Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/c2PmcbS9HSpnvPAQAo6F42fKLJk.roa
File: c2PmcbS9HSpnvPAQAo6F42fKLJk.roa (raw, json)
Hash identifier: 0GnkmXt9mk80zE+RNfHE1c2g5zSpt8oiEW6JNgujAWM=
Subject key identifier: 73:63:E6:71:B4:BD:1D:2A:67:BC:F0:10:02:8E:85:E3:67:CA:2C:99
Certificate issuer: /CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Certificate serial: 0186EF8B4A5BFAB6E36A2CAF7CD0F97DC864
Authority key identifier: 87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/c2PmcbS9HSpnvPAQAo6F42fKLJk.roa
Signing time: Fri 17 Mar 2023 12:28:48 +0000
ROA not before: Fri 17 Mar 2023 12:28:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200233
IP address blocks: 193.5.80.0/21 maxlen: 24
147.87.0.0/16 maxlen: 24
2a07:6b40::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:8b:4a:5b:fa:b6:e3:6a:2c:af:7c:d0:f9:7d:c8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Validity
Not Before: Mar 17 12:28:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7363e671b4bd1d2a67bcf010028e85e367ca2c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b0:ee:c9:0b:f8:2b:09:75:e3:4b:bc:9f:be:
41:8a:8c:2a:a1:8f:a7:48:41:f3:83:5b:ed:66:9d:
89:31:11:25:ff:f9:68:8d:7f:fc:8f:e4:13:ae:68:
68:ee:86:eb:fb:d8:ec:2b:ac:48:dc:b2:b0:25:b8:
93:fd:43:43:1c:51:16:e6:8e:4a:e7:68:0e:58:dd:
34:cb:d2:2c:a8:9c:db:de:cd:1b:8e:c3:f9:b3:49:
c6:a3:62:f0:a9:b6:50:f7:07:f8:b2:0f:66:ac:82:
90:14:86:8e:c8:85:76:5c:e2:04:c3:e1:8c:05:09:
16:03:4b:ea:e9:b9:8c:b3:75:11:10:2e:30:59:bc:
42:a8:ac:b8:97:65:92:1b:bc:8c:53:b0:b2:b3:4e:
af:a0:83:81:37:07:83:3c:39:c0:43:f9:94:9b:3b:
f5:a6:bc:8e:ef:51:75:a3:ab:7b:53:45:4f:06:7e:
38:35:96:6a:b5:6f:34:e8:68:34:e4:26:fb:0f:23:
94:7a:b7:ed:2d:8b:0f:67:85:3d:69:7c:df:ea:f8:
91:f9:c0:62:41:2f:c7:20:cc:b3:41:83:fb:04:67:
76:24:24:07:4c:fd:b5:18:3c:78:85:31:34:62:73:
d8:d4:80:de:c1:ab:d2:37:93:d5:0d:28:60:aa:96:
66:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:63:E6:71:B4:BD:1D:2A:67:BC:F0:10:02:8E:85:E3:67:CA:2C:99
X509v3 Authority Key Identifier:
keyid:87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/c2PmcbS9HSpnvPAQAo6F42fKLJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.87.0.0/16
193.5.80.0/21
IPv6:
2a07:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
87:e9:ee:63:0e:83:7a:45:ba:e5:35:d6:03:b1:17:96:04:aa:
6a:f9:b9:dc:ed:c1:9a:1a:4c:5b:b4:93:fb:60:a6:57:2e:b8:
ff:c6:7f:32:ff:47:b7:05:5c:0a:52:03:10:fa:93:f9:96:04:
1c:43:8e:37:cd:4c:76:7a:ee:10:26:fd:1c:8c:df:92:70:60:
0e:d8:9d:0a:ca:d9:c3:b0:74:6c:7e:c7:71:04:53:8f:13:c6:
4c:c9:13:96:81:57:da:28:d5:dd:36:6b:a3:0f:4b:36:91:14:
87:63:51:06:2d:dd:cc:d4:1c:af:55:10:32:54:71:fd:89:21:
e3:81:27:61:6d:37:77:43:a5:cd:e7:4d:01:61:b0:c9:47:b9:
dd:e6:05:cf:68:54:f9:67:96:e3:cb:cb:27:93:d5:21:45:68:
54:67:94:9c:28:cc:94:3a:40:3f:df:f3:0f:f7:f4:6b:55:58:
08:d5:12:b8:b6:7d:1a:86:30:d2:1d:63:b3:69:0c:02:21:04:
ea:fc:98:66:3f:3d:c4:ab:6d:5d:d5:a5:66:be:d1:d4:8a:b0:
c3:9e:04:fe:b0:ae:a1:26:e4:96:2b:8d:02:18:88:c5:09:38:
3a:99:18:da:a2:87:c1:fb:15:f0:2f:91:d9:fc:83:c8:4c:16:
9d:35:b2:c1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYbvi0pb+rbjaiyvfND5fchkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NDFlYzE3ZGMwMzA5YjEzZDg4YTY3ZWEyMmRjYmJiMjZh
NGUzYTEwHhcNMjMwMzE3MTIyODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzYzZTY3MWI0YmQxZDJhNjdiY2YwMTAwMjhlODVlMzY3Y2EyYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLDuyQv4Kwl140u8n75BiowqoY+n
SEHzg1vtZp2JMREl//lojX/8j+QTrmho7obr+9jsK6xI3LKwJbiT/UNDHFEW5o5K
52gOWN00y9IsqJzb3s0bjsP5s0nGo2LwqbZQ9wf4sg9mrIKQFIaOyIV2XOIEw+GM
BQkWA0vq6bmMs3UREC4wWbxCqKy4l2WSG7yMU7Cys06voIOBNweDPDnAQ/mUmzv1
pryO71F1o6t7U0VPBn44NZZqtW806Gg05Cb7DyOUerftLYsPZ4U9aXzf6viR+cBi
QS/HIMyzQYP7BGd2JCQHTP21GDx4hTE0YnPY1IDewavSN5PVDShgqpZmawIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHNj5nG0vR0qZ7zwEAKOheNnyiyZMB8GA1UdIwQY
MBaAFIdB7BfcAwmxPYimfqIty7smpOOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYt
MWFjNGE0MDA3ZGI0LzEvYzJQbWNiUzlIU3BudlBBUUFvNkY0MmZLTEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYtMWFjNGE0MDA3ZGI0
LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAk1cDBAPB
BVAwDQQCAAIwBwMFAyoHa0AwDQYJKoZIhvcNAQELBQADggEBAIfp7mMOg3pFuuU1
1gOxF5YEqmr5udztwZoaTFu0k/tgplcuuP/GfzL/R7cFXApSAxD6k/mWBBxDjjfN
THZ67hAm/RyM35JwYA7YnQrK2cOwdGx+x3EEU48TxkzJE5aBV9oo1d02a6MPSzaR
FIdjUQYt3czUHK9VEDJUcf2JIeOBJ2FtN3dDpc3nTQFhsMlHud3mBc9oVPlnluPL
yyeT1SFFaFRnlJwozJQ6QD/f8w/39GtVWAjVEri2fRqGMNIdY7NpDAIhBOr8mGY/
PcSrbV3VpWa+0dSKsMOeBP6wrqEm5JYrjQIYiMUJODqZGNqih8H7FfAvkdn8g8hM
Fp01ssE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:53 2024 by rpki-client on console-ams.rpki-client.org