Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/OxYX88r5IyAwowTsjOoOzY8P2ik.roa
File: OxYX88r5IyAwowTsjOoOzY8P2ik.roa (raw, json)
Hash identifier: 8LEZ6MlY+6jb9YGZ51/iyWbPKGK8DNKILNgOCX30P7M=
Subject key identifier: 3B:16:17:F3:CA:F9:23:20:30:A3:04:EC:8C:EA:0E:CD:8F:0F:DA:29
Certificate issuer: /CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Certificate serial: 018570397997D604F9972677CC746891C160
Authority key identifier: 9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/OxYX88r5IyAwowTsjOoOzY8P2ik.roa
Signing time: Mon 02 Jan 2023 02:04:52 +0000
ROA not before: Mon 02 Jan 2023 02:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43396
IP address blocks: 193.143.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:79:97:d6:04:f9:97:26:77:cc:74:68:91:c1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Validity
Not Before: Jan 2 02:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b1617f3caf9232030a304ec8cea0ecd8f0fda29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8e:31:8e:56:64:68:dd:6b:ef:f3:82:ef:c2:
9e:a7:c8:5c:cd:f8:92:99:2a:64:86:10:96:c9:ab:
a7:86:ef:55:ce:f9:f6:05:cc:59:4b:c5:87:95:89:
54:45:b6:31:25:dc:36:db:6c:15:48:66:e6:b6:c2:
9b:d2:50:84:6a:29:ad:56:3a:22:b0:17:93:3f:4f:
66:8a:34:16:db:99:d9:ec:61:af:9f:85:0d:f7:a9:
df:05:4b:ff:4f:5b:5a:9f:fa:b1:7e:66:97:a4:4c:
6c:dc:55:2a:e5:b5:b8:1e:74:b2:97:6d:8b:42:b4:
ad:4b:98:a4:a5:d0:4e:f6:d4:b8:e2:21:61:2e:c4:
dd:b3:c5:27:16:b3:4b:a7:72:f6:85:2a:c2:e6:68:
d8:36:88:66:a4:af:ad:a9:52:9d:ac:3d:64:03:6f:
7c:86:6d:cc:4a:29:06:d3:f0:8f:e4:6e:11:97:a9:
62:5c:14:ad:33:31:c4:da:2b:ed:3b:17:3a:b1:0d:
77:a4:02:3e:1a:cb:85:79:61:e2:7a:60:ab:48:9d:
4b:99:7e:0c:ba:b8:d9:41:0a:cb:6c:36:3d:b4:19:
6c:6b:f7:6d:94:31:43:49:5f:97:34:3f:d5:28:0c:
52:14:b1:1e:72:79:75:fd:3c:d0:15:77:31:49:a2:
49:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:16:17:F3:CA:F9:23:20:30:A3:04:EC:8C:EA:0E:CD:8F:0F:DA:29
X509v3 Authority Key Identifier:
keyid:9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/OxYX88r5IyAwowTsjOoOzY8P2ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.119.0/24
Signature Algorithm: sha256WithRSAEncryption
68:fd:7f:0b:89:da:36:7b:81:fe:ad:9f:bd:47:6b:c7:7d:8c:
73:39:1e:e6:5e:7a:44:62:06:7a:d5:74:39:16:4d:45:1d:7c:
a7:a9:e6:fb:59:0b:ca:4b:33:e5:96:e0:44:c7:f3:af:a8:f2:
38:51:73:30:5b:0b:39:60:49:c4:91:14:6c:3b:b6:80:9f:ad:
7a:e2:ba:ce:05:a8:97:1e:20:97:e6:0e:27:d9:a0:fe:f7:73:
4a:53:6c:a6:b2:2b:d3:33:99:32:97:0f:a3:46:f0:b9:d8:6a:
9b:77:f0:3d:e1:99:f6:10:46:4a:92:70:f7:69:0f:47:39:10:
68:29:a8:69:c5:30:ce:46:a6:0f:e8:e4:af:45:0e:44:61:15:
28:64:07:22:34:30:b8:20:28:89:c0:25:09:4b:43:e1:2f:18:
01:2b:9d:45:fe:6b:45:6d:ed:8c:a8:cc:a4:e3:f3:b7:8b:1e:
54:fb:a4:2f:3f:f9:06:69:43:77:ed:5a:99:55:a9:b0:b7:12:
4c:00:7b:a2:c6:33:36:f3:3a:4a:aa:39:52:73:5d:7f:14:ef:
ac:b6:9d:2a:82:db:b1:ca:48:97:ef:fd:51:54:2c:e3:9a:7a:
32:d6:0c:29:db:98:71:72:6e:73:78:57:9a:8b:47:f6:55:fe:
0b:31:94:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOXmX1gT5lyZ3zHRokcFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTI2YTczY2U4ZjlmNjJjMTRhMTFhMmVhOTEzZWMyNzNk
NThjNDYwHhcNMjMwMTAyMDIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjE2MTdmM2NhZjkyMzIwMzBhMzA0ZWM4Y2VhMGVjZDhmMGZkYTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI4xjlZkaN1r7/OC78Kep8hczfiS
mSpkhhCWyaunhu9Vzvn2BcxZS8WHlYlURbYxJdw222wVSGbmtsKb0lCEaimtVjoi
sBeTP09mijQW25nZ7GGvn4UN96nfBUv/T1tan/qxfmaXpExs3FUq5bW4HnSyl22L
QrStS5ikpdBO9tS44iFhLsTds8UnFrNLp3L2hSrC5mjYNohmpK+tqVKdrD1kA298
hm3MSikG0/CP5G4Rl6liXBStMzHE2ivtOxc6sQ13pAI+GsuFeWHiemCrSJ1LmX4M
urjZQQrLbDY9tBlsa/dtlDFDSV+XND/VKAxSFLEecnl1/TzQFXcxSaJJqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsWF/PK+SMgMKME7IzqDs2PD9opMB8GA1UdIwQY
MBaAFJpSanPOj59iwUoRouqRPsJz1YxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxKcWM4NlBuMkxCU2hHaTZwRS13blBWakVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82ZmNkY2EtZDEyMS00MzkxLTljZmMt
N2QxNmI5MGRiZTcyLzEvT3hZWDg4cjVJeUF3b3dUc2pPb096WThQMmlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82ZmNkY2EtZDEyMS00MzkxLTljZmMtN2QxNmI5MGRiZTcy
LzEvbWxKcWM4NlBuMkxCU2hHaTZwRS13blBWakVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY93MA0G
CSqGSIb3DQEBCwUAA4IBAQBo/X8Lido2e4H+rZ+9R2vHfYxzOR7mXnpEYgZ61XQ5
Fk1FHXynqeb7WQvKSzPlluBEx/OvqPI4UXMwWws5YEnEkRRsO7aAn6164rrOBaiX
HiCX5g4n2aD+93NKU2ymsivTM5kylw+jRvC52Gqbd/A94Zn2EEZKknD3aQ9HORBo
KahpxTDORqYP6OSvRQ5EYRUoZAciNDC4ICiJwCUJS0PhLxgBK51F/mtFbe2MqMyk
4/O3ix5U+6QvP/kGaUN37VqZVamwtxJMAHuixjM28zpKqjlSc11/FO+stp0qgtux
ykiX7/1RVCzjmnoy1gwp25hxcm5zeFeai0f2Vf4LMZTx
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:27 2024 by rpki-client on console-fra.rpki-client.org