Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/C6V7jMb32GcIIXueqnOjrdHDhMo.roa
File: C6V7jMb32GcIIXueqnOjrdHDhMo.roa (raw, json)
Hash identifier: Z5CCc4T+IklDBoII5ZIG1SYAaQ+sYmbbM2SXQYkZxoo=
Subject key identifier: 0B:A5:7B:8C:C6:F7:D8:67:08:21:7B:9E:AA:73:A3:AD:D1:C3:84:CA
Certificate issuer: /CN=5ad943a41ce27e7b7bcfdff69a89c3e337ea63b5
Certificate serial: 018B80FA68AF4B5A2A96AF0DAA664B3004BC
Authority key identifier: 5A:D9:43:A4:1C:E2:7E:7B:7B:CF:DF:F6:9A:89:C3:E3:37:EA:63:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WtlDpBzifnt7z9_2monD4zfqY7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/C6V7jMb32GcIIXueqnOjrdHDhMo.roa
Signing time: Mon 30 Oct 2023 14:26:16 +0000
ROA not before: Mon 30 Oct 2023 14:26:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51306
IP address blocks: 194.127.244.0/22 maxlen: 24
2a07:cf80::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:fa:68:af:4b:5a:2a:96:af:0d:aa:66:4b:30:04:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad943a41ce27e7b7bcfdff69a89c3e337ea63b5
Validity
Not Before: Oct 30 14:26:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ba57b8cc6f7d86708217b9eaa73a3add1c384ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:90:7b:a4:a9:f8:b4:14:19:a5:09:30:65:a2:
1f:3d:9d:86:30:3a:3e:d0:e4:5d:4f:da:f0:73:93:
5c:28:32:df:f8:ab:e9:5f:f9:8b:53:83:02:d8:6b:
ee:dc:fa:fd:2f:4b:c0:51:f1:ce:23:61:25:5a:7a:
eb:c7:df:99:cd:4d:29:60:4d:f1:38:f9:90:70:2c:
1d:d0:87:d5:1f:02:8a:75:9d:9b:aa:5f:42:80:85:
0c:36:a0:bf:d3:e2:c7:8b:b2:3e:d7:58:9f:6a:79:
c7:39:02:3e:96:75:6a:53:0e:d6:1c:4d:27:14:f9:
c5:ed:32:1a:7d:5e:54:22:72:d5:5e:ed:b2:8a:58:
0b:04:bd:83:22:38:b2:2a:c2:94:23:ed:1a:5a:08:
52:ef:45:c5:26:1a:83:4a:21:92:ca:3e:09:16:dd:
32:44:27:45:3e:af:9a:00:9a:32:a2:07:3d:03:1f:
06:89:20:ca:7b:1a:c0:b4:8e:85:d0:a6:20:a2:3f:
70:e1:4b:ad:6c:5a:52:8b:54:a3:27:65:13:20:cf:
de:90:be:b6:e1:e5:f1:dd:09:36:31:f1:40:0c:05:
0c:da:7c:75:4b:5f:e6:89:6a:50:33:e9:dc:96:5e:
0f:f7:02:7c:31:56:9f:d4:42:b4:40:bf:62:d0:c8:
b6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A5:7B:8C:C6:F7:D8:67:08:21:7B:9E:AA:73:A3:AD:D1:C3:84:CA
X509v3 Authority Key Identifier:
keyid:5A:D9:43:A4:1C:E2:7E:7B:7B:CF:DF:F6:9A:89:C3:E3:37:EA:63:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WtlDpBzifnt7z9_2monD4zfqY7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/C6V7jMb32GcIIXueqnOjrdHDhMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/WtlDpBzifnt7z9_2monD4zfqY7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.244.0/22
IPv6:
2a07:cf80::/32
Signature Algorithm: sha256WithRSAEncryption
5b:bd:01:37:f9:8c:aa:f4:f0:41:2a:c1:4c:1c:a7:e5:d1:9d:
ef:8d:5d:6b:f8:49:b6:e0:2c:21:6e:75:d7:c9:d0:98:42:b2:
9d:0b:d9:09:18:76:0d:29:cf:10:96:b2:90:30:5f:6e:74:69:
80:74:09:24:63:23:a6:74:fd:b8:75:b8:1f:24:4b:e1:65:c1:
eb:55:8c:e9:e2:f0:75:46:bb:2d:be:a9:ee:58:c1:59:a6:3a:
5b:ed:a6:e0:2c:83:2e:43:cd:7a:3f:57:b2:78:81:9c:68:4d:
0e:25:b9:70:79:8c:2a:dc:ab:a4:24:dc:7f:22:f2:0d:3c:43:
39:27:7d:eb:77:3f:57:b0:54:f0:c0:63:a6:df:48:bb:68:65:
ae:c7:55:66:a4:44:fd:1b:49:fb:cc:25:67:80:00:5b:16:ac:
95:ee:d2:8a:e3:bc:c9:2b:87:57:ee:1a:a6:00:66:05:52:dc:
74:69:57:10:66:46:4f:37:5a:1f:1b:a1:0e:82:3d:7f:ca:be:
de:50:69:81:f9:27:bd:7e:bc:5b:5a:c0:1f:59:ff:d6:73:a0:
d8:1b:99:8a:5e:a3:72:94:45:64:c1:f7:fe:b2:26:b8:6d:63:
54:af:f3:19:c4:6f:2b:35:59:b0:a9:b4:0a:14:ea:82:f8:d7:
73:08:91:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuA+mivS1oqlq8NqmZLMAS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDk0M2E0MWNlMjdlN2I3YmNmZGZmNjlhODljM2UzMzdl
YTYzYjUwHhcNMjMxMDMwMTQyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmE1N2I4Y2M2ZjdkODY3MDgyMTdiOWVhYTczYTNhZGQxYzM4NGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpB7pKn4tBQZpQkwZaIfPZ2GMDo+
0ORdT9rwc5NcKDLf+KvpX/mLU4MC2Gvu3Pr9L0vAUfHOI2ElWnrrx9+ZzU0pYE3x
OPmQcCwd0IfVHwKKdZ2bql9CgIUMNqC/0+LHi7I+11ifannHOQI+lnVqUw7WHE0n
FPnF7TIafV5UInLVXu2yilgLBL2DIjiyKsKUI+0aWghS70XFJhqDSiGSyj4JFt0y
RCdFPq+aAJoyogc9Ax8GiSDKexrAtI6F0KYgoj9w4UutbFpSi1SjJ2UTIM/ekL62
4eXx3Qk2MfFADAUM2nx1S1/miWpQM+ncll4P9wJ8MVaf1EK0QL9i0Mi2gwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAule4zG99hnCCF7nqpzo63Rw4TKMB8GA1UdIwQY
MBaAFFrZQ6Qc4n57e8/f9pqJw+M36mO1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RsRHBCemlmbnQ3ejlfMm1vbkQ0emZxWTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8yMWI3Y2UtMmVjNi00NzllLThhNGQt
ODRmOTA1OTM5MTNjLzEvQzZWN2pNYjMyR2NJSVh1ZXFuT2pyZEhEaE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8yMWI3Y2UtMmVjNi00NzllLThhNGQtODRmOTA1OTM5MTNj
LzEvV3RsRHBCemlmbnQ3ejlfMm1vbkQ0emZxWTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwn/0MA0E
AgACMAcDBQAqB8+AMA0GCSqGSIb3DQEBCwUAA4IBAQBbvQE3+Yyq9PBBKsFMHKfl
0Z3vjV1r+Em24CwhbnXXydCYQrKdC9kJGHYNKc8QlrKQMF9udGmAdAkkYyOmdP24
dbgfJEvhZcHrVYzp4vB1RrstvqnuWMFZpjpb7abgLIMuQ816P1eyeIGcaE0OJblw
eYwq3KukJNx/IvINPEM5J33rdz9XsFTwwGOm30i7aGWux1VmpET9G0n7zCVngABb
FqyV7tKK47zJK4dX7hqmAGYFUtx0aVcQZkZPN1ofG6EOgj1/yr7eUGmB+Se9frxb
WsAfWf/Wc6DYG5mKXqNylEVkwff+sia4bWNUr/MZxG8rNVmwqbQKFOqC+NdzCJGn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:07 2024 by rpki-client on console-ams.rpki-client.org