Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/596fd5-6e44-486e-82c2-487f034c4727/1/9-XAn2rdhICnefwAgB6nNMgNlHs.roa
File: 9-XAn2rdhICnefwAgB6nNMgNlHs.roa (raw, json)
Hash identifier: Ji6Ua/1Cw1dr1hNRs7P9ow/Jo24ExqdvZvUhbuyq66I=
Subject key identifier: F7:E5:C0:9F:6A:DD:84:80:A7:79:FC:00:80:1E:A7:34:C8:0D:94:7B
Certificate issuer: /CN=a86e257c32d9dbb819d517d55054f767d7161d2c
Certificate serial: 0185724C6A3944F18AE9B437E8FAAD2DAF60
Authority key identifier: A8:6E:25:7C:32:D9:DB:B8:19:D5:17:D5:50:54:F7:67:D7:16:1D:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qG4lfDLZ27gZ1RfVUFT3Z9cWHSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/596fd5-6e44-486e-82c2-487f034c4727/1/9-XAn2rdhICnefwAgB6nNMgNlHs.roa
Signing time: Mon 02 Jan 2023 11:44:48 +0000
ROA not before: Mon 02 Jan 2023 11:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57381
IP address blocks: 193.150.22.0/24 maxlen: 24
193.150.22.0/23 maxlen: 23
193.150.23.0/24 maxlen: 24
2001:67c:24e4::/48 maxlen: 48
2001:67c:2a00::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:6a:39:44:f1:8a:e9:b4:37:e8:fa:ad:2d:af:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86e257c32d9dbb819d517d55054f767d7161d2c
Validity
Not Before: Jan 2 11:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7e5c09f6add8480a779fc00801ea734c80d947b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:12:a1:ef:78:9d:7c:8d:a9:9d:91:fd:5c:eb:
c9:97:94:09:a7:bc:98:97:47:cf:c6:80:1f:29:27:
a7:cd:b0:61:54:2c:0b:93:0a:f6:45:3f:b2:b4:70:
da:e5:a8:ac:df:b7:aa:cc:16:76:a8:19:3b:9e:44:
ce:4c:d4:b5:d8:38:62:87:c1:56:88:0d:5c:c2:54:
3c:11:99:8c:2a:32:68:ce:b3:b6:a6:60:59:c0:8b:
67:90:c3:6d:22:95:72:34:0d:82:64:23:7e:2e:aa:
58:8b:eb:61:4f:63:cf:dd:1b:4c:df:13:2e:35:ff:
4c:fe:ed:b5:36:b4:56:f3:c2:12:a3:07:d0:fa:65:
a3:73:91:8e:26:3d:a2:0f:41:88:2e:85:b3:2d:86:
de:c6:20:3d:98:68:e7:bc:6c:db:81:cd:e9:a7:86:
26:8f:bd:8f:df:d6:71:5d:9e:cd:70:bb:49:1c:8e:
99:f0:e3:ce:51:52:de:b8:63:18:aa:2f:c2:da:0f:
ee:c1:2f:fd:85:a0:98:b4:11:ee:99:fb:da:c7:fd:
86:19:e7:f3:1d:d3:cb:a7:07:10:70:18:7b:35:b4:
85:a6:eb:03:e7:79:b6:3f:80:d3:17:f1:2b:63:e0:
36:5e:99:78:5e:82:61:17:27:ff:7e:79:06:c2:06:
74:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:E5:C0:9F:6A:DD:84:80:A7:79:FC:00:80:1E:A7:34:C8:0D:94:7B
X509v3 Authority Key Identifier:
keyid:A8:6E:25:7C:32:D9:DB:B8:19:D5:17:D5:50:54:F7:67:D7:16:1D:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qG4lfDLZ27gZ1RfVUFT3Z9cWHSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/596fd5-6e44-486e-82c2-487f034c4727/1/9-XAn2rdhICnefwAgB6nNMgNlHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/596fd5-6e44-486e-82c2-487f034c4727/1/qG4lfDLZ27gZ1RfVUFT3Z9cWHSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.22.0/23
IPv6:
2001:67c:24e4::/48
2001:67c:2a00::/48
Signature Algorithm: sha256WithRSAEncryption
78:15:42:01:af:e0:0f:f3:92:05:84:cf:d4:81:1b:44:65:01:
26:34:a6:69:23:69:cd:ed:cb:8e:dd:5e:74:1a:5d:cc:92:3c:
bd:b8:6e:e6:7f:39:9a:34:4b:9d:0b:00:72:1c:e2:8a:70:f4:
5f:cf:71:3c:b5:3a:d2:db:95:dc:f9:13:88:9d:93:92:86:65:
8b:eb:c6:b3:e4:6c:4d:b9:90:b5:0e:f2:f6:e8:09:56:96:b5:
e1:e3:03:63:ac:54:ad:d8:d4:23:7e:b3:13:ab:eb:46:02:93:
c4:c3:89:e9:17:46:d0:6c:e4:8d:af:32:0d:82:ae:a6:5d:e2:
0c:51:33:e3:7e:01:73:0b:05:a4:57:57:6f:fb:da:d6:a4:23:
63:d4:01:46:b0:22:7a:0f:5b:9e:ee:35:bc:50:98:b8:04:36:
b0:51:bb:06:c1:9b:50:ad:07:47:36:6a:99:78:be:0e:4b:ef:
3b:1f:75:0b:97:2e:f8:88:4c:51:94:34:96:d7:ee:cf:cd:44:
5b:c5:db:99:09:35:40:6c:23:a8:d4:e0:b4:aa:70:bf:77:35:
73:02:3d:d4:6d:dd:8e:a6:7c:e6:b5:a7:5c:c4:79:df:6b:fa:
98:67:da:a3:ac:b3:3f:78:73:e7:6e:b0:ad:c9:31:a2:59:15:
de:5a:70:09
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVyTGo5RPGK6bQ36PqtLa9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NmUyNTdjMzJkOWRiYjgxOWQ1MTdkNTUwNTRmNzY3ZDcx
NjFkMmMwHhcNMjMwMTAyMTE0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2U1YzA5ZjZhZGQ4NDgwYTc3OWZjMDA4MDFlYTczNGM4MGQ5NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxKh73idfI2pnZH9XOvJl5QJp7yY
l0fPxoAfKSenzbBhVCwLkwr2RT+ytHDa5ais37eqzBZ2qBk7nkTOTNS12Dhih8FW
iA1cwlQ8EZmMKjJozrO2pmBZwItnkMNtIpVyNA2CZCN+LqpYi+thT2PP3RtM3xMu
Nf9M/u21NrRW88ISowfQ+mWjc5GOJj2iD0GILoWzLYbexiA9mGjnvGzbgc3pp4Ym
j72P39ZxXZ7NcLtJHI6Z8OPOUVLeuGMYqi/C2g/uwS/9haCYtBHumfvax/2GGefz
HdPLpwcQcBh7NbSFpusD53m2P4DTF/ErY+A2Xpl4XoJhFyf/fnkGwgZ0/wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPflwJ9q3YSAp3n8AIAepzTIDZR7MB8GA1UdIwQY
MBaAFKhuJXwy2du4GdUX1VBU92fXFh0sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUc0bGZETFoyN2daMVJmVlVGVDNaOWNXSFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81OTZmZDUtNmU0NC00ODZlLTgyYzIt
NDg3ZjAzNGM0NzI3LzEvOS1YQW4ycmRoSUNuZWZ3QWdCNm5OTWdObEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81OTZmZDUtNmU0NC00ODZlLTgyYzItNDg3ZjAzNGM0NzI3
LzEvcUc0bGZETFoyN2daMVJmVlVGVDNaOWNXSFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBwZYWMBgE
AgACMBIDBwAgAQZ8JOQDBwAgAQZ8KgAwDQYJKoZIhvcNAQELBQADggEBAHgVQgGv
4A/zkgWEz9SBG0RlASY0pmkjac3ty47dXnQaXcySPL24buZ/OZo0S50LAHIc4opw
9F/PcTy1OtLbldz5E4idk5KGZYvrxrPkbE25kLUO8vboCVaWteHjA2OsVK3Y1CN+
sxOr60YCk8TDiekXRtBs5I2vMg2CrqZd4gxRM+N+AXMLBaRXV2/72takI2PUAUaw
InoPW57uNbxQmLgENrBRuwbBm1CtB0c2apl4vg5L7zsfdQuXLviITFGUNJbX7s/N
RFvF25kJNUBsI6jU4LSqcL93NXMCPdRt3Y6mfOa1p1zEed9r+phn2qOssz94c+du
sK3JMaJZFd5acAk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:58 2024 by rpki-client on console-ams.rpki-client.org