Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/w7RsBNNVtyORyxUMZWlzA2_u1ew.roa
File: w7RsBNNVtyORyxUMZWlzA2_u1ew.roa (raw, json)
Hash identifier: lcyZCUKEpfpoM0m03VDjjzas3m+TqN99Lx20s7Tby/U=
Subject key identifier: C3:B4:6C:04:D3:55:B7:23:91:CB:15:0C:65:69:73:03:6F:EE:D5:EC
Certificate issuer: /CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Certificate serial: 01856CCAE25D7CC9038D3ADCF45F547FF83B
Authority key identifier: 42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/w7RsBNNVtyORyxUMZWlzA2_u1ew.roa
Signing time: Sun 01 Jan 2023 10:05:13 +0000
ROA not before: Sun 01 Jan 2023 10:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 194.53.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e2:5d:7c:c9:03:8d:3a:dc:f4:5f:54:7f:f8:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Validity
Not Before: Jan 1 10:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3b46c04d355b72391cb150c656973036feed5ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ec:05:8a:a4:73:03:fe:90:05:1c:e0:e6:68:
f6:62:02:70:d6:18:cc:43:61:31:9a:13:19:a0:2c:
ab:69:03:bd:f9:e3:b9:62:3f:3e:17:92:c8:fb:3a:
65:22:1a:c7:e2:d5:02:fd:ad:db:57:f0:55:e8:f1:
e5:90:b9:de:62:8c:f2:70:c8:43:df:84:23:a7:18:
c1:a7:d2:b3:d7:88:55:d4:a5:7b:4b:70:35:02:2b:
04:94:1c:97:6b:f7:80:24:8c:ca:57:95:0d:d4:a3:
ea:b4:5a:86:44:2d:11:33:06:b1:40:39:76:c2:12:
f7:95:7f:33:72:d9:05:50:b6:1f:6a:d1:3a:0e:ec:
d2:24:8f:cf:41:0a:bc:94:2c:eb:40:3a:c6:1d:26:
15:d5:fe:39:70:e3:46:a6:1a:6e:4a:e8:2e:c9:70:
0d:63:86:c0:fe:55:5a:b0:9a:b5:7d:b7:77:04:33:
84:af:b3:7e:6e:b6:b7:6c:ac:f7:fe:36:c6:ae:7a:
9b:dd:59:77:6e:74:07:75:0f:58:bf:8d:a4:92:7a:
80:54:1e:0f:b7:95:2c:29:e9:c6:3b:83:a9:98:ec:
07:84:c7:f0:c5:68:d5:d5:9d:c6:df:bb:15:96:83:
2e:9d:10:0a:c3:15:ad:48:14:48:bd:68:69:fe:6e:
86:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:B4:6C:04:D3:55:B7:23:91:CB:15:0C:65:69:73:03:6F:EE:D5:EC
X509v3 Authority Key Identifier:
keyid:42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/w7RsBNNVtyORyxUMZWlzA2_u1ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.200.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ce:26:72:32:bc:9c:0a:5b:c4:f4:67:d0:1c:9f:4c:8a:e2:
c2:90:b5:e3:fe:de:13:8b:5c:03:77:09:0c:2e:3d:53:20:2c:
1b:71:44:d2:44:22:6e:e4:f7:59:85:ba:72:ff:9a:6b:25:42:
cb:ec:5e:29:8e:df:39:27:e8:99:08:93:b6:03:0e:6c:3b:48:
60:07:72:c9:5f:2f:8c:ea:01:6a:d7:1a:20:74:53:07:1c:f7:
02:33:84:4f:55:b4:ec:c2:b9:ea:32:a4:c6:1d:2f:1a:76:05:
aa:2e:cf:f4:8b:57:d6:f1:f2:26:99:4f:2d:93:b5:b6:d0:f6:
ca:21:ea:3b:fa:75:3c:99:62:71:51:d2:6c:3f:1a:dc:5d:25:
f5:62:c5:a8:cc:38:ca:7b:23:19:26:3f:e4:a1:00:56:b3:48:
e2:d5:0e:7f:50:0a:9d:90:9c:14:8a:e1:7b:aa:71:f8:dd:e2:
59:ff:cb:49:4b:8e:98:94:15:ab:42:62:b2:a4:e6:3f:fc:46:
cf:c9:f4:26:04:8a:c9:20:11:4e:8c:02:56:28:b0:7d:c0:63:
f0:a7:ec:e9:6a:d5:d1:0e:c7:f1:91:02:f6:56:fc:4d:e6:88:
62:96:11:f3:f9:f4:be:2d:e9:52:a5:fd:11:09:04:ef:61:7d:
94:8b:80:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyuJdfMkDjTrc9F9Uf/g7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2U3NTkzMjAxOTViOWNjMThjY2ZjYjFiNTMyYWVhOTQ5
MjU4ZjEwHhcNMjMwMTAxMTAwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2I0NmMwNGQzNTViNzIzOTFjYjE1MGM2NTY5NzMwMzZmZWVkNWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uwFiqRzA/6QBRzg5mj2YgJw1hjM
Q2ExmhMZoCyraQO9+eO5Yj8+F5LI+zplIhrH4tUC/a3bV/BV6PHlkLneYozycMhD
34QjpxjBp9Kz14hV1KV7S3A1AisElByXa/eAJIzKV5UN1KPqtFqGRC0RMwaxQDl2
whL3lX8zctkFULYfatE6DuzSJI/PQQq8lCzrQDrGHSYV1f45cONGphpuSuguyXAN
Y4bA/lVasJq1fbd3BDOEr7N+bra3bKz3/jbGrnqb3Vl3bnQHdQ9Yv42kknqAVB4P
t5UsKenGO4OpmOwHhMfwxWjV1Z3G37sVloMunRAKwxWtSBRIvWhp/m6GcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMO0bATTVbcjkcsVDGVpcwNv7tXsMB8GA1UdIwQY
MBaAFELOdZMgGVucwYzPyxtTKuqUkljxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUt
Njk3OTQ4ZWE3MWY1LzEvdzdSc0JOTlZ0eU9SeXhVTVpXbHpBMl91MWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUtNjk3OTQ4ZWE3MWY1
LzEvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjXIMA0G
CSqGSIb3DQEBCwUAA4IBAQAdziZyMrycClvE9GfQHJ9MiuLCkLXj/t4Ti1wDdwkM
Lj1TICwbcUTSRCJu5PdZhbpy/5prJULL7F4pjt85J+iZCJO2Aw5sO0hgB3LJXy+M
6gFq1xogdFMHHPcCM4RPVbTswrnqMqTGHS8adgWqLs/0i1fW8fImmU8tk7W20PbK
Ieo7+nU8mWJxUdJsPxrcXSX1YsWozDjKeyMZJj/koQBWs0ji1Q5/UAqdkJwUiuF7
qnH43eJZ/8tJS46YlBWrQmKypOY//EbPyfQmBIrJIBFOjAJWKLB9wGPwp+zpatXR
DsfxkQL2VvxN5ohilhHz+fS+LelSpf0RCQTvYX2Ui4Dc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org