Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/c5c6a7-710c-490e-89da-119820b522ad/1/1-7G08pI_hqVrmntorkk98lSNuxw.roa
File: 1-7G08pI_hqVrmntorkk98lSNuxw.roa (raw, json)
Hash identifier: Jak2gLTuhorWpzIsEeg4N8nth1AuY11Q2J1PfyuiAQE=
Subject key identifier: FB:B1:B4:F2:92:3F:86:A5:6B:9A:7B:68:AE:49:3D:F2:54:8D:BB:1C
Certificate issuer: /CN=2dc955f4c2c7157abbdbfe809cf195605949a698
Certificate serial: 0192761182609FD67780032AA4D0C4E2D5D1
Authority key identifier: 2D:C9:55:F4:C2:C7:15:7A:BB:DB:FE:80:9C:F1:95:60:59:49:A6:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LclV9MLHFXq72_6AnPGVYFlJppg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/c5c6a7-710c-490e-89da-119820b522ad/1/1-7G08pI_hqVrmntorkk98lSNuxw.roa
Signing time: Thu 10 Oct 2024 10:55:11 +0000
ROA not before: Thu 10 Oct 2024 10:55:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8652
IP address blocks: 194.164.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:11:82:60:9f:d6:77:80:03:2a:a4:d0:c4:e2:d5:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc955f4c2c7157abbdbfe809cf195605949a698
Validity
Not Before: Oct 10 10:55:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbb1b4f2923f86a56b9a7b68ae493df2548dbb1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a2:e1:f4:de:86:cb:e9:f3:48:d7:e8:f4:ae:
ae:7c:aa:43:17:d8:0d:20:16:ea:0f:c2:0b:48:7b:
b1:32:33:23:08:80:c7:57:5b:90:08:84:31:06:d6:
2a:29:a7:6f:6b:b0:84:a7:12:73:2a:d5:5b:e0:33:
7f:9c:ed:31:45:78:cf:4b:d8:50:94:4b:f0:7b:a8:
c7:6e:4b:45:01:96:0f:8d:4c:a9:56:89:e4:57:ca:
85:67:d2:dd:5a:20:25:48:8f:35:3d:fe:72:47:d8:
e9:cb:00:3e:d9:f9:de:6b:0b:13:ce:76:04:1b:c3:
3a:be:b4:ac:a0:54:62:48:7b:d9:66:bd:5e:6a:6a:
7a:9d:4e:fd:11:6e:08:bb:f2:a1:51:48:72:a9:c0:
c3:c8:bc:57:fc:d6:b6:5a:e0:35:e4:01:95:28:49:
bc:96:8c:86:7a:38:20:11:e4:86:d1:00:dd:23:31:
39:73:52:be:e3:14:94:8e:26:0a:45:1a:3f:e5:01:
c0:7b:6d:b9:3e:5f:5e:6d:81:b7:6c:5c:cc:02:5c:
fb:0b:fc:6f:db:8c:8d:71:e5:7f:32:b8:fc:b8:50:
bf:41:9b:56:f7:75:5d:52:cf:99:f9:fc:5a:46:31:
66:3d:f8:1f:03:e9:ec:b4:76:79:f8:09:ad:91:25:
15:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B1:B4:F2:92:3F:86:A5:6B:9A:7B:68:AE:49:3D:F2:54:8D:BB:1C
X509v3 Authority Key Identifier:
keyid:2D:C9:55:F4:C2:C7:15:7A:BB:DB:FE:80:9C:F1:95:60:59:49:A6:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LclV9MLHFXq72_6AnPGVYFlJppg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c5c6a7-710c-490e-89da-119820b522ad/1/1-7G08pI_hqVrmntorkk98lSNuxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c5c6a7-710c-490e-89da-119820b522ad/1/LclV9MLHFXq72_6AnPGVYFlJppg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.164.146.0/23
Signature Algorithm: sha256WithRSAEncryption
64:ba:53:98:72:5a:8e:2a:4b:29:ad:ee:f2:32:fe:67:37:16:
49:a4:9e:1a:fb:a9:0e:13:b2:20:c2:45:6f:22:ff:74:84:8e:
ec:26:9b:8b:85:30:84:39:76:ab:5a:15:bf:38:9e:ff:f3:46:
f4:b5:55:a2:6a:49:7e:72:66:d6:30:a6:b9:e2:4a:cf:93:5b:
06:81:ba:6a:22:31:66:55:9b:4b:3c:a3:04:11:51:2c:43:ea:
d4:5c:86:11:96:c3:74:65:3d:3c:59:d0:74:84:a1:4f:64:98:
bb:a9:07:8c:d0:40:0c:a3:cf:82:cb:09:15:e8:a2:ae:56:ca:
8a:44:9c:d0:3c:0d:ec:04:7e:05:94:11:cb:d1:5d:10:02:9c:
aa:f3:dd:5a:21:d9:a3:96:a2:c5:d2:20:8e:cb:7f:e5:05:c3:
86:26:dd:e5:6f:4c:f0:ee:1e:f5:05:d7:2a:73:3f:c1:e7:bf:
2c:dd:18:3b:07:65:4c:62:c9:56:f9:14:d8:ca:f2:09:6a:2d:
27:cc:6b:41:4f:24:b2:67:60:87:a9:c7:7a:c9:8d:d3:75:09:
b7:e5:32:3a:c4:e9:19:46:dd:68:02:67:3a:d1:4b:08:aa:68:
c0:df:91:b7:33:ef:52:88:25:e4:d2:c7:8b:88:1e:55:f8:82:
7c:87:8d:0b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJ2EYJgn9Z3gAMqpNDE4tXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzk1NWY0YzJjNzE1N2FiYmRiZmU4MDljZjE5NTYwNTk0
OWE2OTgwHhcNMjQxMDEwMTA1NTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmIxYjRmMjkyM2Y4NmE1NmI5YTdiNjhhZTQ5M2RmMjU0OGRiYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKLh9N6Gy+nzSNfo9K6ufKpDF9gN
IBbqD8ILSHuxMjMjCIDHV1uQCIQxBtYqKadva7CEpxJzKtVb4DN/nO0xRXjPS9hQ
lEvwe6jHbktFAZYPjUypVonkV8qFZ9LdWiAlSI81Pf5yR9jpywA+2fneawsTznYE
G8M6vrSsoFRiSHvZZr1eamp6nU79EW4Iu/KhUUhyqcDDyLxX/Na2WuA15AGVKEm8
loyGejggEeSG0QDdIzE5c1K+4xSUjiYKRRo/5QHAe225Pl9ebYG3bFzMAlz7C/xv
24yNceV/Mrj8uFC/QZtW93VdUs+Z+fxaRjFmPfgfA+nstHZ5+AmtkSUVHwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPuxtPKSP4ala5p7aK5JPfJUjbscMB8GA1UdIwQY
MBaAFC3JVfTCxxV6u9v+gJzxlWBZSaaYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNsVjlNTEhGWHE3Ml82QW5QR1ZZRmxKcHBnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jNWM2YTctNzEwYy00OTBlLTg5ZGEt
MTE5ODIwYjUyMmFkLzEvMS03RzA4cElfaHFWcm1udG9ya2s5OGxTTnV4dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWEvYzVjNmE3LTcxMGMtNDkwZS04OWRhLTExOTgyMGI1MjJh
ZC8xL0xjbFY5TUxIRlhxNzJfNkFuUEdWWUZsSnBwZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcKkkjAN
BgkqhkiG9w0BAQsFAAOCAQEAZLpTmHJajipLKa3u8jL+ZzcWSaSeGvupDhOyIMJF
byL/dISO7Cabi4UwhDl2q1oVvzie//NG9LVVompJfnJm1jCmueJKz5NbBoG6aiIx
ZlWbSzyjBBFRLEPq1FyGEZbDdGU9PFnQdIShT2SYu6kHjNBADKPPgssJFeiirlbK
ikSc0DwN7AR+BZQRy9FdEAKcqvPdWiHZo5aixdIgjst/5QXDhibd5W9M8O4e9QXX
KnM/wee/LN0YOwdlTGLJVvkU2MryCWotJ8xrQU8ksmdgh6nHesmN03UJt+UyOsTp
GUbdaAJnOtFLCKpowN+RtzPvUogl5NLHi4geVfiCfIeNCw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:54 2025 by rpki-client