Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/1IOMOBl-0cN3Ynonl6JVmg8yceo.roa
File: 1IOMOBl-0cN3Ynonl6JVmg8yceo.roa (raw, json)
Hash identifier: hsz24BUKIRRE8mQdSYiDz0HT4RqdlFjaWIIlHKZllDE=
Subject key identifier: D4:83:8C:38:19:7E:D1:C3:77:62:7A:27:97:A2:55:9A:0F:32:71:EA
Certificate issuer: /CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Certificate serial: 01889AA36CCEA566F78C0C962CD36D0465E1
Authority key identifier: FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/1IOMOBl-0cN3Ynonl6JVmg8yceo.roa
Signing time: Thu 08 Jun 2023 10:53:01 +0000
ROA not before: Thu 08 Jun 2023 10:53:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206084
IP address blocks: 194.15.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:a3:6c:ce:a5:66:f7:8c:0c:96:2c:d3:6d:04:65:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Validity
Not Before: Jun 8 10:53:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4838c38197ed1c377627a2797a2559a0f3271ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d1:a7:6c:95:42:70:0b:91:60:91:24:f0:7b:
38:be:4e:c6:a8:b7:c6:6a:81:5e:7c:60:56:0f:da:
be:16:93:ae:2e:e6:5a:e5:8e:0c:d8:75:24:f0:31:
d2:17:e1:e6:3a:9c:36:93:e5:b3:22:95:b1:29:2d:
0e:64:a0:21:15:fe:99:77:6b:24:7d:d8:c3:57:f0:
ce:2c:12:1a:ff:e8:9f:e1:8b:fb:a2:bf:60:84:cb:
7d:8d:a8:29:24:58:3f:ea:69:78:87:3a:4b:60:d4:
72:71:b6:5d:67:67:66:45:3b:30:e1:04:39:2e:23:
00:ad:dc:55:b0:60:f8:24:31:ec:67:9e:6b:6e:10:
11:55:b8:de:4c:94:3a:56:06:9a:ed:64:1b:a6:5f:
b7:a4:14:49:dc:43:9c:0e:28:dd:2c:24:14:a1:7a:
20:b1:d3:82:78:0e:8e:71:af:c7:af:70:88:13:15:
b8:a6:f7:74:e5:ac:cd:00:97:da:ea:ac:73:b7:c5:
8a:ca:f0:97:3c:0b:fd:9d:29:53:89:54:71:7a:ce:
59:ee:e9:0f:69:19:14:c8:08:1e:c9:9e:44:23:9f:
8d:90:47:4f:cf:fd:e2:a1:e7:e2:a0:2e:dc:22:a9:
37:90:b5:4c:44:42:94:2b:6d:48:47:82:fe:65:7a:
aa:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:83:8C:38:19:7E:D1:C3:77:62:7A:27:97:A2:55:9A:0F:32:71:EA
X509v3 Authority Key Identifier:
keyid:FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/1IOMOBl-0cN3Ynonl6JVmg8yceo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/_L5iN4u1gK9O1wv6NavIQJRdeAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.251.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:9e:fc:0f:84:a5:77:60:41:57:31:e6:18:14:04:90:c0:51:
67:c4:e1:a2:1a:cc:ef:f4:ab:b5:78:6c:29:af:4a:ed:6a:0c:
08:69:fd:f1:88:7b:b1:9d:11:80:54:6b:5b:0b:86:a1:b9:78:
51:50:1c:74:b6:65:35:29:c9:01:91:bc:00:2d:73:ae:b6:60:
95:53:41:10:00:dd:7b:27:a9:fb:0e:6f:5a:66:94:af:52:2c:
8d:31:a1:26:8d:73:91:ce:07:bc:29:37:69:da:20:31:e5:7b:
76:bb:e2:ed:0e:03:12:c5:93:7b:ea:3c:d0:85:bc:21:1d:cd:
57:7a:79:5d:96:9b:6c:fd:d4:07:9f:c5:eb:6e:ae:c5:2d:09:
7f:35:0d:b0:a0:92:45:25:48:4f:e6:9e:cf:0e:45:59:b8:c0:
eb:ed:b6:33:88:c8:c6:fd:33:84:06:0d:c6:e9:98:37:69:d0:
43:15:34:b2:92:d1:2d:81:2a:9f:e7:62:5d:e1:f9:d0:fe:3f:
c7:d8:87:97:47:d9:c0:5e:c0:16:3c:d7:13:4f:fe:16:50:df:
b1:80:a9:0b:31:e3:ed:6f:cd:1e:1f:a3:62:a4:be:2f:89:a1:
98:86:f1:c0:5c:22:63:97:2d:12:40:c2:f9:fd:d9:fd:e2:05:
8e:d9:ee:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiao2zOpWb3jAyWLNNtBGXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYmU2MjM3OGJiNTgwYWY0ZWQ3MGJmYTM1YWJjODQwOTQ1
ZDc4MDMwHhcNMjMwNjA4MTA1MzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDgzOGMzODE5N2VkMWMzNzc2MjdhMjc5N2EyNTU5YTBmMzI3MWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdGnbJVCcAuRYJEk8Hs4vk7GqLfG
aoFefGBWD9q+FpOuLuZa5Y4M2HUk8DHSF+HmOpw2k+WzIpWxKS0OZKAhFf6Zd2sk
fdjDV/DOLBIa/+if4Yv7or9ghMt9jagpJFg/6ml4hzpLYNRycbZdZ2dmRTsw4QQ5
LiMArdxVsGD4JDHsZ55rbhARVbjeTJQ6Vgaa7WQbpl+3pBRJ3EOcDijdLCQUoXog
sdOCeA6Oca/Hr3CIExW4pvd05azNAJfa6qxzt8WKyvCXPAv9nSlTiVRxes5Z7ukP
aRkUyAgeyZ5EI5+NkEdPz/3ioefioC7cIqk3kLVMREKUK21IR4L+ZXqqxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSDjDgZftHDd2J6J5eiVZoPMnHqMB8GA1UdIwQY
MBaAFPy+YjeLtYCvTtcL+jWryECUXXgDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0w1aU40dTFnSzlPMXd2Nk5hdklRSlJkZUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9iOGQyOWMtMzMzMy00OTNjLTk3Mzkt
ZGY1NmVjNjcwZGU3LzEvMUlPTU9CbC0wY04zWW5vbmw2SlZtZzh5Y2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9iOGQyOWMtMzMzMy00OTNjLTk3MzktZGY1NmVjNjcwZGU3
LzEvX0w1aU40dTFnSzlPMXd2Nk5hdklRSlJkZUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg/7MA0G
CSqGSIb3DQEBCwUAA4IBAQBtnvwPhKV3YEFXMeYYFASQwFFnxOGiGszv9Ku1eGwp
r0rtagwIaf3xiHuxnRGAVGtbC4ahuXhRUBx0tmU1KckBkbwALXOutmCVU0EQAN17
J6n7Dm9aZpSvUiyNMaEmjXORzge8KTdp2iAx5Xt2u+LtDgMSxZN76jzQhbwhHc1X
enldlpts/dQHn8Xrbq7FLQl/NQ2woJJFJUhP5p7PDkVZuMDr7bYziMjG/TOEBg3G
6Zg3adBDFTSyktEtgSqf52Jd4fnQ/j/H2IeXR9nAXsAWPNcTT/4WUN+xgKkLMePt
b80eH6NipL4viaGYhvHAXCJjly0SQML5/dn94gWO2e5c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:24 2024 by rpki-client on console-ams.rpki-client.org