Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/2n--sGJzHBv7E9TTFLJMbSoS5_I.roa
File: 2n--sGJzHBv7E9TTFLJMbSoS5_I.roa (raw, json)
Hash identifier: 6093aXW5qITG5H6gr7Ii6inogmSqwJ4u5KOsbLTNSxw=
Subject key identifier: DA:7F:BE:B0:62:73:1C:1B:FB:13:D4:D3:14:B2:4C:6D:2A:12:E7:F2
Certificate issuer: /CN=1a17809270470d7c2567112fb40a9ef712600516
Certificate serial: 018571553E0E2E4C8CBB5CBD99985F8BD77A
Authority key identifier: 1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/2n--sGJzHBv7E9TTFLJMbSoS5_I.roa
Signing time: Mon 02 Jan 2023 07:14:49 +0000
ROA not before: Mon 02 Jan 2023 07:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34019
IP address blocks: 193.106.116.0/22 maxlen: 22
193.164.153.0/24 maxlen: 24
193.17.192.0/24 maxlen: 24
193.200.42.0/23 maxlen: 23
2001:67c:1740::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:3e:0e:2e:4c:8c:bb:5c:bd:99:98:5f:8b:d7:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a17809270470d7c2567112fb40a9ef712600516
Validity
Not Before: Jan 2 07:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da7fbeb062731c1bfb13d4d314b24c6d2a12e7f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:db:66:30:e1:04:09:4a:49:85:bc:fa:72:c3:
03:8a:0d:c4:5e:d3:e8:ae:03:54:20:04:4e:e6:3d:
8e:1f:1f:0d:1a:62:dd:ae:1d:99:1c:46:a0:73:b7:
d5:19:92:d0:cc:8b:cf:52:88:3d:bc:b6:bf:fc:5c:
51:94:5e:3c:12:6c:c3:5c:c3:51:c0:b5:08:5c:ed:
77:c8:90:5e:6d:7f:4e:24:d2:72:d0:ee:8e:38:65:
d2:6b:93:af:bb:16:80:db:a7:d9:84:02:90:b9:aa:
24:e9:b6:e2:84:51:8d:e4:92:66:11:9a:89:15:7b:
58:32:cf:c2:f3:cb:ec:7d:1c:13:b6:8c:dd:11:4f:
04:13:b2:7c:e3:4d:8a:9a:da:e4:53:16:5f:78:5b:
0c:d6:d3:c5:ba:2c:81:82:be:5a:ad:41:5d:99:d8:
db:32:a1:1b:d7:0e:50:ae:f9:29:13:7e:96:fe:0b:
81:50:5d:ec:ed:d6:9f:5c:d5:e2:e3:25:8e:5a:bd:
bd:9f:41:be:90:4c:5a:0e:c8:a0:ef:b0:f1:4c:36:
b5:5a:1c:ba:81:99:ce:f5:53:57:0f:f6:e4:df:da:
20:8d:1f:14:09:c1:aa:2f:21:46:9c:c9:31:c7:a8:
37:ed:8d:13:78:a1:40:24:c5:23:43:19:18:eb:db:
77:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7F:BE:B0:62:73:1C:1B:FB:13:D4:D3:14:B2:4C:6D:2A:12:E7:F2
X509v3 Authority Key Identifier:
keyid:1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/2n--sGJzHBv7E9TTFLJMbSoS5_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.192.0/24
193.106.116.0/22
193.164.153.0/24
193.200.42.0/23
IPv6:
2001:67c:1740::/48
Signature Algorithm: sha256WithRSAEncryption
11:f8:85:6e:74:cd:26:bf:cc:f5:42:77:c1:db:64:65:70:4f:
fc:2c:c7:63:56:0b:4a:80:97:1e:29:7c:91:19:5b:4d:99:68:
0a:2a:c5:9a:97:67:96:0c:4c:f4:c2:12:ec:93:fc:fd:df:e9:
73:2d:ba:2c:cc:be:03:8c:aa:26:cf:6a:20:81:ff:a2:89:79:
e5:d2:86:e3:15:79:7a:3b:cf:b3:9e:37:3d:22:9d:0d:41:f6:
bd:28:e3:14:ec:ec:36:d5:fb:1e:f5:a9:27:9e:39:8b:75:85:
77:75:e4:b6:e9:82:97:37:a7:46:c9:09:f3:aa:e1:46:00:ce:
60:74:71:eb:94:aa:be:b3:2c:08:0a:38:c0:b9:8f:db:0a:e5:
89:22:b5:da:96:cf:47:1f:82:de:d2:37:38:60:0c:a3:00:4b:
ed:fa:e5:10:07:92:25:2a:d6:0e:97:4a:6c:af:89:58:77:f9:
db:8f:e1:6e:20:28:0c:9d:d0:fc:92:89:bf:cb:16:3c:0a:8b:
24:45:7b:53:fd:0a:99:1a:a2:33:ab:77:06:1e:c0:b7:69:f0:
86:e3:27:51:48:54:f6:dc:f9:4b:95:17:fc:18:07:79:76:cd:
bf:b6:31:cd:54:16:0b:6f:82:f4:84:22:2d:f2:2f:32:a9:5a:
74:e2:56:01
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVxVT4OLkyMu1y9mZhfi9d6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTc4MDkyNzA0NzBkN2MyNTY3MTEyZmI0MGE5ZWY3MTI2
MDA1MTYwHhcNMjMwMTAyMDcxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTdmYmViMDYyNzMxYzFiZmIxM2Q0ZDMxNGIyNGM2ZDJhMTJlN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwttmMOEECUpJhbz6csMDig3EXtPo
rgNUIARO5j2OHx8NGmLdrh2ZHEagc7fVGZLQzIvPUog9vLa//FxRlF48EmzDXMNR
wLUIXO13yJBebX9OJNJy0O6OOGXSa5OvuxaA26fZhAKQuaok6bbihFGN5JJmEZqJ
FXtYMs/C88vsfRwTtozdEU8EE7J8402KmtrkUxZfeFsM1tPFuiyBgr5arUFdmdjb
MqEb1w5QrvkpE36W/guBUF3s7dafXNXi4yWOWr29n0G+kExaDsig77DxTDa1Why6
gZnO9VNXD/bk39ogjR8UCcGqLyFGnMkxx6g37Y0TeKFAJMUjQxkY69t3fQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNp/vrBicxwb+xPU0xSyTG0qEufyMB8GA1UdIwQY
MBaAFBoXgJJwRw18JWcRL7QKnvcSYAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEt
OGFmYTc0ZDg3NjlmLzEvMm4tLXNHSnpIQnY3RTlUVEZMSk1iU29TNV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEtOGFmYTc0ZDg3Njlm
LzEvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAwRHAAwQC
wWp0AwQAwaSZAwQBwcgqMA8EAgACMAkDBwAgAQZ8F0AwDQYJKoZIhvcNAQELBQAD
ggEBABH4hW50zSa/zPVCd8HbZGVwT/wsx2NWC0qAlx4pfJEZW02ZaAoqxZqXZ5YM
TPTCEuyT/P3f6XMtuizMvgOMqibPaiCB/6KJeeXShuMVeXo7z7OeNz0inQ1B9r0o
4xTs7DbV+x71qSeeOYt1hXd15Lbpgpc3p0bJCfOq4UYAzmB0ceuUqr6zLAgKOMC5
j9sK5YkitdqWz0cfgt7SNzhgDKMAS+365RAHkiUq1g6XSmyviVh3+duP4W4gKAyd
0PySib/LFjwKiyRFe1P9CpkaojOrdwYewLdp8IbjJ1FIVPbc+UuVF/wYB3l2zb+2
Mc1UFgtvgvSEIi3yLzKpWnTiVgE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:44 2024 by rpki-client on console-ams.rpki-client.org