Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/e5e53a-dfe8-4e99-85a8-1e0367c07d46/1/phkmaI_ayzDa96VB61-wbgUXrGo.roa
File: phkmaI_ayzDa96VB61-wbgUXrGo.roa (raw, json)
Hash identifier: fQvc0S8ci1z9mpjPSSoL6eVSiP/9OY/iBMq4EXHRukU=
Subject key identifier: A6:19:26:68:8F:DA:CB:30:DA:F7:A5:41:EB:5F:B0:6E:05:17:AC:6A
Certificate issuer: /CN=5f1768e26ff4f9a2a8a56da4dcb7e1ec0c2e4a93
Certificate serial: 01857082D7CB5EAA2AD01D54F53A95672A56
Authority key identifier: 5F:17:68:E2:6F:F4:F9:A2:A8:A5:6D:A4:DC:B7:E1:EC:0C:2E:4A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xxdo4m_0-aKopW2k3Lfh7AwuSpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/e5e53a-dfe8-4e99-85a8-1e0367c07d46/1/phkmaI_ayzDa96VB61-wbgUXrGo.roa
Signing time: Mon 02 Jan 2023 03:25:01 +0000
ROA not before: Mon 02 Jan 2023 03:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197448
IP address blocks: 193.239.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:d7:cb:5e:aa:2a:d0:1d:54:f5:3a:95:67:2a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1768e26ff4f9a2a8a56da4dcb7e1ec0c2e4a93
Validity
Not Before: Jan 2 03:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a61926688fdacb30daf7a541eb5fb06e0517ac6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c8:a4:81:71:4b:4a:be:1f:a8:67:c2:c7:98:
24:40:cb:f1:16:88:bf:04:6a:81:ad:33:1e:3b:40:
56:0d:d8:7f:2e:8b:ec:ff:22:a6:74:ae:e8:99:fb:
5e:69:30:ec:13:fa:8f:ee:07:56:72:dd:ad:79:e6:
33:49:52:be:5a:b7:a1:eb:d4:31:25:64:2d:60:c7:
d4:67:53:bc:97:a7:c0:87:ea:87:c5:9e:1a:ec:b7:
ad:02:e7:d9:c6:9c:5f:06:de:d5:ae:62:b2:c2:de:
60:63:0b:d1:43:be:c5:62:b9:e4:3d:3d:39:2d:30:
54:2e:69:f2:ab:c2:cd:b0:7c:35:f7:36:f7:6e:3a:
89:26:24:03:34:ba:05:8e:85:7e:3f:42:d1:5f:7b:
67:bd:08:13:48:b2:d5:5b:7a:ca:36:82:6b:96:80:
df:54:fb:b6:55:9c:7c:28:cc:6d:dc:29:9f:da:b0:
63:57:16:fc:b6:1d:a6:82:1b:44:c6:db:9d:93:6f:
1f:05:7b:ac:78:f1:79:fd:8a:54:8f:b9:c2:b7:e0:
cb:64:a7:12:93:60:05:41:19:e2:c3:90:eb:a7:45:
16:3c:a0:de:0d:2e:5a:04:79:3f:18:74:a6:09:74:
b5:86:54:77:66:5a:bb:74:72:e1:d5:a2:9f:f9:6e:
b4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:19:26:68:8F:DA:CB:30:DA:F7:A5:41:EB:5F:B0:6E:05:17:AC:6A
X509v3 Authority Key Identifier:
keyid:5F:17:68:E2:6F:F4:F9:A2:A8:A5:6D:A4:DC:B7:E1:EC:0C:2E:4A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xxdo4m_0-aKopW2k3Lfh7AwuSpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/e5e53a-dfe8-4e99-85a8-1e0367c07d46/1/phkmaI_ayzDa96VB61-wbgUXrGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/e5e53a-dfe8-4e99-85a8-1e0367c07d46/1/Xxdo4m_0-aKopW2k3Lfh7AwuSpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.205.0/24
Signature Algorithm: sha256WithRSAEncryption
53:95:5e:5b:f2:02:80:24:c1:71:88:19:92:7a:30:ce:73:8e:
5c:3b:61:9b:1b:1c:e5:28:39:10:4b:0a:41:f6:f9:51:a9:f5:
de:37:cf:b0:78:bc:6f:9b:e0:af:67:af:a0:6a:ed:68:91:c0:
04:1d:18:c0:4f:b2:f8:6f:00:bf:5b:60:a5:18:a0:0e:87:7a:
01:01:ee:87:08:ff:e2:a1:ca:d6:35:66:fc:97:0f:29:65:3a:
34:db:90:0a:21:f0:80:00:78:11:b7:88:01:5d:fe:a7:82:a1:
77:de:1a:3b:ab:60:98:f8:94:c0:83:d2:0d:17:9d:4e:f1:da:
6a:36:2b:7a:40:54:9f:3b:c3:eb:90:22:71:e1:7a:00:49:f5:
cb:21:7b:05:50:f8:48:ba:3e:4b:db:0f:0b:bc:7f:af:e7:68:
76:58:bc:11:b3:0a:4a:74:11:58:64:fa:43:d3:70:32:b1:bc:
87:fd:4d:56:08:7c:93:84:68:61:a9:fd:e1:11:67:4b:45:0e:
9f:2c:de:8b:b3:5b:b6:a7:87:2f:89:13:22:42:53:e4:ba:fc:
f0:11:d1:eb:bb:7d:d1:f0:4b:8b:50:98:f3:e2:fc:dd:64:0a:
33:dd:31:be:b9:d9:e9:08:16:d4:2e:92:7b:94:a6:75:d3:91:
e6:b1:bd:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgtfLXqoq0B1U9TqVZypWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMTc2OGUyNmZmNGY5YTJhOGE1NmRhNGRjYjdlMWVjMGMy
ZTRhOTMwHhcNMjMwMTAyMDMyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjE5MjY2ODhmZGFjYjMwZGFmN2E1NDFlYjVmYjA2ZTA1MTdhYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMikgXFLSr4fqGfCx5gkQMvxFoi/
BGqBrTMeO0BWDdh/Lovs/yKmdK7omfteaTDsE/qP7gdWct2teeYzSVK+Wreh69Qx
JWQtYMfUZ1O8l6fAh+qHxZ4a7LetAufZxpxfBt7VrmKywt5gYwvRQ77FYrnkPT05
LTBULmnyq8LNsHw19zb3bjqJJiQDNLoFjoV+P0LRX3tnvQgTSLLVW3rKNoJrloDf
VPu2VZx8KMxt3Cmf2rBjVxb8th2mghtExtudk28fBXusePF5/YpUj7nCt+DLZKcS
k2AFQRniw5Drp0UWPKDeDS5aBHk/GHSmCXS1hlR3Zlq7dHLh1aKf+W605wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYZJmiP2ssw2velQetfsG4FF6xqMB8GA1UdIwQY
MBaAFF8XaOJv9PmiqKVtpNy34ewMLkqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHhkbzRtXzAtYUtvcFcyazNMZmg3QXd1U3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9lNWU1M2EtZGZlOC00ZTk5LTg1YTgt
MWUwMzY3YzA3ZDQ2LzEvcGhrbWFJX2F5ekRhOTZWQjYxLXdiZ1VYckdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9lNWU1M2EtZGZlOC00ZTk5LTg1YTgtMWUwMzY3YzA3ZDQ2
LzEvWHhkbzRtXzAtYUtvcFcyazNMZmg3QXd1U3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwe/NMA0G
CSqGSIb3DQEBCwUAA4IBAQBTlV5b8gKAJMFxiBmSejDOc45cO2GbGxzlKDkQSwpB
9vlRqfXeN8+weLxvm+CvZ6+gau1okcAEHRjAT7L4bwC/W2ClGKAOh3oBAe6HCP/i
ocrWNWb8lw8pZTo025AKIfCAAHgRt4gBXf6ngqF33ho7q2CY+JTAg9INF51O8dpq
Nit6QFSfO8PrkCJx4XoASfXLIXsFUPhIuj5L2w8LvH+v52h2WLwRswpKdBFYZPpD
03AysbyH/U1WCHyThGhhqf3hEWdLRQ6fLN6Ls1u2p4cviRMiQlPkuvzwEdHru33R
8EuLUJjz4vzdZAoz3TG+udnpCBbULpJ7lKZ105Hmsb0I
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:59 2024 by rpki-client on console-ams.rpki-client.org