Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/irSfz-Kq_mMG3wTy2e4uh3dOEZQ.roa
File: irSfz-Kq_mMG3wTy2e4uh3dOEZQ.roa (raw, json)
Hash identifier: UDPq0sDM+kcRjfVo8qi/RLoYcKsJvAG0w2yUTRcMUU4=
Subject key identifier: 8A:B4:9F:CF:E2:AA:FE:63:06:DF:04:F2:D9:EE:2E:87:77:4E:11:94
Certificate issuer: /CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Certificate serial: 01856CCAE674AA97C33125D32D75C675E5E3
Authority key identifier: 42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/irSfz-Kq_mMG3wTy2e4uh3dOEZQ.roa
Signing time: Sun 01 Jan 2023 10:05:14 +0000
ROA not before: Sun 01 Jan 2023 10:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 146961
IP address blocks: 194.53.201.0/24 maxlen: 24
194.53.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e6:74:aa:97:c3:31:25:d3:2d:75:c6:75:e5:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Validity
Not Before: Jan 1 10:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ab49fcfe2aafe6306df04f2d9ee2e87774e1194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:12:ac:f0:1b:a1:83:da:9c:09:a2:7b:36:f7:
c4:41:f0:72:d8:51:df:b7:80:5b:d2:75:37:cc:b0:
78:82:42:b8:c2:eb:0c:2d:ea:9f:1e:16:ed:6e:9e:
4c:12:59:83:ec:14:73:0b:7f:84:bc:b0:c6:80:56:
f4:02:b4:e2:b4:b7:75:14:cc:1b:24:7c:42:ec:90:
c6:1d:57:ad:5d:55:d1:71:ee:f4:f3:19:0a:f1:43:
1e:3c:bd:2c:6b:4e:fe:a8:65:cf:81:b1:c6:5f:d2:
b5:ca:b7:66:96:47:99:16:34:9b:fb:7e:54:26:2c:
4a:dd:3d:b4:46:53:8b:1c:0a:70:1b:f0:ff:ce:70:
94:a3:85:49:b9:09:21:c3:a5:0a:fe:19:a6:33:5d:
0f:fc:c6:4b:d1:bb:26:a3:f6:c3:7b:2c:fc:04:92:
69:9b:5c:e7:d6:83:24:a9:b4:6b:bd:cf:4e:11:f1:
ab:b7:a6:bd:f7:02:85:11:2e:bc:14:10:92:6a:97:
5a:73:64:e3:13:85:ca:20:26:70:2e:2a:44:19:4d:
0d:ff:91:4b:15:1d:c5:f4:9e:97:6a:25:c7:9c:29:
8d:85:2c:4c:80:58:19:40:3e:0c:72:81:9b:4a:42:
cb:98:7c:45:5c:a6:6c:09:25:87:02:e1:76:86:33:
c1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B4:9F:CF:E2:AA:FE:63:06:DF:04:F2:D9:EE:2E:87:77:4E:11:94
X509v3 Authority Key Identifier:
keyid:42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/irSfz-Kq_mMG3wTy2e4uh3dOEZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.201.0-194.53.202.255
Signature Algorithm: sha256WithRSAEncryption
22:29:29:48:ae:bf:cd:91:00:26:06:ac:34:15:65:28:0c:53:
ce:59:9c:0f:d3:93:98:1a:d0:61:fe:af:52:95:f7:b8:46:2d:
f4:60:1d:6b:a6:1d:44:13:53:b6:7c:bc:55:ce:48:4b:e9:67:
c8:99:ba:5c:8e:a5:f7:ac:4a:05:0f:52:8c:47:d5:1d:17:7d:
a5:61:58:1e:af:ad:4d:c0:ff:d0:6b:91:3c:70:4b:2b:77:14:
57:a4:02:5b:32:18:32:14:cc:30:18:7e:89:f6:66:16:5a:31:
16:54:d4:00:35:69:e7:7a:28:36:8e:f5:08:dd:91:15:b5:0a:
7e:2f:25:fc:6a:e1:c7:5a:64:5f:7b:68:57:0b:6c:7f:2b:fa:
c3:3c:31:ce:f8:6b:7b:3f:cb:1b:f7:f4:28:82:4e:ee:a3:aa:
96:fb:3e:4b:15:22:c9:7a:bc:5e:95:90:65:b6:cc:8a:1c:d3:
28:24:da:66:29:a9:90:7e:b8:84:e8:d6:1a:93:d7:b8:c4:f8:
a0:ef:8e:2d:5f:00:95:dc:79:0b:ec:b6:10:a4:a0:13:2a:79:
4e:8e:07:fa:26:34:4c:cb:2c:46:3e:d0:18:34:3a:4b:29:02:
f0:a1:7c:6d:e8:ae:d0:12:fa:5b:fb:f4:0c:3f:c6:73:95:87:
56:d0:6d:8e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsyuZ0qpfDMSXTLXXGdeXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2U3NTkzMjAxOTViOWNjMThjY2ZjYjFiNTMyYWVhOTQ5
MjU4ZjEwHhcNMjMwMTAxMTAwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWI0OWZjZmUyYWFmZTYzMDZkZjA0ZjJkOWVlMmU4Nzc3NGUxMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBKs8Buhg9qcCaJ7NvfEQfBy2FHf
t4Bb0nU3zLB4gkK4wusMLeqfHhbtbp5MElmD7BRzC3+EvLDGgFb0ArTitLd1FMwb
JHxC7JDGHVetXVXRce708xkK8UMePL0sa07+qGXPgbHGX9K1yrdmlkeZFjSb+35U
JixK3T20RlOLHApwG/D/znCUo4VJuQkhw6UK/hmmM10P/MZL0bsmo/bDeyz8BJJp
m1zn1oMkqbRrvc9OEfGrt6a99wKFES68FBCSapdac2TjE4XKICZwLipEGU0N/5FL
FR3F9J6XaiXHnCmNhSxMgFgZQD4McoGbSkLLmHxFXKZsCSWHAuF2hjPBDQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIq0n8/iqv5jBt8E8tnuLod3ThGUMB8GA1UdIwQY
MBaAFELOdZMgGVucwYzPyxtTKuqUkljxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUt
Njk3OTQ4ZWE3MWY1LzEvaXJTZnotS3FfbU1HM3dUeTJlNHVoM2RPRVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUtNjk3OTQ4ZWE3MWY1
LzEvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCNckD
BADCNcowDQYJKoZIhvcNAQELBQADggEBACIpKUiuv82RACYGrDQVZSgMU85ZnA/T
k5ga0GH+r1KV97hGLfRgHWumHUQTU7Z8vFXOSEvpZ8iZulyOpfesSgUPUoxH1R0X
faVhWB6vrU3A/9BrkTxwSyt3FFekAlsyGDIUzDAYfon2ZhZaMRZU1AA1aed6KDaO
9QjdkRW1Cn4vJfxq4cdaZF97aFcLbH8r+sM8Mc74a3s/yxv39CiCTu6jqpb7PksV
Isl6vF6VkGW2zIoc0ygk2mYpqZB+uITo1hqT17jE+KDvji1fAJXceQvsthCkoBMq
eU6OB/omNEzLLEY+0Bg0OkspAvChfG3ortAS+lv79Aw/xnOVh1bQbY4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org