Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/bd0a76-04b1-4490-ad04-97eec7cf6093/1/1CIgsUolqxrDeKOHOeoVtz2sK5w.roa
File: 1CIgsUolqxrDeKOHOeoVtz2sK5w.roa (raw, json)
Hash identifier: cvf2pYkkDnvzU43LqOAuuZDHPZ2C1N20qj8sOZ0Y4B4=
Subject key identifier: D4:22:20:B1:4A:25:AB:1A:C3:78:A3:87:39:EA:15:B7:3D:AC:2B:9C
Certificate issuer: /CN=7977b55e34ffd72075fbdda039a65b371de39820
Certificate serial: 018573BAA64CEF2E1D417D57B9EA4265CF7D
Authority key identifier: 79:77:B5:5E:34:FF:D7:20:75:FB:DD:A0:39:A6:5B:37:1D:E3:98:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXe1XjT_1yB1-92gOaZbNx3jmCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/bd0a76-04b1-4490-ad04-97eec7cf6093/1/1CIgsUolqxrDeKOHOeoVtz2sK5w.roa
Signing time: Mon 02 Jan 2023 18:24:50 +0000
ROA not before: Mon 02 Jan 2023 18:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57022
IP address blocks: 194.45.106.0/24 maxlen: 24
194.45.45.0/24 maxlen: 24
194.45.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:a6:4c:ef:2e:1d:41:7d:57:b9:ea:42:65:cf:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7977b55e34ffd72075fbdda039a65b371de39820
Validity
Not Before: Jan 2 18:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d42220b14a25ab1ac378a38739ea15b73dac2b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:44:be:99:69:c6:2d:2f:3a:3a:ff:59:35:32:
fb:79:d3:a4:40:ad:14:06:49:2e:4b:47:42:e3:a0:
d9:e1:6f:fc:86:40:1f:17:ab:c3:51:f1:cd:b2:ce:
e7:7f:5b:dc:db:4d:92:8e:c4:89:7d:64:df:62:44:
d6:4d:4d:de:f8:d1:8a:0c:08:89:6d:cf:83:db:44:
54:75:a0:84:d5:e6:c1:a4:3b:21:18:01:2d:61:10:
d5:7b:84:21:f3:6c:9a:a4:83:55:a6:87:aa:9c:0a:
25:c0:17:d7:5b:70:89:02:48:9b:5f:3a:35:71:ac:
55:fc:3c:00:99:27:f5:79:4c:9e:f1:ef:61:db:f1:
58:e8:9b:e2:38:a9:88:ac:23:e7:5c:8f:79:6e:bc:
a8:e7:e1:cc:57:9b:91:cb:19:64:c9:d0:d3:72:99:
59:00:44:5f:5d:7d:9f:e0:a4:66:b9:5d:07:dc:20:
fa:5a:ba:ea:47:6f:f0:43:41:45:56:df:11:fa:cb:
16:3f:50:13:12:b7:07:66:25:74:75:f2:ea:6d:23:
54:45:ec:43:d5:b9:57:60:08:51:6d:21:f4:a3:78:
7a:74:f6:d6:48:d2:07:25:77:b4:c7:67:82:0f:cd:
4d:bc:2d:a1:6c:b8:16:8a:03:74:ee:c8:df:83:cf:
18:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:22:20:B1:4A:25:AB:1A:C3:78:A3:87:39:EA:15:B7:3D:AC:2B:9C
X509v3 Authority Key Identifier:
keyid:79:77:B5:5E:34:FF:D7:20:75:FB:DD:A0:39:A6:5B:37:1D:E3:98:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXe1XjT_1yB1-92gOaZbNx3jmCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/bd0a76-04b1-4490-ad04-97eec7cf6093/1/1CIgsUolqxrDeKOHOeoVtz2sK5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/bd0a76-04b1-4490-ad04-97eec7cf6093/1/eXe1XjT_1yB1-92gOaZbNx3jmCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.45.45.0/24
194.45.106.0/24
194.45.169.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:38:89:b9:8f:38:15:a4:7e:0a:cb:e7:4c:18:bf:70:55:77:
e0:c6:a9:11:2a:6f:75:f8:d7:d9:ab:ff:d9:0d:c4:45:53:94:
d4:20:d1:59:5a:f9:93:41:2a:da:c0:cf:8e:46:63:bd:ab:2b:
dc:be:94:46:78:ea:27:54:29:5b:bd:11:e2:93:f8:d1:e4:b9:
62:a9:67:77:41:a9:9c:04:d8:7a:e6:37:8c:d3:fd:9b:4a:c8:
0c:7f:c4:a2:13:1b:f4:8a:03:28:6a:4d:69:17:0a:04:7b:48:
a9:6a:27:c4:51:e2:b5:e1:80:c0:09:5e:55:6b:9c:90:d6:6d:
9a:f0:2e:71:c1:80:69:50:eb:42:09:34:d6:05:ea:9f:6f:cd:
dd:93:5d:ae:e6:4b:b2:41:5f:0b:47:47:78:73:95:e7:92:43:
2a:23:c9:87:b5:f3:86:92:ba:7e:b9:3b:8d:23:a1:5d:07:22:
47:ae:ff:25:55:bc:d4:47:ae:00:e7:67:30:ad:29:61:fa:92:
66:88:7c:28:2a:3b:54:69:cb:21:3a:90:fa:94:46:ee:57:bb:
d9:9d:ef:c4:ec:cd:c5:49:e1:00:bc:d3:ac:33:ab:13:37:a8:
56:ab:59:22:15:70:d1:3a:b9:c4:55:8a:b6:8f:b5:4d:99:85:
f4:42:ef:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzuqZM7y4dQX1XuepCZc99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NzdiNTVlMzRmZmQ3MjA3NWZiZGRhMDM5YTY1YjM3MWRl
Mzk4MjAwHhcNMjMwMTAyMTgyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDIyMjBiMTRhMjVhYjFhYzM3OGEzODczOWVhMTViNzNkYWMyYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0S+mWnGLS86Ov9ZNTL7edOkQK0U
BkkuS0dC46DZ4W/8hkAfF6vDUfHNss7nf1vc202SjsSJfWTfYkTWTU3e+NGKDAiJ
bc+D20RUdaCE1ebBpDshGAEtYRDVe4Qh82yapINVpoeqnAolwBfXW3CJAkibXzo1
caxV/DwAmSf1eUye8e9h2/FY6JviOKmIrCPnXI95bryo5+HMV5uRyxlkydDTcplZ
AERfXX2f4KRmuV0H3CD6WrrqR2/wQ0FFVt8R+ssWP1ATErcHZiV0dfLqbSNURexD
1blXYAhRbSH0o3h6dPbWSNIHJXe0x2eCD81NvC2hbLgWigN07sjfg88YkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNQiILFKJasaw3ijhznqFbc9rCucMB8GA1UdIwQY
MBaAFHl3tV40/9cgdfvdoDmmWzcd45ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhlMVhqVF8xeUIxLTkyZ09hWmJOeDNqbUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9iZDBhNzYtMDRiMS00NDkwLWFkMDQt
OTdlZWM3Y2Y2MDkzLzEvMUNJZ3NVb2xxeHJEZUtPSE9lb1Z0ejJzSzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9iZDBhNzYtMDRiMS00NDkwLWFkMDQtOTdlZWM3Y2Y2MDkz
LzEvZVhlMVhqVF8xeUIxLTkyZ09hWmJOeDNqbUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwi0tAwQA
wi1qAwQAwi2pMA0GCSqGSIb3DQEBCwUAA4IBAQBbOIm5jzgVpH4Ky+dMGL9wVXfg
xqkRKm91+NfZq//ZDcRFU5TUINFZWvmTQSrawM+ORmO9qyvcvpRGeOonVClbvRHi
k/jR5LliqWd3QamcBNh65jeM0/2bSsgMf8SiExv0igMoak1pFwoEe0ipaifEUeK1
4YDACV5Va5yQ1m2a8C5xwYBpUOtCCTTWBeqfb83dk12u5kuyQV8LR0d4c5XnkkMq
I8mHtfOGkrp+uTuNI6FdByJHrv8lVbzUR64A52cwrSlh+pJmiHwoKjtUacshOpD6
lEbuV7vZne/E7M3FSeEAvNOsM6sTN6hWq1kiFXDROrnEVYq2j7VNmYX0Qu+n
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:20 2024 by rpki-client on console-ams.rpki-client.org