Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/1SsqEzAiDsBqzfyvo2Z7e8BV9zQ.roa
File: 1SsqEzAiDsBqzfyvo2Z7e8BV9zQ.roa (raw, json)
Hash identifier: DrdBQQivqljPX1DaXp8EjVi7zvhwi4fGJzOBZGEbEPc=
Subject key identifier: D5:2B:2A:13:30:22:0E:C0:6A:CD:FC:AF:A3:66:7B:7B:C0:55:F7:34
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018DAC9D3AF145F3E6005001279FB7E91362
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/1SsqEzAiDsBqzfyvo2Z7e8BV9zQ.roa
Signing time: Thu 15 Feb 2024 11:53:21 +0000
ROA not before: Thu 15 Feb 2024 11:53:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205552
IP address blocks: 194.40.240.0/24 maxlen: 24
194.40.241.0/24 maxlen: 24
194.40.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 11:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:9d:3a:f1:45:f3:e6:00:50:01:27:9f:b7:e9:13:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Feb 15 11:53:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d52b2a1330220ec06acdfcafa3667b7bc055f734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:63:b5:a3:e3:d4:54:91:59:20:cb:aa:ba:f4:
3d:60:01:61:ed:f6:08:c6:32:97:71:b3:78:ba:63:
e6:38:05:2a:3a:c0:39:73:a8:7c:18:c4:7f:54:dd:
ac:82:97:cf:5a:ec:8c:1d:5f:9c:ab:a3:58:6a:27:
e1:2d:df:77:43:4c:13:91:40:84:89:98:15:a7:1b:
c7:72:e2:4d:fc:2c:5d:94:b9:e3:7b:11:9d:45:cf:
dc:49:ff:cc:5d:19:5d:24:33:15:f1:80:c0:19:f0:
5e:6e:61:20:4a:7b:04:28:8b:c6:c9:d3:a1:d8:83:
54:c8:9b:96:18:24:ec:94:ad:cf:99:33:e8:97:60:
93:ff:fa:db:50:f4:44:d4:b7:2d:4d:15:18:90:5e:
02:08:b4:f7:5e:dc:af:5d:a4:cc:3f:65:6b:16:94:
ea:ff:11:6e:d8:92:cd:20:74:9e:07:47:26:23:8d:
80:85:ec:a3:50:9d:48:d7:6e:81:69:ca:e5:a2:09:
18:a8:23:e3:b1:9d:9d:84:4d:f4:ff:83:ca:7a:5e:
ca:ad:0d:94:5a:6a:79:a5:88:57:7b:03:c1:5b:04:
78:a0:6a:af:77:f2:fa:70:f5:59:59:aa:d2:09:60:
49:66:32:e8:c8:d7:d9:7a:82:05:22:4e:77:43:45:
21:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:2B:2A:13:30:22:0E:C0:6A:CD:FC:AF:A3:66:7B:7B:C0:55:F7:34
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/1SsqEzAiDsBqzfyvo2Z7e8BV9zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.40.240.0-194.40.242.255
Signature Algorithm: sha256WithRSAEncryption
57:ed:23:a3:c1:55:89:a3:32:4c:df:80:33:90:ba:b0:2e:6b:
2c:c2:59:34:30:01:b1:d4:9e:38:4a:db:5b:35:3e:35:89:3d:
c8:9d:48:2a:ca:eb:f6:d3:85:21:8b:7f:e8:d7:e7:90:20:bc:
a2:ed:1c:de:d4:14:17:2c:95:7c:8b:d7:49:4c:66:ba:ff:0b:
f5:55:49:95:c4:0d:5c:3d:a1:1f:73:9c:c6:26:2b:58:d6:49:
ba:61:59:d5:94:5e:70:67:c4:0b:1e:c2:52:fa:47:89:bc:7a:
4f:d7:8f:28:e8:39:22:7c:a9:28:a9:66:27:fa:53:a4:d8:8a:
3e:3b:72:8b:da:d6:2d:ad:8e:49:9b:23:a8:8f:db:3a:56:a0:
c6:03:e7:70:89:49:60:df:0d:aa:ff:e8:10:f3:45:94:12:26:
e4:72:a9:d8:4f:d3:98:2d:c4:74:80:4f:9f:be:72:a3:28:8f:
c0:f3:37:8d:be:94:87:f6:a7:37:bd:d7:e9:15:86:e1:8b:31:
b7:a9:d9:bf:a2:3c:54:5a:a2:2d:20:d4:22:cf:22:2e:df:12:
e6:68:2b:03:92:f7:6c:a9:de:96:19:59:41:82:26:ec:a4:97:
be:b1:8e:2e:a1:e3:3e:92:43:b3:97:93:b9:88:1b:43:c6:ae:
09:8e:08:68
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY2snTrxRfPmAFABJ5+36RNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMjE1MTE1MzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTJiMmExMzMwMjIwZWMwNmFjZGZjYWZhMzY2N2I3YmMwNTVmNzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2O1o+PUVJFZIMuquvQ9YAFh7fYI
xjKXcbN4umPmOAUqOsA5c6h8GMR/VN2sgpfPWuyMHV+cq6NYaifhLd93Q0wTkUCE
iZgVpxvHcuJN/CxdlLnjexGdRc/cSf/MXRldJDMV8YDAGfBebmEgSnsEKIvGydOh
2INUyJuWGCTslK3PmTPol2CT//rbUPRE1LctTRUYkF4CCLT3XtyvXaTMP2VrFpTq
/xFu2JLNIHSeB0cmI42AheyjUJ1I126BacrlogkYqCPjsZ2dhE30/4PKel7KrQ2U
Wmp5pYhXewPBWwR4oGqvd/L6cPVZWarSCWBJZjLoyNfZeoIFIk53Q0UhiwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNUrKhMwIg7Aas38r6Nme3vAVfc0MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvMVNzcUV6QWlEc0JxemZ5dm8yWjdlOEJWOXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATCKPAD
BADCKPIwDQYJKoZIhvcNAQELBQADggEBAFftI6PBVYmjMkzfgDOQurAuayzCWTQw
AbHUnjhK21s1PjWJPcidSCrK6/bThSGLf+jX55AgvKLtHN7UFBcslXyL10lMZrr/
C/VVSZXEDVw9oR9znMYmK1jWSbphWdWUXnBnxAsewlL6R4m8ek/XjyjoOSJ8qSip
Zif6U6TYij47cova1i2tjkmbI6iP2zpWoMYD53CJSWDfDar/6BDzRZQSJuRyqdhP
05gtxHSAT5++cqMoj8DzN42+lIf2pze91+kVhuGLMbep2b+iPFRaoi0g1CLPIi7f
EuZoKwOS92yp3pYZWUGCJuykl76xji6h4z6SQ7OXk7mIG0PGrgmOCGg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:51 2025 by rpki-client