Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/plotufd129f4UawqUlsdTfskOYU.roa
File: plotufd129f4UawqUlsdTfskOYU.roa (raw, json)
Hash identifier: 3xnVcgYHmmyKOu66m+K5cFncAmh6whUEVMoxDyii854=
Subject key identifier: A6:5A:2D:B9:F7:75:DB:D7:F8:51:AC:2A:52:5B:1D:4D:FB:24:39:85
Certificate issuer: /CN=1dd9a94679ec9ab33e65e069c9aa440db273e14e
Certificate serial: 018571154ADBC13B5D7A4E94CA19DD10E2A0
Authority key identifier: 1D:D9:A9:46:79:EC:9A:B3:3E:65:E0:69:C9:AA:44:0D:B2:73:E1:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdmpRnnsmrM-ZeBpyapEDbJz4U4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/plotufd129f4UawqUlsdTfskOYU.roa
Signing time: Mon 02 Jan 2023 06:04:58 +0000
ROA not before: Mon 02 Jan 2023 06:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209803
IP address blocks: 193.32.156.0/22 maxlen: 22
2a09:880::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:4a:db:c1:3b:5d:7a:4e:94:ca:19:dd:10:e2:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dd9a94679ec9ab33e65e069c9aa440db273e14e
Validity
Not Before: Jan 2 06:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a65a2db9f775dbd7f851ac2a525b1d4dfb243985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1f:18:57:35:69:ac:4c:39:42:6c:6e:db:06:
f9:bc:7c:7b:b7:6f:52:59:93:ea:90:06:54:fa:11:
89:9d:db:62:1f:26:45:1b:5a:5e:98:da:18:1a:12:
17:df:d8:cf:9a:db:88:13:1a:a5:e4:78:6a:1d:2b:
fb:30:4f:17:42:1d:8f:a2:3d:b1:2d:ae:6f:8c:89:
be:46:bc:28:50:ed:f9:8f:36:45:15:15:b8:1e:0f:
4b:a9:e1:42:1d:f3:25:4f:3e:22:ac:b8:72:26:a6:
40:7f:94:00:df:88:0d:50:9c:c3:23:d5:89:1c:c8:
09:e4:72:4b:b7:f6:c8:b1:fc:cd:a9:eb:77:3c:aa:
43:79:95:c9:b0:fe:06:54:16:a2:c4:8f:02:6a:f8:
5b:39:a7:3e:c3:67:00:dd:16:79:86:90:e4:69:0a:
b8:7c:69:62:1a:5c:19:a4:2f:e2:e4:55:0b:cb:83:
fa:7e:49:4b:a8:b6:ae:d2:d5:f8:31:97:ea:af:9f:
16:c0:8a:5c:6e:20:be:99:8a:09:cb:05:4b:9e:5a:
8f:b0:3a:30:ea:ef:7f:d3:e9:d4:d4:9d:33:4a:a4:
5d:03:9c:36:12:ba:4d:58:50:40:f1:44:6b:ef:9f:
51:28:cd:bf:a6:56:1c:cb:6a:21:30:b7:33:17:cf:
7b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:5A:2D:B9:F7:75:DB:D7:F8:51:AC:2A:52:5B:1D:4D:FB:24:39:85
X509v3 Authority Key Identifier:
keyid:1D:D9:A9:46:79:EC:9A:B3:3E:65:E0:69:C9:AA:44:0D:B2:73:E1:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdmpRnnsmrM-ZeBpyapEDbJz4U4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/plotufd129f4UawqUlsdTfskOYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/HdmpRnnsmrM-ZeBpyapEDbJz4U4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.156.0/22
IPv6:
2a09:880::/29
Signature Algorithm: sha256WithRSAEncryption
42:8e:26:1c:3f:d9:27:0d:e5:2a:83:92:a4:1c:dc:49:27:2b:
9f:0e:58:41:eb:18:ef:7d:de:a4:15:4b:a5:6c:82:7d:ee:2d:
a2:43:04:6e:2b:7d:29:6b:d7:30:e5:12:95:5c:15:32:6c:31:
74:08:14:7f:7d:41:c3:f8:30:7e:f3:39:f1:5a:a8:e6:90:16:
16:83:b0:32:7c:5f:3d:47:59:e8:28:1b:1d:20:fa:3c:9e:92:
85:70:8d:09:b9:d3:ed:15:0c:fc:02:e6:26:f7:21:d1:83:d2:
d6:65:d8:fa:af:e5:7f:b6:f7:ae:3a:40:b1:ed:a0:b9:99:cb:
94:8b:34:ee:06:f4:d0:64:b3:02:04:9c:9e:a5:78:e0:99:a5:
e7:ae:f3:1d:45:8e:33:bb:22:49:0c:c1:47:e1:c8:5a:03:6c:
48:28:84:53:d8:7d:75:70:30:0d:95:46:f0:d9:7e:f1:3c:0d:
c3:21:89:fe:c0:21:30:98:be:19:b6:41:03:4a:6b:ee:50:ce:
1b:59:da:7f:ef:83:7b:0d:5b:d0:2f:20:31:7a:93:5c:ab:ad:
42:f1:15:ac:39:b0:2b:7f:35:7b:6d:4c:76:cf:af:07:b8:5d:
3c:a5:c5:da:7a:a8:dc:8a:40:6f:45:d7:f7:d8:e4:85:87:84:
5f:9c:d9:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxFUrbwTtdek6UyhndEOKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDlhOTQ2NzllYzlhYjMzZTY1ZTA2OWM5YWE0NDBkYjI3
M2UxNGUwHhcNMjMwMTAyMDYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjVhMmRiOWY3NzVkYmQ3Zjg1MWFjMmE1MjViMWQ0ZGZiMjQzOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzR8YVzVprEw5Qmxu2wb5vHx7t29S
WZPqkAZU+hGJndtiHyZFG1pemNoYGhIX39jPmtuIExql5HhqHSv7ME8XQh2Poj2x
La5vjIm+RrwoUO35jzZFFRW4Hg9LqeFCHfMlTz4irLhyJqZAf5QA34gNUJzDI9WJ
HMgJ5HJLt/bIsfzNqet3PKpDeZXJsP4GVBaixI8CavhbOac+w2cA3RZ5hpDkaQq4
fGliGlwZpC/i5FULy4P6fklLqLau0tX4MZfqr58WwIpcbiC+mYoJywVLnlqPsDow
6u9/0+nU1J0zSqRdA5w2ErpNWFBA8URr759RKM2/plYcy2ohMLczF897vwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKZaLbn3ddvX+FGsKlJbHU37JDmFMB8GA1UdIwQY
MBaAFB3ZqUZ57JqzPmXgacmqRA2yc+FOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRtcFJubnNtck0tWmVCcHlhcEVEYkp6NFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hM2I5YjktMjE3Yy00MWM5LTk0NzYt
MjdkZDBhZDJhZGYzLzEvcGxvdHVmZDEyOWY0VWF3cVVsc2RUZnNrT1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hM2I5YjktMjE3Yy00MWM5LTk0NzYtMjdkZDBhZDJhZGYz
LzEvSGRtcFJubnNtck0tWmVCcHlhcEVEYkp6NFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwSCcMA0E
AgACMAcDBQMqCQiAMA0GCSqGSIb3DQEBCwUAA4IBAQBCjiYcP9knDeUqg5KkHNxJ
JyufDlhB6xjvfd6kFUulbIJ97i2iQwRuK30pa9cw5RKVXBUybDF0CBR/fUHD+DB+
8znxWqjmkBYWg7AyfF89R1noKBsdIPo8npKFcI0JudPtFQz8AuYm9yHRg9LWZdj6
r+V/tveuOkCx7aC5mcuUizTuBvTQZLMCBJyepXjgmaXnrvMdRY4zuyJJDMFH4cha
A2xIKIRT2H11cDANlUbw2X7xPA3DIYn+wCEwmL4ZtkEDSmvuUM4bWdp/74N7DVvQ
LyAxepNcq61C8RWsObArfzV7bUx2z68HuF08pcXaeqjcikBvRdf32OSFh4RfnNn4
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:57 2024 by rpki-client on console-fra.rpki-client.org