Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/a175fOUpa7s86_dLHR0_reIYbOM.roa
File: a175fOUpa7s86_dLHR0_reIYbOM.roa (raw, json)
Hash identifier: LHMf2Mb/ylptnKAlkVrE+Xk0DCMn+lKCF0ZvoAcXukI=
Subject key identifier: 6B:5E:F9:7C:E5:29:6B:BB:3C:EB:F7:4B:1D:1D:3F:AD:E2:18:6C:E3
Certificate issuer: /CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Certificate serial: 01856D0AC66ECE35EB1960784A335B6686A3
Authority key identifier: 9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/a175fOUpa7s86_dLHR0_reIYbOM.roa
Signing time: Sun 01 Jan 2023 11:15:00 +0000
ROA not before: Sun 01 Jan 2023 11:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1759
IP address blocks: 193.143.104.0/21 maxlen: 21
193.143.102.0/23 maxlen: 23
193.143.101.0/24 maxlen: 24
193.143.112.0/22 maxlen: 22
193.143.118.0/24 maxlen: 24
193.143.116.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:c6:6e:ce:35:eb:19:60:78:4a:33:5b:66:86:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Validity
Not Before: Jan 1 11:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b5ef97ce5296bbb3cebf74b1d1d3fade2186ce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a9:0f:78:71:b9:bc:39:be:46:87:52:ac:4c:
fe:71:3d:f7:53:d9:e6:f8:09:db:43:c5:da:e0:f1:
89:1e:4b:fd:e4:26:8f:68:41:26:bd:83:df:e0:41:
39:4b:52:c6:05:47:71:f1:73:1e:38:99:aa:7c:a7:
0f:8d:b9:71:0e:ff:dc:f1:f8:6c:e9:d6:46:ce:c5:
f1:7f:3b:48:32:04:25:35:06:fb:d5:d7:c9:8d:84:
3f:83:5c:bd:38:79:0a:00:c8:c5:9c:bf:45:4b:ec:
53:30:4f:af:e7:e3:1a:fb:06:8c:92:9b:c1:6a:48:
34:64:8b:59:30:f4:6a:b4:eb:6e:3e:52:af:ec:04:
fe:30:95:fb:3c:f1:6e:c9:a5:89:87:88:32:4e:f7:
00:12:f8:08:80:57:2a:a2:48:45:a5:50:e1:64:77:
ab:c8:f9:e7:5e:e5:97:4b:90:cd:6c:da:a0:3e:2e:
eb:af:e0:5c:f1:8e:1f:33:ec:5f:fe:62:8e:f7:c6:
c9:99:9b:11:c4:4f:8d:d7:e7:14:19:d6:5a:1a:5a:
f9:ad:26:29:6f:5b:9e:31:da:ae:b6:21:d6:69:23:
b2:7f:4c:2c:37:82:4b:ea:9a:0e:fa:b7:df:a1:58:
de:31:e2:42:87:95:94:30:89:dd:2c:a8:bb:c4:60:
83:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5E:F9:7C:E5:29:6B:BB:3C:EB:F7:4B:1D:1D:3F:AD:E2:18:6C:E3
X509v3 Authority Key Identifier:
keyid:9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/a175fOUpa7s86_dLHR0_reIYbOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/ngLgZMmLMjHD8hSKHD2cOH1Inuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.101.0-193.143.118.255
Signature Algorithm: sha256WithRSAEncryption
1e:d2:8a:13:00:33:38:db:46:ad:5c:67:2b:ce:5f:91:19:0c:
f8:d9:b3:95:7f:06:d2:e4:02:77:13:0c:e1:47:10:8c:60:e8:
d2:3d:ed:fa:7e:e3:d5:36:fb:ea:27:66:18:05:9f:1e:15:7d:
74:ed:44:45:1c:86:68:e5:18:6b:3d:ef:70:aa:d4:8a:d6:01:
cf:8a:ec:f2:45:a0:5a:f8:d9:2b:33:91:d5:9e:41:9f:39:61:
e3:83:ec:74:d7:42:b0:03:6e:3a:27:32:92:4e:96:fc:72:e2:
b4:e7:ef:0c:9a:e1:3b:3e:3c:79:c2:24:63:e4:29:96:57:f9:
cd:d8:34:ea:57:a2:4e:b5:49:4d:8c:c5:6a:8e:83:54:7e:24:
cd:d7:fa:7d:c7:44:f4:74:0f:81:0e:0a:17:26:dc:3c:d2:56:
11:b9:69:6d:d8:8a:6d:d8:1a:9c:d3:cb:59:4f:5e:85:07:36:
07:c2:73:37:6b:0b:dd:96:d3:4b:3e:89:a5:52:cb:2d:67:2a:
09:ef:cf:13:a3:1f:4d:3d:5d:76:0f:31:6c:45:48:32:67:d9:
4b:6d:1a:d9:4f:78:79:f4:ac:d6:b7:98:c3:f4:0c:40:54:df:
ba:4a:e9:f4:16:ef:f3:69:2c:ef:4e:1e:a4:3a:66:75:4c:4e:
66:e1:ba:05
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtCsZuzjXrGWB4SjNbZoajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMDJlMDY0Yzk4YjMyMzFjM2YyMTQ4YTFjM2Q5YzM4N2Q0
ODllZTkwHhcNMjMwMTAxMTExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjVlZjk3Y2U1Mjk2YmJiM2NlYmY3NGIxZDFkM2ZhZGUyMTg2Y2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnakPeHG5vDm+RodSrEz+cT33U9nm
+AnbQ8Xa4PGJHkv95CaPaEEmvYPf4EE5S1LGBUdx8XMeOJmqfKcPjblxDv/c8fhs
6dZGzsXxfztIMgQlNQb71dfJjYQ/g1y9OHkKAMjFnL9FS+xTME+v5+Ma+waMkpvB
akg0ZItZMPRqtOtuPlKv7AT+MJX7PPFuyaWJh4gyTvcAEvgIgFcqokhFpVDhZHer
yPnnXuWXS5DNbNqgPi7rr+Bc8Y4fM+xf/mKO98bJmZsRxE+N1+cUGdZaGlr5rSYp
b1ueMdqutiHWaSOyf0wsN4JL6poO+rffoVjeMeJCh5WUMIndLKi7xGCDWwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGte+XzlKWu7POv3Sx0dP63iGGzjMB8GA1UdIwQY
MBaAFJ4C4GTJizIxw/IUihw9nDh9SJ7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmdMZ1pNbUxNakhEOGhTS0hEMmNPSDFJbnVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZDdiYzQtZTBjNS00YTQ4LTkwZTYt
NzUyNTE2ODkwZDNkLzEvYTE3NWZPVXBhN3M4Nl9kTEhSMF9yZUlZYk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZDdiYzQtZTBjNS00YTQ4LTkwZTYtNzUyNTE2ODkwZDNk
LzEvbmdMZ1pNbUxNakhEOGhTS0hEMmNPSDFJbnVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBj2UD
BADBj3YwDQYJKoZIhvcNAQELBQADggEBAB7SihMAMzjbRq1cZyvOX5EZDPjZs5V/
BtLkAncTDOFHEIxg6NI97fp+49U2++onZhgFnx4VfXTtREUchmjlGGs973Cq1IrW
Ac+K7PJFoFr42SszkdWeQZ85YeOD7HTXQrADbjonMpJOlvxy4rTn7wya4Ts+PHnC
JGPkKZZX+c3YNOpXok61SU2MxWqOg1R+JM3X+n3HRPR0D4EOChcm3DzSVhG5aW3Y
im3YGpzTy1lPXoUHNgfCczdrC92W00s+iaVSyy1nKgnvzxOjH009XXYPMWxFSDJn
2UttGtlPeHn0rNa3mMP0DEBU37pK6fQW7/NpLO9OHqQ6ZnVMTmbhugU=
-----END CERTIFICATE-----
Generated at Tue Sep 19 08:24:12 2023 by rpki-client on console-fra.rpki-client.org