Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/s4hfKPj1mfDyyFo96T212BpK9ug.roa
File: s4hfKPj1mfDyyFo96T212BpK9ug.roa (raw, json)
Hash identifier: EmUqy5XmLSoG1RN3NFch7lGVd9KZGXx2rhEJh9BBBw8=
Subject key identifier: B3:88:5F:28:F8:F5:99:F0:F2:C8:5A:3D:E9:3D:B5:D8:1A:4A:F6:E8
Certificate issuer: /CN=c5de32bb9cc99e115ddbaf6b7fa23051789f2f61
Certificate serial: 0189FEB2BB63FC53A8FF3A29AA3C1BDD4DAA
Authority key identifier: C5:DE:32:BB:9C:C9:9E:11:5D:DB:AF:6B:7F:A2:30:51:78:9F:2F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/s4hfKPj1mfDyyFo96T212BpK9ug.roa
Signing time: Wed 16 Aug 2023 14:14:33 +0000
ROA not before: Wed 16 Aug 2023 14:14:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 194.29.58.0/24 maxlen: 24
194.29.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 08:50:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:b2:bb:63:fc:53:a8:ff:3a:29:aa:3c:1b:dd:4d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5de32bb9cc99e115ddbaf6b7fa23051789f2f61
Validity
Not Before: Aug 16 14:14:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3885f28f8f599f0f2c85a3de93db5d81a4af6e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2f:55:00:71:d8:0a:88:9c:b4:d3:ea:8e:18:
70:83:c7:bb:01:18:a9:65:f3:7a:96:ea:90:5a:b3:
df:10:fb:00:c3:8f:e8:ad:ff:68:39:da:90:90:0d:
bd:77:93:73:50:1f:a7:e9:90:d9:f4:d4:16:12:fa:
db:3b:8d:68:65:9d:a9:91:c2:e0:3a:12:4a:90:28:
89:26:5d:e2:35:90:80:e3:fe:d8:55:59:6a:f0:d1:
ac:7f:36:25:89:9a:83:e2:33:a1:f9:79:ad:44:1d:
e7:21:96:4b:80:92:6a:de:89:cd:d0:3b:85:c8:b5:
d6:b6:e0:a5:f2:61:57:c4:23:2a:76:39:6a:cd:43:
c8:d3:ea:95:75:3a:35:52:84:32:5e:06:7f:57:64:
13:21:a0:3c:d5:f3:b1:1d:40:4f:af:d3:59:0b:f0:
de:a0:78:e9:4e:eb:21:5c:fa:39:71:24:6d:15:2e:
2e:e4:2e:4d:c6:2a:64:91:31:74:4e:41:5b:9c:4a:
d7:83:6d:6c:09:6a:7d:04:5e:58:80:68:1b:4f:13:
ee:d9:a8:e6:a9:58:61:bd:65:34:95:98:4d:68:5b:
33:b7:e8:ce:3b:38:6b:03:01:c3:d1:84:d6:51:33:
6c:0d:5d:9e:99:7d:bc:5a:07:0d:41:d9:29:3f:b2:
d0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:88:5F:28:F8:F5:99:F0:F2:C8:5A:3D:E9:3D:B5:D8:1A:4A:F6:E8
X509v3 Authority Key Identifier:
keyid:C5:DE:32:BB:9C:C9:9E:11:5D:DB:AF:6B:7F:A2:30:51:78:9F:2F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/s4hfKPj1mfDyyFo96T212BpK9ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/xd4yu5zJnhFd269rf6IwUXifL2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.29.56.0/24
194.29.58.0/24
Signature Algorithm: sha256WithRSAEncryption
64:3d:17:18:fc:3e:f4:ac:f7:b2:2a:c2:3f:be:3f:b9:06:85:
6e:c5:85:56:83:0d:de:ef:ea:35:e8:ed:75:25:e9:79:ef:94:
05:59:b7:1d:7e:df:b0:3f:2f:51:09:3a:6a:ee:bb:84:49:d3:
f5:61:08:c8:10:65:1a:a5:72:6e:fa:7b:8d:00:49:19:b6:63:
e2:03:2a:f9:be:5f:3a:a2:6e:53:03:01:38:17:e9:0f:96:a2:
bc:58:0a:2c:9c:c3:26:f1:d1:86:4a:c4:f3:8b:3b:51:8a:ab:
37:3d:cb:1d:f8:e1:13:77:56:52:a9:85:b6:85:e7:64:10:c8:
cf:74:fb:2f:ae:8b:34:27:9a:b1:90:e7:94:2d:31:3e:f4:a8:
3c:bf:b8:94:c7:45:26:f7:9a:b2:4c:14:90:03:3b:cc:7c:c3:
09:39:32:ce:1e:68:e0:ab:ed:94:d6:04:44:6b:de:3d:2f:8b:
8f:66:86:74:b2:02:ed:75:5d:ae:34:50:56:05:65:29:52:7e:
8d:91:52:11:cb:8d:ba:a8:f0:e9:44:f5:7e:bd:d3:26:44:ee:
e0:4e:33:72:c5:56:9f:ec:7a:b2:54:08:39:d2:16:86:e8:d4:
15:9f:8a:a1:93:b1:a8:37:e1:7e:ac:d8:b8:c8:08:cd:da:66:
e6:85:e3:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn+srtj/FOo/zopqjwb3U2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZGUzMmJiOWNjOTllMTE1ZGRiYWY2YjdmYTIzMDUxNzg5
ZjJmNjEwHhcNMjMwODE2MTQxNDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzg4NWYyOGY4ZjU5OWYwZjJjODVhM2RlOTNkYjVkODFhNGFmNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy9VAHHYCoictNPqjhhwg8e7ARip
ZfN6luqQWrPfEPsAw4/orf9oOdqQkA29d5NzUB+n6ZDZ9NQWEvrbO41oZZ2pkcLg
OhJKkCiJJl3iNZCA4/7YVVlq8NGsfzYliZqD4jOh+XmtRB3nIZZLgJJq3onN0DuF
yLXWtuCl8mFXxCMqdjlqzUPI0+qVdTo1UoQyXgZ/V2QTIaA81fOxHUBPr9NZC/De
oHjpTushXPo5cSRtFS4u5C5NxipkkTF0TkFbnErXg21sCWp9BF5YgGgbTxPu2ajm
qVhhvWU0lZhNaFszt+jOOzhrAwHD0YTWUTNsDV2emX28WgcNQdkpP7LQNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLOIXyj49Znw8shaPek9tdgaSvboMB8GA1UdIwQY
MBaAFMXeMrucyZ4RXduva3+iMFF4ny9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGQ0eXU1ekpuaEZkMjY5cmY2SXdVWGlmTDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9iZDA5ZTctYzQwYi00N2E2LThhMmUt
MDYzNjc1MzY3OWI2LzEvczRoZktQajFtZkR5eUZvOTZUMjEyQnBLOXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9iZDA5ZTctYzQwYi00N2E2LThhMmUtMDYzNjc1MzY3OWI2
LzEveGQ0eXU1ekpuaEZkMjY5cmY2SXdVWGlmTDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwh04AwQA
wh06MA0GCSqGSIb3DQEBCwUAA4IBAQBkPRcY/D70rPeyKsI/vj+5BoVuxYVWgw3e
7+o16O11Jel575QFWbcdft+wPy9RCTpq7ruESdP1YQjIEGUapXJu+nuNAEkZtmPi
Ayr5vl86om5TAwE4F+kPlqK8WAosnMMm8dGGSsTziztRiqs3Pcsd+OETd1ZSqYW2
hedkEMjPdPsvros0J5qxkOeULTE+9Kg8v7iUx0Um95qyTBSQAzvMfMMJOTLOHmjg
q+2U1gREa949L4uPZoZ0sgLtdV2uNFBWBWUpUn6NkVIRy426qPDpRPV+vdMmRO7g
TjNyxVaf7HqyVAg50haG6NQVn4qhk7GoN+F+rNi4yAjN2mbmheNG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:45 2024 by rpki-client on console-fra.rpki-client.org