Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/dhSZzyTj0oc25tOk-9qdW3_4DXE.roa
File: dhSZzyTj0oc25tOk-9qdW3_4DXE.roa (raw, json)
Hash identifier: JdZMbZ5UCZFxoecCW/JYPBTviQZAdtlmEMPAbfEPzCk=
Subject key identifier: 76:14:99:CF:24:E3:D2:87:36:E6:D3:A4:FB:DA:9D:5B:7F:F8:0D:71
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018CC7275C477037E335243E33B00BB6582D
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/dhSZzyTj0oc25tOk-9qdW3_4DXE.roa
Signing time: Mon 01 Jan 2024 22:31:34 +0000
ROA not before: Mon 01 Jan 2024 22:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396998
IP address blocks: 194.69.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 12:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5c:47:70:37:e3:35:24:3e:33:b0:0b:b6:58:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 1 22:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=761499cf24e3d28736e6d3a4fbda9d5b7ff80d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0c:a2:86:37:9c:f8:e0:74:78:80:e8:33:4c:
a4:20:05:c0:33:fb:ad:0c:1b:5d:4f:92:5d:86:d2:
ad:e5:c7:0d:28:d0:e5:71:38:b5:85:81:b2:24:a1:
ba:c0:cc:db:98:b2:be:26:ab:eb:a4:73:29:0e:bf:
8d:e6:2f:45:79:c8:aa:3e:a9:2c:23:53:de:11:2c:
4e:e6:a7:e6:17:7e:5e:c7:72:db:8d:ab:78:f4:9b:
43:64:6d:a8:82:f4:7f:01:e1:ca:2c:77:e4:a3:2c:
ed:7e:b0:78:8e:d3:40:d7:cf:fc:82:9d:27:cc:88:
d5:85:cf:96:35:34:fb:62:95:84:9c:19:70:eb:89:
d1:1f:be:91:5d:92:ca:7c:4a:cb:14:78:52:a6:2a:
38:70:30:b7:e2:4f:96:27:62:a3:5a:3f:d5:19:8d:
8a:9c:22:e1:10:3a:66:0c:7e:83:b8:e6:31:29:f9:
ca:3a:ab:b4:ee:00:8e:3a:5a:13:1f:f8:f9:45:09:
3e:0d:b0:56:17:be:88:33:1a:06:88:72:7e:c6:40:
88:80:71:e3:39:f4:28:ae:f4:aa:36:b4:14:d8:0d:
4c:8e:a3:b6:82:46:fa:d5:10:62:c1:ea:e7:6b:5a:
79:09:05:2f:c8:a6:16:fc:67:df:20:c2:1c:35:18:
83:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:14:99:CF:24:E3:D2:87:36:E6:D3:A4:FB:DA:9D:5B:7F:F8:0D:71
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/dhSZzyTj0oc25tOk-9qdW3_4DXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.69.160.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:11:80:5a:1f:40:f8:ac:6d:c5:92:63:21:58:53:09:51:50:
ff:c0:aa:f2:bf:97:a2:b9:e7:47:43:a0:ea:bc:c3:e3:4c:ff:
dc:3c:5a:b0:42:84:b8:ba:69:54:a1:a4:41:5b:7d:72:0c:34:
b2:ef:cb:78:50:bf:ad:0f:0a:29:42:fb:d1:79:71:1a:dd:95:
3a:2a:10:0d:0b:6e:27:a5:53:a6:74:30:34:fa:b4:c1:99:ba:
f5:d6:af:db:31:e6:b3:ac:7d:79:dd:75:69:05:5f:1b:a7:ab:
99:98:1a:c2:34:61:10:ac:96:66:04:e6:32:45:18:5f:53:bf:
ea:2b:95:c8:93:65:4b:4f:04:93:61:13:d3:36:85:62:52:45:
c0:10:c4:2b:82:11:55:aa:77:a3:45:ce:7b:91:15:16:9d:bf:
a2:19:91:97:28:49:17:75:4c:f1:ec:0c:af:a3:0a:f6:23:19:
86:cf:ce:2d:94:d1:4f:f6:79:34:78:b0:1f:ff:0e:d9:ab:4a:
0e:69:91:04:64:d6:fe:20:b9:d7:33:c8:15:6a:b6:48:09:6b:
a6:e2:05:8a:37:4f:6f:66:ae:01:c6:09:c4:07:25:85:de:cb:
b1:e5:82:84:a4:3f:7b:0d:2f:85:49:18:09:73:42:d6:4b:1b:
6c:fd:99:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ1xHcDfjNSQ+M7ALtlgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwMTAxMjIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjE0OTljZjI0ZTNkMjg3MzZlNmQzYTRmYmRhOWQ1YjdmZjgwZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwyihjec+OB0eIDoM0ykIAXAM/ut
DBtdT5JdhtKt5ccNKNDlcTi1hYGyJKG6wMzbmLK+JqvrpHMpDr+N5i9FeciqPqks
I1PeESxO5qfmF35ex3Lbjat49JtDZG2ogvR/AeHKLHfkoyztfrB4jtNA18/8gp0n
zIjVhc+WNTT7YpWEnBlw64nRH76RXZLKfErLFHhSpio4cDC34k+WJ2KjWj/VGY2K
nCLhEDpmDH6DuOYxKfnKOqu07gCOOloTH/j5RQk+DbBWF76IMxoGiHJ+xkCIgHHj
OfQorvSqNrQU2A1MjqO2gkb61RBiwerna1p5CQUvyKYW/GffIMIcNRiDbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYUmc8k49KHNubTpPvanVt/+A1xMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvZGhTWnp5VGowb2MyNXRPay05cWRXM180RFhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkWgMA0G
CSqGSIb3DQEBCwUAA4IBAQCkEYBaH0D4rG3FkmMhWFMJUVD/wKryv5eiuedHQ6Dq
vMPjTP/cPFqwQoS4umlUoaRBW31yDDSy78t4UL+tDwopQvvReXEa3ZU6KhANC24n
pVOmdDA0+rTBmbr11q/bMeazrH153XVpBV8bp6uZmBrCNGEQrJZmBOYyRRhfU7/q
K5XIk2VLTwSTYRPTNoViUkXAEMQrghFVqnejRc57kRUWnb+iGZGXKEkXdUzx7Ayv
owr2IxmGz84tlNFP9nk0eLAf/w7Zq0oOaZEEZNb+ILnXM8gVarZICWum4gWKN09v
Zq4BxgnEByWF3sux5YKEpD97DS+FSRgJc0LWSxts/Zmv
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:11 2025 by rpki-client