Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/1-uoVn8BhU2Q6Oqd86asES-wKOXs.roa
File: 1-uoVn8BhU2Q6Oqd86asES-wKOXs.roa (raw, json)
Hash identifier: l4Y29gJ6GvPMOfIceI6Yy+WUE9gu2A2UIpiBDFtRCE4=
Subject key identifier: FA:EA:15:9F:C0:61:53:64:3A:3A:A7:7C:E9:AB:04:4B:EC:0A:39:7B
Certificate issuer: /CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Certificate serial: 0186C0C9DEC0804C0652485C5E90BD93C669
Authority key identifier: AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/1-uoVn8BhU2Q6Oqd86asES-wKOXs.roa
Signing time: Wed 08 Mar 2023 10:35:00 +0000
ROA not before: Wed 08 Mar 2023 10:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209500
IP address blocks: 193.31.7.0/24 maxlen: 24
85.193.79.0/24 maxlen: 24
83.229.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Mar 2023 13:53:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:c9:de:c0:80:4c:06:52:48:5c:5e:90:bd:93:c6:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Validity
Not Before: Mar 8 10:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faea159fc06153643a3aa77ce9ab044bec0a397b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:98:f1:b4:b0:bd:42:31:6f:9d:48:f0:14:62:
91:f3:4c:5d:cd:92:dd:1c:ff:e2:33:93:53:01:21:
50:1c:4f:06:cb:59:a8:a3:2b:3d:f9:2d:ea:b3:f0:
90:2b:8d:dc:8c:e0:74:82:23:fd:6b:cf:17:ce:b2:
24:c0:6e:90:07:78:1e:4d:72:2e:6a:ae:d4:46:74:
5f:2d:74:41:6f:20:01:5e:36:43:98:7e:44:f5:cd:
5a:cf:6f:e4:dd:1c:28:86:72:74:47:97:31:7f:cb:
af:8e:b0:65:26:d6:ab:9b:8d:52:9b:3d:46:9c:10:
b0:64:bb:e1:72:5d:c8:af:03:63:1e:74:2b:60:00:
6e:f9:08:a7:6a:d0:c5:f6:58:54:67:07:60:6e:00:
a3:0b:b5:6c:36:5d:9e:04:04:70:0e:90:59:55:2d:
a2:92:18:10:58:55:d7:ad:31:e4:a3:5f:41:25:fa:
9d:b9:1b:06:73:2a:2e:70:dd:8f:63:5a:5d:db:58:
84:8f:ab:aa:bf:1b:d5:db:a3:e2:b1:57:1b:df:6f:
7e:b9:89:31:08:1f:df:73:fa:23:29:1c:6b:9e:d7:
41:6c:4a:c1:fd:f0:bf:57:a6:24:1d:f0:28:6b:14:
a4:c8:71:6a:d5:8d:c8:6d:bf:4d:18:bd:31:92:23:
15:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EA:15:9F:C0:61:53:64:3A:3A:A7:7C:E9:AB:04:4B:EC:0A:39:7B
X509v3 Authority Key Identifier:
keyid:AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/1-uoVn8BhU2Q6Oqd86asES-wKOXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/rPbqD_sq7k927hoQSJabi1Bl2kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.62.0/24
85.193.79.0/24
193.31.7.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:0b:09:47:20:e8:70:38:9b:6c:2b:1e:01:c7:9f:33:a7:2c:
ba:52:05:f0:3e:f1:55:9a:2d:f1:1b:8f:1e:f1:52:47:52:cb:
d0:3b:cb:04:bc:ef:3b:78:41:32:17:9a:cd:52:36:f2:e4:0b:
ff:8a:5e:3d:6e:43:95:76:82:36:f3:18:8e:e6:f0:85:34:0b:
da:d8:b1:aa:ed:6c:17:f1:7b:f0:27:4c:fa:ec:21:3b:44:ac:
a8:e2:7f:18:82:13:9c:ae:a5:ef:7b:0b:ad:60:d0:c4:35:89:
1e:11:b5:87:8a:80:8b:f2:ff:a0:d7:83:64:34:a2:08:3a:c3:
0b:50:2f:a1:74:c5:0e:42:78:17:74:8a:32:38:15:81:a9:d6:
97:ea:5f:f8:b0:ee:1b:ed:ae:4a:95:7f:f3:04:7f:7b:71:a2:
2e:49:a7:01:67:b9:ec:83:f8:7d:63:fa:6e:cf:65:42:ec:7e:
80:c8:13:0e:ba:07:f0:06:78:99:39:be:78:60:99:2e:40:4e:
4c:79:11:24:2c:af:16:80:c1:cf:a2:45:2c:96:c4:12:51:cf:
75:67:2d:65:ee:1b:68:12:92:42:92:a0:26:e0:b6:83:e8:d0:
dc:f6:a2:a6:82:4e:b7:da:6e:ed:1a:c9:1a:e2:39:04:11:2b:
ba:0d:cd:15
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYbAyd7AgEwGUkhcXpC9k8ZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjZlYTBmZmIyYWVlNGY3NmVlMWExMDQ4OTY5YjhiNTA2
NWRhNDUwHhcNMjMwMzA4MTAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWVhMTU5ZmMwNjE1MzY0M2EzYWE3N2NlOWFiMDQ0YmVjMGEzOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5jxtLC9QjFvnUjwFGKR80xdzZLd
HP/iM5NTASFQHE8Gy1mooys9+S3qs/CQK43cjOB0giP9a88XzrIkwG6QB3geTXIu
aq7URnRfLXRBbyABXjZDmH5E9c1az2/k3RwohnJ0R5cxf8uvjrBlJtarm41Smz1G
nBCwZLvhcl3IrwNjHnQrYABu+QinatDF9lhUZwdgbgCjC7VsNl2eBARwDpBZVS2i
khgQWFXXrTHko19BJfqduRsGcyoucN2PY1pd21iEj6uqvxvV26PisVcb329+uYkx
CB/fc/ojKRxrntdBbErB/fC/V6YkHfAoaxSkyHFq1Y3Ibb9NGL0xkiMVPQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPrqFZ/AYVNkOjqnfOmrBEvsCjl7MB8GA1UdIwQY
MBaAFKz26g/7Ku5Pdu4aEEiWm4tQZdpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQt
NTU1ZjNmMThlNTRmLzEvMS11b1ZuOEJoVTJRNk9xZDg2YXNFUy13S09Ycy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2IvMzQ0MzllLTljZDItNDRjNS05Y2ZkLTU1NWYzZjE4ZTU0
Zi8xL3JQYnFEX3NxN2s5Mjdob1FTSmFiaTFCbDJrVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFPlPgME
AFXBTwMEAMEfBzANBgkqhkiG9w0BAQsFAAOCAQEAfQsJRyDocDibbCseAcefM6cs
ulIF8D7xVZot8RuPHvFSR1LL0DvLBLzvO3hBMheazVI28uQL/4pePW5DlXaCNvMY
jubwhTQL2tixqu1sF/F78CdM+uwhO0SsqOJ/GIITnK6l73sLrWDQxDWJHhG1h4qA
i/L/oNeDZDSiCDrDC1AvoXTFDkJ4F3SKMjgVganWl+pf+LDuG+2uSpV/8wR/e3Gi
LkmnAWe57IP4fWP6bs9lQux+gMgTDroH8AZ4mTm+eGCZLkBOTHkRJCyvFoDBz6JF
LJbEElHPdWctZe4baBKSQpKgJuC2g+jQ3PaipoJOt9pu7RrJGuI5BBErug3NFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:00 2024 by rpki-client on console-fra.rpki-client.org