Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/X8qverVOYg6Mv36HYmriH5nhfqI.roa
File: X8qverVOYg6Mv36HYmriH5nhfqI.roa (raw, json)
Hash identifier: W29qJwSoSpArdcjMk3X+0f25BCXsQMSXbYXvxzBZJvA=
Subject key identifier: 5F:CA:AF:7A:B5:4E:62:0E:8C:BF:7E:87:62:6A:E2:1F:99:E1:7E:A2
Certificate issuer: /CN=b2d8ad027a9674edc936e78c5d4d1b64964d8440
Certificate serial: 0187293A7393C35446DE221D5F6576095D27
Authority key identifier: B2:D8:AD:02:7A:96:74:ED:C9:36:E7:8C:5D:4D:1B:64:96:4D:84:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stitAnqWdO3JNueMXU0bZJZNhEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/X8qverVOYg6Mv36HYmriH5nhfqI.roa
Signing time: Tue 28 Mar 2023 17:18:29 +0000
ROA not before: Tue 28 Mar 2023 17:18:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 193.16.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 06:39:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:29:3a:73:93:c3:54:46:de:22:1d:5f:65:76:09:5d:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d8ad027a9674edc936e78c5d4d1b64964d8440
Validity
Not Before: Mar 28 17:18:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fcaaf7ab54e620e8cbf7e87626ae21f99e17ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a9:c3:d3:cc:4e:c6:14:5b:0a:59:9a:a2:8c:
ba:5e:a7:67:c7:e0:34:2c:e0:2e:e6:46:97:a7:13:
18:ed:c1:32:43:0b:78:96:36:c1:d3:39:77:c7:d3:
9c:68:0d:bf:d0:c2:83:a9:53:b8:f8:ea:cb:24:7a:
88:40:38:70:e2:6b:f6:60:2e:51:52:83:cf:83:e1:
96:43:f1:cb:da:78:8c:9d:13:aa:97:c5:06:36:b0:
0a:f0:4d:30:86:68:77:c5:1a:22:46:ef:51:82:51:
f2:23:53:16:6b:6e:46:04:ec:8e:ba:0a:3b:fb:62:
ec:ee:cc:1d:01:1f:59:f1:91:2a:98:4a:3c:c1:91:
b4:f8:6b:bf:5d:f2:08:d8:aa:75:ec:f7:e1:c5:b6:
49:dd:3c:fb:07:55:c4:58:85:33:e3:75:a1:cb:c4:
8d:ca:51:78:46:ea:34:b0:ab:f0:8e:90:cc:3f:bd:
3f:30:20:47:2b:88:48:d5:49:64:80:86:d6:2c:a3:
12:72:fd:c9:c0:41:a5:64:1e:aa:fc:1d:d4:fc:61:
1c:b2:69:bd:3b:fa:ec:d2:62:dc:8a:64:fc:09:1f:
5c:e4:0a:7d:f0:41:53:e3:78:68:c5:b4:88:46:a1:
94:5d:72:c0:f3:90:d9:1e:09:08:2a:41:eb:62:cb:
d7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:CA:AF:7A:B5:4E:62:0E:8C:BF:7E:87:62:6A:E2:1F:99:E1:7E:A2
X509v3 Authority Key Identifier:
keyid:B2:D8:AD:02:7A:96:74:ED:C9:36:E7:8C:5D:4D:1B:64:96:4D:84:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stitAnqWdO3JNueMXU0bZJZNhEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/X8qverVOYg6Mv36HYmriH5nhfqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/stitAnqWdO3JNueMXU0bZJZNhEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.149.0/24
Signature Algorithm: sha256WithRSAEncryption
28:23:aa:63:e9:3b:9f:47:42:17:32:75:f8:79:68:9e:f4:ac:
9e:6d:3a:37:78:8c:16:8d:5d:ab:33:ff:d2:10:d3:2b:d6:82:
94:51:00:96:0e:ad:7b:2f:6b:8a:b0:b1:15:42:8d:22:8b:14:
60:a9:a8:bd:49:e2:31:6d:60:71:7f:43:06:22:6f:4e:68:d3:
43:a2:22:be:6d:69:35:08:da:3d:81:f0:39:db:60:60:e7:fd:
65:03:46:44:be:14:ac:de:f4:cd:db:e7:52:fb:66:cb:f4:56:
5f:bf:c2:a4:4a:37:58:3c:01:35:54:cd:9a:36:62:e6:b6:03:
e4:71:fa:d9:6f:d2:6b:7a:48:32:1c:35:0e:8b:d0:52:7b:18:
b5:99:1c:6d:50:b1:c1:38:a7:b7:16:9e:be:8b:cb:1c:42:5e:
52:4a:88:0c:67:0c:e7:fa:38:77:2c:04:8d:c9:0b:41:bb:da:
29:44:4d:a4:3d:63:95:f7:56:8a:e7:82:71:ca:72:e7:0f:07:
c5:a8:bb:a6:ae:c3:aa:01:ae:64:8e:b1:ee:3b:24:2d:01:28:
0e:4a:db:38:9e:2b:ba:91:0f:bf:f6:43:1a:e7:46:1d:a5:ae:
b4:04:b2:a4:60:7a:dd:62:da:6a:ce:f5:b1:15:d7:ce:da:1f:
a0:79:32:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcpOnOTw1RG3iIdX2V2CV0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDhhZDAyN2E5Njc0ZWRjOTM2ZTc4YzVkNGQxYjY0OTY0
ZDg0NDAwHhcNMjMwMzI4MTcxODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmNhYWY3YWI1NGU2MjBlOGNiZjdlODc2MjZhZTIxZjk5ZTE3ZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6nD08xOxhRbClmaooy6Xqdnx+A0
LOAu5kaXpxMY7cEyQwt4ljbB0zl3x9OcaA2/0MKDqVO4+OrLJHqIQDhw4mv2YC5R
UoPPg+GWQ/HL2niMnROql8UGNrAK8E0whmh3xRoiRu9RglHyI1MWa25GBOyOugo7
+2Ls7swdAR9Z8ZEqmEo8wZG0+Gu/XfII2Kp17PfhxbZJ3Tz7B1XEWIUz43Why8SN
ylF4Ruo0sKvwjpDMP70/MCBHK4hI1UlkgIbWLKMScv3JwEGlZB6q/B3U/GEcsmm9
O/rs0mLcimT8CR9c5Ap98EFT43hoxbSIRqGUXXLA85DZHgkIKkHrYsvX7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/Kr3q1TmIOjL9+h2Jq4h+Z4X6iMB8GA1UdIwQY
MBaAFLLYrQJ6lnTtyTbnjF1NG2SWTYRAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RpdEFucVdkTzNKTnVlTVhVMGJaSlpOaEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84OGM5ZDctZTM3Ny00ODc0LTk4Njgt
NzE1MjQ3YzNkY2RjLzEvWDhxdmVyVk9ZZzZNdjM2SFltcmlINW5oZnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84OGM5ZDctZTM3Ny00ODc0LTk4NjgtNzE1MjQ3YzNkY2Rj
LzEvc3RpdEFucVdkTzNKTnVlTVhVMGJaSlpOaEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRCVMA0G
CSqGSIb3DQEBCwUAA4IBAQAoI6pj6TufR0IXMnX4eWie9KyebTo3eIwWjV2rM//S
ENMr1oKUUQCWDq17L2uKsLEVQo0iixRgqai9SeIxbWBxf0MGIm9OaNNDoiK+bWk1
CNo9gfA522Bg5/1lA0ZEvhSs3vTN2+dS+2bL9FZfv8KkSjdYPAE1VM2aNmLmtgPk
cfrZb9JrekgyHDUOi9BSexi1mRxtULHBOKe3Fp6+i8scQl5SSogMZwzn+jh3LASN
yQtBu9opRE2kPWOV91aK54JxynLnDwfFqLumrsOqAa5kjrHuOyQtASgOSts4niu6
kQ+/9kMa50Ydpa60BLKkYHrdYtpqzvWxFdfO2h+geTJn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:34 2024 by rpki-client on console-fra.rpki-client.org