Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/k6nK1zhcIDOFTMkBeRRKUSjxJdY.roa
File: k6nK1zhcIDOFTMkBeRRKUSjxJdY.roa (raw, json)
Hash identifier: Hg3Kyymho0f+DeEjzqY7Z69p06lkksiJGSwqxBU/tBA=
Subject key identifier: 93:A9:CA:D7:38:5C:20:33:85:4C:C9:01:79:14:4A:51:28:F1:25:D6
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC4255C8DD0BFA060607BC63959AE27B6
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/k6nK1zhcIDOFTMkBeRRKUSjxJdY.roa
Signing time: Mon 01 Jan 2024 08:30:32 +0000
ROA not before: Mon 01 Jan 2024 08:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 194.56.226.0/24 maxlen: 24
2a0b:7080:20::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Mar 2024 16:14:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5c:8d:d0:bf:a0:60:60:7b:c6:39:59:ae:27:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93a9cad7385c2033854cc90179144a5128f125d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:62:78:37:83:8c:bb:ea:0d:eb:e8:4b:a7:55:
a7:66:9b:a5:72:a6:4e:7b:b5:f3:e4:8f:4d:df:a0:
4a:17:0e:3a:74:13:1b:20:bb:bf:06:9b:7e:82:da:
5a:ae:91:ca:33:41:44:1f:f0:84:27:7b:b7:a9:6f:
79:30:81:ad:34:14:7f:d9:26:57:ec:26:f3:f2:b0:
f7:00:cf:34:9c:bd:0a:5e:fb:32:82:eb:b6:7e:76:
45:5f:51:fe:b7:83:b2:c0:87:92:bf:7a:15:ca:6f:
5a:c6:03:21:85:59:fe:f5:b4:6b:7c:fa:98:fb:2d:
f9:e6:e7:3d:2f:13:bb:30:8b:d4:e1:d8:58:16:f4:
ec:29:01:9c:58:1e:b8:06:14:c3:c8:02:9b:09:bd:
03:91:02:24:01:6c:b1:9c:e3:32:c2:1d:2e:ec:15:
41:33:03:37:f2:a2:40:c5:0b:35:f4:f3:7e:aa:49:
00:d8:09:57:a1:bb:2f:52:ea:9d:e8:35:2b:43:34:
4a:05:34:ac:9f:f2:89:7d:4c:f2:7f:46:4e:1d:8d:
00:19:7c:37:38:f9:df:bd:16:c4:bb:ce:fa:c8:31:
c5:99:22:0e:bf:a5:58:da:45:c9:fe:fa:89:83:30:
86:62:1d:c6:2c:61:25:4d:ea:0f:59:22:cf:9f:96:
33:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A9:CA:D7:38:5C:20:33:85:4C:C9:01:79:14:4A:51:28:F1:25:D6
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/k6nK1zhcIDOFTMkBeRRKUSjxJdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.226.0/24
IPv6:
2a0b:7080:20::/44
Signature Algorithm: sha256WithRSAEncryption
9f:33:64:9f:39:af:9c:50:6a:aa:63:42:d3:74:73:52:ba:92:
c8:17:30:83:92:4e:02:9f:39:06:36:1a:8a:f0:c9:bc:59:ac:
f6:f3:59:10:84:96:e0:e0:1a:bb:c4:96:da:79:ed:bd:62:27:
a5:1b:b9:ad:1a:66:64:4f:bf:57:a9:9c:04:af:54:2b:9b:b4:
4f:b8:fb:a1:02:21:5f:a3:36:9f:b6:66:24:f2:e9:b8:4f:4e:
ab:c5:ba:38:53:65:8f:5e:fc:e7:64:e9:77:16:c9:e6:2b:ee:
b4:d6:df:8d:34:e9:54:c1:0d:e2:8f:8b:43:1f:c4:28:52:6d:
3d:fb:0b:c0:01:36:d4:ab:d3:72:6a:61:4e:9e:85:8c:8c:a0:
06:26:b0:b7:05:c4:c0:38:0f:6d:4c:e4:b8:8d:ef:74:75:81:
bf:22:7f:99:2a:9d:03:eb:3d:b7:bc:11:45:db:6b:c8:17:32:
d8:b0:f9:90:b9:49:93:c2:81:49:a6:7e:f3:c9:0f:d5:bf:8c:
4a:2b:d4:fd:47:8a:73:1a:5c:6e:0e:fb:c4:7f:9c:4d:25:1d:
72:8b:c6:e1:a1:5f:63:9d:c0:5e:4a:1c:d8:02:68:4e:17:eb:
d2:db:3e:8b:d9:ee:15:73:a9:c4:84:a2:ec:fa:22:70:63:10:
7a:a9:b9:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJVyN0L+gYGB7xjlZrie2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2E5Y2FkNzM4NWMyMDMzODU0Y2M5MDE3OTE0NGE1MTI4ZjEyNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWJ4N4OMu+oN6+hLp1WnZpulcqZO
e7Xz5I9N36BKFw46dBMbILu/Bpt+gtparpHKM0FEH/CEJ3u3qW95MIGtNBR/2SZX
7Cbz8rD3AM80nL0KXvsyguu2fnZFX1H+t4OywIeSv3oVym9axgMhhVn+9bRrfPqY
+y355uc9LxO7MIvU4dhYFvTsKQGcWB64BhTDyAKbCb0DkQIkAWyxnOMywh0u7BVB
MwM38qJAxQs19PN+qkkA2AlXobsvUuqd6DUrQzRKBTSsn/KJfUzyf0ZOHY0AGXw3
OPnfvRbEu876yDHFmSIOv6VY2kXJ/vqJgzCGYh3GLGElTeoPWSLPn5YzUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJOpytc4XCAzhUzJAXkUSlEo8SXWMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvazZuSzF6aGNJRE9GVE1rQmVSUktVU2p4SmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwjjiMA8E
AgACMAkDBwQqC3CAACAwDQYJKoZIhvcNAQELBQADggEBAJ8zZJ85r5xQaqpjQtN0
c1K6ksgXMIOSTgKfOQY2GorwybxZrPbzWRCEluDgGrvEltp57b1iJ6Ubua0aZmRP
v1epnASvVCubtE+4+6ECIV+jNp+2ZiTy6bhPTqvFujhTZY9e/Odk6XcWyeYr7rTW
34006VTBDeKPi0MfxChSbT37C8ABNtSr03JqYU6ehYyMoAYmsLcFxMA4D21M5LiN
73R1gb8if5kqnQPrPbe8EUXba8gXMtiw+ZC5SZPCgUmmfvPJD9W/jEor1P1HinMa
XG4O+8R/nE0lHXKLxuGhX2OdwF5KHNgCaE4X69LbPovZ7hVzqcSEouz6InBjEHqp
uRI=
-----END CERTIFICATE-----
Generated at Thu Mar 21 20:35:48 2024 by rpki-client on console-fra.rpki-client.org