Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qve0wsb224VORSuL2FQBi0aNJkQ.roa
File: Qve0wsb224VORSuL2FQBi0aNJkQ.roa (raw, json)
Hash identifier: obyvLSWnhZJnnDbJJY3BhEFqrEcY3yJUt0LYWvzX2w0=
Subject key identifier: 42:F7:B4:C2:C6:F6:DB:85:4E:45:2B:8B:D8:54:01:8B:46:8D:26:44
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0186CAD048E6C985D55AD3C5A70CF361A61F
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qve0wsb224VORSuL2FQBi0aNJkQ.roa
Signing time: Fri 10 Mar 2023 09:18:13 +0000
ROA not before: Fri 10 Mar 2023 09:18:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 194.50.201.0/24 maxlen: 24
194.50.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ca:d0:48:e6:c9:85:d5:5a:d3:c5:a7:0c:f3:61:a6:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 10 09:18:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42f7b4c2c6f6db854e452b8bd854018b468d2644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dc:42:34:51:7b:6d:03:49:26:47:32:43:14:
30:2a:c5:b1:8b:f4:41:08:09:3e:a1:99:f0:d2:77:
92:2a:fc:47:6e:b8:cc:ea:3a:af:e4:ab:f5:ca:f4:
05:42:5e:bd:e2:4b:5f:0f:f0:8a:ff:dd:a1:67:ef:
a2:7b:69:c0:bb:11:90:37:b8:55:a2:86:9a:51:7f:
2d:72:61:86:d0:6a:c8:24:24:b5:6c:b8:5c:03:94:
92:e9:41:d9:ff:b3:89:dc:e7:25:11:0e:e3:81:b6:
89:a8:d7:c1:7b:91:4c:72:fd:a5:92:b8:1d:f0:3b:
6e:54:ee:9a:4b:7d:47:be:28:d2:fd:c0:df:d4:c1:
21:62:4f:87:f2:d1:64:e0:01:52:ec:a4:fd:21:a0:
80:cc:53:eb:63:69:4b:c7:2a:43:fb:33:5e:19:dd:
c1:82:1c:d6:fa:86:87:1b:13:d4:ae:49:bb:6f:d9:
5c:22:01:89:e5:0e:d1:67:da:ef:6f:ef:2c:34:a3:
9f:c2:dd:fb:9e:5b:55:ee:30:e1:9d:cc:f4:47:42:
35:30:6c:2d:94:f7:f6:14:b9:d8:bd:7c:da:25:11:
77:a1:2d:6b:68:90:8c:7a:90:7a:a4:5c:a2:26:71:
94:76:68:17:b6:e1:03:04:8e:de:18:21:31:2a:a8:
bb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F7:B4:C2:C6:F6:DB:85:4E:45:2B:8B:D8:54:01:8B:46:8D:26:44
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qve0wsb224VORSuL2FQBi0aNJkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.200.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:e4:ef:9c:3e:d3:c7:87:a6:ce:97:7b:dd:28:2f:30:1e:da:
0b:3c:0a:a5:03:7c:9c:36:19:97:be:e4:25:7e:20:db:bc:75:
d0:9c:10:70:a6:00:25:2f:76:48:47:8d:f8:07:da:e6:b5:2a:
fb:c9:3c:d5:86:54:a6:1a:3d:d1:b2:48:25:b9:53:1d:96:ae:
7e:7d:60:dd:10:46:4f:36:c2:38:61:2c:4b:83:d9:15:5d:b7:
4e:e6:a9:2c:49:71:46:2d:d8:25:8a:7a:2e:25:99:cd:7a:81:
a5:67:ef:d5:d4:ed:2d:91:0a:16:08:3c:09:c2:71:91:d6:d0:
0a:de:e3:f0:7c:ba:14:ba:88:59:d6:3a:c7:2d:2c:6c:1d:c7:
e3:bc:90:d8:fe:8e:19:96:22:eb:fc:a7:0d:04:78:af:9e:5f:
4d:2c:f9:cc:8d:ab:05:3e:94:b0:34:7d:54:19:12:61:67:93:
df:6a:11:c9:f7:62:16:c2:c4:d3:df:c6:81:b5:b5:1e:04:a7:
eb:e2:c4:41:ac:a6:19:c5:29:0b:b9:23:a3:03:7f:13:12:8e:
6b:c3:c2:59:fb:99:8e:4a:42:fe:41:86:33:97:b8:f9:99:6c:
b6:a1:f0:fe:ab:5f:56:e2:f0:fc:27:35:2d:a8:94:b3:76:69:
f4:8f:7f:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbK0EjmyYXVWtPFpwzzYaYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMzEwMDkxODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY3YjRjMmM2ZjZkYjg1NGU0NTJiOGJkODU0MDE4YjQ2OGQyNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9xCNFF7bQNJJkcyQxQwKsWxi/RB
CAk+oZnw0neSKvxHbrjM6jqv5Kv1yvQFQl694ktfD/CK/92hZ++ie2nAuxGQN7hV
ooaaUX8tcmGG0GrIJCS1bLhcA5SS6UHZ/7OJ3OclEQ7jgbaJqNfBe5FMcv2lkrgd
8DtuVO6aS31HvijS/cDf1MEhYk+H8tFk4AFS7KT9IaCAzFPrY2lLxypD+zNeGd3B
ghzW+oaHGxPUrkm7b9lcIgGJ5Q7RZ9rvb+8sNKOfwt37nltV7jDhncz0R0I1MGwt
lPf2FLnYvXzaJRF3oS1raJCMepB6pFyiJnGUdmgXtuEDBI7eGCExKqi7vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEL3tMLG9tuFTkUri9hUAYtGjSZEMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUXZlMHdzYjIyNFZPUlN1TDJGUUJpMGFOSmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwjLIMA0G
CSqGSIb3DQEBCwUAA4IBAQBq5O+cPtPHh6bOl3vdKC8wHtoLPAqlA3ycNhmXvuQl
fiDbvHXQnBBwpgAlL3ZIR434B9rmtSr7yTzVhlSmGj3RskgluVMdlq5+fWDdEEZP
NsI4YSxLg9kVXbdO5qksSXFGLdglinouJZnNeoGlZ+/V1O0tkQoWCDwJwnGR1tAK
3uPwfLoUuohZ1jrHLSxsHcfjvJDY/o4ZliLr/KcNBHivnl9NLPnMjasFPpSwNH1U
GRJhZ5PfahHJ92IWwsTT38aBtbUeBKfr4sRBrKYZxSkLuSOjA38TEo5rw8JZ+5mO
SkL+QYYzl7j5mWy2ofD+q19W4vD8JzUtqJSzdmn0j39/
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org