Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/1-G7VYqywusGs3kTEMkSboxsC2sk.roa
File: 1-G7VYqywusGs3kTEMkSboxsC2sk.roa (raw, json)
Hash identifier: cOnH7XTlgqZWtoNfaAkf9zuMNNaEAN+yi+brA4lOjc8=
Subject key identifier: F8:6E:D5:62:AC:B0:BA:C1:AC:DE:44:C4:32:44:9B:A3:1B:02:DA:C9
Certificate issuer: /CN=a7a538aac33778460e19701aab5952c7aa25f05c
Certificate serial: 018CC493000EBFBDFB8F7F7D978DA11515CD
Authority key identifier: A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/1-G7VYqywusGs3kTEMkSboxsC2sk.roa
Signing time: Mon 01 Jan 2024 10:30:17 +0000
ROA not before: Mon 01 Jan 2024 10:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207718
IP address blocks: 194.147.33.0/24 maxlen: 24
194.147.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 03:40:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:00:0e:bf:bd:fb:8f:7f:7d:97:8d:a1:15:15:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a538aac33778460e19701aab5952c7aa25f05c
Validity
Not Before: Jan 1 10:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f86ed562acb0bac1acde44c432449ba31b02dac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:16:cd:9c:2f:c8:6c:c0:8c:47:6f:c0:ef:bb:
9d:b6:ca:02:08:41:05:f3:bd:43:2b:12:ec:6c:6e:
c8:b2:af:fc:5b:8e:49:1d:39:7a:92:57:76:28:f2:
68:0f:22:c8:d7:29:ac:3c:3a:55:9b:1d:5e:97:b1:
ef:16:5d:bc:bc:b7:35:99:06:15:f8:a6:f8:52:16:
6f:4e:fd:9b:d2:f7:d7:dc:d3:28:de:fa:52:f6:28:
e9:33:8f:a0:78:f8:dc:9d:7f:6d:87:d5:3c:8f:d3:
ab:c0:8f:e4:4c:8f:50:2e:ad:28:0d:f1:e1:c9:99:
b8:f7:3a:8a:f0:9f:60:80:95:81:36:fd:17:57:d5:
39:df:d3:29:2a:81:d1:76:e4:28:20:9d:32:07:27:
89:45:9b:10:59:01:60:4b:ac:18:d4:56:8d:3f:64:
a2:c6:04:02:68:08:d3:71:33:92:55:6e:af:ef:6a:
51:07:91:c7:1f:da:54:09:fc:52:f8:f7:60:ce:90:
ea:a7:bd:f3:a4:14:2e:bd:ca:95:05:6a:9c:ea:26:
cc:bd:d4:c5:ca:e2:6d:89:fe:c8:de:18:12:08:19:
99:36:3d:c0:d2:cd:70:48:d8:c5:90:cc:8d:a0:79:
a3:65:28:dd:b1:1d:c9:68:6a:30:6b:06:18:c3:fe:
2e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:6E:D5:62:AC:B0:BA:C1:AC:DE:44:C4:32:44:9B:A3:1B:02:DA:C9
X509v3 Authority Key Identifier:
keyid:A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/1-G7VYqywusGs3kTEMkSboxsC2sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.32.0/23
Signature Algorithm: sha256WithRSAEncryption
88:43:dd:af:3f:0c:07:18:a7:9f:e3:5c:49:f4:04:80:b2:fc:
ce:b2:21:71:a9:d0:77:f6:12:0c:4a:39:17:7d:ac:54:46:b9:
7b:57:3b:3c:12:f8:1c:4a:7b:57:12:f7:15:0b:75:9b:22:25:
f3:25:e6:74:fa:08:d0:76:b7:e9:f8:27:8f:9f:d8:fc:85:89:
ff:1b:a8:5b:29:e7:52:6d:e9:7e:96:72:db:d1:b5:ec:3a:bc:
b5:c4:ac:bc:76:c4:2a:3a:cd:d0:9c:bf:f2:61:90:d5:20:c8:
81:d0:d1:be:2b:46:48:3b:45:ed:ad:3f:21:f9:a4:5c:29:b8:
b9:03:7d:e4:bc:d3:5e:81:92:da:48:c9:1a:a2:d3:f2:8a:f1:
29:03:a4:70:b9:f1:e9:36:72:70:ab:7b:36:cd:af:41:5c:2e:
25:f2:6f:51:81:e2:52:d2:bf:27:a3:4c:36:34:75:cf:6b:8a:
e1:49:9d:e3:21:ed:e8:b1:32:fb:45:92:5d:24:d2:17:09:ea:
3c:c1:88:73:99:5e:0d:e5:bf:47:bf:c1:25:fc:49:a0:54:85:
10:eb:9f:88:35:40:be:99:72:49:c0:0d:f2:04:32:90:21:84:
05:f4:b9:44:b4:55:8b:8c:54:12:8a:d8:67:7a:5b:df:13:ff:
66:de:55:51
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEkwAOv737j399l42hFRXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTUzOGFhYzMzNzc4NDYwZTE5NzAxYWFiNTk1MmM3YWEy
NWYwNWMwHhcNMjQwMTAxMTAzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODZlZDU2MmFjYjBiYWMxYWNkZTQ0YzQzMjQ0OWJhMzFiMDJkYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhbNnC/IbMCMR2/A77udtsoCCEEF
871DKxLsbG7Isq/8W45JHTl6kld2KPJoDyLI1ymsPDpVmx1el7HvFl28vLc1mQYV
+Kb4UhZvTv2b0vfX3NMo3vpS9ijpM4+gePjcnX9th9U8j9OrwI/kTI9QLq0oDfHh
yZm49zqK8J9ggJWBNv0XV9U539MpKoHRduQoIJ0yByeJRZsQWQFgS6wY1FaNP2Si
xgQCaAjTcTOSVW6v72pRB5HHH9pUCfxS+PdgzpDqp73zpBQuvcqVBWqc6ibMvdTF
yuJtif7I3hgSCBmZNj3A0s1wSNjFkMyNoHmjZSjdsR3JaGowawYYw/4u9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPhu1WKssLrBrN5ExDJEm6MbAtrJMB8GA1UdIwQY
MBaAFKelOKrDN3hGDhlwGqtZUseqJfBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZVNHFzTTNlRVlPR1hBYXExbFN4Nm9sOEZ3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hODMzMzctNmUxNi00Y2Q5LTkyMWEt
ODdiMDEwZWE2MjM1LzEvMS1HN1ZZcXl3dXNHczNrVEVNa1Nib3hzQzJzay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDcvYTgzMzM3LTZlMTYtNGNkOS05MjFhLTg3YjAxMGVhNjIz
NS8xL3A2VTRxc00zZUVZT0dYQWFxMWxTeDZvbDhGdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcKTIDAN
BgkqhkiG9w0BAQsFAAOCAQEAiEPdrz8MBxinn+NcSfQEgLL8zrIhcanQd/YSDEo5
F32sVEa5e1c7PBL4HEp7VxL3FQt1myIl8yXmdPoI0Ha36fgnj5/Y/IWJ/xuoWynn
Um3pfpZy29G17Dq8tcSsvHbEKjrN0Jy/8mGQ1SDIgdDRvitGSDtF7a0/IfmkXCm4
uQN95LzTXoGS2kjJGqLT8orxKQOkcLnx6TZycKt7Ns2vQVwuJfJvUYHiUtK/J6NM
NjR1z2uK4Umd4yHt6LEy+0WSXSTSFwnqPMGIc5leDeW/R7/BJfxJoFSFEOufiDVA
vplyScAN8gQykCGEBfS5RLRVi4xUEorYZ3pb3xP/Zt5VUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:51 2024 by rpki-client on console-fra.rpki-client.org