Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d3790d-9723-4b53-ad13-611ea442d2f3/1/kQfdI-0dQ_vw32XJa2vHzXOivRQ.roa
File: kQfdI-0dQ_vw32XJa2vHzXOivRQ.roa (raw, json)
Hash identifier: IRgKapdDdYqR8caKuP2cZmzCsktKduVkrCeh0A8Zix0=
Subject key identifier: 91:07:DD:23:ED:1D:43:FB:F0:DF:65:C9:6B:6B:C7:CD:73:A2:BD:14
Certificate issuer: /CN=15cfcfcef82f7d1c5908a2e5a009fd1b3439817c
Certificate serial: 019242EC32DA588A7CBD46E915CBCADE8C11
Authority key identifier: 15:CF:CF:CE:F8:2F:7D:1C:59:08:A2:E5:A0:09:FD:1B:34:39:81:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fc_PzvgvfRxZCKLloAn9GzQ5gXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d3790d-9723-4b53-ad13-611ea442d2f3/1/kQfdI-0dQ_vw32XJa2vHzXOivRQ.roa
Signing time: Mon 30 Sep 2024 12:33:48 +0000
ROA not before: Mon 30 Sep 2024 12:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214233
IP address blocks: 194.164.98.0/24 maxlen: 24
194.164.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 13:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:ec:32:da:58:8a:7c:bd:46:e9:15:cb:ca:de:8c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15cfcfcef82f7d1c5908a2e5a009fd1b3439817c
Validity
Not Before: Sep 30 12:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9107dd23ed1d43fbf0df65c96b6bc7cd73a2bd14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:96:91:c2:df:23:b7:96:ad:6d:b2:b4:93:eb:
6b:e1:37:37:99:f0:80:bc:d2:8f:36:fd:be:d0:b9:
6c:0c:83:4e:5b:0e:40:db:99:bb:d2:48:b9:ea:f8:
ea:31:48:90:00:bc:59:9d:e0:29:83:16:cb:78:5b:
a1:50:f0:68:31:87:81:99:9a:3c:eb:cc:77:e9:54:
ed:84:d3:e1:9a:bd:5b:41:c4:12:94:69:48:a8:4b:
31:59:c6:1a:a2:fa:53:31:2b:e0:03:bd:68:55:01:
22:42:23:41:7d:f3:69:93:40:0c:74:57:86:4c:7e:
4b:aa:55:da:92:48:48:8f:55:a9:56:0a:ce:3a:68:
db:8f:af:1c:0f:85:bf:6c:64:b1:79:71:3a:e3:18:
d3:1b:82:60:3c:99:78:9f:ec:14:83:0f:ae:95:0e:
69:23:65:ea:87:78:e9:91:4e:a1:6a:ae:4a:94:2a:
08:d6:e9:18:50:a2:97:bf:e9:85:6b:f1:30:81:9d:
c4:2a:a1:4e:75:52:7a:b7:8c:69:05:07:c2:a0:0b:
44:ad:c1:ab:6e:21:75:1a:5b:98:77:81:09:40:f7:
c6:74:d6:be:da:5d:94:2d:c9:40:08:e8:16:7b:37:
7f:73:57:d4:0e:0a:49:58:16:ca:a5:b0:9e:d7:11:
3b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:07:DD:23:ED:1D:43:FB:F0:DF:65:C9:6B:6B:C7:CD:73:A2:BD:14
X509v3 Authority Key Identifier:
keyid:15:CF:CF:CE:F8:2F:7D:1C:59:08:A2:E5:A0:09:FD:1B:34:39:81:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fc_PzvgvfRxZCKLloAn9GzQ5gXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d3790d-9723-4b53-ad13-611ea442d2f3/1/kQfdI-0dQ_vw32XJa2vHzXOivRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d3790d-9723-4b53-ad13-611ea442d2f3/1/Fc_PzvgvfRxZCKLloAn9GzQ5gXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.164.98.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:30:59:3c:c8:2b:96:14:fe:ea:e6:1a:15:3e:f2:5e:25:cc:
d4:19:a2:18:87:80:d9:1c:9a:a0:45:08:7b:8d:44:00:e5:5d:
16:e5:91:6c:30:09:07:c8:38:6c:a5:e1:b5:b4:f9:51:5f:8a:
4b:1c:fc:2e:09:34:4f:0a:26:28:48:80:28:7a:68:e4:f1:98:
35:1f:8e:86:2c:4b:f2:0f:6b:ae:01:18:f6:ad:e5:5c:59:c3:
69:11:98:e1:49:bb:6d:fe:dc:e7:87:06:53:51:7b:99:4a:e3:
d1:f2:41:48:98:93:13:7f:28:87:a1:21:4a:ec:36:31:09:41:
d9:b9:e8:dc:31:49:7b:f3:27:4d:a1:07:09:b4:a8:b6:0d:64:
b6:8e:98:31:7d:39:17:f8:11:eb:82:65:5f:37:6d:2c:b3:d2:
87:90:10:04:0e:0b:41:9e:8c:16:a1:33:23:aa:aa:44:cd:c6:
97:8f:7e:7c:73:9c:ec:c2:f1:64:cb:a9:43:8b:7c:ff:a2:7a:
c0:1a:02:6f:7f:0b:e2:f5:33:30:87:21:5f:44:b4:25:64:5c:
ee:b1:76:03:54:63:5f:27:1f:0b:8a:bc:0b:ab:4f:c5:f3:85:
f9:75:01:f9:fd:28:22:0b:39:44:42:76:07:35:79:e3:56:e6:
f7:40:4e:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJC7DLaWIp8vUbpFcvK3owRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Y2ZjZmNlZjgyZjdkMWM1OTA4YTJlNWEwMDlmZDFiMzQz
OTgxN2MwHhcNMjQwOTMwMTIzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTA3ZGQyM2VkMWQ0M2ZiZjBkZjY1Yzk2YjZiYzdjZDczYTJiZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJaRwt8jt5atbbK0k+tr4Tc3mfCA
vNKPNv2+0LlsDINOWw5A25m70ki56vjqMUiQALxZneApgxbLeFuhUPBoMYeBmZo8
68x36VTthNPhmr1bQcQSlGlIqEsxWcYaovpTMSvgA71oVQEiQiNBffNpk0AMdFeG
TH5LqlXakkhIj1WpVgrOOmjbj68cD4W/bGSxeXE64xjTG4JgPJl4n+wUgw+ulQ5p
I2Xqh3jpkU6haq5KlCoI1ukYUKKXv+mFa/EwgZ3EKqFOdVJ6t4xpBQfCoAtErcGr
biF1GluYd4EJQPfGdNa+2l2ULclACOgWezd/c1fUDgpJWBbKpbCe1xE7rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEH3SPtHUP78N9lyWtrx81zor0UMB8GA1UdIwQY
MBaAFBXPz874L30cWQii5aAJ/Rs0OYF8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmNfUHp2Z3ZmUnhaQ0tMbG9BbjlHelE1Z1h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kMzc5MGQtOTcyMy00YjUzLWFkMTMt
NjExZWE0NDJkMmYzLzEva1FmZEktMGRRX3Z3MzJYSmEydkh6WE9pdlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kMzc5MGQtOTcyMy00YjUzLWFkMTMtNjExZWE0NDJkMmYz
LzEvRmNfUHp2Z3ZmUnhaQ0tMbG9BbjlHelE1Z1h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwqRiMA0G
CSqGSIb3DQEBCwUAA4IBAQBvMFk8yCuWFP7q5hoVPvJeJczUGaIYh4DZHJqgRQh7
jUQA5V0W5ZFsMAkHyDhspeG1tPlRX4pLHPwuCTRPCiYoSIAoemjk8Zg1H46GLEvy
D2uuARj2reVcWcNpEZjhSbtt/tznhwZTUXuZSuPR8kFImJMTfyiHoSFK7DYxCUHZ
uejcMUl78ydNoQcJtKi2DWS2jpgxfTkX+BHrgmVfN20ss9KHkBAEDgtBnowWoTMj
qqpEzcaXj358c5zswvFky6lDi3z/onrAGgJvfwvi9TMwhyFfRLQlZFzusXYDVGNf
Jx8LirwLq0/F84X5dQH5/SgiCzlEQnYHNXnjVub3QE6P
-----END CERTIFICATE-----
Generated at Fri Nov 1 16:20:19 2024 by rpki-client on console-fra.rpki-client.org