Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/h16J4TxvUxxnwe5BDxQJ98DxEKE.roa
File: h16J4TxvUxxnwe5BDxQJ98DxEKE.roa (raw, json)
Hash identifier: LeojDyF9EQfVqhjgt2oCp+VKht6A6uKiiJ4s6VxIGuI=
Subject key identifier: 87:5E:89:E1:3C:6F:53:1C:67:C1:EE:41:0F:14:09:F7:C0:F1:10:A1
Certificate issuer: /CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Certificate serial: 018E096BC3091E7D5DC4CB331B566D1601D0
Authority key identifier: 9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/h16J4TxvUxxnwe5BDxQJ98DxEKE.roa
Signing time: Mon 04 Mar 2024 12:24:00 +0000
ROA not before: Mon 04 Mar 2024 12:24:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1759
IP address blocks: 193.143.99.0/24 maxlen: 24
193.143.100.0/24 maxlen: 24
193.143.101.0/24 maxlen: 24
193.143.102.0/23 maxlen: 23
193.143.104.0/21 maxlen: 21
193.143.112.0/22 maxlen: 22
193.143.112.0/23 maxlen: 23
193.143.114.0/24 maxlen: 24
193.143.115.0/24 maxlen: 24
193.143.116.0/23 maxlen: 23
193.143.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 10:15:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:09:6b:c3:09:1e:7d:5d:c4:cb:33:1b:56:6d:16:01:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Validity
Not Before: Mar 4 12:24:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=875e89e13c6f531c67c1ee410f1409f7c0f110a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d3:46:f8:d2:bf:5e:40:a1:a7:e2:30:4d:cb:
e2:76:0e:3f:29:c2:31:f7:63:74:ce:9d:9d:f3:d1:
1e:90:4b:da:9a:fd:0f:2e:0e:8c:91:8d:1a:84:ad:
52:ff:a2:6f:27:4c:c5:85:12:0b:29:1e:5d:52:2a:
06:da:d1:e9:63:c1:c3:94:b9:89:a0:8c:bf:dd:ba:
41:d9:b7:3a:c9:1b:72:01:8c:28:8d:98:ed:1b:fb:
ae:10:7c:ad:ae:8b:65:10:e0:94:9c:65:9f:be:f2:
22:f6:07:ec:6c:1b:e7:31:be:a7:d3:75:33:f4:1e:
0f:53:87:65:9f:0c:8c:60:95:5d:93:22:96:06:bc:
4f:ba:06:99:6b:f5:a7:13:5c:95:ba:42:fb:8f:ce:
bb:1b:46:b6:5b:10:36:40:08:b9:56:86:f3:14:32:
64:4c:d4:b2:a9:17:cc:2e:44:47:f6:77:6c:70:11:
28:58:50:9c:97:74:bf:0a:a7:51:68:2b:d3:ce:b9:
14:2c:9f:df:4a:e1:bd:4b:b5:76:53:9f:59:17:2a:
96:a2:ee:28:c4:da:22:60:a4:a9:08:f7:40:ee:d3:
fa:96:3e:95:06:29:01:55:42:d1:4c:c2:66:73:26:
83:5e:1e:dc:25:5f:bb:90:5f:2e:dc:f3:47:c0:d8:
60:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5E:89:E1:3C:6F:53:1C:67:C1:EE:41:0F:14:09:F7:C0:F1:10:A1
X509v3 Authority Key Identifier:
keyid:9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/h16J4TxvUxxnwe5BDxQJ98DxEKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/ngLgZMmLMjHD8hSKHD2cOH1Inuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.99.0-193.143.118.255
Signature Algorithm: sha256WithRSAEncryption
11:91:86:56:c6:75:5e:e6:c8:14:1a:e5:04:7b:c6:b3:9e:f3:
4f:91:d0:ea:9f:21:9c:1c:77:0d:a8:2c:62:a6:3a:e8:3b:a6:
60:72:45:f4:55:e5:2b:1e:0a:83:52:62:69:96:37:d7:de:33:
a8:e5:fb:5b:d3:a6:89:f6:d0:3d:d8:3a:1c:5b:7d:7c:b4:79:
5d:86:0c:e8:43:e0:58:8b:a2:fb:b9:46:e8:11:7a:30:67:8e:
6f:02:e2:6c:b9:46:2f:1d:61:95:de:f9:c5:89:e8:62:3b:a6:
00:5a:af:8d:7c:78:16:66:1a:b3:e4:c9:00:b5:20:7e:2e:97:
ac:03:9a:9b:2c:e0:f8:0a:f7:e1:fc:cc:e8:fc:56:54:f1:0b:
d0:4d:ee:8c:cf:a8:3b:e8:33:b8:f5:81:85:af:62:96:8c:46:
80:c7:b1:60:e0:14:4b:e8:1c:16:df:c0:97:de:f3:82:6c:a6:
bc:b3:4c:6f:ff:f9:e0:4e:71:21:52:ba:c7:51:88:f4:aa:63:
ec:c1:97:72:17:10:56:22:e7:96:11:8a:c1:93:10:95:2f:7d:
35:0b:0a:0b:87:2d:38:cb:33:83:ee:dc:a6:83:c2:64:cb:fc:
5c:ea:07:b7:69:e5:77:dd:84:fd:15:e8:1e:10:d4:38:b8:fa:
c7:82:8d:ae
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY4Ja8MJHn1dxMszG1ZtFgHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMDJlMDY0Yzk4YjMyMzFjM2YyMTQ4YTFjM2Q5YzM4N2Q0
ODllZTkwHhcNMjQwMzA0MTIyNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzVlODllMTNjNmY1MzFjNjdjMWVlNDEwZjE0MDlmN2MwZjExMGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9NG+NK/XkChp+IwTcvidg4/KcIx
92N0zp2d89EekEvamv0PLg6MkY0ahK1S/6JvJ0zFhRILKR5dUioG2tHpY8HDlLmJ
oIy/3bpB2bc6yRtyAYwojZjtG/uuEHytrotlEOCUnGWfvvIi9gfsbBvnMb6n03Uz
9B4PU4dlnwyMYJVdkyKWBrxPugaZa/WnE1yVukL7j867G0a2WxA2QAi5VobzFDJk
TNSyqRfMLkRH9ndscBEoWFCcl3S/CqdRaCvTzrkULJ/fSuG9S7V2U59ZFyqWou4o
xNoiYKSpCPdA7tP6lj6VBikBVULRTMJmcyaDXh7cJV+7kF8u3PNHwNhg+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIdeieE8b1McZ8HuQQ8UCffA8RChMB8GA1UdIwQY
MBaAFJ4C4GTJizIxw/IUihw9nDh9SJ7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmdMZ1pNbUxNakhEOGhTS0hEMmNPSDFJbnVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZDdiYzQtZTBjNS00YTQ4LTkwZTYt
NzUyNTE2ODkwZDNkLzEvaDE2SjRUeHZVeHhud2U1QkR4UUo5OER4RUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZDdiYzQtZTBjNS00YTQ4LTkwZTYtNzUyNTE2ODkwZDNk
LzEvbmdMZ1pNbUxNakhEOGhTS0hEMmNPSDFJbnVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBj2MD
BADBj3YwDQYJKoZIhvcNAQELBQADggEBABGRhlbGdV7myBQa5QR7xrOe80+R0Oqf
IZwcdw2oLGKmOug7pmByRfRV5SseCoNSYmmWN9feM6jl+1vTpon20D3YOhxbfXy0
eV2GDOhD4FiLovu5RugRejBnjm8C4my5Ri8dYZXe+cWJ6GI7pgBar418eBZmGrPk
yQC1IH4ul6wDmpss4PgK9+H8zOj8VlTxC9BN7ozPqDvoM7j1gYWvYpaMRoDHsWDg
FEvoHBbfwJfe84JspryzTG//+eBOcSFSusdRiPSqY+zBl3IXEFYi55YRisGTEJUv
fTULCguHLTjLM4Pu3KaDwmTL/FzqB7dp5XfdhP0V6B4Q1Di4+seCja4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:01 2024 by rpki-client on console-fra.rpki-client.org