Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/aa3661-deb3-45a4-8693-3881a8b827ac/1/xKJ3NCHNuKNpJIOH51Oiy2mBkEA.roa
File: xKJ3NCHNuKNpJIOH51Oiy2mBkEA.roa (raw, json)
Hash identifier: 67YT1l75m/x9RH5Y6yVtonPccmb5jGhJWQRe4KE6k+o=
Subject key identifier: C4:A2:77:34:21:CD:B8:A3:69:24:83:87:E7:53:A2:CB:69:81:90:40
Certificate issuer: /CN=41fc55ee2488fb9401c4b668abac54110ebb8092
Certificate serial: 01856EF421B395EA305BB4B63917E12B253D
Authority key identifier: 41:FC:55:EE:24:88:FB:94:01:C4:B6:68:AB:AC:54:11:0E:BB:80:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfxV7iSI-5QBxLZoq6xUEQ67gJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/aa3661-deb3-45a4-8693-3881a8b827ac/1/xKJ3NCHNuKNpJIOH51Oiy2mBkEA.roa
Signing time: Sun 01 Jan 2023 20:09:31 +0000
ROA not before: Sun 01 Jan 2023 20:09:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 193.29.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 09:44:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:21:b3:95:ea:30:5b:b4:b6:39:17:e1:2b:25:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41fc55ee2488fb9401c4b668abac54110ebb8092
Validity
Not Before: Jan 1 20:09:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4a2773421cdb8a369248387e753a2cb69819040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:39:98:35:2d:cf:8e:70:af:9f:bf:b0:b7:
68:c3:3e:eb:48:f2:ba:24:60:b6:60:a8:21:97:a2:
11:61:db:1b:13:65:9e:9c:af:e0:1f:b3:4c:18:0b:
bb:4d:68:50:5f:2f:93:01:5b:01:f0:65:b9:66:bf:
23:eb:fc:59:6b:d0:44:99:30:92:3d:e3:f2:20:45:
81:74:2d:57:eb:a6:42:56:60:41:4a:6a:11:c4:02:
a2:52:20:fa:df:cb:16:e3:01:87:54:57:91:e4:f4:
67:06:4b:58:b0:aa:9d:25:17:2c:8d:7a:42:57:b8:
e7:fb:54:5d:27:72:12:c1:64:e4:f7:cb:cf:5b:33:
84:86:51:92:19:f9:86:f4:07:37:48:c5:fa:45:cd:
11:d1:a2:ce:83:b7:d1:9d:d9:14:44:a5:c3:1d:0d:
90:f8:4d:32:23:b8:cd:b7:d2:4a:01:d2:84:b2:e3:
7e:10:02:10:8f:ec:72:33:79:d1:0b:c2:c5:cc:7d:
16:02:3e:73:23:97:a9:63:26:3d:9c:1f:4f:d7:16:
1f:af:1c:fe:7c:67:88:2b:32:34:2a:08:8a:30:e4:
c5:f0:90:b2:a3:81:ce:9c:8e:21:ef:61:1f:07:e9:
ed:48:fb:a5:1a:0d:c9:a4:44:b8:10:da:fd:52:e2:
e3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A2:77:34:21:CD:B8:A3:69:24:83:87:E7:53:A2:CB:69:81:90:40
X509v3 Authority Key Identifier:
keyid:41:FC:55:EE:24:88:FB:94:01:C4:B6:68:AB:AC:54:11:0E:BB:80:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfxV7iSI-5QBxLZoq6xUEQ67gJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/aa3661-deb3-45a4-8693-3881a8b827ac/1/xKJ3NCHNuKNpJIOH51Oiy2mBkEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/aa3661-deb3-45a4-8693-3881a8b827ac/1/QfxV7iSI-5QBxLZoq6xUEQ67gJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.38.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:d7:42:3f:87:cc:48:d0:b7:0c:64:3d:d9:dd:0e:74:c0:e1:
02:d4:76:e4:2e:74:78:c7:bd:1b:be:1d:20:15:de:1e:a8:b4:
33:84:16:2d:a0:c6:f8:d9:9d:e5:ae:9b:01:20:7e:4f:fb:17:
6d:ff:22:db:c6:6d:c2:b1:3b:2d:d0:7b:4d:e3:6b:67:98:76:
c5:25:22:8b:44:91:a0:2f:66:03:bb:0e:1a:d4:0e:45:eb:a5:
3b:27:6f:21:8a:a4:49:0f:10:43:e4:6b:6f:53:7a:5d:63:05:
54:0c:ab:6c:25:60:0a:5e:c5:65:58:fa:13:5b:5e:b2:71:8b:
38:df:bd:84:ca:36:10:f1:75:5f:88:c8:54:61:92:c4:c8:ee:
80:79:95:37:df:6f:f3:ab:57:10:b9:f8:2f:44:7a:d0:a6:3d:
99:3f:83:58:71:d4:f4:62:8d:bb:4f:39:24:2f:f1:90:8f:96:
31:fe:b2:0d:58:7f:75:69:66:2a:e4:7a:9a:67:b0:2b:49:ef:
5e:3c:e9:01:f5:09:93:05:59:89:4e:ae:d1:37:3a:c7:da:51:
3f:eb:c6:84:45:85:16:ab:74:4d:d4:c5:5b:f8:2c:52:8d:d3:
27:be:7c:54:eb:96:ba:20:d9:0a:6e:e7:a2:86:a4:db:66:ae:
8f:c3:cc:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu9CGzleowW7S2ORfhKyU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZmM1NWVlMjQ4OGZiOTQwMWM0YjY2OGFiYWM1NDExMGVi
YjgwOTIwHhcNMjMwMTAxMjAwOTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGEyNzczNDIxY2RiOGEzNjkyNDgzODdlNzUzYTJjYjY5ODE5MDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIs5mDUtz45wr5+/sLdowz7rSPK6
JGC2YKghl6IRYdsbE2WenK/gH7NMGAu7TWhQXy+TAVsB8GW5Zr8j6/xZa9BEmTCS
PePyIEWBdC1X66ZCVmBBSmoRxAKiUiD638sW4wGHVFeR5PRnBktYsKqdJRcsjXpC
V7jn+1RdJ3ISwWTk98vPWzOEhlGSGfmG9Ac3SMX6Rc0R0aLOg7fRndkURKXDHQ2Q
+E0yI7jNt9JKAdKEsuN+EAIQj+xyM3nRC8LFzH0WAj5zI5epYyY9nB9P1xYfrxz+
fGeIKzI0KgiKMOTF8JCyo4HOnI4h72EfB+ntSPulGg3JpES4ENr9UuLjNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSidzQhzbijaSSDh+dTostpgZBAMB8GA1UdIwQY
MBaAFEH8Ve4kiPuUAcS2aKusVBEOu4CSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZ4VjdpU0ktNVFCeExab3E2eFVFUTY3Z0pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hYTM2NjEtZGViMy00NWE0LTg2OTMt
Mzg4MWE4YjgyN2FjLzEveEtKM05DSE51S05wSklPSDUxT2l5Mm1Ca0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hYTM2NjEtZGViMy00NWE0LTg2OTMtMzg4MWE4YjgyN2Fj
LzEvUWZ4VjdpU0ktNVFCeExab3E2eFVFUTY3Z0pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR0mMA0G
CSqGSIb3DQEBCwUAA4IBAQAq10I/h8xI0LcMZD3Z3Q50wOEC1HbkLnR4x70bvh0g
Fd4eqLQzhBYtoMb42Z3lrpsBIH5P+xdt/yLbxm3CsTst0HtN42tnmHbFJSKLRJGg
L2YDuw4a1A5F66U7J28hiqRJDxBD5GtvU3pdYwVUDKtsJWAKXsVlWPoTW16ycYs4
372EyjYQ8XVfiMhUYZLEyO6AeZU332/zq1cQufgvRHrQpj2ZP4NYcdT0Yo27Tzkk
L/GQj5Yx/rINWH91aWYq5HqaZ7ArSe9ePOkB9QmTBVmJTq7RNzrH2lE/68aERYUW
q3RN1MVb+CxSjdMnvnxU65a6INkKbueihqTbZq6Pw8x4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:43 2024 by rpki-client on console-fra.rpki-client.org