Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/yq3W77T7FujqQPsr_bZ1ygDQmqo.roa
File: yq3W77T7FujqQPsr_bZ1ygDQmqo.roa (raw, json)
Hash identifier: SjF+TWns6kc0xhxYhk6vSOOPMc6YWpXENRTHT9hQ/NQ=
Subject key identifier: CA:AD:D6:EF:B4:FB:16:E8:EA:40:FB:2B:FD:B6:75:CA:00:D0:9A:AA
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018F2EE9DA1C5F0EA1694443A19B346EDEBB
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/yq3W77T7FujqQPsr_bZ1ygDQmqo.roa
Signing time: Tue 30 Apr 2024 12:10:28 +0000
ROA not before: Tue 30 Apr 2024 12:10:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51714
IP address blocks: 194.110.174.0/24 maxlen: 24
2a09:ff00:103::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 May 2024 16:04:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:e9:da:1c:5f:0e:a1:69:44:43:a1:9b:34:6e:de:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Apr 30 12:10:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caadd6efb4fb16e8ea40fb2bfdb675ca00d09aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a9:21:7b:9e:2b:eb:18:b6:68:1c:bd:5f:26:
d2:f9:ae:2d:c9:19:e5:d6:f5:09:a8:00:43:ff:a3:
c7:f1:79:e4:13:8f:21:1f:bb:e7:dc:24:b3:a6:87:
c4:42:5a:16:52:2b:e9:24:44:b6:78:e3:ab:61:aa:
f9:3c:1d:6d:f7:bf:97:f9:92:00:30:90:eb:5b:bc:
00:e5:33:76:da:6b:16:b7:a4:53:c3:df:94:52:6b:
69:41:dd:72:42:5d:c6:4b:ef:be:9e:b7:14:b4:74:
23:39:97:46:7b:da:cb:26:58:e4:c5:cd:fa:d7:20:
38:1a:50:0c:cd:2c:96:34:0b:52:8a:8d:ac:78:89:
ed:c0:79:99:3f:96:ea:b8:ad:41:29:33:61:01:47:
0e:df:c9:62:29:25:d8:b7:43:93:30:62:f2:4d:dd:
7c:3d:c7:07:6b:75:bd:57:55:94:e7:0b:85:ca:4b:
40:3e:a2:ec:34:78:f0:93:cf:67:be:1f:a9:ea:98:
51:8c:69:e8:76:80:27:a7:07:32:b2:d3:d1:83:60:
2b:6f:2b:72:3b:07:f2:6c:c6:cf:51:9b:04:c2:35:
8f:29:5f:82:1c:98:be:9f:09:88:f2:29:c7:52:91:
ba:5a:83:9a:3f:f3:09:ef:84:27:37:9a:3a:7b:c3:
29:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AD:D6:EF:B4:FB:16:E8:EA:40:FB:2B:FD:B6:75:CA:00:D0:9A:AA
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/yq3W77T7FujqQPsr_bZ1ygDQmqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.174.0/24
IPv6:
2a09:ff00:103::/48
Signature Algorithm: sha256WithRSAEncryption
5c:bd:22:8d:1e:dd:c8:0b:d9:43:4f:ca:46:9c:33:89:41:54:
28:d6:47:be:57:29:15:fd:72:3c:08:d2:ef:b9:d3:96:d0:8a:
14:69:cf:4b:b2:ad:a1:45:75:e5:4f:76:be:f4:b9:e2:10:e8:
f7:cb:45:b1:22:35:16:eb:8d:ad:7d:2c:d0:73:ad:3e:d5:14:
aa:ec:55:19:92:10:d9:e2:7b:7b:0b:04:26:60:b7:1a:0c:39:
88:5c:86:91:ef:4e:08:7b:20:45:27:46:d8:f5:f0:21:e8:86:
1f:a1:5e:13:77:11:7e:41:75:6c:20:d0:c0:5e:70:dc:62:fe:
d6:92:dd:95:e4:15:98:bb:9e:f2:99:18:b1:a4:4f:83:e1:1d:
f2:1c:e3:2b:e7:ab:45:5b:37:bf:c6:ff:19:84:56:94:86:28:
c4:4b:b0:c2:55:09:bd:29:87:24:ce:c7:a5:af:f0:0b:44:4e:
05:5e:02:32:16:78:38:0f:c2:0c:9b:06:fe:63:0a:3c:b9:21:
ec:35:b6:9d:bb:4b:d4:10:4e:39:f5:f8:84:6f:93:61:84:b2:
99:2b:81:75:23:c8:f3:75:77:41:06:fa:53:11:12:1c:c7:86:
21:6f:4f:c0:23:e1:c6:56:13:05:f4:21:45:63:09:62:d6:e9:
61:72:de:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8u6docXw6haURDoZs0bt67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNDMwMTIxMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWFkZDZlZmI0ZmIxNmU4ZWE0MGZiMmJmZGI2NzVjYTAwZDA5YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06khe54r6xi2aBy9XybS+a4tyRnl
1vUJqABD/6PH8XnkE48hH7vn3CSzpofEQloWUivpJES2eOOrYar5PB1t97+X+ZIA
MJDrW7wA5TN22msWt6RTw9+UUmtpQd1yQl3GS+++nrcUtHQjOZdGe9rLJljkxc36
1yA4GlAMzSyWNAtSio2seIntwHmZP5bquK1BKTNhAUcO38liKSXYt0OTMGLyTd18
PccHa3W9V1WU5wuFyktAPqLsNHjwk89nvh+p6phRjGnodoAnpwcystPRg2Arbyty
OwfybMbPUZsEwjWPKV+CHJi+nwmI8inHUpG6WoOaP/MJ74QnN5o6e8MpOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMqt1u+0+xbo6kD7K/22dcoA0JqqMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEveXEzVzc3VDdGdWpxUVBzcl9iWjF5Z0RRbXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwm6uMA8E
AgACMAkDBwAqCf8AAQMwDQYJKoZIhvcNAQELBQADggEBAFy9Io0e3cgL2UNPykac
M4lBVCjWR75XKRX9cjwI0u+505bQihRpz0uyraFFdeVPdr70ueIQ6PfLRbEiNRbr
ja19LNBzrT7VFKrsVRmSENnie3sLBCZgtxoMOYhchpHvTgh7IEUnRtj18CHohh+h
XhN3EX5BdWwg0MBecNxi/taS3ZXkFZi7nvKZGLGkT4PhHfIc4yvnq0VbN7/G/xmE
VpSGKMRLsMJVCb0phyTOx6Wv8AtETgVeAjIWeDgPwgybBv5jCjy5Iew1tp27S9QQ
Tjn1+IRvk2GEspkrgXUjyPN1d0EG+lMREhzHhiFvT8Aj4cZWEwX0IUVjCWLW6WFy
3nc=
-----END CERTIFICATE-----
Generated at Thu May 16 19:18:54 2024 by rpki-client on console-ams.rpki-client.org