Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/0cd0e7-2da9-402b-8a49-f5c805f0255b/1/0shy53A_ojO2ckExXbcWkSU_MuU.roa
File: 0shy53A_ojO2ckExXbcWkSU_MuU.roa (raw, json)
Hash identifier: 7UWF5ClDP2+ThEyg8+wcfWfKJrRt/d9tbCejXJyv6xw=
Subject key identifier: D2:C8:72:E7:70:3F:A2:33:B6:72:41:31:5D:B7:16:91:25:3F:32:E5
Certificate issuer: /CN=0ee296b60c038cdc6bfef4c060b1406164ec868c
Certificate serial: 018572472495EC6EF761233AEFF111EF54E0
Authority key identifier: 0E:E2:96:B6:0C:03:8C:DC:6B:FE:F4:C0:60:B1:40:61:64:EC:86:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DuKWtgwDjNxr_vTAYLFAYWTshow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/0cd0e7-2da9-402b-8a49-f5c805f0255b/1/0shy53A_ojO2ckExXbcWkSU_MuU.roa
Signing time: Mon 02 Jan 2023 11:39:03 +0000
ROA not before: Mon 02 Jan 2023 11:39:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202503
IP address blocks: 193.111.54.0/23 maxlen: 23
193.111.52.0/22 maxlen: 22
193.111.52.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:24:95:ec:6e:f7:61:23:3a:ef:f1:11:ef:54:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ee296b60c038cdc6bfef4c060b1406164ec868c
Validity
Not Before: Jan 2 11:39:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2c872e7703fa233b67241315db71691253f32e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:76:23:67:c2:95:a4:f7:5b:b7:7c:92:e6:fa:
6f:e6:a9:ef:02:82:a2:70:b4:8a:77:9a:6d:93:8c:
96:c4:b6:ff:7c:f4:20:07:76:0b:d2:d9:e9:83:92:
10:29:6f:88:c7:5b:e7:7c:70:e7:65:f0:fd:4c:9f:
12:92:4b:c8:dd:6f:33:fb:08:f5:35:8c:af:38:de:
8a:a0:d7:7c:d3:ca:0c:ff:9c:d8:af:35:3f:c2:0b:
1a:76:d1:d5:7f:ec:95:48:dc:b8:76:0a:4e:64:8d:
8d:93:46:3c:08:e7:1a:29:73:2d:ec:c0:e8:a4:24:
ca:fa:17:4e:4c:2f:94:01:fc:d5:c9:31:b1:42:ec:
1a:75:75:fb:ce:20:e0:be:2d:0f:a5:5b:cf:47:f6:
3c:f4:cd:c6:5c:cf:c6:52:e2:72:19:44:ad:c6:6c:
15:65:62:ae:78:4c:ab:c6:81:f9:bf:cc:63:91:20:
ec:ac:66:8a:28:87:b3:e4:f0:26:32:ba:9e:12:ce:
72:df:89:53:f5:f9:3c:9c:6d:ea:57:bb:c8:95:e3:
6b:f7:13:b8:4c:aa:7c:d7:f1:02:31:82:2f:a6:ef:
d3:61:95:d8:81:92:4d:be:a4:34:14:2d:28:f7:e5:
15:23:5e:f5:f4:d1:e2:db:6d:96:bc:03:a0:b9:91:
aa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C8:72:E7:70:3F:A2:33:B6:72:41:31:5D:B7:16:91:25:3F:32:E5
X509v3 Authority Key Identifier:
keyid:0E:E2:96:B6:0C:03:8C:DC:6B:FE:F4:C0:60:B1:40:61:64:EC:86:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DuKWtgwDjNxr_vTAYLFAYWTshow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/0cd0e7-2da9-402b-8a49-f5c805f0255b/1/0shy53A_ojO2ckExXbcWkSU_MuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/0cd0e7-2da9-402b-8a49-f5c805f0255b/1/DuKWtgwDjNxr_vTAYLFAYWTshow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.52.0/22
Signature Algorithm: sha256WithRSAEncryption
89:88:cc:2d:c4:12:e5:d6:3d:f4:d3:52:ea:74:93:f9:8f:0c:
ab:00:a6:57:ca:85:dd:a4:18:98:a6:6e:70:fa:c2:0b:5e:b1:
37:96:44:bf:a8:10:68:00:e2:1b:26:95:13:8b:d9:51:26:fc:
48:ca:ca:33:47:52:7b:d0:49:e4:81:cc:24:1f:99:e9:06:1c:
d4:fd:64:b6:14:b3:70:9e:8f:b4:cf:14:8a:11:b5:95:ee:55:
cf:db:9f:86:ec:d4:df:e1:3e:b4:dd:cd:e6:91:79:a6:1a:81:
0b:0a:3a:3d:39:1c:f5:b2:9f:c4:ec:77:7e:88:4a:b4:f7:28:
38:b6:82:bf:0a:da:59:af:20:91:b3:57:7b:2a:dd:17:76:dc:
b4:3a:bc:40:cf:91:4e:2a:d2:94:18:ed:3b:cb:b1:47:a9:47:
5c:ca:a9:d9:09:a7:b9:b1:15:b0:5e:8e:02:a1:e9:c6:51:29:
3b:14:2d:1e:7c:13:07:15:37:42:8b:a0:19:39:d2:f7:c0:1d:
b3:fa:00:18:c4:b6:7b:f4:d3:12:68:f5:0a:88:c3:32:37:26:
83:30:cf:e7:bb:0f:8f:39:f0:36:31:d5:cc:d3:16:98:97:0f:
4e:63:dc:44:99:56:09:11:92:b7:8a:3d:ef:52:28:90:74:52:
98:98:79:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRySV7G73YSM67/ER71TgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZTI5NmI2MGMwMzhjZGM2YmZlZjRjMDYwYjE0MDYxNjRl
Yzg2OGMwHhcNMjMwMTAyMTEzOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmM4NzJlNzcwM2ZhMjMzYjY3MjQxMzE1ZGI3MTY5MTI1M2YzMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3YjZ8KVpPdbt3yS5vpv5qnvAoKi
cLSKd5ptk4yWxLb/fPQgB3YL0tnpg5IQKW+Ix1vnfHDnZfD9TJ8SkkvI3W8z+wj1
NYyvON6KoNd808oM/5zYrzU/wgsadtHVf+yVSNy4dgpOZI2Nk0Y8COcaKXMt7MDo
pCTK+hdOTC+UAfzVyTGxQuwadXX7ziDgvi0PpVvPR/Y89M3GXM/GUuJyGUStxmwV
ZWKueEyrxoH5v8xjkSDsrGaKKIez5PAmMrqeEs5y34lT9fk8nG3qV7vIleNr9xO4
TKp81/ECMYIvpu/TYZXYgZJNvqQ0FC0o9+UVI1719NHi222WvAOguZGqRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNLIcudwP6IztnJBMV23FpElPzLlMB8GA1UdIwQY
MBaAFA7ilrYMA4zca/70wGCxQGFk7IaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHVLV3Rnd0RqTnhyX3ZUQVlMRkFZV1RzaG93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wY2QwZTctMmRhOS00MDJiLThhNDkt
ZjVjODA1ZjAyNTViLzEvMHNoeTUzQV9vak8yY2tFeFhiY1drU1VfTXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wY2QwZTctMmRhOS00MDJiLThhNDktZjVjODA1ZjAyNTVi
LzEvRHVLV3Rnd0RqTnhyX3ZUQVlMRkFZV1RzaG93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwW80MA0G
CSqGSIb3DQEBCwUAA4IBAQCJiMwtxBLl1j3001LqdJP5jwyrAKZXyoXdpBiYpm5w
+sILXrE3lkS/qBBoAOIbJpUTi9lRJvxIysozR1J70EnkgcwkH5npBhzU/WS2FLNw
no+0zxSKEbWV7lXP25+G7NTf4T603c3mkXmmGoELCjo9ORz1sp/E7Hd+iEq09yg4
toK/CtpZryCRs1d7Kt0Xdty0OrxAz5FOKtKUGO07y7FHqUdcyqnZCae5sRWwXo4C
oenGUSk7FC0efBMHFTdCi6AZOdL3wB2z+gAYxLZ79NMSaPUKiMMyNyaDMM/nuw+P
OfA2MdXM0xaYlw9OY9xEmVYJEZK3ij3vUiiQdFKYmHlB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:22 2024 by rpki-client on console-fra.rpki-client.org