Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/21BboQ9PA55NHKVAqBQ1ntl8VoU.roa
File: 21BboQ9PA55NHKVAqBQ1ntl8VoU.roa (raw, json)
Hash identifier: YSrFyppy10nchIkLknKWzIdjIyX62IFIvCISGMVGlxI=
Subject key identifier: DB:50:5B:A1:0F:4F:03:9E:4D:1C:A5:40:A8:14:35:9E:D9:7C:56:85
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018CC79355D0C18877099C26D915219B42DF
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/21BboQ9PA55NHKVAqBQ1ntl8VoU.roa
Signing time: Tue 02 Jan 2024 00:29:30 +0000
ROA not before: Tue 02 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 194.64.164.0/22 maxlen: 22
194.233.40.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 10 Jan 2024 10:17:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:55:d0:c1:88:77:09:9c:26:d9:15:21:9b:42:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db505ba10f4f039e4d1ca540a814359ed97c5685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8f:50:45:de:0b:ca:74:b5:b6:59:ae:db:d2:
26:a4:be:aa:0f:8c:c4:22:0e:f5:65:90:ea:8b:39:
88:c9:16:f7:c6:52:3a:dc:b2:be:41:0e:01:3b:89:
3d:e4:ac:3b:f3:4d:6d:13:e2:b9:8d:62:d6:fb:f9:
c1:af:44:ba:f1:90:df:6d:15:9b:77:2d:2a:2a:a6:
a6:ea:86:82:3b:fe:e4:da:42:99:2a:bd:27:64:8a:
35:3d:a2:b3:9c:ea:9a:83:7d:b5:3e:96:18:26:1b:
60:04:13:41:44:7c:af:cd:f9:c6:15:9c:b6:27:ee:
18:3f:d4:cb:6d:90:22:49:40:1d:ca:78:b9:91:3b:
fe:df:21:d0:5d:e5:09:a8:39:43:20:5e:21:27:39:
96:a4:05:35:7d:8e:e7:37:68:5c:a2:82:95:f2:46:
87:98:d8:be:e6:49:51:0b:c0:63:f9:e4:3d:86:e9:
04:39:15:a8:68:b8:31:01:a3:c6:ac:9f:81:18:05:
0a:84:ca:b9:64:b2:bb:8a:54:6e:38:5b:71:3c:9a:
bf:66:11:4d:f4:9b:55:92:ac:3c:94:6c:f5:3f:78:
1a:4b:62:77:47:2f:93:44:61:6a:c1:b1:4c:c9:b6:
0c:01:27:d7:33:7e:d9:13:6f:a3:05:e0:2c:43:94:
ed:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:50:5B:A1:0F:4F:03:9E:4D:1C:A5:40:A8:14:35:9E:D9:7C:56:85
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/21BboQ9PA55NHKVAqBQ1ntl8VoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.164.0/22
194.233.40.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:db:d6:2f:f8:78:59:eb:37:84:dc:b7:6a:df:42:95:de:73:
26:bf:83:71:f5:5f:e7:ec:b0:cf:a8:09:aa:32:af:7b:76:4f:
79:78:15:70:1b:ac:fc:14:1b:72:26:af:6a:91:fe:28:af:00:
ee:ba:54:5f:c5:9f:5b:77:d6:15:a8:e0:f4:a3:c7:bc:10:c9:
1d:65:84:47:31:a8:35:a7:23:be:5f:58:ca:a6:93:f3:61:72:
76:83:00:bc:c8:64:be:5e:85:8e:7b:38:01:5a:d7:fa:e8:bc:
e3:03:cf:9f:26:7a:6c:29:1f:ae:21:81:b9:0d:66:00:c9:93:
58:aa:34:4c:05:dc:ff:5d:b1:68:10:ee:ad:ad:a1:23:44:cc:
70:d6:77:10:b3:d9:d9:af:c2:60:c7:ba:cc:46:75:1b:3a:5e:
d2:a5:fd:6b:7b:eb:f6:e4:ad:67:9a:fb:86:f4:18:6c:2e:01:
c0:72:25:17:18:b1:7c:1d:88:5e:bc:1e:50:65:c1:e8:9c:e9:
26:f2:2f:35:3a:24:80:4f:8a:c8:b5:cd:92:71:a4:76:90:3d:
a8:78:37:c9:36:a3:dd:9c:ff:dd:48:13:bc:bf:d5:c5:ec:fc:
16:38:de:cc:ce:a2:b4:08:dd:a1:4f:ff:5f:8b:07:0a:7d:dd:
8a:2d:59:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHk1XQwYh3CZwm2RUhm0LfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjQwMTAyMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjUwNWJhMTBmNGYwMzllNGQxY2E1NDBhODE0MzU5ZWQ5N2M1Njg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY9QRd4LynS1tlmu29ImpL6qD4zE
Ig71ZZDqizmIyRb3xlI63LK+QQ4BO4k95Kw7801tE+K5jWLW+/nBr0S68ZDfbRWb
dy0qKqam6oaCO/7k2kKZKr0nZIo1PaKznOqag321PpYYJhtgBBNBRHyvzfnGFZy2
J+4YP9TLbZAiSUAdyni5kTv+3yHQXeUJqDlDIF4hJzmWpAU1fY7nN2hcooKV8kaH
mNi+5klRC8Bj+eQ9hukEORWoaLgxAaPGrJ+BGAUKhMq5ZLK7ilRuOFtxPJq/ZhFN
9JtVkqw8lGz1P3gaS2J3Ry+TRGFqwbFMybYMASfXM37ZE2+jBeAsQ5TtfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNtQW6EPTwOeTRylQKgUNZ7ZfFaFMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvMjFCYm9ROVBBNTVOSEtWQXFCUTFudGw4Vm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwkCkAwQC
wukoMA0GCSqGSIb3DQEBCwUAA4IBAQB+29Yv+HhZ6zeE3Ldq30KV3nMmv4Nx9V/n
7LDPqAmqMq97dk95eBVwG6z8FBtyJq9qkf4orwDuulRfxZ9bd9YVqOD0o8e8EMkd
ZYRHMag1pyO+X1jKppPzYXJ2gwC8yGS+XoWOezgBWtf66LzjA8+fJnpsKR+uIYG5
DWYAyZNYqjRMBdz/XbFoEO6traEjRMxw1ncQs9nZr8Jgx7rMRnUbOl7Spf1re+v2
5K1nmvuG9BhsLgHAciUXGLF8HYhevB5QZcHonOkm8i81OiSAT4rItc2ScaR2kD2o
eDfJNqPdnP/dSBO8v9XF7PwWON7MzqK0CN2hT/9fiwcKfd2KLVla
-----END CERTIFICATE-----
Generated at Wed Jan 10 13:27:08 2024 by rpki-client on console-fra.rpki-client.org