Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/n4qG2L-NZWW8i6ekrBDiqHMRzWk.roa
File: n4qG2L-NZWW8i6ekrBDiqHMRzWk.roa (raw, json)
Hash identifier: ZoSpz0dyidkz24R3Kw1BO6NNbn1yaO8sGdc3LHJwU8I=
Subject key identifier: 9F:8A:86:D8:BF:8D:65:65:BC:8B:A7:A4:AC:10:E2:A8:73:11:CD:69
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C54214CE7DF8FD25397703E25D23784
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/n4qG2L-NZWW8i6ekrBDiqHMRzWk.roa
Signing time: Sun 01 Jan 2023 07:55:30 +0000
ROA not before: Sun 01 Jan 2023 07:55:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399114
IP address blocks: 193.22.157.0/24 maxlen: 32
193.22.158.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:21:4c:e7:df:8f:d2:53:97:70:3e:25:d2:37:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f8a86d8bf8d6565bc8ba7a4ac10e2a87311cd69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:7b:0b:fc:66:dd:65:c8:e8:fa:bf:ca:b0:
86:e6:ea:1f:4c:64:a3:f9:9b:2f:52:40:b9:28:dc:
18:3f:e3:1d:0d:c7:74:68:4f:8e:2b:41:48:2b:bf:
cf:53:2b:c9:2d:a5:71:71:14:4d:57:64:73:4a:b4:
ca:af:e4:79:08:c6:6e:d9:d0:f6:f5:61:04:fb:70:
a7:79:b8:9f:81:b2:b8:ac:2d:be:2e:e0:a6:18:f1:
2e:c9:5c:f3:01:63:a5:47:6a:7b:a1:a3:e9:ba:e1:
3a:7d:aa:17:bc:3d:08:34:25:28:81:aa:8b:da:25:
83:9b:1b:bf:60:f9:1f:ca:56:61:d1:0c:49:ad:61:
9d:cf:42:3d:61:67:f3:76:44:bb:86:58:7a:a6:b3:
31:c0:49:10:d4:6d:b5:01:8f:a1:15:31:ee:33:89:
2b:44:59:72:c7:bf:6d:71:aa:56:db:a8:17:e8:e0:
9e:36:e9:42:5b:c8:98:03:0c:9f:1a:60:21:38:30:
61:2b:c5:4d:9d:88:d4:8e:d0:fc:26:61:ad:95:cc:
05:6f:3e:76:35:bf:5b:ba:2c:e3:c6:2e:89:e2:08:
f6:a4:87:67:94:7b:35:60:20:36:f1:f4:b0:fc:37:
62:22:58:11:43:51:dd:58:5d:32:8b:41:56:08:fd:
55:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:8A:86:D8:BF:8D:65:65:BC:8B:A7:A4:AC:10:E2:A8:73:11:CD:69
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/n4qG2L-NZWW8i6ekrBDiqHMRzWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.157.0-193.22.158.255
Signature Algorithm: sha256WithRSAEncryption
0a:4b:92:ef:31:66:11:1b:72:c3:d8:a5:f2:57:2e:f2:e0:ae:
af:f5:ad:3d:d3:9c:7d:8b:b3:13:a1:ee:64:b1:1b:2b:a3:b0:
37:f5:00:17:6b:fc:fc:db:4d:6a:b6:6f:6a:2d:62:03:c2:23:
05:38:27:b4:34:1d:36:8c:3b:a5:e7:40:97:b2:2a:69:e2:45:
8a:ca:52:23:05:2e:68:46:17:20:bd:f8:0f:f3:5b:e1:84:bd:
d6:3a:c2:d4:bc:70:0d:30:51:c7:c4:ff:fc:59:45:19:96:e8:
5d:0e:d6:b1:6d:b6:97:0d:1a:7a:ca:bb:35:40:35:ff:eb:41:
6b:05:85:27:2e:f2:b8:78:66:64:11:70:a0:39:9a:3c:f5:e5:
98:4d:6f:44:45:e3:0c:a9:6a:3b:e1:54:8f:42:82:64:3d:c9:
be:72:92:1b:5c:96:51:ba:f5:f2:5a:35:4e:2c:6e:6e:7c:7c:
bb:18:94:21:00:f6:e4:fd:49:81:3b:a6:c0:9d:96:58:64:c0:
94:51:2d:e5:4c:bf:a6:22:f4:7b:4b:04:03:4c:c5:b7:1a:9b:
4f:92:69:4e:d7:cf:ac:e6:c4:11:bd:b6:2f:f4:02:d5:1e:b0:
d1:71:61:cc:da:a7:9b:de:49:6e:d0:3a:4e:05:87:91:cd:9c:
f9:3f:4e:4b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsVCFM59+P0lOXcD4l0jeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjhhODZkOGJmOGQ2NTY1YmM4YmE3YTRhYzEwZTJhODczMTFjZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixB7C/xm3WXI6Pq/yrCG5uofTGSj
+ZsvUkC5KNwYP+MdDcd0aE+OK0FIK7/PUyvJLaVxcRRNV2RzSrTKr+R5CMZu2dD2
9WEE+3CnebifgbK4rC2+LuCmGPEuyVzzAWOlR2p7oaPpuuE6faoXvD0INCUogaqL
2iWDmxu/YPkfylZh0QxJrWGdz0I9YWfzdkS7hlh6prMxwEkQ1G21AY+hFTHuM4kr
RFlyx79tcapW26gX6OCeNulCW8iYAwyfGmAhODBhK8VNnYjUjtD8JmGtlcwFbz52
Nb9buizjxi6J4gj2pIdnlHs1YCA28fSw/DdiIlgRQ1HdWF0yi0FWCP1VTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ+Khti/jWVlvIunpKwQ4qhzEc1pMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvbjRxRzJMLU5aV1c4aTZla3JCRGlxSE1SeldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBFp0D
BADBFp4wDQYJKoZIhvcNAQELBQADggEBAApLku8xZhEbcsPYpfJXLvLgrq/1rT3T
nH2LsxOh7mSxGyujsDf1ABdr/PzbTWq2b2otYgPCIwU4J7Q0HTaMO6XnQJeyKmni
RYrKUiMFLmhGFyC9+A/zW+GEvdY6wtS8cA0wUcfE//xZRRmW6F0O1rFttpcNGnrK
uzVANf/rQWsFhScu8rh4ZmQRcKA5mjz15ZhNb0RF4wypajvhVI9CgmQ9yb5ykhtc
llG69fJaNU4sbm58fLsYlCEA9uT9SYE7psCdllhkwJRRLeVMv6Yi9HtLBANMxbca
m0+SaU7Xz6zmxBG9ti/0AtUesNFxYczap5veSW7QOk4Fh5HNnPk/Tks=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org