Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/cQGghjOwA0pIYi0AMIMYq8r1YV8.roa
File: cQGghjOwA0pIYi0AMIMYq8r1YV8.roa (raw, json)
Hash identifier: YD44Wx5IVeFmF7O02mgtVaRzbHwPgLuNlPbbw9LDrQo=
Subject key identifier: 71:01:A0:86:33:B0:03:4A:48:62:2D:00:30:83:18:AB:CA:F5:61:5F
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018DBBCF4E34D1F749D273A28D8862E95D83
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/cQGghjOwA0pIYi0AMIMYq8r1YV8.roa
Signing time: Sun 18 Feb 2024 10:42:21 +0000
ROA not before: Sun 18 Feb 2024 10:42:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134928
IP address blocks: 193.38.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 01:35:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bb:cf:4e:34:d1:f7:49:d2:73:a2:8d:88:62:e9:5d:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Feb 18 10:42:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7101a08633b0034a48622d00308318abcaf5615f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e0:1f:59:d0:b2:0e:c5:21:0c:dd:23:ff:55:
8d:59:53:8c:58:46:ce:92:27:ba:4e:64:cd:11:c0:
cf:5f:08:27:d0:ea:a7:ed:29:ef:a0:9b:df:36:13:
94:64:f2:24:89:4a:d7:44:a0:7b:09:39:53:c4:d2:
b8:54:65:c8:a0:9f:4f:96:8e:f6:4d:86:af:ec:05:
ea:4e:12:94:50:91:c7:9c:2a:35:82:1e:9b:32:51:
16:4a:99:3f:4b:fc:67:5b:66:98:f3:a0:82:b7:ea:
8a:ac:5f:76:f8:ad:88:35:85:a4:0d:17:b6:39:aa:
ed:0a:77:46:68:17:53:48:93:20:cf:c2:2b:f5:e9:
4f:91:cf:28:b1:7c:75:d1:26:27:66:6e:c2:e3:7a:
3c:9c:15:70:96:07:5c:91:b9:d3:83:bf:20:9f:7c:
26:06:a4:04:c8:d8:52:d0:86:f7:d2:3c:4f:cc:4e:
d4:9a:40:57:2f:b7:55:a1:72:70:a9:76:5e:a4:37:
63:2b:82:67:d6:20:27:2f:34:09:d1:db:e3:7a:18:
29:c5:95:01:6c:90:0e:25:f0:9a:42:4c:02:3a:f5:
8d:2d:e4:7a:65:da:88:94:d3:47:d7:02:7f:e9:9c:
7e:74:af:5e:e1:79:3e:40:28:d8:68:f7:e9:11:86:
51:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:01:A0:86:33:B0:03:4A:48:62:2D:00:30:83:18:AB:CA:F5:61:5F
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/cQGghjOwA0pIYi0AMIMYq8r1YV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.249.0/24
Signature Algorithm: sha256WithRSAEncryption
09:42:a1:62:d7:17:c8:ec:76:2e:98:90:e4:91:4a:19:bb:3d:
e9:66:2f:e0:3c:a8:7a:53:97:d0:a6:cf:00:b5:ae:67:c9:c5:
5a:c5:21:5c:7b:3d:9b:a6:26:32:c6:d4:ba:0a:09:70:f6:59:
cc:88:af:6a:df:59:fb:18:e1:53:d2:71:0b:2b:46:99:53:5e:
dd:d7:46:0b:df:32:3d:bd:0c:70:56:81:d2:fe:bd:3d:f4:9a:
41:60:5c:a3:8a:4d:32:63:18:cc:f8:bf:09:5b:f6:4f:57:59:
2e:97:a9:16:b5:c8:05:d4:05:db:66:23:59:27:ff:6c:ea:23:
ab:94:a0:ff:71:a8:7e:fc:35:94:fc:07:ea:e0:bb:cb:3a:f4:
43:13:96:2e:6c:ea:23:19:63:d8:ee:e5:a1:bd:2a:71:48:51:
31:c2:2a:13:96:0f:79:10:41:70:b1:04:df:18:ce:57:e4:83:
cc:39:ea:c1:bb:68:3c:dd:56:30:d3:bd:d1:07:6d:e1:0b:cd:
c7:8a:33:b6:76:95:e8:96:0d:ff:78:75:00:0b:38:68:e1:a0:
68:c3:97:da:52:a2:ef:82:e3:40:bf:42:a7:e6:f8:e4:21:64:
7f:33:29:04:b9:95:3e:b2:23:96:b1:2c:66:5d:52:28:23:a4:
46:69:7a:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY27z0400fdJ0nOijYhi6V2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMjE4MTA0MjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTAxYTA4NjMzYjAwMzRhNDg2MjJkMDAzMDgzMThhYmNhZjU2MTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+AfWdCyDsUhDN0j/1WNWVOMWEbO
kie6TmTNEcDPXwgn0Oqn7SnvoJvfNhOUZPIkiUrXRKB7CTlTxNK4VGXIoJ9Plo72
TYav7AXqThKUUJHHnCo1gh6bMlEWSpk/S/xnW2aY86CCt+qKrF92+K2INYWkDRe2
OartCndGaBdTSJMgz8Ir9elPkc8osXx10SYnZm7C43o8nBVwlgdckbnTg78gn3wm
BqQEyNhS0Ib30jxPzE7UmkBXL7dVoXJwqXZepDdjK4Jn1iAnLzQJ0dvjehgpxZUB
bJAOJfCaQkwCOvWNLeR6ZdqIlNNH1wJ/6Zx+dK9e4Xk+QCjYaPfpEYZR0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHEBoIYzsANKSGItADCDGKvK9WFfMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvY1FHZ2hqT3dBMHBJWWkwQU1JTVlxOHIxWVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSb5MA0G
CSqGSIb3DQEBCwUAA4IBAQAJQqFi1xfI7HYumJDkkUoZuz3pZi/gPKh6U5fQps8A
ta5nycVaxSFcez2bpiYyxtS6Cglw9lnMiK9q31n7GOFT0nELK0aZU17d10YL3zI9
vQxwVoHS/r099JpBYFyjik0yYxjM+L8JW/ZPV1kul6kWtcgF1AXbZiNZJ/9s6iOr
lKD/cah+/DWU/Afq4LvLOvRDE5YubOojGWPY7uWhvSpxSFExwioTlg95EEFwsQTf
GM5X5IPMOerBu2g83VYw073RB23hC83HijO2dpXolg3/eHUACzho4aBow5faUqLv
guNAv0Kn5vjkIWR/MykEuZU+siOWsSxmXVIoI6RGaXpH
-----END CERTIFICATE-----
Generated at Thu Mar 21 04:17:18 2024 by rpki-client on console-fra.rpki-client.org