Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Yc7m40TZzDL5xrbTU6DuIa2mEkM.roa
File: Yc7m40TZzDL5xrbTU6DuIa2mEkM.roa (raw, json)
Hash identifier: O1UiSzOJUBjhzgWP8qzn8slaPrKu6RCEDZVAyM/Wk7c=
Subject key identifier: 61:CE:E6:E3:44:D9:CC:32:F9:C6:B6:D3:53:A0:EE:21:AD:A6:12:43
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FE8A4F38C99E6836067CE07DE1702
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Yc7m40TZzDL5xrbTU6DuIa2mEkM.roa
Signing time: Mon 02 Jan 2023 17:38:09 +0000
ROA not before: Mon 02 Jan 2023 17:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43357
IP address blocks: 194.50.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:e8:a4:f3:8c:99:e6:83:60:67:ce:07:de:17:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61cee6e344d9cc32f9c6b6d353a0ee21ada61243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:47:c0:ee:18:cb:e4:7c:fc:bf:5b:2f:b4:74:
db:b3:9c:7c:a4:e1:3c:b2:54:e9:9b:a6:35:3e:e6:
11:7f:f3:42:0e:91:a0:2d:b4:7f:ee:07:59:1e:76:
a6:73:5d:e5:17:52:3f:91:33:ad:1b:86:11:18:a4:
4c:81:24:58:e1:8b:70:d2:53:63:67:50:2c:ee:33:
8e:09:28:0f:08:5c:a1:90:08:75:42:2e:d7:9b:97:
fb:32:77:be:11:1a:16:f1:0f:a8:5a:ea:b8:6d:8f:
0d:61:01:49:d7:09:17:dd:86:9a:60:2f:53:c7:8a:
17:bf:a0:78:6e:77:a0:fb:96:0d:a4:88:77:c1:d0:
ce:ef:fb:a3:ef:8e:5e:61:29:b8:f8:7a:2c:b4:a3:
19:0d:3c:66:3e:cc:66:b3:c9:3c:04:cb:b1:09:50:
16:fa:06:4b:77:4e:19:b3:13:85:33:84:15:c4:d2:
a1:99:d0:21:7c:90:1b:fc:14:9a:64:32:e2:21:c4:
13:bd:72:c8:9c:d4:63:05:e8:53:27:af:5f:b4:62:
ad:5f:91:18:2c:d6:84:77:69:ec:66:43:28:e8:2b:
e3:7c:3c:21:51:f7:07:cd:c8:6d:c7:67:9f:c5:20:
7b:22:62:1d:e9:8d:20:05:9e:63:b2:1e:e7:40:d3:
e2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:CE:E6:E3:44:D9:CC:32:F9:C6:B6:D3:53:A0:EE:21:AD:A6:12:43
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Yc7m40TZzDL5xrbTU6DuIa2mEkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.18.0/24
Signature Algorithm: sha256WithRSAEncryption
29:6e:93:e8:8e:64:59:e5:51:8c:c7:f2:07:2b:1b:f0:96:c9:
3f:35:7f:ce:d6:a1:81:2f:b5:e9:8a:d3:d7:1e:fd:4d:9e:72:
91:9e:21:76:86:04:ee:e0:b6:f4:e7:77:ac:44:fb:af:28:fc:
ac:94:0e:68:b4:b8:dc:05:0a:a1:2d:8c:63:eb:c1:ab:0b:fa:
55:5c:6c:a2:43:8d:9f:40:fc:fc:23:3f:77:eb:99:35:76:bc:
d4:a5:f2:ce:65:79:8a:fd:47:5a:6d:be:f0:0e:f9:05:49:e1:
cc:6c:4c:85:65:9f:9d:20:ef:6d:36:2d:22:fc:f8:d3:0f:9b:
3f:95:43:b1:bc:f2:d3:4e:20:be:73:b2:43:ad:0f:f0:21:47:
d3:b1:e2:ed:3d:dc:bc:c1:d5:71:fc:ba:95:82:d5:2c:0e:79:
a7:d3:ba:f2:50:75:27:3b:a3:13:5b:3e:d9:a0:2f:fc:af:56:
80:37:7a:47:d9:ee:e6:d7:39:4a:34:0a:f1:04:88:8c:f0:c3:
1b:ee:d2:3e:30:ae:c0:c7:3d:85:c6:21:eb:d2:d1:d4:c6:57:
f8:96:cc:dd:56:46:5e:b6:af:05:d0:09:43:58:a0:68:ee:c5:
7c:fb:37:46:93:89:4e:fc:3b:b0:b1:80:74:08:b0:e8:12:81:
0d:e7:b4:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzj+ik84yZ5oNgZ84H3hcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWNlZTZlMzQ0ZDljYzMyZjljNmI2ZDM1M2EwZWUyMWFkYTYxMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEfA7hjL5Hz8v1svtHTbs5x8pOE8
slTpm6Y1PuYRf/NCDpGgLbR/7gdZHnamc13lF1I/kTOtG4YRGKRMgSRY4Ytw0lNj
Z1As7jOOCSgPCFyhkAh1Qi7Xm5f7Mne+ERoW8Q+oWuq4bY8NYQFJ1wkX3YaaYC9T
x4oXv6B4bneg+5YNpIh3wdDO7/uj745eYSm4+HostKMZDTxmPsxms8k8BMuxCVAW
+gZLd04ZsxOFM4QVxNKhmdAhfJAb/BSaZDLiIcQTvXLInNRjBehTJ69ftGKtX5EY
LNaEd2nsZkMo6CvjfDwhUfcHzchtx2efxSB7ImId6Y0gBZ5jsh7nQNPi7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGHO5uNE2cwy+ca201Og7iGtphJDMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvWWM3bTQwVFp6REw1eHJiVFU2RHVJYTJtRWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjISMA0G
CSqGSIb3DQEBCwUAA4IBAQApbpPojmRZ5VGMx/IHKxvwlsk/NX/O1qGBL7XpitPX
Hv1NnnKRniF2hgTu4Lb053esRPuvKPyslA5otLjcBQqhLYxj68GrC/pVXGyiQ42f
QPz8Iz9365k1drzUpfLOZXmK/Udabb7wDvkFSeHMbEyFZZ+dIO9tNi0i/PjTD5s/
lUOxvPLTTiC+c7JDrQ/wIUfTseLtPdy8wdVx/LqVgtUsDnmn07ryUHUnO6MTWz7Z
oC/8r1aAN3pH2e7m1zlKNArxBIiM8MMb7tI+MK7Axz2FxiHr0tHUxlf4lszdVkZe
tq8F0AlDWKBo7sV8+zdGk4lO/DuwsYB0CLDoEoEN57Re
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:34 2024 by rpki-client on console-ams.rpki-client.org