Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/ryISbcM0IID8oB36Z2_mudAE0SY.roa
File: ryISbcM0IID8oB36Z2_mudAE0SY.roa (raw, json)
Hash identifier: AiGH6SAOvzRIB8o/p5lDSZQFcjAny3VvqgAVswx/Gng=
Subject key identifier: AF:22:12:6D:C3:34:20:80:FC:A0:1D:FA:67:6F:E6:B9:D0:04:D1:26
Certificate issuer: /CN=58a763f0c467abaa701d968c3749c6dad03489b0
Certificate serial: 01856D41A0F1528811159E7771C0DC88D98E
Authority key identifier: 58:A7:63:F0:C4:67:AB:AA:70:1D:96:8C:37:49:C6:DA:D0:34:89:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/ryISbcM0IID8oB36Z2_mudAE0SY.roa
Signing time: Sun 01 Jan 2023 12:14:55 +0000
ROA not before: Sun 01 Jan 2023 12:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15935
IP address blocks: 193.228.234.0/24 maxlen: 24
2001:67c:1314::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:a0:f1:52:88:11:15:9e:77:71:c0:dc:88:d9:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58a763f0c467abaa701d968c3749c6dad03489b0
Validity
Not Before: Jan 1 12:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af22126dc3342080fca01dfa676fe6b9d004d126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cc:ce:53:cc:e9:2b:3e:37:9b:ea:83:4f:c0:
49:00:83:75:26:fe:1a:ad:13:5b:fc:9b:45:a0:ca:
9e:29:39:00:82:0a:d0:ad:aa:5b:1f:a4:6c:ab:32:
54:30:32:84:e6:9a:5d:af:96:36:ba:e3:46:58:6d:
dd:fc:67:d1:9d:cb:2a:a1:be:4a:83:f2:41:57:8c:
49:10:08:0d:78:0e:fe:ec:80:79:74:7b:7b:71:e5:
74:f2:97:60:4a:5a:61:62:ae:59:9e:be:2e:b6:c4:
67:e2:cd:43:0f:6b:1d:58:e4:47:9e:73:bf:68:f1:
d4:11:aa:1f:c4:ed:3a:83:38:1b:07:10:a2:65:33:
a9:3a:32:1d:ab:b8:f3:4f:4b:a5:04:05:fa:c9:ed:
fe:f0:1c:21:28:1c:45:1b:c3:c4:9a:62:f9:49:a2:
e6:09:47:4a:16:88:74:15:9a:5c:e8:76:e9:f2:46:
be:42:c7:94:88:01:25:0e:75:65:5d:19:08:0c:cc:
0a:0e:a7:d2:98:91:bd:28:c9:7f:7c:c0:fb:a0:14:
a3:02:ad:d2:0b:d2:ef:5c:c5:1d:3d:96:d7:86:7d:
11:b5:54:72:5a:52:e9:04:fb:7d:99:47:ff:36:75:
8a:7d:2e:71:7b:44:b6:67:9f:57:41:ce:c0:70:f3:
66:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:22:12:6D:C3:34:20:80:FC:A0:1D:FA:67:6F:E6:B9:D0:04:D1:26
X509v3 Authority Key Identifier:
keyid:58:A7:63:F0:C4:67:AB:AA:70:1D:96:8C:37:49:C6:DA:D0:34:89:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/ryISbcM0IID8oB36Z2_mudAE0SY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.234.0/24
IPv6:
2001:67c:1314::/48
Signature Algorithm: sha256WithRSAEncryption
22:e2:b3:bd:27:80:cf:a0:8b:ad:5d:85:ea:af:b8:4d:0b:8d:
51:be:ea:cb:f0:79:9a:64:5f:e6:a2:6a:99:56:f8:a4:05:f9:
7a:a4:73:b6:b4:9a:4a:6b:ef:6a:5d:36:5b:bb:dd:77:f7:9e:
61:bf:07:87:d1:4b:13:91:3c:8a:1e:90:89:7d:7c:dc:dc:1c:
0c:94:17:77:41:cd:1b:9a:32:df:b4:49:71:35:a7:d7:5d:7e:
0e:76:f1:4c:d7:6b:06:89:46:6e:fe:db:3d:32:74:f9:55:e4:
c8:33:d8:6a:08:32:02:5a:1f:1f:55:d0:de:28:9f:5c:3e:88:
2f:88:d0:8b:c1:23:fb:e5:8b:fe:df:55:88:bf:09:c6:2a:df:
96:0e:35:84:34:7e:de:9f:bd:8f:7d:66:b2:12:be:e2:35:9e:
a5:85:39:45:28:0d:b0:b2:cf:f2:d8:9f:24:00:34:56:26:bb:
e8:a9:89:66:16:50:44:dd:4f:ea:eb:98:49:d0:70:03:28:43:
8f:8e:2a:fb:c2:e8:bf:ee:7a:77:3a:75:4f:a8:1b:00:dc:cf:
ef:66:e0:6c:5b:a3:c2:b0:82:39:e6:a1:3b:de:f4:b6:64:c3:
a7:0c:54:fc:9e:b7:ab:26:98:47:49:15:a7:9c:b6:88:be:a7:
97:4e:43:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtQaDxUogRFZ53ccDciNmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YTc2M2YwYzQ2N2FiYWE3MDFkOTY4YzM3NDljNmRhZDAz
NDg5YjAwHhcNMjMwMTAxMTIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjIyMTI2ZGMzMzQyMDgwZmNhMDFkZmE2NzZmZTZiOWQwMDRkMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjczOU8zpKz43m+qDT8BJAIN1Jv4a
rRNb/JtFoMqeKTkAggrQrapbH6RsqzJUMDKE5ppdr5Y2uuNGWG3d/GfRncsqob5K
g/JBV4xJEAgNeA7+7IB5dHt7ceV08pdgSlphYq5Znr4utsRn4s1DD2sdWORHnnO/
aPHUEaofxO06gzgbBxCiZTOpOjIdq7jzT0ulBAX6ye3+8BwhKBxFG8PEmmL5SaLm
CUdKFoh0FZpc6Hbp8ka+QseUiAElDnVlXRkIDMwKDqfSmJG9KMl/fMD7oBSjAq3S
C9LvXMUdPZbXhn0RtVRyWlLpBPt9mUf/NnWKfS5xe0S2Z59XQc7AcPNmuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK8iEm3DNCCA/KAd+mdv5rnQBNEmMB8GA1UdIwQY
MBaAFFinY/DEZ6uqcB2WjDdJxtrQNImwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81ZDY0OTEtMDhmZi00OTRkLTg0MzMt
MDk4ZjdjNWZkOTc1LzEvcnlJU2JjTTBJSUQ4b0IzNloyX211ZEFFMFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81ZDY0OTEtMDhmZi00OTRkLTg0MzMtMDk4ZjdjNWZkOTc1
LzEvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAweTqMA8E
AgACMAkDBwAgAQZ8ExQwDQYJKoZIhvcNAQELBQADggEBACLis70ngM+gi61dheqv
uE0LjVG+6svweZpkX+aiaplW+KQF+Xqkc7a0mkpr72pdNlu73Xf3nmG/B4fRSxOR
PIoekIl9fNzcHAyUF3dBzRuaMt+0SXE1p9ddfg528UzXawaJRm7+2z0ydPlV5Mgz
2GoIMgJaHx9V0N4on1w+iC+I0IvBI/vli/7fVYi/CcYq35YONYQ0ft6fvY99ZrIS
vuI1nqWFOUUoDbCyz/LYnyQANFYmu+ipiWYWUETdT+rrmEnQcAMoQ4+OKvvC6L/u
enc6dU+oGwDcz+9m4Gxbo8KwgjnmoTve9LZkw6cMVPyet6smmEdJFaectoi+p5dO
Qxk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:45 2024 by rpki-client on console-fra.rpki-client.org