Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/xhZHtJBebqhWSI_CixUdd8w9TnI.roa
File: xhZHtJBebqhWSI_CixUdd8w9TnI.roa (raw, json)
Hash identifier: WadAjo0RNMD4Pf9TIT68bAzqhH3U6LNNC6mHwydaI44=
Subject key identifier: C6:16:47:B4:90:5E:6E:A8:56:48:8F:C2:8B:15:1D:77:CC:3D:4E:72
Certificate issuer: /CN=5b087d1dc98e26e4c959d09f6146d7fdf869e4fc
Certificate serial: 018CC3B69392CD8E5DEAE5EE306EE8201FB2
Authority key identifier: 5B:08:7D:1D:C9:8E:26:E4:C9:59:D0:9F:61:46:D7:FD:F8:69:E4:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/xhZHtJBebqhWSI_CixUdd8w9TnI.roa
Signing time: Mon 01 Jan 2024 06:29:31 +0000
ROA not before: Mon 01 Jan 2024 06:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208336
IP address blocks: 193.17.53.0/24 maxlen: 24
193.203.110.0/24 maxlen: 24
193.203.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 07:27:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:93:92:cd:8e:5d:ea:e5:ee:30:6e:e8:20:1f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b087d1dc98e26e4c959d09f6146d7fdf869e4fc
Validity
Not Before: Jan 1 06:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c61647b4905e6ea856488fc28b151d77cc3d4e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e4:09:45:61:30:44:68:68:46:1f:8f:71:44:
73:e0:9d:f3:93:88:41:34:9f:e5:8f:16:23:3f:d7:
a8:a8:13:24:ca:b7:a0:ec:ef:8f:0f:be:e1:8a:c8:
16:a0:03:61:a4:a7:41:ad:9b:3f:ad:29:ee:50:cf:
ed:1a:b2:57:ff:55:ef:e3:ad:7c:96:98:40:7d:db:
a0:6e:5f:3a:c8:8f:d2:77:af:f7:2d:05:02:da:14:
2b:78:b7:21:ec:f5:6b:72:b2:79:82:81:5f:66:7c:
fe:8a:00:d0:1f:3f:ca:1b:f4:7d:61:e5:dd:73:b9:
a5:45:b0:9f:73:d1:64:c1:61:65:63:9f:41:1d:f8:
27:59:ce:c0:61:3a:c6:9d:6c:b5:1f:75:ba:5a:9b:
5e:08:83:b5:23:79:20:80:b3:58:cf:db:c9:5b:5b:
a8:e7:bb:6b:c1:33:05:19:d7:80:9c:d9:cb:24:8b:
1c:69:a2:94:41:6e:da:1a:04:e3:53:38:a5:26:74:
38:f0:b4:52:11:78:14:13:47:d6:05:4b:a3:34:d4:
90:74:eb:e4:35:75:d6:77:e9:9a:57:32:37:bc:a9:
6c:2e:1e:06:a9:be:35:d1:06:56:e7:db:b7:ab:23:
b4:ba:4a:0b:44:f6:45:49:91:58:6e:d0:73:92:ee:
39:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:16:47:B4:90:5E:6E:A8:56:48:8F:C2:8B:15:1D:77:CC:3D:4E:72
X509v3 Authority Key Identifier:
keyid:5B:08:7D:1D:C9:8E:26:E4:C9:59:D0:9F:61:46:D7:FD:F8:69:E4:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/xhZHtJBebqhWSI_CixUdd8w9TnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.53.0/24
193.203.24.0/24
193.203.110.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:92:9b:5e:3d:ab:31:ad:6f:0a:ff:4a:67:4e:35:02:92:f3:
1a:f5:2a:29:b4:22:67:4a:3c:f1:08:87:a7:d8:64:13:ca:c1:
a6:ce:f4:19:60:e8:80:6a:6c:98:98:9f:b7:e1:67:97:84:f6:
cf:a6:b5:dd:40:87:b5:24:b7:e0:ce:54:cc:99:0e:c1:db:ed:
12:aa:ce:91:08:ae:6f:cd:66:fc:38:b3:e3:72:66:af:7a:3e:
74:f8:73:5f:4e:25:d8:c2:df:50:92:f3:22:2e:d7:cf:5d:a7:
18:19:1d:bf:28:60:d4:b1:b8:12:e4:5e:3f:14:e4:eb:fd:79:
4b:bf:a0:9c:2e:88:80:af:39:2e:8b:9e:74:c7:6b:e9:93:be:
bd:7b:41:ac:00:e6:20:24:a0:43:d3:86:dc:19:9d:15:60:8c:
e2:f9:69:b0:f9:2c:d3:c4:b7:f9:fe:d6:2e:02:d6:dc:84:32:
d2:75:67:41:5d:8c:55:2c:44:ea:12:82:b9:d8:f0:f9:d9:dc:
61:2c:d7:57:90:7b:49:ed:69:c0:73:11:25:1f:c1:c0:f9:2a:
c3:50:47:78:c4:6b:ba:ed:2c:c8:f5:9f:c7:d2:67:86:46:ca:
a1:c3:09:3f:fc:36:80:ca:f2:1d:05:79:99:d1:b3:79:86:46:
a9:34:f2:34
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtpOSzY5d6uXuMG7oIB+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMDg3ZDFkYzk4ZTI2ZTRjOTU5ZDA5ZjYxNDZkN2ZkZjg2
OWU0ZmMwHhcNMjQwMTAxMDYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE2NDdiNDkwNWU2ZWE4NTY0ODhmYzI4YjE1MWQ3N2NjM2Q0ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruQJRWEwRGhoRh+PcURz4J3zk4hB
NJ/ljxYjP9eoqBMkyreg7O+PD77hisgWoANhpKdBrZs/rSnuUM/tGrJX/1Xv4618
lphAfdugbl86yI/Sd6/3LQUC2hQreLch7PVrcrJ5goFfZnz+igDQHz/KG/R9YeXd
c7mlRbCfc9FkwWFlY59BHfgnWc7AYTrGnWy1H3W6WpteCIO1I3kggLNYz9vJW1uo
57trwTMFGdeAnNnLJIscaaKUQW7aGgTjUzilJnQ48LRSEXgUE0fWBUujNNSQdOvk
NXXWd+maVzI3vKlsLh4Gqb410QZW59u3qyO0ukoLRPZFSZFYbtBzku45zQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMYWR7SQXm6oVkiPwosVHXfMPU5yMB8GA1UdIwQY
MBaAFFsIfR3JjibkyVnQn2FG1/34aeT8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3doOUhjbU9KdVRKV2RDZllVYlhfZmhwNVB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hOWEwNmUtNjlhYy00NWNlLWJhZGMt
MDlkYmQwOGNiZTJkLzEveGhaSHRKQmVicWhXU0lfQ2l4VWRkOHc5VG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hOWEwNmUtNjlhYy00NWNlLWJhZGMtMDlkYmQwOGNiZTJk
LzEvV3doOUhjbU9KdVRKV2RDZllVYlhfZmhwNVB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRE1AwQA
wcsYAwQAwctuMA0GCSqGSIb3DQEBCwUAA4IBAQB6kptePasxrW8K/0pnTjUCkvMa
9SoptCJnSjzxCIen2GQTysGmzvQZYOiAamyYmJ+34WeXhPbPprXdQIe1JLfgzlTM
mQ7B2+0Sqs6RCK5vzWb8OLPjcmavej50+HNfTiXYwt9QkvMiLtfPXacYGR2/KGDU
sbgS5F4/FOTr/XlLv6CcLoiArzkui550x2vpk769e0GsAOYgJKBD04bcGZ0VYIzi
+Wmw+SzTxLf5/tYuAtbchDLSdWdBXYxVLETqEoK52PD52dxhLNdXkHtJ7WnAcxEl
H8HA+SrDUEd4xGu67SzI9Z/H0meGRsqhwwk//DaAyvIdBXmZ0bN5hkapNPI0
-----END CERTIFICATE-----
Generated at Wed May 8 11:33:29 2024 by rpki-client on console-ams.rpki-client.org