Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/Q6jqx7PiL9pEONffruZK7lVHjes.roa
File: Q6jqx7PiL9pEONffruZK7lVHjes.roa (raw, json)
Hash identifier: MpQ5imvSg1C2HGLvZeJW+CBXCQ2GZOaXRMM6/iQ+4ZQ=
Subject key identifier: 43:A8:EA:C7:B3:E2:2F:DA:44:38:D7:DF:AE:E6:4A:EE:55:47:8D:EB
Certificate issuer: /CN=ba68595997900ded300e9925709da627e93f363a
Certificate serial: 01857295D55E403EC457A34EE3942C797445
Authority key identifier: BA:68:59:59:97:90:0D:ED:30:0E:99:25:70:9D:A6:27:E9:3F:36:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umhZWZeQDe0wDpklcJ2mJ-k_Njo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/Q6jqx7PiL9pEONffruZK7lVHjes.roa
Signing time: Mon 02 Jan 2023 13:05:00 +0000
ROA not before: Mon 02 Jan 2023 13:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3215
IP address blocks: 194.5.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:d5:5e:40:3e:c4:57:a3:4e:e3:94:2c:79:74:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba68595997900ded300e9925709da627e93f363a
Validity
Not Before: Jan 2 13:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43a8eac7b3e22fda4438d7dfaee64aee55478deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:45:47:74:bd:cd:7c:e9:81:27:a2:44:f2:73:
4c:09:2b:5a:ad:ab:3e:52:3c:1c:f2:cd:66:a1:90:
36:45:83:7a:7a:83:d5:b9:6e:ea:77:0f:35:e6:78:
95:e1:4a:d7:91:8e:ca:dc:2c:e0:9d:49:80:b4:ef:
64:ed:29:96:c2:42:6c:ab:6b:20:2f:9b:d4:9b:55:
ab:5c:8f:f6:63:c3:94:63:85:b3:f5:79:70:84:d6:
5f:8d:c2:58:9f:13:9f:b7:3f:fa:f6:1d:bb:46:cc:
cc:02:51:e2:6e:01:5c:fd:f0:cd:11:0e:5a:82:21:
74:1c:ab:79:d4:05:35:7d:2f:af:64:21:20:43:75:
dd:8f:e0:6a:64:1f:2d:65:19:9b:ea:54:3a:61:19:
b9:9d:c5:58:15:b5:02:d7:34:85:f4:d5:9a:a8:d3:
41:ed:62:01:b1:bc:89:d4:d6:5f:66:51:2e:62:21:
96:0b:a9:45:50:40:1b:5d:5b:44:7f:5a:19:5b:ef:
3d:0b:f1:8a:af:a5:43:ef:66:dd:ff:92:92:37:70:
48:ba:88:2b:91:1d:e6:64:6a:e4:a8:a1:46:c0:fb:
06:b8:34:5e:0a:d3:fd:db:7b:1c:16:17:58:d1:01:
59:8d:29:d6:ee:ed:c4:b6:b9:84:00:78:38:4c:9f:
bf:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A8:EA:C7:B3:E2:2F:DA:44:38:D7:DF:AE:E6:4A:EE:55:47:8D:EB
X509v3 Authority Key Identifier:
keyid:BA:68:59:59:97:90:0D:ED:30:0E:99:25:70:9D:A6:27:E9:3F:36:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umhZWZeQDe0wDpklcJ2mJ-k_Njo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/Q6jqx7PiL9pEONffruZK7lVHjes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.189.0/24
Signature Algorithm: sha256WithRSAEncryption
39:0d:19:f7:b0:3b:da:a5:eb:f4:3f:d8:46:74:fc:72:6b:b0:
07:e2:34:f5:81:15:82:e6:5d:f2:55:99:15:89:a9:db:41:a1:
ab:ee:60:76:d7:2a:57:d7:cf:ce:dd:4d:65:f8:5d:87:f1:b6:
9c:78:70:6d:a7:15:42:38:5d:b5:ad:bb:98:31:f9:61:8c:4f:
84:a9:8f:2f:59:f7:5d:52:75:77:55:40:b2:a9:9b:f1:01:9c:
06:79:1a:1a:05:30:8b:68:e4:36:7e:b4:bb:3b:d9:f7:da:34:
51:52:ec:71:dc:f2:5f:5a:9a:f5:0e:60:0e:02:5e:72:89:fa:
6f:79:c8:92:94:09:21:b8:84:30:a5:60:80:de:5b:62:d1:95:
7c:89:e8:d3:4f:93:55:49:d4:13:98:fb:7f:5e:d3:f9:bb:52:
8f:f4:f1:5d:f7:e7:14:a2:46:45:72:6b:c3:27:f0:ed:72:85:
3c:54:32:bc:30:d1:ef:c8:06:e9:a5:17:c8:6c:e8:a4:99:72:
78:f9:6f:58:cd:1f:c2:f7:32:e5:e2:e1:71:d8:e7:86:e9:c1:
25:c3:ff:08:55:2e:e7:5d:aa:92:44:58:c5:cb:11:62:05:3e:
3c:6c:9f:ad:d0:af:e8:45:f2:c6:e3:8b:9b:91:d6:f0:ce:c8:
36:82:d7:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyldVeQD7EV6NO45QseXRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjg1OTU5OTc5MDBkZWQzMDBlOTkyNTcwOWRhNjI3ZTkz
ZjM2M2EwHhcNMjMwMTAyMTMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2E4ZWFjN2IzZTIyZmRhNDQzOGQ3ZGZhZWU2NGFlZTU1NDc4ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUVHdL3NfOmBJ6JE8nNMCStaras+
Ujwc8s1moZA2RYN6eoPVuW7qdw815niV4UrXkY7K3CzgnUmAtO9k7SmWwkJsq2sg
L5vUm1WrXI/2Y8OUY4Wz9XlwhNZfjcJYnxOftz/69h27RszMAlHibgFc/fDNEQ5a
giF0HKt51AU1fS+vZCEgQ3Xdj+BqZB8tZRmb6lQ6YRm5ncVYFbUC1zSF9NWaqNNB
7WIBsbyJ1NZfZlEuYiGWC6lFUEAbXVtEf1oZW+89C/GKr6VD72bd/5KSN3BIuogr
kR3mZGrkqKFGwPsGuDReCtP923scFhdY0QFZjSnW7u3EtrmEAHg4TJ+/yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOo6sez4i/aRDjX367mSu5VR43rMB8GA1UdIwQY
MBaAFLpoWVmXkA3tMA6ZJXCdpifpPzY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1oWldaZVFEZTB3RHBrbGNKMm1KLWtfTmpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80NzJhNGQtZmNhZS00NDU0LTk5Njct
MDJkZWQ5YjJlMGM5LzEvUTZqcXg3UGlMOXBFT05mZnJ1Wks3bFZIamVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80NzJhNGQtZmNhZS00NDU0LTk5NjctMDJkZWQ5YjJlMGM5
LzEvdW1oWldaZVFEZTB3RHBrbGNKMm1KLWtfTmpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgW9MA0G
CSqGSIb3DQEBCwUAA4IBAQA5DRn3sDvapev0P9hGdPxya7AH4jT1gRWC5l3yVZkV
ianbQaGr7mB21ypX18/O3U1l+F2H8baceHBtpxVCOF21rbuYMflhjE+EqY8vWfdd
UnV3VUCyqZvxAZwGeRoaBTCLaOQ2frS7O9n32jRRUuxx3PJfWpr1DmAOAl5yifpv
eciSlAkhuIQwpWCA3lti0ZV8iejTT5NVSdQTmPt/XtP5u1KP9PFd9+cUokZFcmvD
J/DtcoU8VDK8MNHvyAbppRfIbOikmXJ4+W9YzR/C9zLl4uFx2OeG6cElw/8IVS7n
XaqSRFjFyxFiBT48bJ+t0K/oRfLG44ubkdbwzsg2gtd2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:02 2024 by rpki-client on console-fra.rpki-client.org