Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/902599-48d6-4a89-8724-9c7a7bcaaf36/1/IGXFlhryOROgeof7QYVi9dG5nlc.roa
File: IGXFlhryOROgeof7QYVi9dG5nlc.roa (raw, json)
Hash identifier: PkUnVcoCFRnr+yOBVNsNYaRWjxpdyGlT/wDsIt4b4fc=
Subject key identifier: 20:65:C5:96:1A:F2:39:13:A0:7A:87:FB:41:85:62:F5:D1:B9:9E:57
Certificate issuer: /CN=278901c061a355a3fdaace0c80b967ad1cd3717a
Certificate serial: 01856EB90A85204D1AE91A930873473FF8D8
Authority key identifier: 27:89:01:C0:61:A3:55:A3:FD:AA:CE:0C:80:B9:67:AD:1C:D3:71:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J4kBwGGjVaP9qs4MgLlnrRzTcXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/902599-48d6-4a89-8724-9c7a7bcaaf36/1/IGXFlhryOROgeof7QYVi9dG5nlc.roa
Signing time: Sun 01 Jan 2023 19:04:58 +0000
ROA not before: Sun 01 Jan 2023 19:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207799
IP address blocks: 194.49.71.0/24 maxlen: 24
194.49.76.0/24 maxlen: 24
194.49.84.0/24 maxlen: 24
194.49.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:0a:85:20:4d:1a:e9:1a:93:08:73:47:3f:f8:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278901c061a355a3fdaace0c80b967ad1cd3717a
Validity
Not Before: Jan 1 19:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2065c5961af23913a07a87fb418562f5d1b99e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a6:a5:be:0a:47:a3:28:3c:69:e1:84:60:c8:
91:27:db:72:a8:cd:af:12:36:2c:eb:7a:e6:41:c0:
30:f6:f7:8c:bc:97:c9:f1:1a:2d:0e:87:8b:28:43:
c6:55:77:5a:f0:1b:c6:9c:67:40:4d:fa:4d:65:99:
0b:15:89:41:88:00:f0:a5:1f:49:d0:af:fa:89:77:
24:63:ae:6e:56:30:7e:f5:b6:92:83:dd:0d:09:2d:
e2:14:20:1a:1d:e7:bc:1f:73:3f:fa:0f:33:50:da:
e3:9b:75:05:12:8c:d1:29:52:ff:81:56:9f:ec:a3:
99:d6:f8:71:03:08:2b:c0:35:22:d1:f5:a9:30:f9:
8b:d9:c5:32:2f:7c:3a:e7:fa:6c:51:56:ec:74:e9:
c8:2a:42:1a:18:fb:68:3d:91:59:ca:32:15:e1:63:
8f:97:8a:47:a5:27:17:9f:9b:1c:7d:94:08:a4:81:
df:b9:60:98:c9:47:85:43:be:86:9b:c5:f1:5f:30:
35:c3:41:30:89:65:c0:22:fe:89:9c:3a:30:ac:61:
8a:3e:30:77:de:35:16:eb:1e:93:58:32:cb:8b:47:
a7:da:24:8b:0f:8c:1d:91:4b:e8:fb:cc:55:35:c1:
be:67:32:c9:69:2d:d4:ec:60:8d:cd:ae:df:ed:63:
7e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:65:C5:96:1A:F2:39:13:A0:7A:87:FB:41:85:62:F5:D1:B9:9E:57
X509v3 Authority Key Identifier:
keyid:27:89:01:C0:61:A3:55:A3:FD:AA:CE:0C:80:B9:67:AD:1C:D3:71:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J4kBwGGjVaP9qs4MgLlnrRzTcXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/902599-48d6-4a89-8724-9c7a7bcaaf36/1/IGXFlhryOROgeof7QYVi9dG5nlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/902599-48d6-4a89-8724-9c7a7bcaaf36/1/J4kBwGGjVaP9qs4MgLlnrRzTcXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.71.0/24
194.49.76.0/24
194.49.84.0/24
194.49.93.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:cc:65:5b:fd:64:29:96:51:84:3f:04:44:45:91:f7:32:f9:
16:4a:67:36:eb:32:5e:65:46:7d:ab:46:aa:27:ca:ce:62:a4:
e5:88:2f:a9:de:7d:91:ad:ed:a0:32:e4:93:af:fd:54:05:48:
a4:39:d3:62:29:0a:36:19:15:84:51:0b:21:28:72:0c:de:71:
70:7b:7d:03:d8:39:8e:80:d4:4e:12:bf:7c:81:62:55:a7:d3:
12:d5:a6:44:00:bb:bb:ba:83:9f:bf:d6:b7:4d:4a:ea:82:09:
a7:59:22:a8:29:7e:26:c4:dc:16:64:57:18:40:e5:30:ec:26:
c3:7c:09:0b:cd:35:3f:49:cf:ab:e2:18:4e:89:a2:5d:c0:f7:
d7:d2:27:da:a7:6c:b6:26:b3:3d:4b:48:6e:77:b1:60:61:58:
a9:b6:70:27:18:9f:cd:c9:eb:43:06:4f:1a:01:1e:80:90:d8:
63:d5:60:b3:c5:6b:e7:24:1b:40:87:ce:2a:b8:f9:93:5b:30:
c0:39:75:42:c4:e9:6e:83:92:54:86:8d:3a:16:b5:98:b7:eb:
74:e7:5b:96:b8:12:6b:c4:28:24:08:2b:10:62:74:8f:09:b6:
6a:04:2c:45:3b:a4:32:1f:21:ca:8a:c4:e8:cc:f7:f0:2c:77:
15:f6:23:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuuQqFIE0a6RqTCHNHP/jYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ODkwMWMwNjFhMzU1YTNmZGFhY2UwYzgwYjk2N2FkMWNk
MzcxN2EwHhcNMjMwMTAxMTkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY1YzU5NjFhZjIzOTEzYTA3YTg3ZmI0MTg1NjJmNWQxYjk5ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6alvgpHoyg8aeGEYMiRJ9tyqM2v
EjYs63rmQcAw9veMvJfJ8RotDoeLKEPGVXda8BvGnGdATfpNZZkLFYlBiADwpR9J
0K/6iXckY65uVjB+9baSg90NCS3iFCAaHee8H3M/+g8zUNrjm3UFEozRKVL/gVaf
7KOZ1vhxAwgrwDUi0fWpMPmL2cUyL3w65/psUVbsdOnIKkIaGPtoPZFZyjIV4WOP
l4pHpScXn5scfZQIpIHfuWCYyUeFQ76Gm8XxXzA1w0EwiWXAIv6JnDowrGGKPjB3
3jUW6x6TWDLLi0en2iSLD4wdkUvo+8xVNcG+ZzLJaS3U7GCNza7f7WN+BwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCBlxZYa8jkToHqH+0GFYvXRuZ5XMB8GA1UdIwQY
MBaAFCeJAcBho1Wj/arODIC5Z60c03F6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjRrQndHR2pWYVA5cXM0TWdMbG5yUnpUY1hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC85MDI1OTktNDhkNi00YTg5LTg3MjQt
OWM3YTdiY2FhZjM2LzEvSUdYRmxocnlPUk9nZW9mN1FZVmk5ZEc1bmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC85MDI1OTktNDhkNi00YTg5LTg3MjQtOWM3YTdiY2FhZjM2
LzEvSjRrQndHR2pWYVA5cXM0TWdMbG5yUnpUY1hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwjFHAwQA
wjFMAwQAwjFUAwQAwjFdMA0GCSqGSIb3DQEBCwUAA4IBAQA/zGVb/WQpllGEPwRE
RZH3MvkWSmc26zJeZUZ9q0aqJ8rOYqTliC+p3n2Rre2gMuSTr/1UBUikOdNiKQo2
GRWEUQshKHIM3nFwe30D2DmOgNROEr98gWJVp9MS1aZEALu7uoOfv9a3TUrqggmn
WSKoKX4mxNwWZFcYQOUw7CbDfAkLzTU/Sc+r4hhOiaJdwPfX0ifap2y2JrM9S0hu
d7FgYViptnAnGJ/NyetDBk8aAR6AkNhj1WCzxWvnJBtAh84quPmTWzDAOXVCxOlu
g5JUho06FrWYt+t051uWuBJrxCgkCCsQYnSPCbZqBCxFO6QyHyHKisTozPfwLHcV
9iMj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:12 2024 by rpki-client on console-fra.rpki-client.org