Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/3f0083-59d7-433a-905a-47b1bdf8d530/1/p6Rj-A5YmsfQOWI1PRZWsjiP1LA.roa
File: p6Rj-A5YmsfQOWI1PRZWsjiP1LA.roa (raw, json)
Hash identifier: KUFjm71MHyHS2/CsqcEfB+riCxutG0GQKo/z4ixiGXA=
Subject key identifier: A7:A4:63:F8:0E:58:9A:C7:D0:39:62:35:3D:16:56:B2:38:8F:D4:B0
Certificate issuer: /CN=b13971bfea78d6aa5b49ed5ac35c77b6a30a0894
Certificate serial: 01856E2FAF07C2CEADE2EE0A4E7DADB4C815
Authority key identifier: B1:39:71:BF:EA:78:D6:AA:5B:49:ED:5A:C3:5C:77:B6:A3:0A:08:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTlxv-p41qpbSe1aw1x3tqMKCJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/3f0083-59d7-433a-905a-47b1bdf8d530/1/p6Rj-A5YmsfQOWI1PRZWsjiP1LA.roa
Signing time: Sun 01 Jan 2023 16:34:56 +0000
ROA not before: Sun 01 Jan 2023 16:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43702
IP address blocks: 194.165.15.0/24 maxlen: 24
194.165.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:af:07:c2:ce:ad:e2:ee:0a:4e:7d:ad:b4:c8:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b13971bfea78d6aa5b49ed5ac35c77b6a30a0894
Validity
Not Before: Jan 1 16:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7a463f80e589ac7d03962353d1656b2388fd4b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e4:ca:07:f7:d7:d9:94:9d:72:46:55:0b:c7:
43:81:fc:1b:34:b8:6f:4d:ce:40:c6:44:08:24:cf:
64:f0:da:dd:97:e4:6c:ac:23:22:3e:7c:14:8b:15:
63:c3:cf:dc:13:76:e3:61:2d:b1:b1:8c:49:c8:89:
38:94:2d:c8:b6:67:4b:79:82:32:0a:b9:7e:af:29:
37:33:e3:44:37:69:35:80:8d:2d:96:cc:fd:c6:5d:
a2:62:72:57:59:ba:c1:f1:6f:7b:f4:c6:90:13:b0:
67:5e:3d:67:b0:9c:cc:18:3b:1e:18:6c:1a:a7:cc:
a0:af:b4:3a:41:47:3f:28:29:2f:fc:32:34:08:17:
92:8b:1b:b0:0f:4f:f8:f7:64:83:cc:6a:ce:67:4c:
df:1d:24:07:28:f4:c8:ef:ae:30:39:97:a7:84:a9:
0f:4a:1b:98:64:59:92:aa:3c:75:11:29:aa:04:bf:
eb:9c:13:63:1b:f7:1f:c8:56:6f:89:6f:33:b5:e8:
45:4e:4c:57:0c:86:85:6f:b7:50:44:e7:f2:87:2e:
ab:1a:c1:03:c7:d5:3e:b5:e5:de:5a:9a:9f:7d:9a:
bb:71:8e:dd:d4:63:e5:d1:23:c6:61:b2:15:4b:ef:
b6:8c:c2:6c:27:23:d9:4b:18:9b:43:ee:11:73:c3:
d2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:A4:63:F8:0E:58:9A:C7:D0:39:62:35:3D:16:56:B2:38:8F:D4:B0
X509v3 Authority Key Identifier:
keyid:B1:39:71:BF:EA:78:D6:AA:5B:49:ED:5A:C3:5C:77:B6:A3:0A:08:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTlxv-p41qpbSe1aw1x3tqMKCJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/3f0083-59d7-433a-905a-47b1bdf8d530/1/p6Rj-A5YmsfQOWI1PRZWsjiP1LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/3f0083-59d7-433a-905a-47b1bdf8d530/1/sTlxv-p41qpbSe1aw1x3tqMKCJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.14.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:a7:9a:25:db:3f:53:c1:1f:30:46:4c:17:50:6e:04:b8:7b:
1d:5a:9f:f9:c7:d9:64:6b:bf:b9:2a:a9:ae:cb:cf:07:84:3b:
62:59:ec:3c:e9:5f:a9:0e:b6:d8:dd:04:93:c6:6b:f2:cc:e7:
8f:ce:c3:2b:9e:07:a9:f3:74:e9:96:b6:a0:ea:a9:98:b3:7f:
89:a7:ec:c9:14:06:fd:86:b3:95:65:c7:2c:43:a1:7b:34:f5:
be:7f:35:ef:93:e8:0d:56:bd:2f:ac:01:00:61:0b:a8:03:a9:
f3:9a:8c:7a:1a:7b:91:6a:57:44:76:12:0f:ae:46:c3:d6:e4:
32:79:d6:93:50:31:d3:ed:76:78:e5:08:ef:69:6e:b6:ca:1a:
7b:77:82:d8:74:fa:91:76:ad:95:dd:95:39:a5:97:9c:e7:df:
cc:a8:98:3f:8f:8c:67:59:bc:63:3d:6c:be:8e:89:47:29:b7:
a4:29:a5:fc:3b:8b:7d:ca:64:7f:89:7d:94:5c:9d:01:c2:1d:
a8:ed:1d:8f:93:a2:90:74:63:c3:33:60:a9:fe:3f:7d:b2:34:
b5:a3:5c:2d:8b:c7:4f:04:c8:b4:3c:3d:35:51:e0:74:7b:9e:
72:b2:f9:77:39:10:90:36:1f:cb:56:a7:01:97:9f:2c:c6:df:
ab:7d:15:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL68Hws6t4u4KTn2ttMgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzk3MWJmZWE3OGQ2YWE1YjQ5ZWQ1YWMzNWM3N2I2YTMw
YTA4OTQwHhcNMjMwMTAxMTYzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2E0NjNmODBlNTg5YWM3ZDAzOTYyMzUzZDE2NTZiMjM4OGZkNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguTKB/fX2ZSdckZVC8dDgfwbNLhv
Tc5AxkQIJM9k8Nrdl+RsrCMiPnwUixVjw8/cE3bjYS2xsYxJyIk4lC3ItmdLeYIy
Crl+ryk3M+NEN2k1gI0tlsz9xl2iYnJXWbrB8W979MaQE7BnXj1nsJzMGDseGGwa
p8ygr7Q6QUc/KCkv/DI0CBeSixuwD0/492SDzGrOZ0zfHSQHKPTI764wOZenhKkP
ShuYZFmSqjx1ESmqBL/rnBNjG/cfyFZviW8ztehFTkxXDIaFb7dQROfyhy6rGsED
x9U+teXeWpqffZq7cY7d1GPl0SPGYbIVS++2jMJsJyPZSxibQ+4Rc8PS3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKekY/gOWJrH0DliNT0WVrI4j9SwMB8GA1UdIwQY
MBaAFLE5cb/qeNaqW0ntWsNcd7ajCgiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RseHYtcDQxcXBiU2UxYXcxeDN0cU1LQ0pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8zZjAwODMtNTlkNy00MzNhLTkwNWEt
NDdiMWJkZjhkNTMwLzEvcDZSai1BNVltc2ZRT1dJMVBSWldzamlQMUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8zZjAwODMtNTlkNy00MzNhLTkwNWEtNDdiMWJkZjhkNTMw
LzEvc1RseHYtcDQxcXBiU2UxYXcxeDN0cU1LQ0pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwqUOMA0G
CSqGSIb3DQEBCwUAA4IBAQBap5ol2z9TwR8wRkwXUG4EuHsdWp/5x9lka7+5Kqmu
y88HhDtiWew86V+pDrbY3QSTxmvyzOePzsMrngep83Tplrag6qmYs3+Jp+zJFAb9
hrOVZccsQ6F7NPW+fzXvk+gNVr0vrAEAYQuoA6nzmox6GnuRaldEdhIPrkbD1uQy
edaTUDHT7XZ45QjvaW62yhp7d4LYdPqRdq2V3ZU5pZec59/MqJg/j4xnWbxjPWy+
jolHKbekKaX8O4t9ymR/iX2UXJ0Bwh2o7R2Pk6KQdGPDM2Cp/j99sjS1o1wti8dP
BMi0PD01UeB0e55ysvl3ORCQNh/LVqcBl58sxt+rfRXr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:18 2024 by rpki-client on console-fra.rpki-client.org