Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/K2C2n5lYWu736l59nM8776-9u5w.roa
File: K2C2n5lYWu736l59nM8776-9u5w.roa (raw, json)
Hash identifier: 0RcAC24IFBqV6GVdDQER57i85dQz6eTdflJajXpCJos=
Subject key identifier: 2B:60:B6:9F:99:58:5A:EE:F7:EA:5E:7D:9C:CF:3B:EF:AF:BD:BB:9C
Certificate issuer: /CN=4acef45fbb0f26930aeb833cf79fc41e22ca9235
Certificate serial: 018CC348C9688DDF8B7C2D92F4155FDC2E3F
Authority key identifier: 4A:CE:F4:5F:BB:0F:26:93:0A:EB:83:3C:F7:9F:C4:1E:22:CA:92:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss70X7sPJpMK64M895_EHiLKkjU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/K2C2n5lYWu736l59nM8776-9u5w.roa
Signing time: Mon 01 Jan 2024 04:29:36 +0000
ROA not before: Mon 01 Jan 2024 04:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210820
IP address blocks: 193.134.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 08:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c9:68:8d:df:8b:7c:2d:92:f4:15:5f:dc:2e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acef45fbb0f26930aeb833cf79fc41e22ca9235
Validity
Not Before: Jan 1 04:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b60b69f99585aeef7ea5e7d9ccf3befafbdbb9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:85:30:7a:69:1d:9e:dc:a5:7c:82:e0:6e:d5:
75:76:cc:56:dd:64:d4:80:8f:9d:75:9b:fb:4a:5f:
bf:3f:29:d6:d5:66:da:6b:25:da:b8:9b:ac:72:c8:
99:a0:07:18:aa:3a:79:a3:e9:94:c2:f1:b8:85:5f:
87:b6:f5:46:58:2c:2c:a9:24:f1:0e:1f:c0:ed:52:
d5:da:e0:31:a4:73:55:e4:ae:a4:55:b5:37:79:ee:
cc:f2:09:3a:2c:65:17:55:49:fe:1d:87:d7:c8:35:
d3:93:48:67:e6:19:a9:02:f5:f0:7b:8c:20:4e:aa:
db:37:ea:a4:3c:58:94:4b:6a:6e:dd:b6:47:c2:ad:
76:de:50:c9:56:c8:7a:29:86:9b:36:11:71:61:38:
5f:98:07:6b:8a:19:07:f0:b7:d5:23:af:e8:ec:21:
43:fe:bd:c7:6f:6f:ef:e2:73:b9:26:c9:b0:b7:ce:
d3:3b:81:06:79:a8:a5:33:00:0a:a4:66:d1:e6:a3:
36:d8:39:ca:40:d3:51:69:82:51:05:de:0d:c5:9b:
55:38:eb:75:17:79:d5:81:60:a2:98:63:82:14:ac:
7f:1a:ad:e0:39:18:09:43:a6:86:b2:c3:3c:d8:9a:
bb:38:18:c7:ef:70:25:03:3a:49:23:3e:f3:c1:4f:
f6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:60:B6:9F:99:58:5A:EE:F7:EA:5E:7D:9C:CF:3B:EF:AF:BD:BB:9C
X509v3 Authority Key Identifier:
keyid:4A:CE:F4:5F:BB:0F:26:93:0A:EB:83:3C:F7:9F:C4:1E:22:CA:92:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss70X7sPJpMK64M895_EHiLKkjU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/K2C2n5lYWu736l59nM8776-9u5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/Ss70X7sPJpMK64M895_EHiLKkjU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.101.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:41:8e:2f:6c:c9:6c:6c:d5:ae:3a:47:7f:d7:2c:58:31:93:
05:1f:b7:29:b9:86:91:9e:ad:e3:8c:7d:af:f7:1d:89:41:9d:
dd:5b:a1:0d:6a:18:05:ed:fa:47:6e:58:6c:b2:27:9d:f2:8a:
f1:c1:78:2c:7d:bd:92:4a:a6:58:d5:a3:21:26:d9:cb:97:f5:
c5:5d:5a:52:ce:5f:79:0a:79:46:ff:b1:f8:f4:d1:aa:cd:a1:
6c:92:05:9d:80:c6:e8:44:b8:28:6b:82:f5:e9:b5:cb:82:42:
a5:66:df:99:31:33:4a:dd:1f:09:9a:7b:70:11:da:88:15:b4:
70:c2:bb:8e:e5:10:f6:1f:ae:f9:9e:8b:66:42:d4:43:2c:d2:
91:28:f8:a2:30:b0:5a:06:a9:da:42:b2:4d:73:63:95:4d:ef:
a1:89:c3:4c:bd:dd:0f:19:f3:f9:9e:47:57:cf:a7:f3:2a:8a:
9e:63:e1:e9:0d:6c:2b:64:ea:7d:2d:4c:83:24:84:a5:93:66:
b2:c3:6a:53:96:a7:0e:97:d3:73:9c:9f:02:6f:1f:80:13:1c:
da:32:6f:b5:6c:5e:ad:14:9e:bd:d5:91:89:ff:ba:16:5a:27:
95:d8:d2:16:94:ff:ce:73:b0:ea:5f:9b:bc:6b:3d:b7:ad:19:
47:cf:d6:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSMlojd+LfC2S9BVf3C4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2VmNDVmYmIwZjI2OTMwYWViODMzY2Y3OWZjNDFlMjJj
YTkyMzUwHhcNMjQwMTAxMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjYwYjY5Zjk5NTg1YWVlZjdlYTVlN2Q5Y2NmM2JlZmFmYmRiYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoUwemkdntylfILgbtV1dsxW3WTU
gI+ddZv7Sl+/PynW1WbaayXauJuscsiZoAcYqjp5o+mUwvG4hV+HtvVGWCwsqSTx
Dh/A7VLV2uAxpHNV5K6kVbU3ee7M8gk6LGUXVUn+HYfXyDXTk0hn5hmpAvXwe4wg
TqrbN+qkPFiUS2pu3bZHwq123lDJVsh6KYabNhFxYThfmAdrihkH8LfVI6/o7CFD
/r3Hb2/v4nO5Jsmwt87TO4EGeailMwAKpGbR5qM22DnKQNNRaYJRBd4NxZtVOOt1
F3nVgWCimGOCFKx/Gq3gORgJQ6aGssM82Jq7OBjH73AlAzpJIz7zwU/2NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCtgtp+ZWFru9+pefZzPO++vvbucMB8GA1UdIwQY
MBaAFErO9F+7DyaTCuuDPPefxB4iypI1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3M3MFg3c1BKcE1LNjRNODk1X0VIaUxLa2pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi85N2ZiMzYtZWE5Yi00M2Y0LWFhZDUt
MDZmNzI5MGRjNDRhLzEvSzJDMm41bFlXdTczNmw1OW5NODc3Ni05dTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi85N2ZiMzYtZWE5Yi00M2Y0LWFhZDUtMDZmNzI5MGRjNDRh
LzEvU3M3MFg3c1BKcE1LNjRNODk1X0VIaUxLa2pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYZlMA0G
CSqGSIb3DQEBCwUAA4IBAQCqQY4vbMlsbNWuOkd/1yxYMZMFH7cpuYaRnq3jjH2v
9x2JQZ3dW6ENahgF7fpHblhssied8orxwXgsfb2SSqZY1aMhJtnLl/XFXVpSzl95
CnlG/7H49NGqzaFskgWdgMboRLgoa4L16bXLgkKlZt+ZMTNK3R8JmntwEdqIFbRw
wruO5RD2H675notmQtRDLNKRKPiiMLBaBqnaQrJNc2OVTe+hicNMvd0PGfP5nkdX
z6fzKoqeY+HpDWwrZOp9LUyDJISlk2ayw2pTlqcOl9NznJ8Cbx+AExzaMm+1bF6t
FJ691ZGJ/7oWWieV2NIWlP/Oc7DqX5u8az23rRlHz9Ya
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:50 2024 by rpki-client on console-ams.rpki-client.org