Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/7d8900-be76-40e2-8c99-70f943eac4db/1/PIqY1G5DvFri31Q_2d4LCU1oYOk.roa
File: PIqY1G5DvFri31Q_2d4LCU1oYOk.roa (raw, json)
Hash identifier: /tyNTP1eIPwoR0ahXCRJdyJZII+1MqQpHqLWZWYtVcs=
Subject key identifier: 3C:8A:98:D4:6E:43:BC:5A:E2:DF:54:3F:D9:DE:0B:09:4D:68:60:E9
Certificate issuer: /CN=89693344638acb0536582fab089876578ef6bc56
Certificate serial: 01856FF970EBDBDBEDD22089F0F73DC56FC5
Authority key identifier: 89:69:33:44:63:8A:CB:05:36:58:2F:AB:08:98:76:57:8E:F6:BC:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWkzRGOKywU2WC-rCJh2V472vFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/7d8900-be76-40e2-8c99-70f943eac4db/1/PIqY1G5DvFri31Q_2d4LCU1oYOk.roa
Signing time: Mon 02 Jan 2023 00:54:56 +0000
ROA not before: Mon 02 Jan 2023 00:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48890
IP address blocks: 193.23.142.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:70:eb:db:db:ed:d2:20:89:f0:f7:3d:c5:6f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89693344638acb0536582fab089876578ef6bc56
Validity
Not Before: Jan 2 00:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c8a98d46e43bc5ae2df543fd9de0b094d6860e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:38:dc:80:4b:14:dd:48:9b:1c:65:91:dd:60:
67:00:d4:b8:8c:63:4c:32:0c:33:20:a2:e5:06:5a:
9a:42:07:ce:f4:8a:c2:90:44:48:95:ba:13:77:4a:
68:d8:81:9a:d5:8e:22:c8:8f:a1:83:0a:ae:ca:c2:
11:ae:4d:04:94:0b:b8:0d:99:2b:d9:5b:8d:1b:9b:
c1:d8:8a:ca:f7:e0:dc:ba:26:71:a2:6e:27:76:29:
d7:e4:15:18:06:2c:9d:98:ac:c6:02:12:22:63:45:
23:ad:52:ba:3f:d0:80:a0:cc:46:88:70:9e:51:af:
af:cd:29:6f:0b:6d:49:73:6d:1f:f1:27:51:ff:7e:
4f:d1:c9:f1:5c:6e:29:a7:d2:59:11:4c:0c:75:64:
81:51:39:d3:01:28:dd:22:9f:13:61:08:dd:f9:46:
94:6e:03:4f:d9:24:77:64:34:bd:e6:6f:0b:f3:b9:
b0:99:9d:68:0e:05:8d:5f:2c:42:02:48:2a:d8:b1:
6b:7f:30:45:64:56:c5:fa:24:2e:cf:af:c8:77:d2:
7f:8b:32:4a:e2:f0:73:d1:d6:ef:d5:25:61:71:cb:
4f:7b:69:70:55:15:a3:97:57:8b:7d:f1:66:c4:21:
95:5f:9a:b8:fa:c5:5f:65:85:b0:35:fc:5d:6f:84:
cc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:8A:98:D4:6E:43:BC:5A:E2:DF:54:3F:D9:DE:0B:09:4D:68:60:E9
X509v3 Authority Key Identifier:
keyid:89:69:33:44:63:8A:CB:05:36:58:2F:AB:08:98:76:57:8E:F6:BC:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWkzRGOKywU2WC-rCJh2V472vFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7d8900-be76-40e2-8c99-70f943eac4db/1/PIqY1G5DvFri31Q_2d4LCU1oYOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7d8900-be76-40e2-8c99-70f943eac4db/1/iWkzRGOKywU2WC-rCJh2V472vFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.142.0/24
Signature Algorithm: sha256WithRSAEncryption
53:30:49:8b:ab:4d:71:5f:ee:cf:e6:ca:92:60:ee:b0:29:b3:
2d:49:c5:90:d0:58:f2:5c:d0:86:97:1e:31:55:f0:30:54:34:
ff:0a:67:3d:c1:7d:f1:57:72:3d:41:b4:75:54:94:97:8b:71:
81:c0:bd:c1:10:d7:6e:32:ef:97:1e:e7:1a:5c:45:10:16:df:
a9:32:49:da:60:e7:90:3b:b3:df:b3:9e:c8:bc:21:a9:7f:d4:
42:fd:4a:f2:e6:8b:cc:d0:79:76:bb:4a:47:c1:3f:4e:d6:7b:
e3:ef:fa:7d:bd:40:1a:c0:ae:d1:a5:73:64:ca:98:51:62:65:
cc:30:77:0f:9d:25:5b:25:81:3b:c5:34:1a:a8:fa:39:84:7e:
24:3e:97:d9:96:9e:b4:60:d3:e5:65:56:3a:03:ea:10:05:d2:
57:15:7b:da:7c:7b:14:74:68:06:b0:00:93:17:7e:b8:b8:10:
51:4a:b8:2a:a1:1a:a9:7a:46:84:fe:3d:41:65:3e:f9:9c:28:
bb:9d:d6:f7:3b:04:6a:a6:8e:f0:24:6e:f8:f7:83:f3:b8:37:
29:56:d3:38:ec:fc:89:ff:06:ff:5f:af:9c:3b:12:e2:69:a2:
99:95:e9:9d:8d:29:3f:ae:dd:54:34:d6:5c:e1:e1:b7:d6:7f:
12:1f:55:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+XDr29vt0iCJ8Pc9xW/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NjkzMzQ0NjM4YWNiMDUzNjU4MmZhYjA4OTg3NjU3OGVm
NmJjNTYwHhcNMjMwMTAyMDA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzhhOThkNDZlNDNiYzVhZTJkZjU0M2ZkOWRlMGIwOTRkNjg2MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDjcgEsU3UibHGWR3WBnANS4jGNM
MgwzIKLlBlqaQgfO9IrCkERIlboTd0po2IGa1Y4iyI+hgwquysIRrk0ElAu4DZkr
2VuNG5vB2IrK9+DcuiZxom4ndinX5BUYBiydmKzGAhIiY0UjrVK6P9CAoMxGiHCe
Ua+vzSlvC21Jc20f8SdR/35P0cnxXG4pp9JZEUwMdWSBUTnTASjdIp8TYQjd+UaU
bgNP2SR3ZDS95m8L87mwmZ1oDgWNXyxCAkgq2LFrfzBFZFbF+iQuz6/Id9J/izJK
4vBz0dbv1SVhcctPe2lwVRWjl1eLffFmxCGVX5q4+sVfZYWwNfxdb4TMuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyKmNRuQ7xa4t9UP9neCwlNaGDpMB8GA1UdIwQY
MBaAFIlpM0RjissFNlgvqwiYdleO9rxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdrelJHT0t5d1UyV0MtckNKaDJWNDcydkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi83ZDg5MDAtYmU3Ni00MGUyLThjOTkt
NzBmOTQzZWFjNGRiLzEvUElxWTFHNUR2RnJpMzFRXzJkNExDVTFvWU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi83ZDg5MDAtYmU3Ni00MGUyLThjOTktNzBmOTQzZWFjNGRi
LzEvaVdrelJHT0t5d1UyV0MtckNKaDJWNDcydkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwReOMA0G
CSqGSIb3DQEBCwUAA4IBAQBTMEmLq01xX+7P5sqSYO6wKbMtScWQ0FjyXNCGlx4x
VfAwVDT/Cmc9wX3xV3I9QbR1VJSXi3GBwL3BENduMu+XHucaXEUQFt+pMknaYOeQ
O7Pfs57IvCGpf9RC/Ury5ovM0Hl2u0pHwT9O1nvj7/p9vUAawK7RpXNkyphRYmXM
MHcPnSVbJYE7xTQaqPo5hH4kPpfZlp60YNPlZVY6A+oQBdJXFXvafHsUdGgGsACT
F364uBBRSrgqoRqpekaE/j1BZT75nCi7ndb3OwRqpo7wJG7494PzuDcpVtM47PyJ
/wb/X6+cOxLiaaKZlemdjSk/rt1UNNZc4eG31n8SH1WF
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:31 2024 by rpki-client on console-ams.rpki-client.org