Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/YHprlneDn8vm6Bn8V0PafND5jmo.roa
File: YHprlneDn8vm6Bn8V0PafND5jmo.roa (raw, json)
Hash identifier: xd7o2ahLL+YFQEdSbctt+auivZo1a6/mTtZtkzlpnEo=
Subject key identifier: 60:7A:6B:96:77:83:9F:CB:E6:E8:19:FC:57:43:DA:7C:D0:F9:8E:6A
Certificate issuer: /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial: 018AFAA6018F80BEEB4DEF133FFB25516774
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/YHprlneDn8vm6Bn8V0PafND5jmo.roa
Signing time: Wed 04 Oct 2023 12:24:57 +0000
ROA not before: Wed 04 Oct 2023 12:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 193.222.139.0/24 maxlen: 24
193.222.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:a6:01:8f:80:be:eb:4d:ef:13:3f:fb:25:51:67:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Validity
Not Before: Oct 4 12:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=607a6b9677839fcbe6e819fc5743da7cd0f98e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:db:d2:91:ac:a2:63:27:0a:fd:71:9b:01:ff:
3a:22:82:04:91:a7:68:40:a5:42:69:ed:a9:f3:16:
0a:11:af:38:e2:55:94:ee:f4:3f:63:18:b8:2b:da:
9c:81:36:1e:f6:d6:c6:b1:b6:57:37:d8:7a:94:8d:
02:28:9f:52:dd:f4:bc:e1:c9:69:21:35:15:8d:82:
3f:74:bd:9e:64:22:b7:8a:59:63:fb:75:9e:80:8e:
cf:d2:83:0b:41:da:c0:45:1d:15:6d:f2:d7:f0:58:
00:56:21:77:5a:c1:cf:4b:dc:90:69:2b:bd:01:7b:
f8:35:a5:09:77:5e:01:3d:d7:fc:c9:ea:f7:cc:28:
58:d6:38:dc:4f:99:6d:60:61:cc:33:e7:68:4e:87:
9c:30:cb:54:00:04:8d:d1:35:8a:07:2c:8d:18:48:
65:7e:9a:36:a4:cb:dc:59:c9:8a:5a:f6:2a:a4:30:
e8:76:6e:cc:d7:07:3e:1c:38:f4:29:8f:d2:73:35:
17:13:cc:3d:ba:f1:30:ef:b0:64:ef:0a:4a:2d:47:
1d:9b:27:d9:d9:6c:e0:35:1c:2b:3f:f0:15:3d:b2:
28:4b:b2:c0:6c:ee:8d:46:fd:15:c9:58:6c:d1:10:
9c:fa:7f:e7:55:12:3a:df:28:0d:4f:6d:1b:07:02:
b7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:7A:6B:96:77:83:9F:CB:E6:E8:19:FC:57:43:DA:7C:D0:F9:8E:6A
X509v3 Authority Key Identifier:
keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/YHprlneDn8vm6Bn8V0PafND5jmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.222.111.0/24
193.222.139.0/24
Signature Algorithm: sha256WithRSAEncryption
01:75:14:ea:b1:d8:4e:2a:3d:c4:06:1d:e7:bf:99:46:1a:5a:
4e:4f:30:11:7c:11:59:34:30:e9:44:a5:b6:73:e1:6b:f1:5b:
d1:fb:d7:95:e8:f4:59:98:a6:43:7d:e6:57:86:7f:b4:3c:4f:
c4:a7:cc:e5:0c:f4:9f:ac:30:64:ae:06:a9:31:4e:19:18:6e:
62:68:bf:f5:6d:0b:9c:31:5c:3c:ac:a7:8a:f1:06:53:09:95:
6d:6e:c4:aa:f2:38:cd:b3:26:24:2a:fa:74:cf:27:5b:c3:90:
84:b6:8b:be:cc:bf:fb:b6:fa:e6:5a:f1:5c:54:60:c4:38:9c:
70:3e:fc:d3:70:2f:bc:b8:5e:14:d1:e8:c6:57:82:1c:dc:fa:
21:c6:aa:55:b1:b1:56:9e:f1:87:8d:8f:40:5a:f8:65:14:8b:
91:09:2f:42:30:d4:77:d6:7b:35:c5:e4:f7:60:98:ed:30:f4:
0a:28:25:bb:aa:35:0c:4c:6a:f2:97:37:e1:1d:ba:1f:01:74:
ee:a2:c3:25:8c:b9:34:dd:34:54:5f:70:44:67:bd:4b:2b:8c:
3f:6e:a5:74:f1:42:d4:d2:cf:ba:88:4c:0e:0f:07:f6:9e:a3:
4f:6b:2c:ff:92:3c:18:95:2e:96:4c:f5:dd:ab:94:33:67:6b:
9c:b1:89:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr6pgGPgL7rTe8TP/slUWd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjMxMDA0MTIyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDdhNmI5Njc3ODM5ZmNiZTZlODE5ZmM1NzQzZGE3Y2QwZjk4ZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztvSkayiYycK/XGbAf86IoIEkado
QKVCae2p8xYKEa844lWU7vQ/Yxi4K9qcgTYe9tbGsbZXN9h6lI0CKJ9S3fS84clp
ITUVjYI/dL2eZCK3illj+3WegI7P0oMLQdrARR0VbfLX8FgAViF3WsHPS9yQaSu9
AXv4NaUJd14BPdf8yer3zChY1jjcT5ltYGHMM+doToecMMtUAASN0TWKByyNGEhl
fpo2pMvcWcmKWvYqpDDodm7M1wc+HDj0KY/SczUXE8w9uvEw77Bk7wpKLUcdmyfZ
2WzgNRwrP/AVPbIoS7LAbO6NRv0VyVhs0RCc+n/nVRI63ygNT20bBwK3BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGB6a5Z3g5/L5ugZ/FdD2nzQ+Y5qMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvWUhwcmxuZURuOHZtNkJuOFYwUGFmTkQ1am1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm
LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwd5vAwQA
wd6LMA0GCSqGSIb3DQEBCwUAA4IBAQABdRTqsdhOKj3EBh3nv5lGGlpOTzARfBFZ
NDDpRKW2c+Fr8VvR+9eV6PRZmKZDfeZXhn+0PE/Ep8zlDPSfrDBkrgapMU4ZGG5i
aL/1bQucMVw8rKeK8QZTCZVtbsSq8jjNsyYkKvp0zydbw5CEtou+zL/7tvrmWvFc
VGDEOJxwPvzTcC+8uF4U0ejGV4Ic3PohxqpVsbFWnvGHjY9AWvhlFIuRCS9CMNR3
1ns1xeT3YJjtMPQKKCW7qjUMTGrylzfhHbofAXTuosMljLk03TRUX3BEZ71LK4w/
bqV08ULU0s+6iEwODwf2nqNPayz/kjwYlS6WTPXdq5QzZ2ucsYlj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:49 2024 by rpki-client on console-fra.rpki-client.org