Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DwON4nVW-qLtNRHaY_bEMGGX9wc.roa
File: DwON4nVW-qLtNRHaY_bEMGGX9wc.roa (raw, json)
Hash identifier: 3UxF3E+uIun+V5l1mMuQ5viWw49+TRlE+WSVWZOqO1Y=
Subject key identifier: 0F:03:8D:E2:75:56:FA:A2:ED:35:11:DA:63:F6:C4:30:61:97:F7:07
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCE8C99F5573E26FFB74E30CABE031
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DwON4nVW-qLtNRHaY_bEMGGX9wc.roa
Signing time: Tue 02 Jan 2024 06:29:29 +0000
ROA not before: Tue 02 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48314
IP address blocks: 194.48.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 09:03:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:e8:c9:9f:55:73:e2:6f:fb:74:e3:0c:ab:e0:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f038de27556faa2ed3511da63f6c4306197f707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:02:99:f2:a2:0a:bd:d4:ec:b1:49:2d:1b:61:
ab:0f:55:b4:07:dd:38:0f:46:12:47:92:02:03:76:
8a:5b:73:8f:dd:8e:bf:a9:a5:59:ac:0e:0b:a5:0e:
50:44:a1:27:b5:44:c8:51:28:a5:c1:bf:b4:9e:a3:
60:91:91:c4:2c:c5:65:15:dd:53:c0:e4:41:41:82:
03:c5:ce:19:c1:b5:8c:76:00:a1:73:68:a3:3e:0f:
13:2b:38:0d:11:86:aa:11:fa:95:83:58:85:b0:c8:
2b:f7:4b:15:95:4d:eb:f7:f6:d0:39:dc:ab:b0:e1:
8d:fd:50:d9:97:a8:72:44:59:da:ba:e0:2e:a3:2e:
86:f5:6b:63:56:18:98:fd:4c:61:c8:d4:75:47:bb:
c2:19:79:22:78:e0:91:5b:d9:60:36:b6:21:99:f6:
1e:d8:49:a6:de:7a:b6:32:26:fc:68:1f:21:bf:2e:
ed:47:b9:bc:7e:a4:25:8b:9c:9f:01:c9:7d:72:2b:
ae:3c:26:48:cb:8d:44:04:6e:1d:ed:e3:b3:d0:a5:
26:27:c7:37:d2:03:67:c7:9b:a6:4a:92:47:a8:0f:
8a:b4:3b:60:bd:fb:ab:ef:e0:20:dd:77:cd:65:9e:
5a:bb:be:16:33:e7:2a:15:88:42:b9:27:38:d0:54:
98:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:03:8D:E2:75:56:FA:A2:ED:35:11:DA:63:F6:C4:30:61:97:F7:07
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DwON4nVW-qLtNRHaY_bEMGGX9wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:0f:33:ac:bf:c1:fb:dd:f6:a2:c0:86:17:0c:ba:a8:5c:14:
46:2b:ad:ff:6f:e1:8b:77:0d:52:b7:7d:54:a1:d9:36:04:b9:
43:c2:f9:b4:0f:29:4c:15:c7:6b:c0:2d:50:1f:65:20:b8:05:
e8:22:17:55:f8:b1:63:56:40:74:86:ef:0e:a2:0d:99:14:df:
54:9c:ab:85:53:34:ce:88:32:51:de:a0:2e:ee:2d:46:b2:92:
e0:82:ce:11:d2:c7:79:52:c7:9b:91:7e:21:d7:c6:9e:54:d4:
50:98:1f:19:74:f5:8b:9c:19:42:5f:7a:72:9d:49:57:70:ab:
1d:2d:f6:e6:af:dd:2a:ca:a7:dd:ea:03:6b:ff:95:4d:fc:6e:
b2:e3:d8:0a:89:57:f2:1c:d8:f8:71:a2:79:60:d8:59:60:34:
34:27:df:83:a6:7e:a1:ce:d7:16:ad:a2:66:ce:c6:e2:80:29:
b2:a1:5d:bc:99:79:63:f4:da:6f:2f:fa:6c:e2:5f:74:7d:7b:
2c:be:aa:84:4a:ab:86:e8:40:bf:b0:e7:1f:82:ee:e3:02:90:
be:9a:21:15:c6:9e:9c:fa:89:16:46:86:fc:b6:20:41:f9:1a:
25:8f:06:69:e7:ab:84:1f:86:bb:af:09:a4:c4:bb:2f:14:f2:
a7:07:6d:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3OjJn1Vz4m/7dOMMq+AxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjAzOGRlMjc1NTZmYWEyZWQzNTExZGE2M2Y2YzQzMDYxOTdmNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQKZ8qIKvdTssUktG2GrD1W0B904
D0YSR5ICA3aKW3OP3Y6/qaVZrA4LpQ5QRKEntUTIUSilwb+0nqNgkZHELMVlFd1T
wORBQYIDxc4ZwbWMdgChc2ijPg8TKzgNEYaqEfqVg1iFsMgr90sVlU3r9/bQOdyr
sOGN/VDZl6hyRFnauuAuoy6G9WtjVhiY/UxhyNR1R7vCGXkieOCRW9lgNrYhmfYe
2Emm3nq2Mib8aB8hvy7tR7m8fqQli5yfAcl9ciuuPCZIy41EBG4d7eOz0KUmJ8c3
0gNnx5umSpJHqA+KtDtgvfur7+Ag3XfNZZ5au74WM+cqFYhCuSc40FSYbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8DjeJ1Vvqi7TUR2mP2xDBhl/cHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRHdPTjRuVlctcUx0TlJIYVlfYkVNR0dYOXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjD7MA0G
CSqGSIb3DQEBCwUAA4IBAQBbDzOsv8H73faiwIYXDLqoXBRGK63/b+GLdw1St31U
odk2BLlDwvm0DylMFcdrwC1QH2UguAXoIhdV+LFjVkB0hu8Oog2ZFN9UnKuFUzTO
iDJR3qAu7i1GspLggs4R0sd5UsebkX4h18aeVNRQmB8ZdPWLnBlCX3pynUlXcKsd
Lfbmr90qyqfd6gNr/5VN/G6y49gKiVfyHNj4caJ5YNhZYDQ0J9+Dpn6hztcWraJm
zsbigCmyoV28mXlj9NpvL/ps4l90fXssvqqESquG6EC/sOcfgu7jApC+miEVxp6c
+okWRob8tiBB+RoljwZp56uEH4a7rwmkxLsvFPKnB23F
-----END CERTIFICATE-----
Generated at Mon Jan 22 13:45:37 2024 by rpki-client on console-ams.rpki-client.org