Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/7faae6-9f30-42ed-b375-55a43aab8f73/1/XFfcNWOo2Cra5s5AWj17q0dHR_Q.roa
File: XFfcNWOo2Cra5s5AWj17q0dHR_Q.roa (raw, json)
Hash identifier: k014hQKeh8X3VdjhJ8rSW+Jgp1xsxhdxky2TQRhoico=
Subject key identifier: 5C:57:DC:35:63:A8:D8:2A:DA:E6:CE:40:5A:3D:7B:AB:47:47:47:F4
Certificate issuer: /CN=437a5c7e7c7eab2392372fc38d48c7a977b24abd
Certificate serial: 01856C4A549C942FF7BF0D1D61BF934384E9
Authority key identifier: 43:7A:5C:7E:7C:7E:AB:23:92:37:2F:C3:8D:48:C7:A9:77:B2:4A:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q3pcfnx-qyOSNy_DjUjHqXeySr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/7faae6-9f30-42ed-b375-55a43aab8f73/1/XFfcNWOo2Cra5s5AWj17q0dHR_Q.roa
Signing time: Sun 01 Jan 2023 07:44:48 +0000
ROA not before: Sun 01 Jan 2023 07:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9211
IP address blocks: 194.76.62.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:54:9c:94:2f:f7:bf:0d:1d:61:bf:93:43:84:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=437a5c7e7c7eab2392372fc38d48c7a977b24abd
Validity
Not Before: Jan 1 07:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c57dc3563a8d82adae6ce405a3d7bab474747f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f9:73:d7:19:e3:90:10:d2:45:62:3a:3e:ef:
e7:57:73:dc:a8:9c:be:30:87:11:50:ea:99:85:ed:
08:6d:0e:0a:4c:e6:27:01:ea:6c:27:ea:11:82:bc:
b7:94:10:e4:e9:f1:89:dd:e1:b8:38:7c:bc:87:7a:
22:3c:d5:fd:a1:14:d9:21:57:b5:21:87:a6:b7:c3:
42:a4:b4:ea:9e:b8:62:00:6e:49:56:80:0f:26:e7:
d7:5b:fa:fe:32:43:be:38:37:65:6c:0f:ac:cd:48:
a8:f1:97:ee:2c:d2:55:a9:6b:2e:7b:1a:a2:50:94:
f6:d4:ed:ce:10:a2:02:d0:e4:b7:2e:70:d4:f8:0d:
6f:26:b1:bb:51:54:df:21:4c:cf:5f:6b:c2:8f:ad:
e9:1c:c8:b8:a0:33:66:ea:02:45:e0:40:d1:e8:2d:
3e:b3:75:47:8d:73:2c:ec:73:9f:34:07:6d:26:9a:
31:fa:fc:97:6d:d6:fb:1b:db:21:e1:fd:2a:db:bc:
aa:81:f2:f1:2d:b0:49:30:d9:b0:d2:c3:3c:31:12:
55:26:30:0b:38:ff:d2:ef:4a:d6:1a:4f:3c:82:18:
3c:3c:5f:1a:9a:3c:51:72:29:8c:7f:71:98:51:33:
0d:f2:31:c3:75:8d:74:e2:ac:00:36:f2:05:33:e6:
fa:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:57:DC:35:63:A8:D8:2A:DA:E6:CE:40:5A:3D:7B:AB:47:47:47:F4
X509v3 Authority Key Identifier:
keyid:43:7A:5C:7E:7C:7E:AB:23:92:37:2F:C3:8D:48:C7:A9:77:B2:4A:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q3pcfnx-qyOSNy_DjUjHqXeySr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7faae6-9f30-42ed-b375-55a43aab8f73/1/XFfcNWOo2Cra5s5AWj17q0dHR_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7faae6-9f30-42ed-b375-55a43aab8f73/1/Q3pcfnx-qyOSNy_DjUjHqXeySr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.62.0/23
Signature Algorithm: sha256WithRSAEncryption
79:2f:a0:ef:0c:da:71:1f:6e:59:03:e9:62:8d:0e:8d:5f:1a:
8a:25:c5:98:0e:7f:ee:2d:28:84:ba:a4:98:7a:8f:24:07:2c:
27:7d:3e:49:d3:0d:02:61:ad:cd:b8:b3:95:ad:d4:44:93:11:
ba:c1:f2:23:50:d6:b6:30:a8:77:2f:84:97:89:2a:b8:44:af:
75:f5:1a:e2:ad:32:0b:fe:51:f7:bd:c5:be:c7:28:b9:9d:45:
a4:c7:86:a6:a9:55:1c:a2:19:4f:05:e4:63:e5:d6:18:9c:cd:
d8:8c:c5:f5:8f:45:fa:58:b7:bc:46:33:22:a0:67:3b:a1:5d:
ee:d1:7c:d0:da:4f:6f:d8:10:d6:51:6a:19:f2:fc:87:60:fa:
6c:ee:1f:05:e5:fb:a0:2f:ea:ed:ed:50:42:96:6f:83:f6:5c:
06:fa:a6:f5:5c:82:b0:35:dd:27:99:f4:6e:d3:78:fd:c3:f2:
fd:bd:9c:0e:ff:c6:41:17:2d:53:14:31:65:5c:c3:d5:4e:4b:
6b:58:56:61:47:06:35:7c:e1:15:3d:93:1c:25:0a:ca:39:e5:
e7:c8:7e:c7:1d:40:66:a9:81:23:7c:57:d6:ee:92:2b:93:0c:
62:c7:95:60:7c:bf:9a:c0:5f:d4:cd:b3:43:58:51:b6:a1:b0:
b0:33:4f:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSlSclC/3vw0dYb+TQ4TpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzN2E1YzdlN2M3ZWFiMjM5MjM3MmZjMzhkNDhjN2E5Nzdi
MjRhYmQwHhcNMjMwMTAxMDc0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU3ZGMzNTYzYThkODJhZGFlNmNlNDA1YTNkN2JhYjQ3NDc0N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvlz1xnjkBDSRWI6Pu/nV3PcqJy+
MIcRUOqZhe0IbQ4KTOYnAepsJ+oRgry3lBDk6fGJ3eG4OHy8h3oiPNX9oRTZIVe1
IYemt8NCpLTqnrhiAG5JVoAPJufXW/r+MkO+ODdlbA+szUio8ZfuLNJVqWsuexqi
UJT21O3OEKIC0OS3LnDU+A1vJrG7UVTfIUzPX2vCj63pHMi4oDNm6gJF4EDR6C0+
s3VHjXMs7HOfNAdtJpox+vyXbdb7G9sh4f0q27yqgfLxLbBJMNmw0sM8MRJVJjAL
OP/S70rWGk88ghg8PF8amjxRcimMf3GYUTMN8jHDdY104qwANvIFM+b6hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxX3DVjqNgq2ubOQFo9e6tHR0f0MB8GA1UdIwQY
MBaAFEN6XH58fqsjkjcvw41Ix6l3skq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTNwY2ZueC1xeU9TTnlfRGpVakhxWGV5U3IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy83ZmFhZTYtOWYzMC00MmVkLWIzNzUt
NTVhNDNhYWI4ZjczLzEvWEZmY05XT28yQ3JhNXM1QVdqMTdxMGRIUl9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy83ZmFhZTYtOWYzMC00MmVkLWIzNzUtNTVhNDNhYWI4Zjcz
LzEvUTNwY2ZueC1xeU9TTnlfRGpVakhxWGV5U3IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwkw+MA0G
CSqGSIb3DQEBCwUAA4IBAQB5L6DvDNpxH25ZA+lijQ6NXxqKJcWYDn/uLSiEuqSY
eo8kBywnfT5J0w0CYa3NuLOVrdREkxG6wfIjUNa2MKh3L4SXiSq4RK919RrirTIL
/lH3vcW+xyi5nUWkx4amqVUcohlPBeRj5dYYnM3YjMX1j0X6WLe8RjMioGc7oV3u
0XzQ2k9v2BDWUWoZ8vyHYPps7h8F5fugL+rt7VBClm+D9lwG+qb1XIKwNd0nmfRu
03j9w/L9vZwO/8ZBFy1TFDFlXMPVTktrWFZhRwY1fOEVPZMcJQrKOeXnyH7HHUBm
qYEjfFfW7pIrkwxix5VgfL+awF/UzbNDWFG2obCwM08E
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:25 2024 by rpki-client on console-ams.rpki-client.org