Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/9aC19TAOh2CTAAdkz-p0dSjkIds.roa
File: 9aC19TAOh2CTAAdkz-p0dSjkIds.roa (raw, json)
Hash identifier: RmZ0n+bUJf1UhUvzsGj5/WV2+lgzoaapqFHAfewhdkY=
Subject key identifier: F5:A0:B5:F5:30:0E:87:60:93:00:07:64:CF:EA:74:75:28:E4:21:DB
Certificate issuer: /CN=573104ff3568cb99b7f5024e73ff2aea0563ce6a
Certificate serial: 018CC86F06AFC217443971B0C2C2AADFAEB4
Authority key identifier: 57:31:04:FF:35:68:CB:99:B7:F5:02:4E:73:FF:2A:EA:05:63:CE:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VzEE_zVoy5m39QJOc_8q6gVjzmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/9aC19TAOh2CTAAdkz-p0dSjkIds.roa
Signing time: Tue 02 Jan 2024 04:29:28 +0000
ROA not before: Tue 02 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211960
IP address blocks: 193.228.137.0/24 maxlen: 24
2a04:1ac1:11::/48 maxlen: 48
2a04:1ac1:1::/48 maxlen: 48
2001:67c:2924::/48 maxlen: 48
2a04:1ac0:fff3::/48 maxlen: 48
2a04:1ac1:2::/48 maxlen: 48
2a04:1ac0:fff4::/48 maxlen: 48
2a04:1ac1:3::/48 maxlen: 48
2a04:1ac1:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 11 Aug 2024 15:22:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:06:af:c2:17:44:39:71:b0:c2:c2:aa:df:ae:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=573104ff3568cb99b7f5024e73ff2aea0563ce6a
Validity
Not Before: Jan 2 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5a0b5f5300e876093000764cfea747528e421db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:63:98:53:bf:b3:18:00:b9:ae:7a:c4:e7:b8:
20:d0:0c:20:c5:83:59:61:01:f7:5b:f7:84:62:7b:
c3:4a:26:54:a7:10:08:19:97:68:7f:4d:b8:aa:8e:
cf:a5:a8:b4:7c:ae:fd:4d:b5:35:48:67:a6:b4:79:
ec:21:04:9c:46:92:0c:53:21:90:57:4d:fd:fa:b6:
67:3c:21:5e:b4:65:19:e7:59:1b:78:2a:a0:77:a8:
0a:ca:b9:1b:91:a3:4d:65:ed:8e:dc:be:1a:62:6d:
48:de:c9:4c:2e:dd:e4:5e:23:52:b8:ab:cb:7a:05:
90:67:cd:14:8f:48:ef:13:b6:66:cf:3d:8a:49:94:
2b:5c:75:65:69:cf:74:42:91:fa:7e:de:bb:47:fe:
df:57:ae:61:50:1b:e2:7b:e9:f1:a1:84:ad:1b:d3:
13:e5:10:9a:ab:50:f8:fb:66:9c:dc:69:2d:0a:13:
17:15:35:1d:f1:13:a6:83:cf:79:73:1c:6c:8e:c1:
f1:1d:ad:f3:f5:a9:8b:d0:5b:50:73:82:35:2a:45:
3b:91:24:78:b9:b8:b5:27:cf:96:dc:a9:3b:df:54:
77:3c:4d:80:57:d8:36:b3:9b:c0:50:7f:68:77:d7:
89:08:3b:58:d6:c3:af:a7:a1:9f:3d:86:1b:72:7f:
ba:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A0:B5:F5:30:0E:87:60:93:00:07:64:CF:EA:74:75:28:E4:21:DB
X509v3 Authority Key Identifier:
keyid:57:31:04:FF:35:68:CB:99:B7:F5:02:4E:73:FF:2A:EA:05:63:CE:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VzEE_zVoy5m39QJOc_8q6gVjzmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/9aC19TAOh2CTAAdkz-p0dSjkIds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/VzEE_zVoy5m39QJOc_8q6gVjzmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.137.0/24
IPv6:
2001:67c:2924::/48
2a04:1ac0:fff3::-2a04:1ac0:fff4:ffff:ffff:ffff:ffff:ffff
2a04:1ac1:1::-2a04:1ac1:3:ffff:ffff:ffff:ffff:ffff
2a04:1ac1:10::/47
Signature Algorithm: sha256WithRSAEncryption
74:63:79:46:18:10:2c:61:58:c2:95:a1:c7:33:29:93:42:61:
85:aa:07:46:00:ce:bf:1e:d3:09:fb:44:4a:45:35:22:f8:b1:
06:39:cd:95:8f:7b:aa:a4:14:d6:0e:36:92:ae:83:8d:1e:00:
c7:2b:c6:eb:40:38:28:e3:ea:f4:b3:37:80:07:b8:df:32:71:
0a:6b:41:df:8f:cd:43:e0:aa:02:60:08:fc:97:c7:d0:63:56:
50:e6:c5:1f:2d:79:93:5e:f3:d3:34:e2:f3:ab:50:42:68:a5:
4a:be:2e:7b:e1:a2:80:5d:df:1a:86:bc:ba:3a:64:2d:c0:78:
6f:f5:50:ea:0c:d7:1f:63:20:85:ce:98:f2:d9:88:29:ea:8e:
83:e7:a2:93:f6:1c:7f:0c:68:ae:3c:b2:3d:8d:8f:a1:7b:f3:
65:d4:1e:51:39:0d:ce:30:f3:82:1e:7d:dc:86:9a:5d:62:65:
0c:d9:0d:0e:f1:8f:40:c2:6a:b0:85:b1:b2:1f:84:d8:11:20:
39:3c:11:6b:a9:1c:4c:34:b6:d8:32:56:cf:f3:cf:d6:3c:b2:
62:33:51:10:e5:ca:f2:d5:cc:68:16:ce:11:fa:ba:70:16:0a:
fa:e5:d5:9e:58:76:d5:27:70:61:f9:7c:00:62:80:b8:53:8a:
96:38:c9:0a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzIbwavwhdEOXGwwsKq3660MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MzEwNGZmMzU2OGNiOTliN2Y1MDI0ZTczZmYyYWVhMDU2
M2NlNmEwHhcNMjQwMTAyMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWEwYjVmNTMwMGU4NzYwOTMwMDA3NjRjZmVhNzQ3NTI4ZTQyMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGOYU7+zGAC5rnrE57gg0AwgxYNZ
YQH3W/eEYnvDSiZUpxAIGZdof024qo7Ppai0fK79TbU1SGemtHnsIQScRpIMUyGQ
V039+rZnPCFetGUZ51kbeCqgd6gKyrkbkaNNZe2O3L4aYm1I3slMLt3kXiNSuKvL
egWQZ80Uj0jvE7Zmzz2KSZQrXHVlac90QpH6ft67R/7fV65hUBvie+nxoYStG9MT
5RCaq1D4+2ac3GktChMXFTUd8ROmg895cxxsjsHxHa3z9amL0FtQc4I1KkU7kSR4
ubi1J8+W3Kk731R3PE2AV9g2s5vAUH9od9eJCDtY1sOvp6GfPYYbcn+6EwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPWgtfUwDodgkwAHZM/qdHUo5CHbMB8GA1UdIwQY
MBaAFFcxBP81aMuZt/UCTnP/KuoFY85qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnpFRV96Vm95NW0zOVFKT2NfOHE2Z1Zqem1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8zZTc2ZmMtNWRjZC00YmE1LTg0OTUt
MTk5OGNiOWQwNjVjLzEvOWFDMTlUQU9oMkNUQUFka3otcDBkU2prSWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8zZTc2ZmMtNWRjZC00YmE1LTg0OTUtMTk5OGNiOWQwNjVj
LzEvVnpFRV96Vm95NW0zOVFKT2NfOHE2Z1Zqem1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAMBAIAATAGAwQAweSJMEAE
AgACMDoDBwAgAQZ8KSQwEgMHACoEGsD/8wMHACoEGsD/9DASAwcAKgQawQABAwcC
KgQawQAAAwcBKgQawQAQMA0GCSqGSIb3DQEBCwUAA4IBAQB0Y3lGGBAsYVjClaHH
MymTQmGFqgdGAM6/HtMJ+0RKRTUi+LEGOc2Vj3uqpBTWDjaSroONHgDHK8brQDgo
4+r0szeAB7jfMnEKa0Hfj81D4KoCYAj8l8fQY1ZQ5sUfLXmTXvPTNOLzq1BCaKVK
vi574aKAXd8ahry6OmQtwHhv9VDqDNcfYyCFzpjy2Ygp6o6D56KT9hx/DGiuPLI9
jY+he/Nl1B5ROQ3OMPOCHn3chppdYmUM2Q0O8Y9AwmqwhbGyH4TYESA5PBFrqRxM
NLbYMlbP88/WPLJiM1EQ5cry1cxoFs4R+rpwFgr65dWeWHbVJ3Bh+XwAYoC4U4qW
OMkK
-----END CERTIFICATE-----
Generated at Sun Aug 11 17:36:02 2024 by rpki-client on console-ams.rpki-client.org