Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/bUojw4gDlcf10RxVVYlMo1pc8VE.roa
File: bUojw4gDlcf10RxVVYlMo1pc8VE.roa (raw, json)
Hash identifier: Ug62J8YgoP4/EJA74NqYgjRnyRjuFrCGxBzLvhTPUAo=
Subject key identifier: 6D:4A:23:C3:88:03:95:C7:F5:D1:1C:55:55:89:4C:A3:5A:5C:F1:51
Certificate issuer: /CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Certificate serial: 018C24692C665F68AB6DC160CC14F18F9304
Authority key identifier: A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/bUojw4gDlcf10RxVVYlMo1pc8VE.roa
Signing time: Fri 01 Dec 2023 08:05:21 +0000
ROA not before: Fri 01 Dec 2023 08:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199541
IP address blocks: 147.196.0.0/16 maxlen: 16
153.98.37.0/24 maxlen: 24
153.98.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Dec 2023 11:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:69:2c:66:5f:68:ab:6d:c1:60:cc:14:f1:8f:93:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Validity
Not Before: Dec 1 08:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d4a23c3880395c7f5d11c5555894ca35a5cf151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:85:07:84:14:ce:1f:ce:3e:e2:e1:dc:57:cc:
36:94:d8:41:36:39:53:c0:b8:8e:51:c1:5d:61:ea:
19:18:12:65:f5:d2:96:11:3e:a6:35:b8:cc:32:9b:
42:20:a8:e1:5a:2f:35:9e:8d:29:a6:ac:91:ef:1b:
24:99:c3:42:2c:99:ce:86:3b:4d:57:9c:a6:3b:c0:
1a:6a:3b:0c:b5:5a:d6:bd:18:6a:09:72:27:cb:cd:
19:d9:a6:e5:78:59:d7:03:eb:a3:d2:b5:de:5b:8c:
c7:d7:09:f2:35:ae:99:b8:88:da:9f:d7:9b:03:fe:
1b:62:0b:3a:10:de:fa:92:01:a6:c1:c4:44:9d:e9:
ee:c3:96:14:eb:5a:23:62:f4:95:57:ee:bf:c5:fb:
a8:da:2c:8d:9e:ac:42:00:fc:01:f7:00:d9:e1:af:
59:ec:76:95:2f:40:ef:2d:a0:35:4e:a2:de:50:6a:
b0:72:b2:9b:59:9c:09:aa:a8:b4:30:9f:15:f6:0b:
89:5d:05:5c:d1:66:a5:27:d3:b9:a8:57:d5:3b:76:
1f:7e:2b:df:3b:b0:d6:a9:af:f2:38:66:a6:8a:b9:
d1:b8:80:02:60:8c:b9:42:fe:c8:4c:f9:46:52:1c:
2b:b9:12:2b:5e:8e:9d:d9:0c:13:ff:86:1f:b4:11:
01:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4A:23:C3:88:03:95:C7:F5:D1:1C:55:55:89:4C:A3:5A:5C:F1:51
X509v3 Authority Key Identifier:
keyid:A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/bUojw4gDlcf10RxVVYlMo1pc8VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.196.0.0/16
153.98.36.0/23
Signature Algorithm: sha256WithRSAEncryption
af:86:4e:be:6e:13:79:f8:3e:22:4e:22:cb:24:f9:c8:85:1e:
38:33:cf:8f:aa:79:9c:52:c8:e5:f6:32:90:d5:a5:76:01:16:
4b:e6:c2:10:bf:25:e0:63:58:1f:c6:a9:f4:cb:1b:75:0f:ab:
60:89:a7:3e:db:62:d1:e1:8f:02:fd:50:c4:79:89:46:8f:07:
bd:37:66:0a:2c:65:91:6f:5d:d6:99:81:cc:c4:f6:44:af:6f:
6e:ac:75:b6:2a:c9:95:ea:1c:56:31:d4:ce:49:2a:1c:4a:75:
dc:45:af:70:c6:37:72:30:c9:2a:e3:75:72:e8:4d:f2:50:2a:
f9:e0:77:06:cc:80:c9:6d:46:14:bf:79:c8:d9:71:2f:c6:21:
7d:b7:3a:c6:8d:e7:fd:10:fe:71:c5:5e:7b:b2:24:57:f0:ca:
f6:5e:c4:90:99:1d:7c:95:69:71:35:09:3c:1a:1a:69:d0:4c:
62:83:79:ee:ac:aa:22:d0:75:e5:bd:9c:48:85:ee:bf:15:df:
dd:b3:c1:be:b6:94:1d:ee:b5:c0:a4:c3:3c:ba:c1:e3:d4:60:
b3:93:a7:6d:55:1b:59:39:ce:bc:ea:50:0e:99:f5:8a:c4:80:
ae:10:e0:7f:9a:5e:ea:a2:17:c2:cf:80:67:c2:f3:64:9f:9f:
df:37:cb:75
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYwkaSxmX2irbcFgzBTxj5MEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmZjZmFkOTY2YWU3ZTgxNzFjZmNlMjZkYjNmNjU3NzZk
MjZmZTgwHhcNMjMxMjAxMDgwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDRhMjNjMzg4MDM5NWM3ZjVkMTFjNTU1NTg5NGNhMzVhNWNmMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYUHhBTOH84+4uHcV8w2lNhBNjlT
wLiOUcFdYeoZGBJl9dKWET6mNbjMMptCIKjhWi81no0ppqyR7xskmcNCLJnOhjtN
V5ymO8AaajsMtVrWvRhqCXIny80Z2ableFnXA+uj0rXeW4zH1wnyNa6ZuIjan9eb
A/4bYgs6EN76kgGmwcREnenuw5YU61ojYvSVV+6/xfuo2iyNnqxCAPwB9wDZ4a9Z
7HaVL0DvLaA1TqLeUGqwcrKbWZwJqqi0MJ8V9guJXQVc0WalJ9O5qFfVO3Yffivf
O7DWqa/yOGamirnRuIACYIy5Qv7ITPlGUhwruRIrXo6d2QwT/4YftBEB5QIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFG1KI8OIA5XH9dEcVVWJTKNaXPFRMB8GA1UdIwQY
MBaAFKdvz62WaufoFxz84m2z9ld20m/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEt
YzU0MDFmNmQ5MWQxLzEvYlVvanc0Z0RsY2YxMFJ4VlZZbE1vMXBjOFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEtYzU0MDFmNmQ5MWQx
LzEvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAk8QDBAGZ
YiQwDQYJKoZIhvcNAQELBQADggEBAK+GTr5uE3n4PiJOIssk+ciFHjgzz4+qeZxS
yOX2MpDVpXYBFkvmwhC/JeBjWB/GqfTLG3UPq2CJpz7bYtHhjwL9UMR5iUaPB703
ZgosZZFvXdaZgczE9kSvb26sdbYqyZXqHFYx1M5JKhxKddxFr3DGN3IwySrjdXLo
TfJQKvngdwbMgMltRhS/ecjZcS/GIX23OsaN5/0Q/nHFXnuyJFfwyvZexJCZHXyV
aXE1CTwaGmnQTGKDee6sqiLQdeW9nEiF7r8V392zwb62lB3utcCkwzy6wePUYLOT
p21VG1k5zrzqUA6Z9YrEgK4Q4H+aXuqiF8LPgGfC82Sfn983y3U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:39 2024 by rpki-client on console-fra.rpki-client.org