Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/PKsg7QSvF7qMsJ4c3ly7LI9HnIM.roa
File: PKsg7QSvF7qMsJ4c3ly7LI9HnIM.roa (raw, json)
Hash identifier: ePAX4tMgaObQjwimoqKNzipN2jrzfjVw6HnU80vIgEQ=
Subject key identifier: 3C:AB:20:ED:04:AF:17:BA:8C:B0:9E:1C:DE:5C:BB:2C:8F:47:9C:83
Certificate issuer: /CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Certificate serial: 018AAC627CDEAEBA8C31802591D209187FAB
Authority key identifier: 9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/PKsg7QSvF7qMsJ4c3ly7LI9HnIM.roa
Signing time: Tue 19 Sep 2023 07:40:50 +0000
ROA not before: Tue 19 Sep 2023 07:40:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29240
IP address blocks: 193.143.99.0/24 maxlen: 24
193.143.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:62:7c:de:ae:ba:8c:31:80:25:91:d2:09:18:7f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Validity
Not Before: Sep 19 07:40:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cab20ed04af17ba8cb09e1cde5cbb2c8f479c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:84:d0:d4:92:2b:69:24:fa:72:4b:d9:f7:7e:
0e:ca:4b:72:87:fc:ae:64:73:f6:c8:4d:b1:85:23:
32:3e:48:b1:d8:e2:97:c0:d8:9d:ac:e7:f5:bd:63:
06:16:dc:45:78:4e:14:2c:63:a8:23:d0:00:62:75:
31:2a:69:b7:ea:38:bd:7c:58:2e:1a:74:8a:fa:17:
ad:45:f5:29:e5:a0:5a:06:cf:1e:96:cd:12:bb:9b:
03:d5:fb:73:32:72:1c:a8:c0:dd:82:02:89:ac:61:
d1:c9:d1:d9:9c:08:fe:42:2f:85:cd:42:db:76:9f:
24:87:a3:c3:31:40:6f:af:82:1a:10:88:80:d9:2a:
53:68:55:f0:67:e6:15:93:9a:0b:19:39:cc:f0:74:
f6:a7:4f:52:ae:de:28:ad:c2:9e:e6:5f:13:39:86:
f1:b2:5f:23:59:52:6f:2f:15:48:53:12:5d:bc:07:
8f:38:7b:a1:48:cd:49:22:6b:3c:d9:54:0b:74:46:
86:40:98:90:6f:c1:54:32:c2:63:d5:63:bf:ba:88:
f5:f9:5f:33:f6:57:63:66:74:35:c3:de:63:ac:20:
61:c7:b8:32:54:84:05:c1:fb:58:75:43:07:07:7e:
7a:ff:b8:0f:f3:e1:b8:45:cb:33:6b:cb:46:ae:c0:
d1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AB:20:ED:04:AF:17:BA:8C:B0:9E:1C:DE:5C:BB:2C:8F:47:9C:83
X509v3 Authority Key Identifier:
keyid:9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/PKsg7QSvF7qMsJ4c3ly7LI9HnIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/ngLgZMmLMjHD8hSKHD2cOH1Inuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.99.0-193.143.100.255
Signature Algorithm: sha256WithRSAEncryption
12:79:cc:8b:3f:53:7c:74:9d:f2:4e:91:4c:db:4c:06:ca:0f:
22:21:1f:8d:6c:af:b8:22:26:81:e9:c7:cf:bf:2f:78:20:8f:
52:2b:37:18:a6:cf:47:25:e1:37:2c:97:78:19:4f:ba:76:8a:
01:50:05:1d:63:5b:19:fd:2e:f0:e4:ba:95:e2:19:49:64:79:
49:ad:ba:66:8e:5d:f0:0a:e9:23:ca:7e:5d:c1:cd:23:fe:a2:
fb:c9:84:94:1c:96:a2:35:c3:b2:43:f5:52:04:57:42:1c:0c:
52:c0:21:e5:35:53:23:1b:9c:ad:5e:c0:37:36:d6:f3:f7:06:
2a:55:36:80:af:10:19:94:db:b3:97:ef:d0:6d:e6:10:cb:fb:
60:e2:f9:ea:58:63:d1:ca:25:7f:25:29:ef:c8:04:95:33:12:
a4:b5:f7:32:3b:60:78:c1:89:ef:2d:0c:c3:80:55:c2:50:9a:
a4:f9:52:f9:34:84:0d:92:fa:03:05:6f:5e:4d:a2:d0:8b:cc:
f2:f6:36:25:16:5c:9a:14:13:ba:c4:3b:07:8b:6d:9d:9e:5b:
54:3e:59:ac:82:1d:ba:31:fa:1a:31:4d:4b:4b:71:04:98:4b:
62:69:63:af:66:f7:1b:94:09:c1:87:fa:fb:ad:c4:36:ce:7b:
ad:f3:0e:a5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYqsYnzerrqMMYAlkdIJGH+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMDJlMDY0Yzk4YjMyMzFjM2YyMTQ4YTFjM2Q5YzM4N2Q0
ODllZTkwHhcNMjMwOTE5MDc0MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FiMjBlZDA0YWYxN2JhOGNiMDllMWNkZTVjYmIyYzhmNDc5YzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiITQ1JIraST6ckvZ934Oyktyh/yu
ZHP2yE2xhSMyPkix2OKXwNidrOf1vWMGFtxFeE4ULGOoI9AAYnUxKmm36ji9fFgu
GnSK+hetRfUp5aBaBs8els0Su5sD1ftzMnIcqMDdggKJrGHRydHZnAj+Qi+FzULb
dp8kh6PDMUBvr4IaEIiA2SpTaFXwZ+YVk5oLGTnM8HT2p09Srt4orcKe5l8TOYbx
sl8jWVJvLxVIUxJdvAePOHuhSM1JIms82VQLdEaGQJiQb8FUMsJj1WO/uoj1+V8z
9ldjZnQ1w95jrCBhx7gyVIQFwftYdUMHB356/7gP8+G4Rcsza8tGrsDRDQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDyrIO0Erxe6jLCeHN5cuyyPR5yDMB8GA1UdIwQY
MBaAFJ4C4GTJizIxw/IUihw9nDh9SJ7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmdMZ1pNbUxNakhEOGhTS0hEMmNPSDFJbnVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZDdiYzQtZTBjNS00YTQ4LTkwZTYt
NzUyNTE2ODkwZDNkLzEvUEtzZzdRU3ZGN3FNc0o0YzNseTdMSTlIbklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZDdiYzQtZTBjNS00YTQ4LTkwZTYtNzUyNTE2ODkwZDNk
LzEvbmdMZ1pNbUxNakhEOGhTS0hEMmNPSDFJbnVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBj2MD
BADBj2QwDQYJKoZIhvcNAQELBQADggEBABJ5zIs/U3x0nfJOkUzbTAbKDyIhH41s
r7giJoHpx8+/L3ggj1IrNximz0cl4Tcsl3gZT7p2igFQBR1jWxn9LvDkupXiGUlk
eUmtumaOXfAK6SPKfl3BzSP+ovvJhJQclqI1w7JD9VIEV0IcDFLAIeU1UyMbnK1e
wDc21vP3BipVNoCvEBmU27OX79Bt5hDL+2Di+epYY9HKJX8lKe/IBJUzEqS19zI7
YHjBie8tDMOAVcJQmqT5Uvk0hA2S+gMFb15NotCLzPL2NiUWXJoUE7rEOweLbZ2e
W1Q+WayCHbox+hoxTUtLcQSYS2JpY69m9xuUCcGH+vutxDbOe63zDqU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:54 2024 by rpki-client on console-ams.rpki-client.org