Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/b8bb1a-a88e-4b2f-987f-47015a6077b2/1/QRRIS0h_8oAyvV3gHSYyFbsZaa4.roa
File: QRRIS0h_8oAyvV3gHSYyFbsZaa4.roa (raw, json)
Hash identifier: /ON5YmN2CI+IbQLOl16eGkzcZ2ib7rfa4Phod4F88V8=
Subject key identifier: 41:14:48:4B:48:7F:F2:80:32:BD:5D:E0:1D:26:32:15:BB:19:69:AE
Certificate issuer: /CN=04248504b54555a9443b02a33d351a902863bb99
Certificate serial: 01856DA655226DDCA629FD7AD85ACB5FC02D
Authority key identifier: 04:24:85:04:B5:45:55:A9:44:3B:02:A3:3D:35:1A:90:28:63:BB:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BCSFBLVFValEOwKjPTUakChju5k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/b8bb1a-a88e-4b2f-987f-47015a6077b2/1/QRRIS0h_8oAyvV3gHSYyFbsZaa4.roa
Signing time: Sun 01 Jan 2023 14:04:55 +0000
ROA not before: Sun 01 Jan 2023 14:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198063
IP address blocks: 194.116.167.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:55:22:6d:dc:a6:29:fd:7a:d8:5a:cb:5f:c0:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04248504b54555a9443b02a33d351a902863bb99
Validity
Not Before: Jan 1 14:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4114484b487ff28032bd5de01d263215bb1969ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ff:bc:5d:71:c5:bc:e4:2b:d1:43:e0:ce:05:
28:65:0a:82:7c:fc:0f:22:91:11:d3:f8:cb:62:70:
1e:8f:f8:0b:41:7d:7b:29:61:67:50:a1:92:ac:4f:
01:e4:6c:51:85:97:f7:bb:02:dd:19:93:e6:47:09:
3e:0e:08:46:ef:e8:3f:d3:bd:0b:b6:2a:51:33:a6:
3b:fb:ea:35:23:1e:c0:7b:8e:99:68:33:af:25:c0:
21:bf:0c:4e:05:7c:e6:be:cd:51:73:4b:88:80:de:
7c:8e:d1:89:01:a1:06:3e:34:0d:78:a1:05:74:3d:
08:b0:f2:37:94:70:8b:ca:0c:12:8d:a6:8e:f5:42:
e1:e9:a8:44:8f:6c:39:68:c1:97:be:35:de:1c:dd:
58:44:f8:b2:27:89:b6:00:56:8a:30:50:9c:2a:89:
aa:7b:80:b6:fb:4d:56:c4:a7:87:ef:59:ca:7e:e3:
b6:48:c5:29:74:da:55:19:08:ef:24:c0:2e:c5:a3:
f1:5d:19:d2:23:89:d2:52:86:c2:49:67:be:bb:27:
84:08:a8:46:ec:12:2c:5a:d1:21:a6:37:91:65:4b:
51:19:6d:4e:99:81:a1:f3:05:a8:14:37:5b:62:c2:
da:c8:f7:bb:cd:34:60:ea:da:57:45:97:c5:b8:40:
d3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:14:48:4B:48:7F:F2:80:32:BD:5D:E0:1D:26:32:15:BB:19:69:AE
X509v3 Authority Key Identifier:
keyid:04:24:85:04:B5:45:55:A9:44:3B:02:A3:3D:35:1A:90:28:63:BB:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCSFBLVFValEOwKjPTUakChju5k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/b8bb1a-a88e-4b2f-987f-47015a6077b2/1/QRRIS0h_8oAyvV3gHSYyFbsZaa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/b8bb1a-a88e-4b2f-987f-47015a6077b2/1/BCSFBLVFValEOwKjPTUakChju5k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.167.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c2:bd:4c:fc:ca:ac:5f:ac:8b:bb:a2:58:eb:46:15:9a:88:
c5:41:37:29:ac:15:e2:c7:0a:03:41:f2:63:f8:7f:c7:8e:e9:
44:9a:33:74:3a:79:91:4e:01:1c:80:13:e5:57:6e:f6:39:41:
a1:fb:0c:63:aa:0d:03:15:bf:5c:03:3e:c0:9a:33:ee:7b:be:
e1:e3:62:eb:78:52:9a:f6:56:bc:ac:6f:99:88:67:a5:63:10:
d2:50:5e:8d:06:06:e4:e7:81:e5:d4:4c:0b:3d:6e:36:ea:38:
ba:04:86:31:4e:d6:5e:a1:79:0f:30:69:33:7f:ae:0c:56:40:
36:0f:33:ae:a7:0d:45:e2:96:c8:fe:5e:88:aa:c4:f4:69:b5:
40:b9:d4:f0:31:22:82:1d:64:a2:3f:9a:fd:69:bf:e1:73:85:
f4:70:1e:88:23:d7:b4:8b:64:2a:77:27:1c:bf:a2:46:c9:54:
5a:e5:c0:04:47:7a:16:0c:fa:e5:36:3b:1d:dd:da:01:1d:26:
11:08:a6:6a:15:3c:2f:af:b9:3f:cd:a1:1c:28:77:9a:22:55:
c2:32:89:11:2e:94:2e:cb:d7:4d:3b:47:fa:79:3e:af:b6:f2:
37:df:a6:65:50:3e:33:ff:da:8f:a0:84:e4:0e:99:12:0f:12:
ee:98:e7:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtplUibdymKf162FrLX8AtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MjQ4NTA0YjU0NTU1YTk0NDNiMDJhMzNkMzUxYTkwMjg2
M2JiOTkwHhcNMjMwMTAxMTQwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTE0NDg0YjQ4N2ZmMjgwMzJiZDVkZTAxZDI2MzIxNWJiMTk2OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/+8XXHFvOQr0UPgzgUoZQqCfPwP
IpER0/jLYnAej/gLQX17KWFnUKGSrE8B5GxRhZf3uwLdGZPmRwk+DghG7+g/070L
tipRM6Y7++o1Ix7Ae46ZaDOvJcAhvwxOBXzmvs1Rc0uIgN58jtGJAaEGPjQNeKEF
dD0IsPI3lHCLygwSjaaO9ULh6ahEj2w5aMGXvjXeHN1YRPiyJ4m2AFaKMFCcKomq
e4C2+01WxKeH71nKfuO2SMUpdNpVGQjvJMAuxaPxXRnSI4nSUobCSWe+uyeECKhG
7BIsWtEhpjeRZUtRGW1OmYGh8wWoFDdbYsLayPe7zTRg6tpXRZfFuEDTTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEUSEtIf/KAMr1d4B0mMhW7GWmuMB8GA1UdIwQY
MBaAFAQkhQS1RVWpRDsCoz01GpAoY7uZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNTRkJMVkZWYWxFT3dLalBUVWFrQ2hqdTVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9iOGJiMWEtYTg4ZS00YjJmLTk4N2Yt
NDcwMTVhNjA3N2IyLzEvUVJSSVMwaF84b0F5dlYzZ0hTWXlGYnNaYWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9iOGJiMWEtYTg4ZS00YjJmLTk4N2YtNDcwMTVhNjA3N2Iy
LzEvQkNTRkJMVkZWYWxFT3dLalBUVWFrQ2hqdTVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnSnMA0G
CSqGSIb3DQEBCwUAA4IBAQBewr1M/MqsX6yLu6JY60YVmojFQTcprBXixwoDQfJj
+H/HjulEmjN0OnmRTgEcgBPlV272OUGh+wxjqg0DFb9cAz7AmjPue77h42LreFKa
9la8rG+ZiGelYxDSUF6NBgbk54Hl1EwLPW426ji6BIYxTtZeoXkPMGkzf64MVkA2
DzOupw1F4pbI/l6IqsT0abVAudTwMSKCHWSiP5r9ab/hc4X0cB6II9e0i2Qqdycc
v6JGyVRa5cAER3oWDPrlNjsd3doBHSYRCKZqFTwvr7k/zaEcKHeaIlXCMokRLpQu
y9dNO0f6eT6vtvI336ZlUD4z/9qPoITkDpkSDxLumOfg
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:28 2024 by rpki-client on console-ams.rpki-client.org