Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/5a3bda-c688-4a42-946f-963993ce5181/1/xSV6Nu7Um3O3hCyngPFw9FFNstY.roa
File: xSV6Nu7Um3O3hCyngPFw9FFNstY.roa (raw, json)
Hash identifier: jkn/VCQ45/2QYe93ABVcMskS1KeFXZZm7g/D7N7jZEo=
Subject key identifier: C5:25:7A:36:EE:D4:9B:73:B7:84:2C:A7:80:F1:70:F4:51:4D:B2:D6
Certificate issuer: /CN=036aac34c66fda64b67eb96b02d819789febe861
Certificate serial: 0185715546D2D24931A0D0C936C21F9FF29B
Authority key identifier: 03:6A:AC:34:C6:6F:DA:64:B6:7E:B9:6B:02:D8:19:78:9F:EB:E8:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A2qsNMZv2mS2frlrAtgZeJ_r6GE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/5a3bda-c688-4a42-946f-963993ce5181/1/xSV6Nu7Um3O3hCyngPFw9FFNstY.roa
Signing time: Mon 02 Jan 2023 07:14:52 +0000
ROA not before: Mon 02 Jan 2023 07:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41847
IP address blocks: 193.34.170.0/23 maxlen: 24
2001:67c:2f1c::/48 maxlen: 120
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:46:d2:d2:49:31:a0:d0:c9:36:c2:1f:9f:f2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=036aac34c66fda64b67eb96b02d819789febe861
Validity
Not Before: Jan 2 07:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5257a36eed49b73b7842ca780f170f4514db2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ba:dc:db:a1:60:d3:7a:db:90:bd:01:c0:02:
4c:38:7d:d1:42:56:38:54:0a:c3:7e:00:08:a2:f7:
dd:02:42:73:21:7a:8f:02:96:e8:c8:44:53:5a:84:
8b:98:c9:c2:9d:84:71:8b:95:5e:53:b1:50:ad:cf:
d9:dd:27:e6:02:33:95:34:f5:36:e0:14:e7:c1:02:
e9:7e:2e:9d:0e:df:09:6d:70:21:b7:1b:61:d5:57:
39:f1:2f:b0:43:66:20:1e:c6:42:2b:56:17:54:b7:
f3:9a:8c:40:77:5a:d6:44:16:b4:1e:0e:c0:82:bd:
f3:c8:d6:89:bb:1c:8a:a9:09:b8:24:a3:b1:09:bb:
d9:9d:97:95:98:b1:4a:94:2c:68:3e:ae:75:19:51:
0a:66:7b:f2:34:2c:08:51:87:3f:d0:65:69:7c:ad:
f4:40:b9:4b:80:1d:7c:08:c9:03:0e:4d:87:7b:dd:
f0:e7:75:9f:75:32:7e:b9:dc:a3:7d:d0:89:72:d2:
69:b6:23:f7:ab:e8:6a:0a:44:6a:6c:c2:06:78:3a:
3b:b3:1f:c4:ce:08:7a:17:ef:dc:d3:c2:2e:fd:5a:
d5:e5:ec:24:5c:ff:6d:d3:9c:04:45:93:f2:b5:0f:
16:9a:9f:87:33:c7:10:8a:e7:28:d8:36:a6:61:70:
2e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:25:7A:36:EE:D4:9B:73:B7:84:2C:A7:80:F1:70:F4:51:4D:B2:D6
X509v3 Authority Key Identifier:
keyid:03:6A:AC:34:C6:6F:DA:64:B6:7E:B9:6B:02:D8:19:78:9F:EB:E8:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2qsNMZv2mS2frlrAtgZeJ_r6GE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/5a3bda-c688-4a42-946f-963993ce5181/1/xSV6Nu7Um3O3hCyngPFw9FFNstY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/5a3bda-c688-4a42-946f-963993ce5181/1/A2qsNMZv2mS2frlrAtgZeJ_r6GE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.170.0/23
IPv6:
2001:67c:2f1c::/48
Signature Algorithm: sha256WithRSAEncryption
a2:81:12:af:7c:69:ec:c9:5e:79:3a:b2:3c:a2:c7:9b:41:5a:
89:57:f6:b9:86:a4:52:b1:5f:81:6c:e5:f0:53:04:05:4f:de:
f6:b6:00:77:b5:a1:4e:db:86:8e:67:17:14:c1:8b:78:5e:58:
8e:38:c5:49:b3:e5:1a:3b:65:ce:4f:af:3b:76:bb:3e:d0:9a:
ad:c6:db:e8:6e:01:5e:b0:3f:28:8e:c9:0d:aa:1e:2a:e8:c3:
05:29:90:74:c1:89:29:13:6c:4c:46:67:bc:d4:b1:f7:68:8c:
9e:73:25:5f:11:a1:e8:5f:61:81:3f:4b:df:36:43:82:3a:f5:
3d:03:a2:ca:06:e3:c9:55:e7:4a:92:0b:89:69:9d:0f:fe:71:
e9:c8:46:ec:2e:da:1f:cb:35:ee:d8:d9:66:3a:d0:09:6b:ab:
83:1e:fe:c9:90:d4:6c:57:26:73:3f:ba:6b:55:d1:f2:bb:fb:
e2:c5:81:1b:f9:0f:03:de:ac:8b:59:78:3a:c8:20:62:81:f7:
6e:d1:83:9d:44:38:b8:61:db:ff:29:a6:f8:2c:22:d6:1d:b3:
19:2c:c0:fc:fc:b2:bf:d4:47:7a:eb:56:db:c6:f4:b5:9f:34:
65:59:ff:1b:2e:d3:a9:3d:9e:15:73:d1:6e:a2:36:01:b2:a0:
4f:e7:c6:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxVUbS0kkxoNDJNsIfn/KbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNmFhYzM0YzY2ZmRhNjRiNjdlYjk2YjAyZDgxOTc4OWZl
YmU4NjEwHhcNMjMwMTAyMDcxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTI1N2EzNmVlZDQ5YjczYjc4NDJjYTc4MGYxNzBmNDUxNGRiMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLrc26Fg03rbkL0BwAJMOH3RQlY4
VArDfgAIovfdAkJzIXqPApboyERTWoSLmMnCnYRxi5VeU7FQrc/Z3SfmAjOVNPU2
4BTnwQLpfi6dDt8JbXAhtxth1Vc58S+wQ2YgHsZCK1YXVLfzmoxAd1rWRBa0Hg7A
gr3zyNaJuxyKqQm4JKOxCbvZnZeVmLFKlCxoPq51GVEKZnvyNCwIUYc/0GVpfK30
QLlLgB18CMkDDk2He93w53WfdTJ+udyjfdCJctJptiP3q+hqCkRqbMIGeDo7sx/E
zgh6F+/c08Iu/VrV5ewkXP9t05wERZPytQ8Wmp+HM8cQiuco2DamYXAuJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMUlejbu1Jtzt4Qsp4DxcPRRTbLWMB8GA1UdIwQY
MBaAFANqrDTGb9pktn65awLYGXif6+hhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJxc05NWnYybVMyZnJsckF0Z1plSl9yNkdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC81YTNiZGEtYzY4OC00YTQyLTk0NmYt
OTYzOTkzY2U1MTgxLzEveFNWNk51N1VtM08zaEN5bmdQRnc5RkZOc3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC81YTNiZGEtYzY4OC00YTQyLTk0NmYtOTYzOTkzY2U1MTgx
LzEvQTJxc05NWnYybVMyZnJsckF0Z1plSl9yNkdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwSKqMA8E
AgACMAkDBwAgAQZ8LxwwDQYJKoZIhvcNAQELBQADggEBAKKBEq98aezJXnk6sjyi
x5tBWolX9rmGpFKxX4Fs5fBTBAVP3va2AHe1oU7bho5nFxTBi3heWI44xUmz5Ro7
Zc5Przt2uz7Qmq3G2+huAV6wPyiOyQ2qHirowwUpkHTBiSkTbExGZ7zUsfdojJ5z
JV8RoehfYYE/S982Q4I69T0DosoG48lV50qSC4lpnQ/+cenIRuwu2h/LNe7Y2WY6
0Alrq4Me/smQ1GxXJnM/umtV0fK7++LFgRv5DwPerItZeDrIIGKB927Rg51EOLhh
2/8ppvgsItYdsxkswPz8sr/UR3rrVtvG9LWfNGVZ/xsu06k9nhVz0W6iNgGyoE/n
xhY=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:37 2024 by rpki-client on console-ams.rpki-client.org