Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/fac7ed-9018-45db-8947-fb5c582e4097/1/AiZd7szT04QrlfZbmcHa0CSUW78.roa
File: AiZd7szT04QrlfZbmcHa0CSUW78.roa (raw, json)
Hash identifier: qi52oh8uFH4szmnpvrpS5vhd60rmSqxtyzW0XOuR5BQ=
Subject key identifier: 02:26:5D:EE:CC:D3:D3:84:2B:95:F6:5B:99:C1:DA:D0:24:94:5B:BF
Certificate issuer: /CN=e230de5fd3c2455173ba696a99441d9620d81d38
Certificate serial: 01856B0A15485B607F4F087666A67F21BB2C
Authority key identifier: E2:30:DE:5F:D3:C2:45:51:73:BA:69:6A:99:44:1D:96:20:D8:1D:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jDeX9PCRVFzumlqmUQdliDYHTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/fac7ed-9018-45db-8947-fb5c582e4097/1/AiZd7szT04QrlfZbmcHa0CSUW78.roa
Signing time: Sun 01 Jan 2023 01:55:00 +0000
ROA not before: Sun 01 Jan 2023 01:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49771
IP address blocks: 194.242.24.0/24 maxlen: 24
194.242.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:15:48:5b:60:7f:4f:08:76:66:a6:7f:21:bb:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e230de5fd3c2455173ba696a99441d9620d81d38
Validity
Not Before: Jan 1 01:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02265deeccd3d3842b95f65b99c1dad024945bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:20:69:5e:a3:1b:ed:12:f5:34:ad:13:94:59:
30:89:97:88:80:33:77:34:86:5d:f2:a4:67:7b:a2:
56:ba:1d:d3:7c:d4:3e:98:77:08:73:d5:99:17:05:
61:05:b5:91:37:6f:2e:90:76:3a:83:07:ec:8d:c3:
0f:97:ca:06:fe:19:ff:4c:8e:d5:67:40:8e:a9:dc:
74:4e:2c:ac:50:df:ab:db:39:bd:76:e6:3b:eb:c7:
cf:06:03:25:98:c5:9f:f0:7d:63:4f:d5:f1:ff:81:
5d:e9:d4:b8:0b:3b:31:0b:42:1d:f9:11:b5:6c:00:
b0:93:ea:97:7e:f0:b4:af:73:ce:06:af:aa:09:6f:
eb:57:cc:91:6b:88:18:85:48:e6:98:f1:c0:7c:ea:
6a:67:a2:b6:4a:d0:9c:14:42:3f:3a:de:e4:30:bd:
9f:f8:90:55:59:0b:14:11:2d:5c:bd:0d:1e:38:ea:
74:06:5b:62:9a:30:a2:ab:a7:3d:23:fd:16:03:84:
67:fe:64:9f:f3:45:ed:5a:06:1e:88:bb:43:ee:fa:
4b:b4:96:56:3c:e2:9a:d0:3b:7c:2f:97:81:cb:0c:
03:f5:b8:28:5a:ea:2d:e3:e6:6c:8a:a0:9f:95:d6:
47:5c:83:4a:5a:89:9a:46:75:45:82:56:27:06:f9:
cd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:26:5D:EE:CC:D3:D3:84:2B:95:F6:5B:99:C1:DA:D0:24:94:5B:BF
X509v3 Authority Key Identifier:
keyid:E2:30:DE:5F:D3:C2:45:51:73:BA:69:6A:99:44:1D:96:20:D8:1D:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jDeX9PCRVFzumlqmUQdliDYHTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/fac7ed-9018-45db-8947-fb5c582e4097/1/AiZd7szT04QrlfZbmcHa0CSUW78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/fac7ed-9018-45db-8947-fb5c582e4097/1/4jDeX9PCRVFzumlqmUQdliDYHTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.24.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:b4:3b:c9:dc:cb:8c:a2:49:88:05:7f:d8:27:9b:9c:33:52:
29:6d:13:16:a7:c3:32:89:b0:28:af:b5:19:ae:9c:4c:f8:f0:
3b:3b:29:9f:3c:be:b8:b9:53:a0:8b:75:d1:9f:36:d5:a6:68:
3c:72:3e:3a:92:7b:1f:cd:e4:be:71:0e:d1:58:e7:b2:04:0c:
17:f1:49:c7:45:4f:b2:36:98:cb:f6:d5:73:64:4f:c9:ae:ef:
24:4b:50:35:12:7b:66:f7:33:9a:1d:c8:51:7c:9f:75:1c:d2:
9c:83:19:a0:7b:37:54:2a:0a:a7:63:f3:23:63:9d:d5:eb:b0:
78:de:d0:5c:5b:67:3e:e7:8b:44:67:b2:e3:49:1d:24:99:7e:
cc:13:23:dd:e2:e0:45:f8:49:e9:aa:dd:a8:55:fc:15:e8:f0:
de:5c:ca:4b:a2:b1:dc:3a:4c:12:39:d3:90:5a:c9:2c:44:7f:
03:ad:53:e7:53:a4:32:49:76:96:90:9a:93:f4:f8:b1:a9:bb:
61:d6:bb:ac:cc:21:b1:92:c0:1c:79:94:c8:b8:b3:31:ee:90:
18:e3:36:6e:b3:85:b1:06:a3:af:ed:8c:90:2b:b1:d8:7d:2a:
09:06:d0:53:27:80:a8:ad:e7:83:50:19:83:b3:dc:75:7e:d0:
52:31:ca:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrChVIW2B/Twh2ZqZ/IbssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMzBkZTVmZDNjMjQ1NTE3M2JhNjk2YTk5NDQxZDk2MjBk
ODFkMzgwHhcNMjMwMTAxMDE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjI2NWRlZWNjZDNkMzg0MmI5NWY2NWI5OWMxZGFkMDI0OTQ1YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyBpXqMb7RL1NK0TlFkwiZeIgDN3
NIZd8qRne6JWuh3TfNQ+mHcIc9WZFwVhBbWRN28ukHY6gwfsjcMPl8oG/hn/TI7V
Z0COqdx0TiysUN+r2zm9duY768fPBgMlmMWf8H1jT9Xx/4Fd6dS4CzsxC0Id+RG1
bACwk+qXfvC0r3POBq+qCW/rV8yRa4gYhUjmmPHAfOpqZ6K2StCcFEI/Ot7kML2f
+JBVWQsUES1cvQ0eOOp0BltimjCiq6c9I/0WA4Rn/mSf80XtWgYeiLtD7vpLtJZW
POKa0Dt8L5eBywwD9bgoWuot4+ZsiqCfldZHXINKWomaRnVFglYnBvnNzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAImXe7M09OEK5X2W5nB2tAklFu/MB8GA1UdIwQY
MBaAFOIw3l/TwkVRc7ppaplEHZYg2B04MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGpEZVg5UENSVkZ6dW1scW1VUWRsaURZSFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9mYWM3ZWQtOTAxOC00NWRiLTg5NDct
ZmI1YzU4MmU0MDk3LzEvQWlaZDdzelQwNFFybGZaYm1jSGEwQ1NVVzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9mYWM3ZWQtOTAxOC00NWRiLTg5NDctZmI1YzU4MmU0MDk3
LzEvNGpEZVg5UENSVkZ6dW1scW1VUWRsaURZSFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwvIYMA0G
CSqGSIb3DQEBCwUAA4IBAQBKtDvJ3MuMokmIBX/YJ5ucM1IpbRMWp8MyibAor7UZ
rpxM+PA7OymfPL64uVOgi3XRnzbVpmg8cj46knsfzeS+cQ7RWOeyBAwX8UnHRU+y
NpjL9tVzZE/Jru8kS1A1Entm9zOaHchRfJ91HNKcgxmgezdUKgqnY/MjY53V67B4
3tBcW2c+54tEZ7LjSR0kmX7MEyPd4uBF+Enpqt2oVfwV6PDeXMpLorHcOkwSOdOQ
WsksRH8DrVPnU6QySXaWkJqT9Pixqbth1ruszCGxksAceZTIuLMx7pAY4zZus4Wx
BqOv7YyQK7HYfSoJBtBTJ4CoreeDUBmDs9x1ftBSMco4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:09 2024 by rpki-client on console-ams.rpki-client.org