Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/b9a830-6992-49c6-8973-eacb4965fe38/1/K11D6YKHkXdLN8f05nt13rMGSK8.roa
File: K11D6YKHkXdLN8f05nt13rMGSK8.roa (raw, json)
Hash identifier: oGywHSMC/R7wQ0r6Qzy+xlIWP9nTxcU8pednzG+xFbo=
Subject key identifier: 2B:5D:43:E9:82:87:91:77:4B:37:C7:F4:E6:7B:75:DE:B3:06:48:AF
Certificate issuer: /CN=4c3e9da3bf593802cc833fe5d947a52696f58c8d
Certificate serial: 01856FD512C5231431144D45DD358881C7B7
Authority key identifier: 4C:3E:9D:A3:BF:59:38:02:CC:83:3F:E5:D9:47:A5:26:96:F5:8C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TD6do79ZOALMgz_l2UelJpb1jI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/b9a830-6992-49c6-8973-eacb4965fe38/1/K11D6YKHkXdLN8f05nt13rMGSK8.roa
Signing time: Mon 02 Jan 2023 00:15:13 +0000
ROA not before: Mon 02 Jan 2023 00:15:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39122
IP address blocks: 193.203.126.0/24 maxlen: 24
2a0d:1f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:12:c5:23:14:31:14:4d:45:dd:35:88:81:c7:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3e9da3bf593802cc833fe5d947a52696f58c8d
Validity
Not Before: Jan 2 00:15:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b5d43e9828791774b37c7f4e67b75deb30648af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3a:21:07:3d:cd:05:34:a0:4c:5f:fe:2e:69:
bf:c1:e2:20:c9:32:81:f8:f1:ae:f8:4c:0a:17:6c:
61:7f:0b:55:35:ab:37:49:ff:16:30:f2:c2:a1:b1:
4b:d8:63:f4:8b:4d:5f:44:a0:7b:f5:95:55:ba:59:
a2:95:17:ac:de:22:1d:e2:80:54:da:cf:8d:ce:60:
ed:99:61:82:be:2c:a1:e5:7e:5a:3c:ef:c8:77:d7:
fd:a9:bb:df:0c:76:5e:cb:e4:ea:ed:e9:89:bd:fc:
eb:a4:cb:29:01:9b:ba:c4:27:6c:21:26:a5:95:3c:
44:7c:1d:79:03:2a:13:73:7c:91:fc:68:9a:ad:04:
96:1e:3b:a6:46:ef:17:cd:79:5f:0b:f0:64:e4:e2:
91:bc:b2:e2:56:ce:d1:cf:27:e4:de:52:7c:a2:e8:
aa:a0:19:5b:05:33:ce:b9:ee:f3:ab:57:b5:a5:5e:
51:67:e0:43:d4:61:c7:40:13:67:65:23:06:e0:96:
5b:b4:e3:40:2c:53:74:d2:29:a0:ab:ac:d3:f5:36:
8a:e0:d9:24:ad:83:37:a4:4f:ff:fa:58:07:52:c2:
e5:80:b4:b1:08:bb:22:de:31:80:a8:cb:ec:c5:47:
a5:a4:4c:88:e2:19:1c:dc:96:76:90:be:e2:77:fa:
b4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5D:43:E9:82:87:91:77:4B:37:C7:F4:E6:7B:75:DE:B3:06:48:AF
X509v3 Authority Key Identifier:
keyid:4C:3E:9D:A3:BF:59:38:02:CC:83:3F:E5:D9:47:A5:26:96:F5:8C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TD6do79ZOALMgz_l2UelJpb1jI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b9a830-6992-49c6-8973-eacb4965fe38/1/K11D6YKHkXdLN8f05nt13rMGSK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b9a830-6992-49c6-8973-eacb4965fe38/1/TD6do79ZOALMgz_l2UelJpb1jI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.126.0/24
IPv6:
2a0d:1f00::/29
Signature Algorithm: sha256WithRSAEncryption
6a:9e:76:84:0d:1b:96:7c:b0:8a:3c:b3:fb:a8:78:36:31:3b:
4b:2b:60:ac:82:5b:36:d9:09:fe:13:e8:62:c2:b0:22:30:51:
a3:e1:bc:42:22:b7:b7:ef:3c:55:8f:ac:c6:fe:62:2f:f7:bb:
48:15:b6:28:33:96:19:25:cc:86:2f:e3:24:5c:87:89:2f:2e:
47:68:df:a1:6a:5a:01:75:76:88:02:cb:8b:63:01:59:59:55:
2c:04:e8:69:a1:c4:ee:dc:a3:52:b9:0a:4b:9a:ab:2b:cb:c8:
16:f2:53:ae:39:24:fe:97:cf:55:2f:70:bd:79:63:82:56:15:
db:09:57:01:07:10:d8:44:b1:86:f3:bf:3c:8c:7a:28:5c:ca:
20:b5:7b:f6:ab:44:af:87:e3:09:ee:71:4d:38:4c:50:b1:38:
ec:a1:24:82:10:68:69:f9:dd:e2:ee:6c:88:a9:8a:12:e5:aa:
a0:a9:16:4c:c2:0b:48:b6:33:07:d1:05:ee:51:b2:4a:1e:18:
52:03:3f:d9:fb:79:8d:72:a3:04:3c:7f:03:9b:0e:2c:0c:81:
f0:18:84:7c:e5:11:b1:27:a0:81:80:68:db:33:80:e1:c5:6b:
4f:f0:a9:48:d5:69:1c:0c:c9:46:f3:7f:1f:c6:7d:09:a3:6a:
8a:31:c0:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv1RLFIxQxFE1F3TWIgce3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjM2U5ZGEzYmY1OTM4MDJjYzgzM2ZlNWQ5NDdhNTI2OTZm
NThjOGQwHhcNMjMwMTAyMDAxNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjVkNDNlOTgyODc5MTc3NGIzN2M3ZjRlNjdiNzVkZWIzMDY0OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzohBz3NBTSgTF/+Lmm/weIgyTKB
+PGu+EwKF2xhfwtVNas3Sf8WMPLCobFL2GP0i01fRKB79ZVVulmilRes3iId4oBU
2s+NzmDtmWGCviyh5X5aPO/Id9f9qbvfDHZey+Tq7emJvfzrpMspAZu6xCdsISal
lTxEfB15AyoTc3yR/GiarQSWHjumRu8XzXlfC/Bk5OKRvLLiVs7Rzyfk3lJ8ouiq
oBlbBTPOue7zq1e1pV5RZ+BD1GHHQBNnZSMG4JZbtONALFN00imgq6zT9TaK4Nkk
rYM3pE//+lgHUsLlgLSxCLsi3jGAqMvsxUelpEyI4hkc3JZ2kL7id/q0vQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCtdQ+mCh5F3SzfH9OZ7dd6zBkivMB8GA1UdIwQY
MBaAFEw+naO/WTgCzIM/5dlHpSaW9YyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEQ2ZG83OVpPQUxNZ3pfbDJVZWxKcGIxakkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iOWE4MzAtNjk5Mi00OWM2LTg5NzMt
ZWFjYjQ5NjVmZTM4LzEvSzExRDZZS0hrWGRMTjhmMDVudDEzck1HU0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iOWE4MzAtNjk5Mi00OWM2LTg5NzMtZWFjYjQ5NjVmZTM4
LzEvVEQ2ZG83OVpPQUxNZ3pfbDJVZWxKcGIxakkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwct+MA0E
AgACMAcDBQMqDR8AMA0GCSqGSIb3DQEBCwUAA4IBAQBqnnaEDRuWfLCKPLP7qHg2
MTtLK2Csgls22Qn+E+hiwrAiMFGj4bxCIre37zxVj6zG/mIv97tIFbYoM5YZJcyG
L+MkXIeJLy5HaN+haloBdXaIAsuLYwFZWVUsBOhpocTu3KNSuQpLmqsry8gW8lOu
OST+l89VL3C9eWOCVhXbCVcBBxDYRLGG8788jHooXMogtXv2q0Svh+MJ7nFNOExQ
sTjsoSSCEGhp+d3i7myIqYoS5aqgqRZMwgtItjMH0QXuUbJKHhhSAz/Z+3mNcqME
PH8Dmw4sDIHwGIR85RGxJ6CBgGjbM4DhxWtP8KlI1WkcDMlG838fxn0Jo2qKMcAp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:00 2024 by rpki-client on console-ams.rpki-client.org