Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/493b98-7f59-4f61-9945-1e8ddafe3a14/1/_dwXmFKBsbjfx3hemEUms7TPI4A.roa
File: _dwXmFKBsbjfx3hemEUms7TPI4A.roa (raw, json)
Hash identifier: Usi6VqnJIAbqP/+tpsPJImw6jFwalLFoaBJS57dmPq4=
Subject key identifier: FD:DC:17:98:52:81:B1:B8:DF:C7:78:5E:98:45:26:B3:B4:CF:23:80
Certificate issuer: /CN=08fcf0ed5b5677c1155f2b784c6d73d8093af1aa
Certificate serial: 01856FA6FE2D1C639C2A69933A78435367E2
Authority key identifier: 08:FC:F0:ED:5B:56:77:C1:15:5F:2B:78:4C:6D:73:D8:09:3A:F1:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPzw7VtWd8EVXyt4TG1z2Ak68ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/493b98-7f59-4f61-9945-1e8ddafe3a14/1/_dwXmFKBsbjfx3hemEUms7TPI4A.roa
Signing time: Sun 01 Jan 2023 23:24:53 +0000
ROA not before: Sun 01 Jan 2023 23:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15763
IP address blocks: 193.28.40.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:fe:2d:1c:63:9c:2a:69:93:3a:78:43:53:67:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcf0ed5b5677c1155f2b784c6d73d8093af1aa
Validity
Not Before: Jan 1 23:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fddc17985281b1b8dfc7785e984526b3b4cf2380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:64:e7:2a:b1:fb:a1:0f:b2:28:d7:69:75:8d:
db:49:26:25:68:4f:dc:e1:2f:02:1f:7f:56:a3:78:
34:7e:ff:a0:6f:b1:e5:bc:ba:03:e8:0d:2d:58:3c:
22:90:94:63:62:9e:9c:02:e8:ab:17:3d:d5:d2:e6:
9d:65:ff:56:f0:53:07:a5:90:f2:6a:f0:59:7e:82:
48:4e:2f:37:e2:e3:e6:0d:94:ee:4b:33:e2:79:71:
e1:a6:93:ab:ee:52:89:bb:08:d5:a2:89:c7:5a:54:
3f:62:ad:84:fa:e9:08:e5:1f:b2:ab:ea:93:04:d2:
72:f2:4f:56:50:5d:cf:61:ba:42:f9:a3:01:6e:97:
43:04:a2:01:34:4c:c2:3a:7d:15:63:49:e7:05:cc:
6d:3f:a3:c1:b7:37:6b:5c:fb:e3:c8:a4:8b:44:03:
ba:96:78:3f:d5:83:84:03:07:7b:82:b0:33:b4:c3:
f1:2b:c7:3f:e9:ca:8d:4a:fe:a4:bf:10:17:63:70:
53:ee:31:01:18:92:b3:8e:92:b0:a7:40:5d:07:69:
a2:83:43:4c:6b:3c:68:1d:b8:cc:c6:e4:35:93:17:
b1:57:2d:7b:77:a9:60:93:f4:5d:53:61:ec:e4:d3:
4c:0c:44:6b:28:bd:ad:56:75:2e:ef:06:ed:b3:a8:
09:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:DC:17:98:52:81:B1:B8:DF:C7:78:5E:98:45:26:B3:B4:CF:23:80
X509v3 Authority Key Identifier:
keyid:08:FC:F0:ED:5B:56:77:C1:15:5F:2B:78:4C:6D:73:D8:09:3A:F1:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPzw7VtWd8EVXyt4TG1z2Ak68ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/493b98-7f59-4f61-9945-1e8ddafe3a14/1/_dwXmFKBsbjfx3hemEUms7TPI4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/493b98-7f59-4f61-9945-1e8ddafe3a14/1/CPzw7VtWd8EVXyt4TG1z2Ak68ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.40.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:6c:1b:7f:7c:24:e4:40:c9:9d:cb:54:d9:75:d5:b6:1c:37:
44:ae:1e:b4:95:8c:0f:0f:70:34:70:fc:4a:34:21:2e:02:1d:
94:91:59:08:c2:d1:af:77:37:24:78:d4:82:0c:99:c5:f2:6d:
0e:0b:ec:0a:33:70:11:9d:e1:6d:dc:a8:c9:4d:4c:5e:09:f6:
89:59:cb:2d:05:59:61:6b:f5:c4:8b:3d:bc:2b:3e:d2:c8:cb:
90:9b:3e:a0:b2:de:f3:59:f6:6e:bf:20:ae:10:9e:50:d5:d0:
4d:c8:a2:26:1c:7a:eb:99:35:ac:c6:49:13:1b:69:1c:47:f4:
5b:cb:4e:e2:01:c3:ab:29:4b:3d:05:16:1c:ce:da:71:c7:76:
20:df:ea:dc:4d:9a:ee:e2:b0:10:95:bd:19:d8:a7:71:17:b9:
2f:12:e4:21:34:55:6b:d4:b5:c2:d3:ac:56:b3:6f:40:39:04:
a5:4c:e5:90:ed:ad:16:64:56:e5:80:47:e5:4a:ac:8d:ad:a4:
01:7e:80:f0:22:7c:90:14:60:ee:81:06:ae:82:87:67:ae:5f:
d8:54:57:20:95:15:d0:19:bf:9f:22:26:f0:00:f6:a4:e6:f1:
52:8f:f4:88:25:f0:2d:53:c5:11:58:35:65:28:15:84:38:68:
34:31:16:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpv4tHGOcKmmTOnhDU2fiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmNmMGVkNWI1Njc3YzExNTVmMmI3ODRjNmQ3M2Q4MDkz
YWYxYWEwHhcNMjMwMTAxMjMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGRjMTc5ODUyODFiMWI4ZGZjNzc4NWU5ODQ1MjZiM2I0Y2YyMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGTnKrH7oQ+yKNdpdY3bSSYlaE/c
4S8CH39Wo3g0fv+gb7HlvLoD6A0tWDwikJRjYp6cAuirFz3V0uadZf9W8FMHpZDy
avBZfoJITi834uPmDZTuSzPieXHhppOr7lKJuwjVoonHWlQ/Yq2E+ukI5R+yq+qT
BNJy8k9WUF3PYbpC+aMBbpdDBKIBNEzCOn0VY0nnBcxtP6PBtzdrXPvjyKSLRAO6
lng/1YOEAwd7grAztMPxK8c/6cqNSv6kvxAXY3BT7jEBGJKzjpKwp0BdB2mig0NM
azxoHbjMxuQ1kxexVy17d6lgk/RdU2Hs5NNMDERrKL2tVnUu7wbts6gJ0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3cF5hSgbG438d4XphFJrO0zyOAMB8GA1UdIwQY
MBaAFAj88O1bVnfBFV8reExtc9gJOvGqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B6dzdWdFdkOEVWWHl0NFRHMXoyQWs2OGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi80OTNiOTgtN2Y1OS00ZjYxLTk5NDUt
MWU4ZGRhZmUzYTE0LzEvX2R3WG1GS0JzYmpmeDNoZW1FVW1zN1RQSTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi80OTNiOTgtN2Y1OS00ZjYxLTk5NDUtMWU4ZGRhZmUzYTE0
LzEvQ1B6dzdWdFdkOEVWWHl0NFRHMXoyQWs2OGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwRwoMA0G
CSqGSIb3DQEBCwUAA4IBAQCKbBt/fCTkQMmdy1TZddW2HDdErh60lYwPD3A0cPxK
NCEuAh2UkVkIwtGvdzckeNSCDJnF8m0OC+wKM3ARneFt3KjJTUxeCfaJWcstBVlh
a/XEiz28Kz7SyMuQmz6gst7zWfZuvyCuEJ5Q1dBNyKImHHrrmTWsxkkTG2kcR/Rb
y07iAcOrKUs9BRYcztpxx3Yg3+rcTZru4rAQlb0Z2KdxF7kvEuQhNFVr1LXC06xW
s29AOQSlTOWQ7a0WZFblgEflSqyNraQBfoDwInyQFGDugQaugodnrl/YVFcglRXQ
Gb+fIibwAPak5vFSj/SIJfAtU8URWDVlKBWEOGg0MRbt
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:57:12 2024 by rpki-client on console-fra.rpki-client.org