Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/9jRSfdKYVU6DSiVEgDeDNPDuRTE.roa
File: 9jRSfdKYVU6DSiVEgDeDNPDuRTE.roa (raw, json)
Hash identifier: Bi/rMUzUlNxqrJYW0hnYEgS2IMfzXi3e2RQMISPcKB0=
Subject key identifier: F6:34:52:7D:D2:98:55:4E:83:4A:25:44:80:37:83:34:F0:EE:45:31
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 018EBE7E4EC93A9391A6A3869D7DD96D7F62
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/9jRSfdKYVU6DSiVEgDeDNPDuRTE.roa
Signing time: Mon 08 Apr 2024 16:15:32 +0000
ROA not before: Mon 08 Apr 2024 16:15:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58074
IP address blocks: 193.138.99.0/24 maxlen: 24
194.6.201.0/24 maxlen: 24
195.245.82.0/23 maxlen: 24
195.245.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 09:33:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:7e:4e:c9:3a:93:91:a6:a3:86:9d:7d:d9:6d:7f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Apr 8 16:15:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f634527dd298554e834a254480378334f0ee4531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0c:a5:ca:d3:0e:62:d7:c8:dc:12:d6:66:32:
c6:a5:98:84:5d:de:89:e6:e9:31:90:8c:95:f0:7c:
f3:6b:e5:96:71:d7:e9:77:59:c3:5b:f4:40:01:af:
b5:b6:d5:79:be:bd:5a:3c:e0:13:7d:78:2c:13:e1:
01:03:b2:19:7e:c2:aa:90:ee:9c:33:b2:ac:dd:3d:
eb:e3:4d:0b:06:74:42:42:b9:73:aa:e3:4f:51:03:
a5:72:b1:0e:8d:56:51:f0:50:ed:22:4f:de:8c:8b:
c8:36:01:8e:0d:b4:e4:17:6c:4c:ad:d2:e8:d0:20:
46:3c:f0:c1:84:d5:ca:3f:a6:7b:9f:48:56:94:be:
b3:1d:3a:a8:44:a6:c4:42:3a:8e:cf:20:66:6f:e8:
31:dc:82:35:f3:e6:1b:54:af:f0:70:2b:5d:9f:e7:
3f:42:62:bf:7b:d9:15:05:0d:43:6c:49:19:0e:af:
51:94:ca:18:90:87:6d:45:e8:77:ab:95:05:6c:0b:
77:05:02:41:24:21:e1:d1:af:59:00:22:01:ff:04:
04:7e:37:a5:12:94:1b:57:45:2c:fa:d1:cf:9f:9d:
7b:ae:b5:f5:ca:a9:46:d1:f1:eb:b4:77:be:e0:25:
5e:4f:e9:5c:33:b7:2d:cf:94:5b:85:68:54:24:48:
59:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:34:52:7D:D2:98:55:4E:83:4A:25:44:80:37:83:34:F0:EE:45:31
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/9jRSfdKYVU6DSiVEgDeDNPDuRTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.99.0/24
194.6.201.0/24
195.245.82.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:60:8b:67:04:11:b1:92:ec:ad:cc:c9:da:ce:e2:a6:8b:a5:
30:9b:3f:3e:2a:7e:64:e1:50:b2:bf:fb:8b:6a:8b:33:ca:70:
4b:31:bc:7d:62:3b:87:28:7a:15:fa:f1:aa:0c:34:55:80:3a:
ac:91:a7:5a:3d:ef:76:80:0c:e4:50:81:42:1b:d4:71:1c:1d:
7b:3d:c1:fc:ab:4b:8b:c4:bb:12:5c:0e:67:e2:3d:1e:7c:e8:
1d:b6:ef:b8:06:29:c8:7e:6e:83:db:45:13:1d:78:80:07:99:
30:15:f5:7d:36:04:d3:79:34:48:23:52:c8:87:6e:bf:a9:c7:
39:ea:c2:c4:2f:b1:06:82:a0:71:e4:ec:f3:6f:39:3f:a6:e0:
fa:7a:e8:1d:4d:a7:a7:87:74:28:97:a8:04:9c:29:b9:45:07:
9c:a1:64:8a:f9:bc:9c:2b:15:9f:30:d3:9f:4e:a4:23:93:cb:
70:db:4c:ad:b3:99:ec:93:61:9e:d0:4e:17:1d:ac:61:f2:47:
f9:f1:dc:b6:c6:51:02:f1:e3:8b:f8:b3:e1:dd:5e:cb:0c:f0:
a0:f0:8e:21:9a:8a:c8:db:68:3c:a7:94:30:a8:43:a2:99:18:
83:51:0f:bc:2f:6c:e7:c5:ab:48:c5:5f:3a:f3:93:a1:43:1a:
1c:c3:fe:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6+fk7JOpORpqOGnX3ZbX9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjQwNDA4MTYxNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjM0NTI3ZGQyOTg1NTRlODM0YTI1NDQ4MDM3ODMzNGYwZWU0NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAylytMOYtfI3BLWZjLGpZiEXd6J
5ukxkIyV8Hzza+WWcdfpd1nDW/RAAa+1ttV5vr1aPOATfXgsE+EBA7IZfsKqkO6c
M7Ks3T3r400LBnRCQrlzquNPUQOlcrEOjVZR8FDtIk/ejIvINgGODbTkF2xMrdLo
0CBGPPDBhNXKP6Z7n0hWlL6zHTqoRKbEQjqOzyBmb+gx3II18+YbVK/wcCtdn+c/
QmK/e9kVBQ1DbEkZDq9RlMoYkIdtReh3q5UFbAt3BQJBJCHh0a9ZACIB/wQEfjel
EpQbV0Us+tHPn517rrX1yqlG0fHrtHe+4CVeT+lcM7ctz5RbhWhUJEhZPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPY0Un3SmFVOg0olRIA3gzTw7kUxMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvOWpSU2ZkS1lWVTZEU2lWRWdEZUROUER1UlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwYpjAwQA
wgbJAwQBw/VSMA0GCSqGSIb3DQEBCwUAA4IBAQBcYItnBBGxkuytzMnazuKmi6Uw
mz8+Kn5k4VCyv/uLaoszynBLMbx9YjuHKHoV+vGqDDRVgDqskadaPe92gAzkUIFC
G9RxHB17PcH8q0uLxLsSXA5n4j0efOgdtu+4BinIfm6D20UTHXiAB5kwFfV9NgTT
eTRII1LIh26/qcc56sLEL7EGgqBx5Ozzbzk/puD6eugdTaenh3Qol6gEnCm5RQec
oWSK+bycKxWfMNOfTqQjk8tw20yts5nsk2Ge0E4XHaxh8kf58dy2xlEC8eOL+LPh
3V7LDPCg8I4hmorI22g8p5QwqEOimRiDUQ+8L2znxatIxV8685OhQxocw/4Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:59 2024 by rpki-client on console-ams.rpki-client.org