Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/y84ZoutHeh2hwFOfCC_lEFKoZig.roa
File: y84ZoutHeh2hwFOfCC_lEFKoZig.roa (raw, json)
Hash identifier: /JiJMBQ+vrehy3z/doIG+gYgDTYCDOvad03RPDaTjFE=
Subject key identifier: CB:CE:19:A2:EB:47:7A:1D:A1:C0:53:9F:08:2F:E5:10:52:A8:66:28
Certificate issuer: /CN=72bd0e36e1c202304a35133b11666625e5d6e5ef
Certificate serial: 0186218ACA83A5137AFACA0196F0F0FE4030
Authority key identifier: 72:BD:0E:36:E1:C2:02:30:4A:35:13:3B:11:66:66:25:E5:D6:E5:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/y84ZoutHeh2hwFOfCC_lEFKoZig.roa
Signing time: Sun 05 Feb 2023 12:26:29 +0000
ROA not before: Sun 05 Feb 2023 12:26:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207297
IP address blocks: 193.135.29.0/24 maxlen: 24
2a10:1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:21:8a:ca:83:a5:13:7a:fa:ca:01:96:f0:f0:fe:40:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72bd0e36e1c202304a35133b11666625e5d6e5ef
Validity
Not Before: Feb 5 12:26:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbce19a2eb477a1da1c0539f082fe51052a86628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d0:6a:ab:42:36:c2:08:59:98:b3:d6:0d:9a:
eb:18:97:9c:8c:5d:d2:96:e4:8b:8d:a1:e0:b0:8f:
b6:d4:15:55:b9:48:b0:58:46:75:e9:55:2b:14:ec:
15:8f:fe:41:b8:39:8a:06:0c:4e:ea:32:b2:a6:f3:
d7:40:3e:c6:e7:e1:41:5f:1f:89:15:d7:d3:19:56:
ef:e2:d4:2a:c5:32:ee:0a:e4:d2:af:11:9b:bc:4e:
3b:29:b8:ec:c7:ba:1e:a5:a3:c3:52:89:4a:59:fe:
cd:6b:4c:e7:cb:8d:43:aa:7e:d8:42:24:1f:85:11:
52:a1:f6:bb:a0:b4:bb:84:74:32:a2:58:63:c1:c1:
48:60:47:36:a9:55:a4:5c:cd:32:7f:de:43:88:95:
6f:e9:7d:73:4d:fd:27:48:46:46:a2:4e:2f:0a:64:
3d:db:06:ec:6d:fb:21:4c:e0:b7:e2:8b:76:51:5d:
ce:21:c4:c5:45:6b:61:ba:2a:9a:46:a5:46:77:4f:
ca:ca:e1:c5:4c:40:5f:1e:80:4f:4d:32:90:b5:9f:
d5:26:c0:5a:73:06:13:97:cd:70:6b:23:9f:16:e7:
1b:e0:77:17:d8:24:08:19:88:51:c4:ba:df:78:53:
09:e7:b7:c8:45:15:b7:a4:2f:fd:70:7a:b9:14:b0:
5e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:CE:19:A2:EB:47:7A:1D:A1:C0:53:9F:08:2F:E5:10:52:A8:66:28
X509v3 Authority Key Identifier:
keyid:72:BD:0E:36:E1:C2:02:30:4A:35:13:3B:11:66:66:25:E5:D6:E5:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/y84ZoutHeh2hwFOfCC_lEFKoZig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.29.0/24
IPv6:
2a10:1c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:c7:26:d7:78:a6:54:1f:5f:80:5a:a5:4c:1c:42:d5:c9:01:
d4:61:12:d7:93:27:7a:11:fb:93:42:31:51:cd:b1:9d:47:f5:
03:9e:84:12:27:fc:58:84:f8:2b:ce:cb:65:a5:df:c6:9a:de:
f0:a5:2a:f7:ec:5a:b8:25:46:7f:78:75:3d:f1:9f:0f:55:7a:
0d:5e:e9:48:15:19:9b:e4:6e:a9:12:53:93:3a:5c:9f:dd:34:
8d:ff:a6:31:33:70:d2:67:15:c5:6d:cc:13:43:d3:03:28:cf:
ae:98:0c:27:37:db:c3:3b:d8:f4:53:72:66:3c:f0:25:47:0d:
53:d5:00:68:8f:89:ba:e0:9c:8f:66:83:c4:be:b9:e5:1e:32:
00:78:de:c7:26:c9:87:4c:dc:5b:a6:98:8c:82:2a:96:2d:57:
af:3c:00:7a:93:78:a3:f4:f4:1d:85:c1:a4:6f:cf:bc:ae:02:
04:73:3a:92:46:95:b9:98:38:4e:9e:4b:d7:ca:92:69:62:c1:
9c:3e:1e:24:00:8f:32:38:f3:00:9d:29:81:1d:57:f6:68:82:
de:d3:fc:55:d3:71:46:ce:eb:f1:d5:fd:3e:91:a8:22:23:0c:
ee:60:66:a4:7a:2d:c6:a1:82:98:92:b7:ea:75:7c:71:2b:a6:
32:8d:8d:c8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYhisqDpRN6+soBlvDw/kAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYmQwZTM2ZTFjMjAyMzA0YTM1MTMzYjExNjY2NjI1ZTVk
NmU1ZWYwHhcNMjMwMjA1MTIyNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmNlMTlhMmViNDc3YTFkYTFjMDUzOWYwODJmZTUxMDUyYTg2NjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdBqq0I2wghZmLPWDZrrGJecjF3S
luSLjaHgsI+21BVVuUiwWEZ16VUrFOwVj/5BuDmKBgxO6jKypvPXQD7G5+FBXx+J
FdfTGVbv4tQqxTLuCuTSrxGbvE47Kbjsx7oepaPDUolKWf7Na0zny41Dqn7YQiQf
hRFSofa7oLS7hHQyolhjwcFIYEc2qVWkXM0yf95DiJVv6X1zTf0nSEZGok4vCmQ9
2wbsbfshTOC34ot2UV3OIcTFRWthuiqaRqVGd0/KyuHFTEBfHoBPTTKQtZ/VJsBa
cwYTl81wayOfFucb4HcX2CQIGYhRxLrfeFMJ57fIRRW3pC/9cHq5FLBedQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMvOGaLrR3odocBTnwgv5RBSqGYoMB8GA1UdIwQY
MBaAFHK9DjbhwgIwSjUTOxFmZiXl1uXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81MjQ3NmQtYTc5NC00N2Q1LThmNTAt
YWVkYTgyNDY3OGQ0LzEveTg0Wm91dEhlaDJod0ZPZkNDX2xFRktvWmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81MjQ3NmQtYTc5NC00N2Q1LThmNTAtYWVkYTgyNDY3OGQ0
LzEvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwYcdMA0E
AgACMAcDBQMqEAHAMA0GCSqGSIb3DQEBCwUAA4IBAQCexybXeKZUH1+AWqVMHELV
yQHUYRLXkyd6EfuTQjFRzbGdR/UDnoQSJ/xYhPgrzstlpd/Gmt7wpSr37Fq4JUZ/
eHU98Z8PVXoNXulIFRmb5G6pElOTOlyf3TSN/6YxM3DSZxXFbcwTQ9MDKM+umAwn
N9vDO9j0U3JmPPAlRw1T1QBoj4m64JyPZoPEvrnlHjIAeN7HJsmHTNxbppiMgiqW
LVevPAB6k3ij9PQdhcGkb8+8rgIEczqSRpW5mDhOnkvXypJpYsGcPh4kAI8yOPMA
nSmBHVf2aILe0/xV03FGzuvx1f0+kagiIwzuYGakei3GoYKYkrfqdXxxK6YyjY3I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:54 2024 by rpki-client on console-ams.rpki-client.org