Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/n3NXQgePjUwp2pIjedVnY1rR_w8.roa
File: n3NXQgePjUwp2pIjedVnY1rR_w8.roa (raw, json)
Hash identifier: MdAHgKfs/BiDBwREPWdvHXKQ8M6Lf5a4aktz6a3e8nA=
Subject key identifier: 9F:73:57:42:07:8F:8D:4C:29:DA:92:23:79:D5:67:63:5A:D1:FF:0F
Certificate issuer: /CN=43a438813750133e55001bf89670a0db3ae5be1f
Certificate serial: 01856C65DA62983456D3D29366626132B51A
Authority key identifier: 43:A4:38:81:37:50:13:3E:55:00:1B:F8:96:70:A0:DB:3A:E5:BE:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q6Q4gTdQEz5VABv4lnCg2zrlvh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/n3NXQgePjUwp2pIjedVnY1rR_w8.roa
Signing time: Sun 01 Jan 2023 08:14:52 +0000
ROA not before: Sun 01 Jan 2023 08:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39923
IP address blocks: 194.50.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:da:62:98:34:56:d3:d2:93:66:62:61:32:b5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43a438813750133e55001bf89670a0db3ae5be1f
Validity
Not Before: Jan 1 08:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f735742078f8d4c29da922379d567635ad1ff0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:73:ff:ab:a7:95:d1:1f:fa:7a:23:33:db:72:
ff:63:54:bb:f5:5d:1b:a6:3b:19:93:75:4d:fd:39:
28:98:44:23:6c:78:9d:bf:ae:2b:04:31:3b:8b:53:
f1:75:f2:64:6c:be:f8:57:1a:6e:21:83:ee:0d:bd:
2f:6e:c4:71:75:0e:17:1b:a9:ed:ad:6f:f2:c6:17:
cf:02:6f:b3:1c:08:ec:5e:22:7d:48:3d:46:a1:69:
2b:a0:90:1a:c7:7f:f8:c6:20:bd:59:51:d2:fe:48:
8b:98:77:91:e9:9c:d0:6b:8e:76:45:6d:5e:0d:96:
04:86:d0:a6:f9:01:ce:bc:1e:a9:bf:fa:30:c2:40:
d0:8d:26:f9:bc:83:a4:2c:6a:ab:e3:b2:23:c7:98:
c1:b2:8f:19:c5:d0:d1:cc:70:3d:97:c9:b6:c4:33:
79:ae:ac:f3:17:0e:5c:97:09:83:fd:e6:ab:f5:0d:
cf:73:e1:de:3f:cd:98:ad:7c:52:ff:ec:5c:0f:a2:
27:e9:3f:98:77:dc:63:c2:ab:cc:65:03:a9:09:e1:
18:32:18:db:76:d3:78:fe:41:af:63:4f:44:42:a8:
f6:15:f6:bc:ad:7f:00:8a:11:86:b0:47:e8:3a:08:
45:97:ec:66:9b:f7:65:54:9b:ef:0a:e1:5e:24:d8:
1a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:73:57:42:07:8F:8D:4C:29:DA:92:23:79:D5:67:63:5A:D1:FF:0F
X509v3 Authority Key Identifier:
keyid:43:A4:38:81:37:50:13:3E:55:00:1B:F8:96:70:A0:DB:3A:E5:BE:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q6Q4gTdQEz5VABv4lnCg2zrlvh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/n3NXQgePjUwp2pIjedVnY1rR_w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/Q6Q4gTdQEz5VABv4lnCg2zrlvh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.177.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:db:93:b9:ea:8f:11:6b:b0:01:1f:20:f3:0f:5b:20:f3:3d:
eb:cf:28:99:0f:95:98:84:e3:ab:4f:a7:75:0c:68:d9:78:39:
d5:61:6b:c9:de:e6:0e:82:f3:c8:e3:d2:7c:b1:d3:0a:ee:03:
bc:33:c3:d6:09:a4:a8:08:f0:4e:f5:f7:90:79:d8:f8:e0:6c:
8c:f8:47:de:68:3d:d6:31:24:2b:5d:14:fe:49:c8:4e:df:24:
15:01:ef:0d:de:37:1c:ec:40:de:cb:ca:48:d1:0e:c5:36:74:
4e:cb:d3:32:37:59:3f:05:6f:d1:2e:76:cb:c3:b5:92:9b:03:
2c:f2:35:4a:ec:ee:bd:8c:bd:55:ba:7e:ef:60:d7:70:76:49:
99:1e:d9:5c:a2:34:ee:97:37:e0:cb:33:b7:f7:ee:c7:0b:ba:
b6:3f:85:31:c1:cf:b0:9b:18:7d:c1:b4:41:37:ce:33:f4:24:
b4:74:75:9b:31:7e:a5:66:b7:b4:55:94:bf:37:54:13:76:78:
9d:26:00:47:59:81:9e:a8:b6:b3:d3:08:d7:cd:2f:05:91:bb:
6f:74:2a:13:49:68:d0:27:5c:6e:a7:1c:9d:27:87:4c:ba:b4:
4e:d8:92:59:09:b3:60:3b:2a:3f:20:df:72:15:f0:1f:22:7e:
f5:5f:3f:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZdpimDRW09KTZmJhMrUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYTQzODgxMzc1MDEzM2U1NTAwMWJmODk2NzBhMGRiM2Fl
NWJlMWYwHhcNMjMwMTAxMDgxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjczNTc0MjA3OGY4ZDRjMjlkYTkyMjM3OWQ1Njc2MzVhZDFmZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3P/q6eV0R/6eiMz23L/Y1S79V0b
pjsZk3VN/TkomEQjbHidv64rBDE7i1PxdfJkbL74VxpuIYPuDb0vbsRxdQ4XG6nt
rW/yxhfPAm+zHAjsXiJ9SD1GoWkroJAax3/4xiC9WVHS/kiLmHeR6ZzQa452RW1e
DZYEhtCm+QHOvB6pv/owwkDQjSb5vIOkLGqr47Ijx5jBso8ZxdDRzHA9l8m2xDN5
rqzzFw5clwmD/ear9Q3Pc+HeP82YrXxS/+xcD6In6T+Yd9xjwqvMZQOpCeEYMhjb
dtN4/kGvY09EQqj2Ffa8rX8AihGGsEfoOghFl+xmm/dlVJvvCuFeJNgauwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ9zV0IHj41MKdqSI3nVZ2Na0f8PMB8GA1UdIwQY
MBaAFEOkOIE3UBM+VQAb+JZwoNs65b4fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTZRNGdUZFFFejVWQUJ2NGxuQ2cyenJsdmg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81Y2I0NzMtMzVhMS00NzI3LTg3NzMt
YTBkNmYwZWViNWMyLzEvbjNOWFFnZVBqVXdwMnBJamVkVm5ZMXJSX3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81Y2I0NzMtMzVhMS00NzI3LTg3NzMtYTBkNmYwZWViNWMy
LzEvUTZRNGdUZFFFejVWQUJ2NGxuQ2cyenJsdmg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjKxMA0G
CSqGSIb3DQEBCwUAA4IBAQB/25O56o8Ra7ABHyDzD1sg8z3rzyiZD5WYhOOrT6d1
DGjZeDnVYWvJ3uYOgvPI49J8sdMK7gO8M8PWCaSoCPBO9feQedj44GyM+EfeaD3W
MSQrXRT+SchO3yQVAe8N3jcc7EDey8pI0Q7FNnROy9MyN1k/BW/RLnbLw7WSmwMs
8jVK7O69jL1Vun7vYNdwdkmZHtlcojTulzfgyzO39+7HC7q2P4Uxwc+wmxh9wbRB
N84z9CS0dHWbMX6lZre0VZS/N1QTdnidJgBHWYGeqLaz0wjXzS8FkbtvdCoTSWjQ
J1xupxydJ4dMurRO2JJZCbNgOyo/IN9yFfAfIn71Xz8C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:09 2024 by rpki-client on console-fra.rpki-client.org