Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/au2dWhS_io6Kon_dyHoyB3KdYO0.roa
File: au2dWhS_io6Kon_dyHoyB3KdYO0.roa (raw, json)
Hash identifier: 7mYq2XXgtljE3v5nxgo5tG0Qj1uC8wKmSeMl4c11Jyc=
Subject key identifier: 6A:ED:9D:5A:14:BF:8A:8E:8A:A2:7F:DD:C8:7A:32:07:72:9D:60:ED
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018570F0AFD5B9A55D364DBFC6E5B5225844
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/au2dWhS_io6Kon_dyHoyB3KdYO0.roa
Signing time: Mon 02 Jan 2023 05:24:59 +0000
ROA not before: Mon 02 Jan 2023 05:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 193.37.196.0/22 maxlen: 24
88.214.52.0/22 maxlen: 24
45.87.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jan 2023 09:43:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:af:d5:b9:a5:5d:36:4d:bf:c6:e5:b5:22:58:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 2 05:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aed9d5a14bf8a8e8aa27fddc87a3207729d60ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:95:c3:d9:86:c3:50:64:5d:2e:aa:ea:2f:4c:
4f:3a:ca:c9:94:0b:51:03:1f:5e:68:45:dc:0b:b8:
2f:c7:1a:f6:80:7c:1d:b6:9b:a0:80:4a:3b:65:fa:
5c:c9:d4:a9:76:58:47:75:ff:01:76:16:23:c5:f4:
a0:ed:7c:ea:2b:a0:b3:70:86:a5:f6:67:9c:70:10:
79:26:fa:a2:66:63:e4:bb:78:81:2d:8a:28:33:31:
97:80:da:b9:70:89:1d:c0:0d:5b:72:48:8f:80:dc:
c0:6e:0c:02:06:a6:4d:b3:78:36:d6:25:b4:6f:6c:
42:8e:d9:80:a8:d2:12:fe:30:df:21:27:0f:e5:b0:
09:74:17:96:b2:7f:8c:e2:18:36:72:d3:65:e9:c0:
a1:ec:e8:41:05:a0:56:98:42:36:4f:0a:d8:32:b4:
ba:19:87:fa:26:a7:47:2d:a7:24:28:06:59:14:63:
7a:01:22:ed:9d:4d:ed:2f:c3:2c:24:f1:1a:0d:91:
8b:d7:ce:70:ed:a5:ff:8e:30:d8:67:6f:6d:b4:16:
bc:1a:35:4b:6a:6c:93:f4:3c:4c:ce:dc:f3:ba:57:
20:73:ae:7f:60:a0:b7:c0:71:dd:f4:5a:ae:ab:44:
99:6a:6e:61:ff:15:44:8b:56:07:e3:5d:04:bd:7d:
ba:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:ED:9D:5A:14:BF:8A:8E:8A:A2:7F:DD:C8:7A:32:07:72:9D:60:ED
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/au2dWhS_io6Kon_dyHoyB3KdYO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.44.0/22
88.214.52.0/22
193.37.196.0/22
Signature Algorithm: sha256WithRSAEncryption
58:2f:1d:1a:c3:be:96:64:00:e6:d1:c5:33:ce:c6:14:27:8b:
96:75:83:e2:2e:e8:a5:d0:61:18:93:ef:2b:e7:3b:5c:4f:c8:
7e:04:6d:14:48:8e:bf:2e:69:10:a7:72:ff:4d:eb:aa:97:f2:
f4:b1:f2:0f:4b:50:96:da:90:e1:f6:ee:46:6e:b5:fa:14:66:
5f:90:79:8f:95:9f:a2:3e:d9:e1:26:ab:70:f2:dc:c0:3b:23:
f3:16:d4:7a:c5:cf:35:de:06:0e:73:22:b5:e1:53:cf:e1:7a:
9a:ef:35:02:61:96:94:a3:7c:0f:5f:98:9c:7d:8a:64:78:7a:
20:a3:7a:26:a1:0a:8b:26:d9:88:00:3d:01:2b:cd:3f:03:7b:
72:8a:87:59:7b:23:e6:a2:23:ed:4d:9a:d5:98:9f:59:86:88:
c4:0a:c6:f3:c3:1b:66:2d:7b:d3:19:2a:27:45:bd:ab:10:fb:
a8:2f:9d:a1:57:80:54:1a:9a:12:e2:11:5f:97:f2:17:b2:27:
56:4f:cc:7b:62:b4:66:5c:9f:db:65:14:8b:d4:da:1d:cb:57:
f1:74:44:5f:1a:80:dc:eb:c2:e4:d1:02:74:99:03:d8:11:ec:
0f:6f:93:4d:b8:7e:b0:cb:4e:32:bd:a5:aa:4d:3e:7f:1e:19:
db:b7:e6:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw8K/VuaVdNk2/xuW1IlhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjMwMTAyMDUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWVkOWQ1YTE0YmY4YThlOGFhMjdmZGRjODdhMzIwNzcyOWQ2MGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5XD2YbDUGRdLqrqL0xPOsrJlAtR
Ax9eaEXcC7gvxxr2gHwdtpuggEo7ZfpcydSpdlhHdf8BdhYjxfSg7XzqK6CzcIal
9meccBB5JvqiZmPku3iBLYooMzGXgNq5cIkdwA1bckiPgNzAbgwCBqZNs3g21iW0
b2xCjtmAqNIS/jDfIScP5bAJdBeWsn+M4hg2ctNl6cCh7OhBBaBWmEI2TwrYMrS6
GYf6JqdHLackKAZZFGN6ASLtnU3tL8MsJPEaDZGL185w7aX/jjDYZ29ttBa8GjVL
amyT9DxMztzzulcgc65/YKC3wHHd9Fquq0SZam5h/xVEi1YH410EvX269QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGrtnVoUv4qOiqJ/3ch6MgdynWDtMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvYXUyZFdoU19pbzZLb25fZHlIb3lCM0tkWU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVcsAwQC
WNY0AwQCwSXEMA0GCSqGSIb3DQEBCwUAA4IBAQBYLx0aw76WZADm0cUzzsYUJ4uW
dYPiLuil0GEYk+8r5ztcT8h+BG0USI6/LmkQp3L/Teuql/L0sfIPS1CW2pDh9u5G
brX6FGZfkHmPlZ+iPtnhJqtw8tzAOyPzFtR6xc813gYOcyK14VPP4Xqa7zUCYZaU
o3wPX5icfYpkeHogo3omoQqLJtmIAD0BK80/A3tyiodZeyPmoiPtTZrVmJ9ZhojE
CsbzwxtmLXvTGSonRb2rEPuoL52hV4BUGpoS4hFfl/IXsidWT8x7YrRmXJ/bZRSL
1Nody1fxdERfGoDc68Lk0QJ0mQPYEewPb5NNuH6wy04yvaWqTT5/Hhnbt+bi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org