1b:e7:fd:dd:da:8f:13:19:e8:4e:1c:
31:38:e8:1d:2f:83:f6:d7:2b:19:9d:69:f3:04:fd:
d6:d1:7c:82:01:c5:3d:04:c4:76:a8:91:02:c5:43:
d1:e3:98:33:65:bc:d4:cc:a1:fb:ee:44:3d:e1:fd:
45:1b:21:31:e3:df:0c:bd:2c:46:a8:86:c5:f5:96:
d8:90:69:11:8d:57:f6:de:cf:a1:a4:92:f6:82:72:
a9:f4:f1:70:16:2a:d7:98:af:6c:20:2c:a8:7e:28:
25:34:3c:b1:78:ac:23:70:eb:b5:fe:3f:b8:74:d2:
4a:d8:93:57:07:a0:19:fe:3e:95:c7:9e:47:fc:eb:
3b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:07:AA:6D:7F:01:54:CA:EB:65:EC:CD:34:D1:A4:5D:69:CA:90:C0
X509v3 Authority Key Identifier:
keyid:F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/yweqbX8BVMrrZezNNNGkXWnKkMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.255.0/24
IPv6:
2a12:3e80::-2a12:3e80:100:ffff:ffff:ffff:ffff:ffff
2a12:3e80:200::/39
2a12:3e80:402::/48
2a12:3e80:500::/40
Signature Algorithm: sha256WithRSAEncryption
39:c5:1b:e1:56:e8:f1:df:88:83:27:9c:16:06:62:d5:c9:bf:
4f:dd:a8:4e:d2:0e:f0:70:e4:20:41:f9:7f:99:56:9a:b5:c5:
43:56:1e:b2:11:d0:6a:d8:44:22:49:bb:79:61:15:ce:78:70:
f9:25:4d:41:a0:cb:c2:46:8f:76:5f:c8:21:44:b6:e1:b3:5b:
74:32:3e:da:d5:78:c6:b3:58:ce:68:27:68:e4:9e:5c:33:44:
5c:80:67:1a:28:a4:30:65:81:7a:33:26:c1:19:d3:40:09:db:
f9:9c:0d:c5:ce:54:14:dd:4c:8a:8d:f4:60:9c:8a:69:29:8d:
d8:33:42:63:42:af:53:db:02:a7:99:66:aa:55:ba:a8:cf:d4:
61:62:41:aa:1f:34:17:5a:0f:13:c6:6f:16:f8:c2:03:1d:72:
53:4e:05:88:1d:a0:48:21:ac:fa:50:38:8b:27:dc:4a:ac:9f:
10:1c:dc:b0:e8:66:06:0c:71:85:27:78:69:ba:ff:98:6c:d2:
86:e3:c9:3d:86:6a:b2:5f:49:d0:26:23:36:20:2b:db:09:5a:
f0:bb:df:e5:22:d1:fa:5b:f6:a1:99:ff:7f:ad:a8:5b:8f:a7:
b0:a1:9e:0e:9a:e7:2a:e5:d7:a4:53:2a:9c:d4:b8:89:1e:77:
46:ea:5f:ac
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYxZ2apIGWj/L56X6tayGF3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWY0MzM5NzRkZjM3M2I3MGFiZDc2YjEzZTFjNzBjNzc1
ZjU1NGIwHhcNMjMxMjExMTcwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA3YWE2ZDdmMDE1NGNhZWI2NWVjY2QzNGQxYTQ1ZDY5Y2E5MGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkb65bPB+0tmKduUT12BPvuxgqfd
3ZFNx48pX/dIsx7w0URh3pqmSVyYXDitOn/v9JnXRGbd2SB8OSVN3Si/UXaKGxFK
xBoRIeLbW8p+wKYgzfWmDv5HJU8Wterz/5S0EESstAftIUmUyGEwY+MRPBrvHk2k
+snYDGIWG+f93dqPExnoThwxOOgdL4P21ysZnWnzBP3W0XyCAcU9BMR2qJECxUPR
45gzZbzUzKH77kQ94f1FGyEx498MvSxGqIbF9ZbYkGkRjVf23s+hpJL2gnKp9PFw
FirXmK9sICyofiglNDyxeKwjcOu1/j+4dNJK2JNXB6AZ/j6Vx55H/Os7kwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMsHqm1/AVTK62XszTTRpF1pypDAMB8GA1UdIwQY
MBaAFPavQzl03zc7cKvXaxPhxwx3X1VLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2It
YTI2YmM2NTNiMDZiLzEveXdlcWJYOEJWTXJyWmV6Tk5OR2tYV25La01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2ItYTI2YmM2NTNiMDZi
LzEvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAMBAIAATAGAwQAwbv/MDEE
AgACMCswEAMFByoSPoADBwAqEj6AAQADBgEqEj6AAgMHACoSPoAEAgMGACoSPoAF
MA0GCSqGSIb3DQEBCwUAA4IBAQA5xRvhVujx34iDJ5wWBmLVyb9P3ahO0g7wcOQg
Qfl/mVaatcVDVh6yEdBq2EQiSbt5YRXOeHD5JU1BoMvCRo92X8ghRLbhs1t0Mj7a
1XjGs1jOaCdo5J5cM0RcgGcaKKQwZYF6MybBGdNACdv5nA3FzlQU3UyKjfRgnIpp
KY3YM0JjQq9T2wKnmWaqVbqoz9RhYkGqHzQXWg8Txm8W+MIDHXJTTgWIHaBIIaz6
UDiLJ9xKrJ8QHNyw6GYGDHGFJ3hpuv+YbNKG48k9hmqyX0nQJiM2ICvbCVrwu9/l
ItH6W/ahmf9/rahbj6ewoZ4Omucq5dekUyqc1LiJHndG6l+s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org