Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/e64625-cb8b-49cb-8569-266ac104f7b4/1/oF8Oo0HCyqgso79MJidJrJiWal0.roa
File: oF8Oo0HCyqgso79MJidJrJiWal0.roa (raw, json)
Hash identifier: dLXrM4BHKewQOmK56qwsV1pm0e8zzsvH7IEJPmaQtVw=
Subject key identifier: A0:5F:0E:A3:41:C2:CA:A8:2C:A3:BF:4C:26:27:49:AC:98:96:6A:5D
Certificate issuer: /CN=954b071a03db5d233d05ab0394548007767f83e7
Certificate serial: 018CC26D67A8BDB21D915EBC3D3F995FA11F
Authority key identifier: 95:4B:07:1A:03:DB:5D:23:3D:05:AB:03:94:54:80:07:76:7F:83:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUsHGgPbXSM9BasDlFSAB3Z_g-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/e64625-cb8b-49cb-8569-266ac104f7b4/1/oF8Oo0HCyqgso79MJidJrJiWal0.roa
Signing time: Mon 01 Jan 2024 00:29:59 +0000
ROA not before: Mon 01 Jan 2024 00:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47204
IP address blocks: 194.88.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:67:a8:bd:b2:1d:91:5e:bc:3d:3f:99:5f:a1:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954b071a03db5d233d05ab0394548007767f83e7
Validity
Not Before: Jan 1 00:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a05f0ea341c2caa82ca3bf4c262749ac98966a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7c:1d:bc:93:34:60:f8:f4:6a:2f:6e:0a:66:
7d:df:e6:95:88:4c:3d:c1:05:d3:aa:73:21:cc:15:
8a:b1:77:91:b6:76:e8:af:f0:7f:d0:26:6b:61:c1:
7f:9c:75:d4:8a:80:7c:06:20:b8:e7:0f:b0:a4:55:
c2:1a:67:a0:24:55:00:4d:38:01:07:16:f3:e2:dc:
c8:27:e3:0d:b4:d2:7c:4f:bb:65:f5:30:1b:54:a1:
0d:c6:8a:ba:05:68:3f:6d:ce:cc:81:35:81:b3:9d:
9a:69:00:91:36:b3:9d:26:08:18:16:89:a9:39:0a:
ee:af:a9:8c:56:03:7b:16:b1:f6:35:b3:6b:d3:dd:
54:e2:4d:ac:45:3f:46:e4:4d:ac:e0:41:28:1d:3a:
db:c2:1e:b5:e7:51:99:b8:21:ed:39:76:51:7f:44:
90:23:ee:2f:a4:03:ad:70:63:31:d8:ad:b1:3b:74:
5f:25:72:e5:75:c2:a3:ce:70:5b:b0:44:b1:35:b0:
ef:80:07:b8:ab:1b:79:1c:48:32:42:e6:98:56:f2:
4c:41:34:63:cc:5f:a9:32:03:ff:4c:f1:9e:16:4a:
ff:7e:f8:37:73:e4:ce:29:9b:af:73:61:07:2e:27:
e4:aa:88:a0:bf:67:a1:f6:a0:81:a8:4e:94:af:3b:
66:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5F:0E:A3:41:C2:CA:A8:2C:A3:BF:4C:26:27:49:AC:98:96:6A:5D
X509v3 Authority Key Identifier:
keyid:95:4B:07:1A:03:DB:5D:23:3D:05:AB:03:94:54:80:07:76:7F:83:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUsHGgPbXSM9BasDlFSAB3Z_g-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e64625-cb8b-49cb-8569-266ac104f7b4/1/oF8Oo0HCyqgso79MJidJrJiWal0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e64625-cb8b-49cb-8569-266ac104f7b4/1/lUsHGgPbXSM9BasDlFSAB3Z_g-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.199.0/24
Signature Algorithm: sha256WithRSAEncryption
28:e1:50:5e:66:cf:32:b4:f5:f5:b8:81:93:b1:39:b9:da:e7:
ff:a6:cf:8a:cf:8e:a4:36:ca:6c:f5:d7:7b:75:6d:74:ad:b3:
dc:c8:fb:61:a0:fa:f5:e3:0b:d7:a4:6d:d3:a2:57:6f:a3:02:
0b:80:d2:d3:56:72:a2:46:98:84:d9:40:66:a2:61:0e:3f:f7:
2c:3a:e8:f6:da:43:8f:fc:cd:53:bf:1d:05:96:0e:04:eb:5f:
98:02:01:79:56:99:78:4e:db:6c:c2:4a:68:3c:4d:e5:26:94:
e8:03:79:e0:33:40:48:9b:c3:13:4d:6f:02:69:74:77:2b:a7:
62:c4:0f:5f:16:bc:11:e5:78:79:89:76:d4:94:dd:07:fc:ce:
d0:d8:c6:12:5e:d7:0f:0d:e5:e3:fb:2c:01:df:d3:e4:60:04:
ac:9e:ff:50:06:1d:2a:3d:d3:87:c9:58:ca:38:f5:07:0b:28:
6c:8b:9e:a7:ae:f6:c4:46:dd:15:01:86:59:35:cb:5c:f5:6c:
0c:41:bb:eb:e9:75:f4:80:a7:2e:d7:ac:01:f7:cb:08:e9:eb:
98:fc:3d:1b:f1:74:12:10:14:e5:07:af:0d:b3:25:06:8a:3f:
87:0c:71:f2:35:48:01:59:c7:7e:91:9f:64:86:1f:34:e4:b5:
85:c5:3c:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbWeovbIdkV68PT+ZX6EfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGIwNzFhMDNkYjVkMjMzZDA1YWIwMzk0NTQ4MDA3NzY3
ZjgzZTcwHhcNMjQwMTAxMDAyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDVmMGVhMzQxYzJjYWE4MmNhM2JmNGMyNjI3NDlhYzk4OTY2YTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3wdvJM0YPj0ai9uCmZ93+aViEw9
wQXTqnMhzBWKsXeRtnbor/B/0CZrYcF/nHXUioB8BiC45w+wpFXCGmegJFUATTgB
Bxbz4tzIJ+MNtNJ8T7tl9TAbVKENxoq6BWg/bc7MgTWBs52aaQCRNrOdJggYFomp
OQrur6mMVgN7FrH2NbNr091U4k2sRT9G5E2s4EEoHTrbwh6151GZuCHtOXZRf0SQ
I+4vpAOtcGMx2K2xO3RfJXLldcKjznBbsESxNbDvgAe4qxt5HEgyQuaYVvJMQTRj
zF+pMgP/TPGeFkr/fvg3c+TOKZuvc2EHLifkqoigv2eh9qCBqE6UrztmUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBfDqNBwsqoLKO/TCYnSayYlmpdMB8GA1UdIwQY
MBaAFJVLBxoD210jPQWrA5RUgAd2f4PnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVzSEdnUGJYU005QmFzRGxGU0FCM1pfZy1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lNjQ2MjUtY2I4Yi00OWNiLTg1Njkt
MjY2YWMxMDRmN2I0LzEvb0Y4T28wSEN5cWdzbzc5TUppZEpySmlXYWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9lNjQ2MjUtY2I4Yi00OWNiLTg1NjktMjY2YWMxMDRmN2I0
LzEvbFVzSEdnUGJYU005QmFzRGxGU0FCM1pfZy1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwljHMA0G
CSqGSIb3DQEBCwUAA4IBAQAo4VBeZs8ytPX1uIGTsTm52uf/ps+Kz46kNsps9dd7
dW10rbPcyPthoPr14wvXpG3ToldvowILgNLTVnKiRpiE2UBmomEOP/csOuj22kOP
/M1Tvx0Flg4E61+YAgF5Vpl4TttswkpoPE3lJpToA3ngM0BIm8MTTW8CaXR3K6di
xA9fFrwR5Xh5iXbUlN0H/M7Q2MYSXtcPDeXj+ywB39PkYASsnv9QBh0qPdOHyVjK
OPUHCyhsi56nrvbERt0VAYZZNctc9WwMQbvr6XX0gKcu16wB98sI6euY/D0b8XQS
EBTlB68NsyUGij+HDHHyNUgBWcd+kZ9khh805LWFxTzs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:20 2025 by rpki-client