Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/a1gdXuCky0RhkMkDyLqcdvO_WNo.roa
File: a1gdXuCky0RhkMkDyLqcdvO_WNo.roa (raw, json)
Hash identifier: p/akP5EasF2euN5X/B/fFp6ce//6XSu41HJB2stikUU=
Subject key identifier: 6B:58:1D:5E:E0:A4:CB:44:61:90:C9:03:C8:BA:9C:76:F3:BF:58:DA
Certificate issuer: /CN=c5de32bb9cc99e115ddbaf6b7fa23051789f2f61
Certificate serial: 018B3FDD417479401722F288FE875AA68838
Authority key identifier: C5:DE:32:BB:9C:C9:9E:11:5D:DB:AF:6B:7F:A2:30:51:78:9F:2F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/a1gdXuCky0RhkMkDyLqcdvO_WNo.roa
Signing time: Tue 17 Oct 2023 22:59:06 +0000
ROA not before: Tue 17 Oct 2023 22:59:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 194.29.57.0/24 maxlen: 24
194.29.58.0/24 maxlen: 24
194.29.56.0/24 maxlen: 24
194.29.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3f:dd:41:74:79:40:17:22:f2:88:fe:87:5a:a6:88:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5de32bb9cc99e115ddbaf6b7fa23051789f2f61
Validity
Not Before: Oct 17 22:59:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b581d5ee0a4cb446190c903c8ba9c76f3bf58da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a8:15:58:7d:53:8f:94:fb:26:bb:21:ff:a4:
79:cb:cf:e0:e5:31:b8:3d:c4:46:f8:cd:68:8d:11:
1e:61:17:f8:c5:8d:7f:8d:c7:75:5d:dd:ca:53:57:
5f:5d:da:e9:ac:c0:3f:90:6f:2e:0c:dc:bb:44:d4:
f0:b2:3b:39:e3:8c:93:04:5e:08:1f:8d:93:ac:f8:
4d:fe:e3:d1:5f:a1:42:ba:ed:38:69:b4:ce:40:12:
35:8e:4b:b0:33:bc:5a:ac:c0:54:c4:b9:8a:f6:bf:
57:44:f8:d1:22:06:f8:07:6f:eb:75:27:9e:73:49:
28:fe:0f:54:92:e1:ec:bf:63:ff:7f:1d:41:68:95:
ea:30:fd:fa:b3:20:c8:9d:30:73:13:dd:db:2c:e4:
96:34:d5:e8:8c:6d:98:c0:c4:7a:f9:19:24:60:84:
a9:c0:50:bc:5d:f7:bb:4e:9a:dc:7e:be:2c:98:3a:
8e:89:08:e7:51:95:77:a5:39:e8:1b:da:f5:02:50:
17:89:08:da:38:7a:90:74:b8:62:0b:12:3f:76:12:
43:80:5d:44:d0:bd:a1:62:73:fd:84:b0:be:c0:aa:
5f:4b:e8:dc:24:13:5f:fc:53:35:11:43:d7:d1:9f:
7e:3a:5f:bb:4f:66:40:e3:ad:b1:bd:33:24:13:e8:
68:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:58:1D:5E:E0:A4:CB:44:61:90:C9:03:C8:BA:9C:76:F3:BF:58:DA
X509v3 Authority Key Identifier:
keyid:C5:DE:32:BB:9C:C9:9E:11:5D:DB:AF:6B:7F:A2:30:51:78:9F:2F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/a1gdXuCky0RhkMkDyLqcdvO_WNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/xd4yu5zJnhFd269rf6IwUXifL2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.29.56.0/22
Signature Algorithm: sha256WithRSAEncryption
79:9a:c3:85:77:bd:fa:ec:40:cc:8a:20:fe:2f:9f:8a:4f:b0:
97:9c:08:db:3e:97:69:2f:fc:ab:50:b5:3e:fc:74:63:03:63:
85:df:06:13:7c:c1:87:16:2c:31:29:d4:c2:5e:73:dd:cd:3a:
20:56:c1:22:b2:a8:ef:d5:41:f0:3f:3c:f8:8e:ed:c6:36:e3:
4c:60:1a:1e:dd:86:e5:59:2f:5c:54:5d:a9:16:75:9c:1e:a9:
27:18:f6:20:bd:a9:f8:37:7c:96:f6:48:5f:61:cc:5c:35:4a:
0c:bd:49:5b:0a:47:6d:aa:2a:e7:9b:e8:eb:10:4f:47:9c:77:
6f:08:51:93:4d:da:71:cc:70:20:46:fe:b0:9e:6c:89:f4:1b:
26:80:3b:52:34:fb:a9:8d:03:1e:83:78:b1:da:8a:33:8f:e2:
d4:05:9d:e0:91:ae:ae:b4:68:19:38:f2:22:03:cf:b5:c1:bf:
b9:be:16:4c:c0:37:be:9b:5b:8f:df:ba:3e:a3:d4:90:84:08:
96:75:ea:1a:22:8a:af:e6:c6:d4:78:63:74:a8:e3:37:d0:54:
a0:5d:e3:1c:58:32:2c:de:20:ad:4f:2c:40:ec:5e:58:98:6a:
c9:9e:e4:bf:f7:66:cb:2c:ca:07:01:88:1e:fe:7d:24:5b:1e:
5c:62:ea:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs/3UF0eUAXIvKI/odapog4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZGUzMmJiOWNjOTllMTE1ZGRiYWY2YjdmYTIzMDUxNzg5
ZjJmNjEwHhcNMjMxMDE3MjI1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjU4MWQ1ZWUwYTRjYjQ0NjE5MGM5MDNjOGJhOWM3NmYzYmY1OGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKgVWH1Tj5T7Jrsh/6R5y8/g5TG4
PcRG+M1ojREeYRf4xY1/jcd1Xd3KU1dfXdrprMA/kG8uDNy7RNTwsjs544yTBF4I
H42TrPhN/uPRX6FCuu04abTOQBI1jkuwM7xarMBUxLmK9r9XRPjRIgb4B2/rdSee
c0ko/g9UkuHsv2P/fx1BaJXqMP36syDInTBzE93bLOSWNNXojG2YwMR6+RkkYISp
wFC8Xfe7Tprcfr4smDqOiQjnUZV3pTnoG9r1AlAXiQjaOHqQdLhiCxI/dhJDgF1E
0L2hYnP9hLC+wKpfS+jcJBNf/FM1EUPX0Z9+Ol+7T2ZA462xvTMkE+hoEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtYHV7gpMtEYZDJA8i6nHbzv1jaMB8GA1UdIwQY
MBaAFMXeMrucyZ4RXduva3+iMFF4ny9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGQ0eXU1ekpuaEZkMjY5cmY2SXdVWGlmTDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9iZDA5ZTctYzQwYi00N2E2LThhMmUt
MDYzNjc1MzY3OWI2LzEvYTFnZFh1Q2t5MFJoa01rRHlMcWNkdk9fV05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9iZDA5ZTctYzQwYi00N2E2LThhMmUtMDYzNjc1MzY3OWI2
LzEveGQ0eXU1ekpuaEZkMjY5cmY2SXdVWGlmTDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwh04MA0G
CSqGSIb3DQEBCwUAA4IBAQB5msOFd7367EDMiiD+L5+KT7CXnAjbPpdpL/yrULU+
/HRjA2OF3wYTfMGHFiwxKdTCXnPdzTogVsEisqjv1UHwPzz4ju3GNuNMYBoe3Ybl
WS9cVF2pFnWcHqknGPYgvan4N3yW9khfYcxcNUoMvUlbCkdtqirnm+jrEE9HnHdv
CFGTTdpxzHAgRv6wnmyJ9BsmgDtSNPupjQMeg3ix2oozj+LUBZ3gka6utGgZOPIi
A8+1wb+5vhZMwDe+m1uP37o+o9SQhAiWdeoaIoqv5sbUeGN0qOM30FSgXeMcWDIs
3iCtTyxA7F5YmGrJnuS/92bLLMoHAYge/n0kWx5cYuo8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:45 2024 by rpki-client on console-fra.rpki-client.org