Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/c8cc63-5305-4636-b336-e7176786f74a/1/1-klVztk0UBLHt47YhiexpCeCPgk.roa
File: 1-klVztk0UBLHt47YhiexpCeCPgk.roa (raw, json)
Hash identifier: i2p5eQkPQv8JERgOROW5ozhNx2grU4mEIfu9grJfJag=
Subject key identifier: FA:49:55:CE:D9:34:50:12:C7:B7:8E:D8:86:27:B1:A4:27:82:3E:09
Certificate issuer: /CN=17e69ddc29a05b2c45ee3cc5a2340b2e4c6dad5d
Certificate serial: 0187BD8FF8E9478C6D04C018E4C38B3A1C69
Authority key identifier: 17:E6:9D:DC:29:A0:5B:2C:45:EE:3C:C5:A2:34:0B:2E:4C:6D:AD:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F-ad3CmgWyxF7jzFojQLLkxtrV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/c8cc63-5305-4636-b336-e7176786f74a/1/1-klVztk0UBLHt47YhiexpCeCPgk.roa
Signing time: Wed 26 Apr 2023 12:35:41 +0000
ROA not before: Wed 26 Apr 2023 12:35:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197890
IP address blocks: 185.94.252.0/24 maxlen: 24
185.94.253.0/24 maxlen: 24
2a06:4580::/29 maxlen: 29
2a03:e300::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:8f:f8:e9:47:8c:6d:04:c0:18:e4:c3:8b:3a:1c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17e69ddc29a05b2c45ee3cc5a2340b2e4c6dad5d
Validity
Not Before: Apr 26 12:35:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa4955ced9345012c7b78ed88627b1a427823e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8e:6c:ae:7a:e0:c5:db:d7:f6:4e:78:8e:8d:
b0:a3:9f:e9:d0:e4:4e:c4:83:9f:15:0b:bc:4e:d5:
52:2d:50:51:a0:43:62:3f:02:48:ba:a8:9e:8f:e1:
4f:67:7d:bf:fe:af:ef:31:4d:79:aa:66:74:a7:45:
0f:a9:09:e1:1e:ce:3f:16:35:d6:46:85:e5:db:b4:
0a:fa:f1:07:5f:c4:4c:4e:18:51:24:96:74:95:0f:
48:37:2e:0f:a8:15:97:d8:34:c7:f5:ad:9b:5c:d6:
c1:0e:73:1a:16:bf:f7:84:e6:47:30:a5:be:30:c6:
b7:58:1e:cf:00:2c:b1:6c:f0:26:de:ec:5b:ac:1d:
a1:5c:71:a0:43:9b:06:65:a1:35:43:8d:1a:5c:55:
ce:ff:bb:67:81:c8:56:93:09:7e:46:01:cf:b5:bb:
93:70:31:4c:95:25:59:6c:cb:7b:91:78:f1:6d:ca:
81:7d:ee:e4:16:0b:9d:14:e7:2e:9d:86:c2:a0:40:
95:4e:f5:f1:1e:72:6b:66:e2:08:e9:5f:af:0d:96:
5b:4a:be:06:70:a0:70:8a:2f:92:4a:a0:06:bf:c4:
83:c3:e5:c4:43:36:ff:ce:fc:f9:1e:2b:9a:ac:b3:
47:5d:f6:9f:8c:73:1c:40:ca:60:0c:37:04:b7:2a:
f7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:49:55:CE:D9:34:50:12:C7:B7:8E:D8:86:27:B1:A4:27:82:3E:09
X509v3 Authority Key Identifier:
keyid:17:E6:9D:DC:29:A0:5B:2C:45:EE:3C:C5:A2:34:0B:2E:4C:6D:AD:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F-ad3CmgWyxF7jzFojQLLkxtrV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/c8cc63-5305-4636-b336-e7176786f74a/1/1-klVztk0UBLHt47YhiexpCeCPgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/c8cc63-5305-4636-b336-e7176786f74a/1/F-ad3CmgWyxF7jzFojQLLkxtrV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.252.0/23
IPv6:
2a03:e300::/32
2a06:4580::/29
Signature Algorithm: sha256WithRSAEncryption
cc:ec:b9:11:d1:f7:0d:8d:23:7f:52:35:21:8c:c1:95:4d:6a:
1f:b9:99:4e:6d:8d:47:47:64:ec:2d:b6:6e:a8:cb:71:85:7f:
fb:bc:a6:e7:88:92:d2:17:93:e8:9c:a3:40:6b:6b:df:fa:0b:
ab:d4:36:2d:ca:ae:3d:2e:aa:c7:7a:ec:31:d3:ab:01:4e:b0:
3f:b9:3e:16:66:52:34:c8:70:d1:ca:24:e6:54:b6:02:ab:0d:
ad:3b:4f:8d:48:28:cb:8f:83:ab:4a:d9:18:da:24:27:fe:89:
25:78:94:d8:4a:e3:fb:ce:e2:fc:41:ae:4e:61:b5:3b:3e:34:
96:d1:20:c6:ab:be:18:34:f4:37:17:b8:f6:50:3e:b9:52:32:
2b:11:4e:85:d5:bc:3e:a2:1a:ff:36:8f:81:be:f1:0a:2a:5b:
a7:c6:d4:8a:eb:62:f9:13:29:ad:6d:7a:76:1c:de:56:32:41:
0a:87:6c:64:bf:fe:53:2b:ef:50:6d:f1:79:ad:5d:04:60:16:
8b:01:b6:7c:af:ba:89:56:c3:1d:e5:fc:27:bf:1b:c0:83:b6:
f8:7f:91:70:64:5e:eb:c1:73:70:41:a4:ee:98:e3:11:e4:85:
57:98:47:84:9b:85:a4:18:a4:2a:e8:39:7d:0a:19:93:4f:5a:
49:d4:09:e5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYe9j/jpR4xtBMAY5MOLOhxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZTY5ZGRjMjlhMDViMmM0NWVlM2NjNWEyMzQwYjJlNGM2
ZGFkNWQwHhcNMjMwNDI2MTIzNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ5NTVjZWQ5MzQ1MDEyYzdiNzhlZDg4NjI3YjFhNDI3ODIzZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk45srnrgxdvX9k54jo2wo5/p0ORO
xIOfFQu8TtVSLVBRoENiPwJIuqiej+FPZ32//q/vMU15qmZ0p0UPqQnhHs4/FjXW
RoXl27QK+vEHX8RMThhRJJZ0lQ9INy4PqBWX2DTH9a2bXNbBDnMaFr/3hOZHMKW+
MMa3WB7PACyxbPAm3uxbrB2hXHGgQ5sGZaE1Q40aXFXO/7tngchWkwl+RgHPtbuT
cDFMlSVZbMt7kXjxbcqBfe7kFgudFOcunYbCoECVTvXxHnJrZuII6V+vDZZbSr4G
cKBwii+SSqAGv8SDw+XEQzb/zvz5HiuarLNHXfafjHMcQMpgDDcEtyr3HwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPpJVc7ZNFASx7eO2IYnsaQngj4JMB8GA1UdIwQY
MBaAFBfmndwpoFssRe48xaI0Cy5Mba1dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRi1hZDNDbWdXeXhGN2p6Rm9qUUxMa3h0clYwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9jOGNjNjMtNTMwNS00NjM2LWIzMzYt
ZTcxNzY3ODZmNzRhLzEvMS1rbFZ6dGswVUJMSHQ0N1loaWV4cENlQ1Bnay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGIvYzhjYzYzLTUzMDUtNDYzNi1iMzM2LWU3MTc2Nzg2Zjc0
YS8xL0YtYWQzQ21nV3l4RjdqekZvalFMTGt4dHJWMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgMEAble/DAU
BAIAAjAOAwUAKgPjAAMFAyoGRYAwDQYJKoZIhvcNAQELBQADggEBAMzsuRHR9w2N
I39SNSGMwZVNah+5mU5tjUdHZOwttm6oy3GFf/u8pueIktIXk+ico0Bra9/6C6vU
Ni3Krj0uqsd67DHTqwFOsD+5PhZmUjTIcNHKJOZUtgKrDa07T41IKMuPg6tK2Rja
JCf+iSV4lNhK4/vO4vxBrk5htTs+NJbRIMarvhg09DcXuPZQPrlSMisRToXVvD6i
Gv82j4G+8QoqW6fG1IrrYvkTKa1tenYc3lYyQQqHbGS//lMr71Bt8XmtXQRgFosB
tnyvuolWwx3l/Ce/G8CDtvh/kXBkXuvBc3BBpO6Y4xHkhVeYR4SbhaQYpCroOX0K
GZNPWknUCeU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:33 2024 by rpki-client on console-fra.rpki-client.org