Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/Y-YSq8KZFPx6QDGP6Sl4kC5vcGM.roa
File: Y-YSq8KZFPx6QDGP6Sl4kC5vcGM.roa (raw, json)
Hash identifier: SLTlPkbGH7p0xNTbrnrBMMYZUHJ9NBQK3epJR5dFqfI=
Subject key identifier: 63:E6:12:AB:C2:99:14:FC:7A:40:31:8F:E9:29:78:90:2E:6F:70:63
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 0185708CC9CFFD3E07471E98D757F1890776
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/Y-YSq8KZFPx6QDGP6Sl4kC5vcGM.roa
Signing time: Mon 02 Jan 2023 03:35:52 +0000
ROA not before: Mon 02 Jan 2023 03:35:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58074
IP address blocks: 193.138.99.0/24 maxlen: 24
194.6.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Oct 2023 07:52:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:c9:cf:fd:3e:07:47:1e:98:d7:57:f1:89:07:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Jan 2 03:35:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63e612abc29914fc7a40318fe92978902e6f7063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2f:81:ef:99:53:54:3a:51:3e:b9:db:45:ec:
67:b5:63:ed:a6:62:3a:c0:b4:a0:f1:76:29:f6:76:
27:63:f3:08:6a:ce:ed:1c:de:fb:35:4e:4f:22:44:
56:ff:b4:d0:98:23:01:53:c4:72:67:ed:e4:c0:7d:
af:4d:e3:2f:ed:d1:1a:1b:70:ff:6e:39:dd:1b:f0:
56:8c:c7:47:36:b1:c6:8c:34:33:15:a0:97:7d:eb:
3a:89:5b:13:b0:82:17:49:a8:30:48:b8:3f:cd:74:
46:05:aa:ae:ad:28:3b:e1:bf:80:df:41:fe:61:16:
c2:8d:aa:c8:91:b3:db:ce:aa:7b:87:15:66:8c:a0:
a4:e7:e5:f4:6d:0f:a4:fd:2a:fa:2d:93:5e:1a:d9:
7b:d1:88:4b:c7:4d:64:fe:34:f9:f2:38:15:42:ff:
99:8a:19:51:f7:dc:f4:69:20:35:0e:eb:81:1f:bb:
95:42:e0:ca:16:20:5a:34:0f:63:2d:1b:03:12:5b:
64:88:8a:bb:96:37:aa:a6:12:65:7f:35:da:7f:4c:
ad:d3:4f:bb:a2:a5:94:8f:b9:38:cd:9f:42:61:66:
41:3c:b3:98:a8:58:35:63:63:94:d8:26:1e:a2:5e:
f4:1e:73:5b:f6:d3:67:44:87:fa:8f:d3:cd:cd:30:
68:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E6:12:AB:C2:99:14:FC:7A:40:31:8F:E9:29:78:90:2E:6F:70:63
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/Y-YSq8KZFPx6QDGP6Sl4kC5vcGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.99.0/24
194.6.201.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:46:e8:24:bb:7f:c1:a1:ff:c2:99:26:24:28:93:95:0c:b2:
1e:76:51:d7:36:45:80:74:f8:53:a0:3f:fc:4a:08:4d:cd:04:
10:c9:cc:2e:b2:2c:3b:2e:b3:94:1f:cd:72:c4:c9:d2:bf:a0:
6b:9a:3e:21:b3:03:d8:12:43:2f:bb:0c:80:80:39:ad:a1:b1:
2d:a9:bb:22:ed:69:81:9e:d4:33:fe:21:11:13:93:80:64:f7:
ca:8b:94:64:02:7e:7e:82:1c:dd:f8:93:2b:28:11:17:7d:e7:
cf:15:a5:cc:34:67:d3:a7:ab:60:1f:3e:ba:58:d7:24:7d:d6:
26:c9:86:32:e8:95:7a:99:de:bd:f0:11:b4:ac:1d:2f:8c:8d:
a6:23:8e:91:b2:d7:25:7f:d5:6b:ab:a4:d9:6c:99:82:83:5e:
a1:bd:69:0b:af:6a:0e:c2:7e:50:ab:69:31:49:0e:84:67:c9:
c3:9d:d5:9d:fd:77:a3:3d:23:8c:06:d8:5a:7a:10:b6:5d:e9:
f7:b0:33:70:bc:56:79:43:77:fc:48:25:88:b3:ad:04:9f:08:
96:ab:1e:b4:f8:61:2c:71:83:8d:e4:48:dd:c4:70:13:40:c0:
4e:cf:8e:c6:c4:f8:4e:5a:eb:9c:8b:30:2c:c7:05:ec:21:10:
32:f4:27:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwjMnP/T4HRx6Y11fxiQd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjMwMTAyMDMzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2U2MTJhYmMyOTkxNGZjN2E0MDMxOGZlOTI5Nzg5MDJlNmY3MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy+B75lTVDpRPrnbRexntWPtpmI6
wLSg8XYp9nYnY/MIas7tHN77NU5PIkRW/7TQmCMBU8RyZ+3kwH2vTeMv7dEaG3D/
bjndG/BWjMdHNrHGjDQzFaCXfes6iVsTsIIXSagwSLg/zXRGBaqurSg74b+A30H+
YRbCjarIkbPbzqp7hxVmjKCk5+X0bQ+k/Sr6LZNeGtl70YhLx01k/jT58jgVQv+Z
ihlR99z0aSA1DuuBH7uVQuDKFiBaNA9jLRsDEltkiIq7ljeqphJlfzXaf0yt00+7
oqWUj7k4zZ9CYWZBPLOYqFg1Y2OU2CYeol70HnNb9tNnRIf6j9PNzTBoGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGPmEqvCmRT8ekAxj+kpeJAub3BjMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvWS1ZU3E4S1pGUHg2UURHUDZTbDRrQzV2Y0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwYpjAwQA
wgbJMA0GCSqGSIb3DQEBCwUAA4IBAQB9Rugku3/Bof/CmSYkKJOVDLIedlHXNkWA
dPhToD/8SghNzQQQycwusiw7LrOUH81yxMnSv6Brmj4hswPYEkMvuwyAgDmtobEt
qbsi7WmBntQz/iERE5OAZPfKi5RkAn5+ghzd+JMrKBEXfefPFaXMNGfTp6tgHz66
WNckfdYmyYYy6JV6md698BG0rB0vjI2mI46Rstclf9Vrq6TZbJmCg16hvWkLr2oO
wn5Qq2kxSQ6EZ8nDndWd/XejPSOMBthaehC2Xen3sDNwvFZ5Q3f8SCWIs60EnwiW
qx60+GEscYON5EjdxHATQMBOz47GxPhOWuucizAsxwXsIRAy9CcD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:59 2024 by rpki-client on console-ams.rpki-client.org