Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/4f4eff-af54-4db0-91cd-1369cef7a4ca/1/S1YdM1ndUF0VntoYfgR5OwPeijI.roa
File: S1YdM1ndUF0VntoYfgR5OwPeijI.roa (raw, json)
Hash identifier: BhRz0FHtvYW9xsvRiqKJ+yKa9UvoEy0/k0SssM/i7cE=
Subject key identifier: 4B:56:1D:33:59:DD:50:5D:15:9E:DA:18:7E:04:79:3B:03:DE:8A:32
Certificate issuer: /CN=bd68c1dad91a4101c7153c0f6d0156238ad746bb
Certificate serial: 0185728C8D71CF23975D0048AA3D426D5E4F
Authority key identifier: BD:68:C1:DA:D9:1A:41:01:C7:15:3C:0F:6D:01:56:23:8A:D7:46:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWjB2tkaQQHHFTwPbQFWI4rXRrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/4f4eff-af54-4db0-91cd-1369cef7a4ca/1/S1YdM1ndUF0VntoYfgR5OwPeijI.roa
Signing time: Mon 02 Jan 2023 12:54:51 +0000
ROA not before: Mon 02 Jan 2023 12:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8937
IP address blocks: 192.109.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:8d:71:cf:23:97:5d:00:48:aa:3d:42:6d:5e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd68c1dad91a4101c7153c0f6d0156238ad746bb
Validity
Not Before: Jan 2 12:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b561d3359dd505d159eda187e04793b03de8a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:94:47:eb:79:75:d3:6f:80:5a:21:30:72:2e:
ff:06:04:4c:78:5f:94:ce:e0:50:28:de:c6:06:50:
2e:5d:e0:51:51:42:11:6b:f8:01:60:c3:47:34:d5:
40:ad:96:3a:e8:e0:28:7e:6a:79:53:c8:19:27:a0:
13:2c:da:40:11:ea:8e:65:86:d8:ee:28:52:a8:da:
f9:3c:9a:e5:64:f2:b2:bb:df:7b:08:42:f6:a2:a6:
61:7a:83:cf:15:42:e5:83:ed:ca:72:c6:ee:da:28:
13:42:95:73:e1:05:37:63:f5:3e:a0:a8:a1:21:3a:
96:5f:b6:07:55:a3:90:70:0a:c4:68:d1:33:33:61:
a2:27:f2:ca:5a:86:86:75:dc:e1:93:47:97:33:45:
31:bb:12:64:49:82:20:7e:34:b3:24:51:eb:3f:15:
df:89:a7:58:7b:97:c9:62:f4:03:56:fe:f5:34:63:
d0:7f:f2:6d:81:b9:e0:8c:ab:fa:7c:aa:09:cd:a5:
44:86:1c:bd:ad:65:b6:e8:0a:83:d9:7a:d6:08:6f:
b2:6e:10:a5:fd:37:ff:3e:08:8c:d4:7d:a2:bd:22:
c2:e0:87:23:d3:96:85:eb:78:c1:8e:07:b2:07:89:
1e:f3:d5:f2:82:0e:16:56:e6:8f:57:8b:a5:9f:8a:
fb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:56:1D:33:59:DD:50:5D:15:9E:DA:18:7E:04:79:3B:03:DE:8A:32
X509v3 Authority Key Identifier:
keyid:BD:68:C1:DA:D9:1A:41:01:C7:15:3C:0F:6D:01:56:23:8A:D7:46:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWjB2tkaQQHHFTwPbQFWI4rXRrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/4f4eff-af54-4db0-91cd-1369cef7a4ca/1/S1YdM1ndUF0VntoYfgR5OwPeijI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/4f4eff-af54-4db0-91cd-1369cef7a4ca/1/vWjB2tkaQQHHFTwPbQFWI4rXRrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.199.0/24
Signature Algorithm: sha256WithRSAEncryption
11:a8:65:bc:7f:5d:11:d4:bb:a6:df:5b:1d:cc:40:8c:51:82:
f1:e6:4d:6c:1f:75:c0:1f:a7:c3:69:7c:5e:fe:dd:9a:46:56:
3c:09:a9:e0:89:cf:17:43:38:f7:33:8b:3b:c3:c7:d1:1c:a2:
f3:20:83:bc:2b:9b:b1:86:09:4e:ee:fd:b0:51:75:2d:32:cd:
47:40:a9:82:b4:fa:c6:62:6f:0b:38:ab:42:27:7b:69:29:65:
18:c7:28:1c:91:76:21:65:b5:ee:4a:15:50:8d:54:a6:0f:63:
74:56:2b:8b:11:05:41:c3:72:2e:e4:b8:05:bf:a8:29:06:b6:
54:42:f7:34:81:2e:a2:f5:d4:87:69:93:be:22:de:c4:b0:de:
31:f4:2d:44:68:d7:51:ec:87:54:80:dc:38:ec:38:b2:02:71:
bd:ed:ab:5a:52:a5:64:53:33:ce:51:70:be:48:20:7c:83:d6:
65:76:05:0b:60:a8:b1:04:f0:87:96:f3:28:e2:6d:0c:14:80:
55:0c:45:62:2c:2a:b6:06:cd:87:6d:3b:e3:f1:db:2f:86:1f:
67:4b:21:f3:a3:fe:96:29:2f:1d:67:f0:9f:46:c1:5a:60:50:
d5:16:ae:62:a0:81:9c:e8:b3:65:53:78:54:fb:09:b6:21:35:
f5:f8:91:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjI1xzyOXXQBIqj1CbV5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjhjMWRhZDkxYTQxMDFjNzE1M2MwZjZkMDE1NjIzOGFk
NzQ2YmIwHhcNMjMwMTAyMTI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU2MWQzMzU5ZGQ1MDVkMTU5ZWRhMTg3ZTA0NzkzYjAzZGU4YTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZRH63l102+AWiEwci7/BgRMeF+U
zuBQKN7GBlAuXeBRUUIRa/gBYMNHNNVArZY66OAofmp5U8gZJ6ATLNpAEeqOZYbY
7ihSqNr5PJrlZPKyu997CEL2oqZheoPPFULlg+3Kcsbu2igTQpVz4QU3Y/U+oKih
ITqWX7YHVaOQcArEaNEzM2GiJ/LKWoaGddzhk0eXM0UxuxJkSYIgfjSzJFHrPxXf
iadYe5fJYvQDVv71NGPQf/JtgbngjKv6fKoJzaVEhhy9rWW26AqD2XrWCG+ybhCl
/Tf/PgiM1H2ivSLC4Icj05aF63jBjgeyB4ke89Xygg4WVuaPV4uln4r7PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtWHTNZ3VBdFZ7aGH4EeTsD3ooyMB8GA1UdIwQY
MBaAFL1owdrZGkEBxxU8D20BViOK10a7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldqQjJ0a2FRUUhIRlR3UGJRRldJNHJYUnJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80ZjRlZmYtYWY1NC00ZGIwLTkxY2Qt
MTM2OWNlZjdhNGNhLzEvUzFZZE0xbmRVRjBWbnRvWWZnUjVPd1BlaWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80ZjRlZmYtYWY1NC00ZGIwLTkxY2QtMTM2OWNlZjdhNGNh
LzEvdldqQjJ0a2FRUUhIRlR3UGJRRldJNHJYUnJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3HMA0G
CSqGSIb3DQEBCwUAA4IBAQARqGW8f10R1Lum31sdzECMUYLx5k1sH3XAH6fDaXxe
/t2aRlY8Cangic8XQzj3M4s7w8fRHKLzIIO8K5uxhglO7v2wUXUtMs1HQKmCtPrG
Ym8LOKtCJ3tpKWUYxygckXYhZbXuShVQjVSmD2N0ViuLEQVBw3Iu5LgFv6gpBrZU
Qvc0gS6i9dSHaZO+It7EsN4x9C1EaNdR7IdUgNw47DiyAnG97ataUqVkUzPOUXC+
SCB8g9ZldgULYKixBPCHlvMo4m0MFIBVDEViLCq2Bs2HbTvj8dsvhh9nSyHzo/6W
KS8dZ/CfRsFaYFDVFq5ioIGc6LNlU3hU+wm2ITX1+JGP
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:27 2024 by rpki-client on console-fra.rpki-client.org