Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/cR479t8TsNUsnaF3LvOXapDR9xA.roa
File: cR479t8TsNUsnaF3LvOXapDR9xA.roa (raw, json)
Hash identifier: S4YQdxzl6UpfIVLDHp7gHJkiSf6A30Hg/B/YnPwKQjc=
Subject key identifier: 71:1E:3B:F6:DF:13:B0:D5:2C:9D:A1:77:2E:F3:97:6A:90:D1:F7:10
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB83D97A748173868E480DF3DD46F35
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/cR479t8TsNUsnaF3LvOXapDR9xA.roa
Signing time: Sun 01 Jan 2023 09:44:51 +0000
ROA not before: Sun 01 Jan 2023 09:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15422
IP address blocks: 217.109.67.0/24 maxlen: 24
194.206.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:3d:97:a7:48:17:38:68:e4:80:df:3d:d4:6f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=711e3bf6df13b0d52c9da1772ef3976a90d1f710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:1f:01:35:c0:44:ab:d7:ff:3f:f1:d4:84:40:
e6:b3:14:2a:05:8b:03:49:e0:e7:a8:51:3c:30:43:
4f:5a:4c:fc:5e:32:52:44:cc:20:89:df:c3:d2:c7:
ce:bf:45:18:88:a9:8a:22:65:57:78:32:ae:65:95:
15:d0:82:49:67:92:a7:6d:6f:59:6a:f9:00:2f:9f:
8b:bd:5d:69:f8:75:04:19:0d:54:94:19:3b:77:9b:
05:47:96:eb:f0:a7:62:06:2f:ca:d0:a1:66:d8:f8:
17:60:bf:86:65:71:b1:44:64:15:1b:4b:03:0a:ed:
aa:c8:33:39:b0:20:79:0f:cb:0b:14:4c:1a:18:fb:
e1:05:02:b4:a9:cd:db:14:47:69:8d:e9:82:0b:63:
0b:10:30:29:4b:cd:0e:fb:41:8d:3a:4a:2e:19:aa:
d3:96:d8:f7:ab:18:6d:35:d6:e6:c7:d9:3a:be:2d:
10:a9:46:b0:6e:c4:7f:d3:13:c6:d3:68:8d:95:3d:
4e:70:ec:65:69:a1:2b:ce:54:78:d1:a1:3f:75:3f:
8b:f5:b6:6a:ea:c9:ee:42:cc:59:76:26:f7:09:ce:
06:0a:86:e0:ed:86:aa:35:75:ea:ae:21:f2:cc:6b:
d5:e6:c0:78:8a:c0:a8:02:b0:b5:2e:18:ba:fe:bc:
c0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1E:3B:F6:DF:13:B0:D5:2C:9D:A1:77:2E:F3:97:6A:90:D1:F7:10
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/cR479t8TsNUsnaF3LvOXapDR9xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.206.254.0/24
217.109.67.0/24
Signature Algorithm: sha256WithRSAEncryption
04:01:d5:75:b1:f1:d1:eb:9e:c8:b9:df:2f:54:7a:f2:d1:e5:
92:2e:54:67:87:64:54:09:dd:43:e4:f6:83:c9:e3:2a:3a:8e:
08:c5:2b:81:8a:89:06:d1:2d:50:e3:9d:5a:c7:87:b3:0f:cc:
5f:52:3c:4b:39:21:ea:06:f8:a4:c9:be:3c:4e:3b:0c:38:b7:
4a:5d:51:00:d7:33:69:ba:50:31:1b:29:85:55:1e:c3:5e:22:
11:71:c0:b9:89:56:25:48:e5:06:89:36:38:90:7d:f5:25:8b:
97:fe:cc:45:18:0f:e9:fa:a7:c9:30:5f:96:65:8a:a5:2f:65:
9b:78:19:07:b9:55:b7:09:a3:03:e0:73:e9:3e:5f:f2:bf:9f:
3a:a3:48:fd:99:fa:61:b4:8e:d8:92:26:95:a2:ae:6a:4e:a3:
08:77:e4:95:e8:a9:bd:29:e1:ab:7b:59:2d:ad:20:bb:da:40:
c9:a9:65:f7:41:70:2c:f0:7c:95:80:23:33:df:73:af:1e:76:
da:04:87:49:d4:7d:a0:6f:02:67:25:2a:6e:80:ea:50:51:f4:
ea:ce:4d:35:dc:70:b1:5a:c0:1e:d4:a7:0d:0d:d1:4e:8d:7e:
90:58:c9:5b:69:0f:36:c6:b0:c7:a8:28:0e:e7:31:37:ae:29:
dc:ea:a7:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsuD2Xp0gXOGjkgN891G81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTFlM2JmNmRmMTNiMGQ1MmM5ZGExNzcyZWYzOTc2YTkwZDFmNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5h8BNcBEq9f/P/HUhEDmsxQqBYsD
SeDnqFE8MENPWkz8XjJSRMwgid/D0sfOv0UYiKmKImVXeDKuZZUV0IJJZ5KnbW9Z
avkAL5+LvV1p+HUEGQ1UlBk7d5sFR5br8KdiBi/K0KFm2PgXYL+GZXGxRGQVG0sD
Cu2qyDM5sCB5D8sLFEwaGPvhBQK0qc3bFEdpjemCC2MLEDApS80O+0GNOkouGarT
ltj3qxhtNdbmx9k6vi0QqUawbsR/0xPG02iNlT1OcOxlaaErzlR40aE/dT+L9bZq
6snuQsxZdib3Cc4GCobg7YaqNXXqriHyzGvV5sB4isCoArC1Lhi6/rzAcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHEeO/bfE7DVLJ2hdy7zl2qQ0fcQMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvY1I0Nzl0OFRzTlVzbmFGM0x2T1hhcERSOXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAws7+AwQA
2W1DMA0GCSqGSIb3DQEBCwUAA4IBAQAEAdV1sfHR657Iud8vVHry0eWSLlRnh2RU
Cd1D5PaDyeMqOo4IxSuBiokG0S1Q451ax4ezD8xfUjxLOSHqBvikyb48TjsMOLdK
XVEA1zNpulAxGymFVR7DXiIRccC5iVYlSOUGiTY4kH31JYuX/sxFGA/p+qfJMF+W
ZYqlL2WbeBkHuVW3CaMD4HPpPl/yv586o0j9mfphtI7YkiaVoq5qTqMId+SV6Km9
KeGre1ktrSC72kDJqWX3QXAs8HyVgCMz33OvHnbaBIdJ1H2gbwJnJSpugOpQUfTq
zk013HCxWsAe1KcNDdFOjX6QWMlbaQ82xrDHqCgO5zE3rinc6qfp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org