Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/pK5tdyXDwUU1McU3oQm4NDFxRAI.roa
File: pK5tdyXDwUU1McU3oQm4NDFxRAI.roa (raw, json)
Hash identifier: yL2DTLynbJCLoGyi7HMh8EDQjj7mtZaG+mrigp6yvk0=
Subject key identifier: A4:AE:6D:77:25:C3:C1:45:35:31:C5:37:A1:09:B8:34:31:71:44:02
Certificate issuer: /CN=017c90654653ac150028562b32431491b52147d1
Certificate serial: 01856DCAFFF1BA9ED06830D21107BE0918E9
Authority key identifier: 01:7C:90:65:46:53:AC:15:00:28:56:2B:32:43:14:91:B5:21:47:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXyQZUZTrBUAKFYrMkMUkbUhR9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/pK5tdyXDwUU1McU3oQm4NDFxRAI.roa
Signing time: Sun 01 Jan 2023 14:44:58 +0000
ROA not before: Sun 01 Jan 2023 14:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200322
IP address blocks: 194.48.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ff:f1:ba:9e:d0:68:30:d2:11:07:be:09:18:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=017c90654653ac150028562b32431491b52147d1
Validity
Not Before: Jan 1 14:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4ae6d7725c3c1453531c537a109b83431714402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:26:a7:32:08:54:f1:2f:3d:1d:9a:54:56:15:
33:1f:36:07:51:07:76:d7:21:ba:b3:6d:e9:0e:9b:
1d:48:f0:cf:9d:bc:f0:61:37:dc:60:98:18:4e:35:
d3:b5:18:b5:8c:9a:ff:43:f0:5c:35:ec:3b:6f:0e:
6a:db:ea:51:57:99:53:66:70:e9:da:28:66:76:b3:
92:76:76:5f:32:96:a4:52:f2:d9:fb:f7:5e:a1:eb:
1f:c2:ab:f9:5b:af:a4:8d:c7:dc:bc:03:ea:6a:21:
6d:83:e7:51:2f:0c:8c:b9:f1:a1:b9:0b:01:ce:84:
69:16:b9:c6:a2:98:52:36:b3:66:77:62:64:0a:c3:
49:6d:92:89:e2:71:02:e1:ed:cc:b1:8d:2c:2c:68:
34:91:65:f7:c7:24:e8:af:9a:3b:9b:20:f5:4c:19:
8e:bd:f8:33:94:23:9b:25:7d:21:d0:64:7a:8f:79:
01:f9:08:9e:42:a7:40:91:76:7c:f0:90:42:14:ce:
fa:ac:bb:5e:c1:2a:bb:9a:43:d6:f2:b0:fa:79:b9:
55:fd:99:44:eb:eb:43:d1:cc:d6:ad:e6:2f:8e:e5:
7e:ee:8a:21:80:25:80:a6:d6:69:06:ee:af:fc:ad:
8a:bc:ce:a4:67:1e:41:09:17:61:8d:5a:62:bb:ba:
cf:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AE:6D:77:25:C3:C1:45:35:31:C5:37:A1:09:B8:34:31:71:44:02
X509v3 Authority Key Identifier:
keyid:01:7C:90:65:46:53:AC:15:00:28:56:2B:32:43:14:91:B5:21:47:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXyQZUZTrBUAKFYrMkMUkbUhR9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/pK5tdyXDwUU1McU3oQm4NDFxRAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.0.0/24
Signature Algorithm: sha256WithRSAEncryption
70:e5:e9:44:e0:de:88:5a:fb:d5:b9:2b:5b:1a:18:27:f7:34:
fd:72:b0:0f:47:15:ea:68:c6:d2:68:f8:6d:e3:a3:63:32:1c:
4d:fa:0e:83:9e:f6:eb:03:90:7f:cb:92:ca:a4:91:e4:74:54:
77:67:af:36:7d:b0:e4:25:2a:bf:60:8d:ef:18:1e:e1:bf:85:
42:31:3c:d7:fb:7a:f5:4e:82:f3:03:81:1d:39:ec:1f:0e:38:
4a:9b:d0:22:c6:fb:26:95:6b:90:19:16:7c:af:77:ca:d7:9b:
e3:94:50:49:f8:05:bb:95:d6:0b:39:e0:e6:41:d7:de:b2:3d:
75:77:24:6f:db:78:09:02:1f:d3:f7:6c:e0:d4:33:74:9c:f7:
75:69:d4:44:3f:f5:7c:c9:24:2b:8d:88:ed:8d:8f:2c:7f:5c:
e9:b4:c3:a4:ab:32:5e:78:28:61:b2:d3:09:e3:b1:c0:c9:ee:
1a:9e:ce:89:92:68:ae:31:63:10:f3:ac:92:5b:48:45:bc:5f:
9d:69:15:1e:92:52:d2:da:84:af:4c:7d:9f:4c:e1:80:be:2f:
c7:49:7b:2d:a8:fc:3b:b1:d3:67:f3:f4:b5:65:5d:ff:d0:ba:
02:bc:53:77:f2:67:d3:4e:90:52:0e:ab:ae:33:e0:64:5a:9b:
eb:00:53:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyv/xup7QaDDSEQe+CRjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxN2M5MDY1NDY1M2FjMTUwMDI4NTYyYjMyNDMxNDkxYjUy
MTQ3ZDEwHhcNMjMwMTAxMTQ0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGFlNmQ3NzI1YzNjMTQ1MzUzMWM1MzdhMTA5YjgzNDMxNzE0NDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSanMghU8S89HZpUVhUzHzYHUQd2
1yG6s23pDpsdSPDPnbzwYTfcYJgYTjXTtRi1jJr/Q/BcNew7bw5q2+pRV5lTZnDp
2ihmdrOSdnZfMpakUvLZ+/deoesfwqv5W6+kjcfcvAPqaiFtg+dRLwyMufGhuQsB
zoRpFrnGophSNrNmd2JkCsNJbZKJ4nEC4e3MsY0sLGg0kWX3xyTor5o7myD1TBmO
vfgzlCObJX0h0GR6j3kB+QieQqdAkXZ88JBCFM76rLtewSq7mkPW8rD6eblV/ZlE
6+tD0czWreYvjuV+7oohgCWAptZpBu6v/K2KvM6kZx5BCRdhjVpiu7rPLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSubXclw8FFNTHFN6EJuDQxcUQCMB8GA1UdIwQY
MBaAFAF8kGVGU6wVAChWKzJDFJG1IUfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVh5UVpVWlRyQlVBS0ZZck1rTVVrYlVoUjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8zNWI3ZTUtODg2NC00NzU5LWJiODYt
NzAxM2E2YzQzOTg1LzEvcEs1dGR5WER3VVUxTWNVM29RbTROREZ4UkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8zNWI3ZTUtODg2NC00NzU5LWJiODYtNzAxM2E2YzQzOTg1
LzEvQVh5UVpVWlRyQlVBS0ZZck1rTVVrYlVoUjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBw5elE4N6IWvvVuStbGhgn9zT9crAPRxXqaMbSaPht
46NjMhxN+g6DnvbrA5B/y5LKpJHkdFR3Z682fbDkJSq/YI3vGB7hv4VCMTzX+3r1
ToLzA4EdOewfDjhKm9AixvsmlWuQGRZ8r3fK15vjlFBJ+AW7ldYLOeDmQdfesj11
dyRv23gJAh/T92zg1DN0nPd1adREP/V8ySQrjYjtjY8sf1zptMOkqzJeeChhstMJ
47HAye4ans6JkmiuMWMQ86ySW0hFvF+daRUeklLS2oSvTH2fTOGAvi/HSXstqPw7
sdNn8/S1ZV3/0LoCvFN38mfTTpBSDquuM+BkWpvrAFM1
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:09 2024 by rpki-client on console-fra.rpki-client.org