Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2b179c-2d2d-4423-b6d6-b0837a7d4641/1/SlYKG6CHc5YmW3t5w3vmh5awrmo.roa
File: SlYKG6CHc5YmW3t5w3vmh5awrmo.roa (raw, json)
Hash identifier: +eX3UNWjuGDt2VdXame++a636+osgRSbbl582/Tzu94=
Subject key identifier: 4A:56:0A:1B:A0:87:73:96:26:5B:7B:79:C3:7B:E6:87:96:B0:AE:6A
Certificate issuer: /CN=3f56a63331552ef91d8a0005a338ec982df37c8b
Certificate serial: 018CC424809014E99CE6D0A025BE8C1BBC75
Authority key identifier: 3F:56:A6:33:31:55:2E:F9:1D:8A:00:05:A3:38:EC:98:2D:F3:7C:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P1amMzFVLvkdigAFozjsmC3zfIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2b179c-2d2d-4423-b6d6-b0837a7d4641/1/SlYKG6CHc5YmW3t5w3vmh5awrmo.roa
Signing time: Mon 01 Jan 2024 08:29:35 +0000
ROA not before: Mon 01 Jan 2024 08:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198575
IP address blocks: 194.146.66.0/24 maxlen: 24
194.146.66.0/23 maxlen: 23
194.146.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 09:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:80:90:14:e9:9c:e6:d0:a0:25:be:8c:1b:bc:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f56a63331552ef91d8a0005a338ec982df37c8b
Validity
Not Before: Jan 1 08:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a560a1ba0877396265b7b79c37be68796b0ae6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:14:80:09:5d:5f:62:5f:fe:f6:54:15:b2:cc:
1a:9c:a2:c4:8d:9a:03:83:05:88:6e:6c:e9:18:d4:
0c:a1:1f:ce:26:10:2f:29:22:f7:a5:a0:67:11:16:
e3:18:db:99:44:38:57:18:64:65:5f:66:8f:a3:db:
8b:71:3d:55:f2:5b:02:b9:d9:65:9b:0a:f4:f0:1e:
11:c0:37:24:6b:67:33:dc:ad:f4:57:25:fd:40:59:
79:a8:91:dd:b8:5d:85:11:b0:1a:e2:9d:5e:71:34:
56:cf:aa:7e:ab:67:bf:c6:68:2e:3a:98:af:1b:e9:
a3:a7:ce:7a:3b:ca:a7:97:14:ba:e0:20:05:6b:5c:
85:fe:b4:fa:db:90:01:2f:6c:b0:5e:62:ca:48:3d:
45:af:34:bc:72:eb:f9:3d:77:4f:47:63:a8:7f:16:
ba:5e:82:e9:08:3b:2b:6e:a4:b1:9a:76:bc:7a:0f:
44:d2:79:f5:9f:5c:6a:e5:bb:aa:d6:cf:f3:9d:15:
9b:8f:7d:58:8a:43:46:9e:80:58:76:9b:ad:ca:74:
1f:46:ca:07:ce:3b:fa:20:c1:5e:b1:0a:25:8e:ef:
9c:e9:a8:49:e4:b3:54:dd:2b:05:0c:4e:4b:56:cf:
71:95:62:f7:df:07:4f:fd:38:c7:10:32:3d:1f:05:
16:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:56:0A:1B:A0:87:73:96:26:5B:7B:79:C3:7B:E6:87:96:B0:AE:6A
X509v3 Authority Key Identifier:
keyid:3F:56:A6:33:31:55:2E:F9:1D:8A:00:05:A3:38:EC:98:2D:F3:7C:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P1amMzFVLvkdigAFozjsmC3zfIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2b179c-2d2d-4423-b6d6-b0837a7d4641/1/SlYKG6CHc5YmW3t5w3vmh5awrmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2b179c-2d2d-4423-b6d6-b0837a7d4641/1/P1amMzFVLvkdigAFozjsmC3zfIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.66.0/23
Signature Algorithm: sha256WithRSAEncryption
81:3b:97:e1:41:66:97:d7:ae:9f:ae:d1:8c:e9:97:af:fc:81:
d2:88:93:58:64:d5:d5:2b:0f:a0:51:06:ff:e7:2d:e2:2c:37:
78:38:c9:c9:ea:3a:7a:30:02:02:0f:b3:7b:dd:a1:1b:30:d9:
2e:7e:8b:40:80:db:cf:45:c1:36:d6:16:5b:03:c5:19:52:3e:
9c:ad:97:00:e6:fd:4f:4d:c5:6c:f3:a2:66:45:5d:b1:0f:a8:
07:1a:11:54:3b:21:f9:8c:2d:70:4b:9c:1f:5b:00:9a:8a:42:
3b:b4:60:66:3f:70:d1:5a:d0:67:40:e8:a8:bd:a3:fe:cf:e4:
f3:1d:6a:c8:6d:31:f3:40:a2:30:ba:e1:6f:3c:be:c3:12:ce:
8c:3b:e4:44:12:6e:35:36:d6:a2:22:ef:77:a0:26:43:57:9f:
e6:3d:0a:5b:ce:6c:fe:c7:81:fb:bb:fb:1a:e3:83:a6:51:c4:
46:4f:66:85:cb:19:e8:5b:83:2b:28:f4:f8:50:e8:08:5a:38:
ef:cc:2f:83:b7:f8:cf:3d:7a:3b:7c:fd:00:27:3d:b4:69:24:
56:51:6f:46:b9:6b:63:c2:fc:a1:1a:7d:22:62:bc:e8:f2:92:
69:e5:a9:ee:12:60:41:63:62:56:bc:b0:fd:cb:4d:53:22:9d:
39:d5:78:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJICQFOmc5tCgJb6MG7x1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNTZhNjMzMzE1NTJlZjkxZDhhMDAwNWEzMzhlYzk4MmRm
MzdjOGIwHhcNMjQwMTAxMDgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTU2MGExYmEwODc3Mzk2MjY1YjdiNzljMzdiZTY4Nzk2YjBhZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihSACV1fYl/+9lQVsswanKLEjZoD
gwWIbmzpGNQMoR/OJhAvKSL3paBnERbjGNuZRDhXGGRlX2aPo9uLcT1V8lsCudll
mwr08B4RwDcka2cz3K30VyX9QFl5qJHduF2FEbAa4p1ecTRWz6p+q2e/xmguOpiv
G+mjp856O8qnlxS64CAFa1yF/rT625ABL2ywXmLKSD1FrzS8cuv5PXdPR2Oofxa6
XoLpCDsrbqSxmna8eg9E0nn1n1xq5buq1s/znRWbj31YikNGnoBYdputynQfRsoH
zjv6IMFesQolju+c6ahJ5LNU3SsFDE5LVs9xlWL33wdP/TjHEDI9HwUWmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpWChugh3OWJlt7ecN75oeWsK5qMB8GA1UdIwQY
MBaAFD9WpjMxVS75HYoABaM47Jgt83yLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDFhbU16RlZMdmtkaWdBRm96anNtQzN6ZklzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yYjE3OWMtMmQyZC00NDIzLWI2ZDYt
YjA4MzdhN2Q0NjQxLzEvU2xZS0c2Q0hjNVltVzN0NXczdm1oNWF3cm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yYjE3OWMtMmQyZC00NDIzLWI2ZDYtYjA4MzdhN2Q0NjQx
LzEvUDFhbU16RlZMdmtkaWdBRm96anNtQzN6ZklzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpJCMA0G
CSqGSIb3DQEBCwUAA4IBAQCBO5fhQWaX166frtGM6Zev/IHSiJNYZNXVKw+gUQb/
5y3iLDd4OMnJ6jp6MAICD7N73aEbMNkufotAgNvPRcE21hZbA8UZUj6crZcA5v1P
TcVs86JmRV2xD6gHGhFUOyH5jC1wS5wfWwCaikI7tGBmP3DRWtBnQOiovaP+z+Tz
HWrIbTHzQKIwuuFvPL7DEs6MO+REEm41NtaiIu93oCZDV5/mPQpbzmz+x4H7u/sa
44OmUcRGT2aFyxnoW4MrKPT4UOgIWjjvzC+Dt/jPPXo7fP0AJz20aSRWUW9GuWtj
wvyhGn0iYrzo8pJp5anuEmBBY2JWvLD9y01TIp051Xj9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:46 2024 by rpki-client on console-fra.rpki-client.org