Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/82fb1d-f4f4-436a-a993-b4a1700f2172/1/j89nBmmW4yrqSonNmeh-6TkKVXc.roa
File: j89nBmmW4yrqSonNmeh-6TkKVXc.roa (raw, json)
Hash identifier: 94XMhB7rKAiuIbqgnHZZVlZxS+FoJW5DgOB3j3K70jg=
Subject key identifier: 8F:CF:67:06:69:96:E3:2A:EA:4A:89:CD:99:E8:7E:E9:39:0A:55:77
Certificate issuer: /CN=09aad17b106775e484f61ebb5ec104c27c187e48
Certificate serial: 01856FC26E0600477ECA727EB484A571E87B
Authority key identifier: 09:AA:D1:7B:10:67:75:E4:84:F6:1E:BB:5E:C1:04:C2:7C:18:7E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CarRexBndeSE9h67XsEEwnwYfkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/82fb1d-f4f4-436a-a993-b4a1700f2172/1/j89nBmmW4yrqSonNmeh-6TkKVXc.roa
Signing time: Sun 01 Jan 2023 23:54:51 +0000
ROA not before: Sun 01 Jan 2023 23:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9145
IP address blocks: 194.31.94.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:6e:06:00:47:7e:ca:72:7e:b4:84:a5:71:e8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09aad17b106775e484f61ebb5ec104c27c187e48
Validity
Not Before: Jan 1 23:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fcf67066996e32aea4a89cd99e87ee9390a5577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:02:ab:b9:49:11:9f:9a:20:b6:0b:04:78:0c:
f7:74:b9:c0:3e:e9:fd:e7:48:70:fe:1a:a9:40:9f:
1c:c6:43:71:87:46:62:62:56:92:13:b0:77:7b:02:
87:1a:b9:7d:0a:a2:b9:27:56:f3:a6:63:65:1c:44:
6d:6b:76:c8:fb:96:4a:16:c2:01:dc:89:00:52:84:
8f:82:51:10:a5:67:b3:56:09:cb:bf:1b:d0:5d:7b:
ae:42:78:d9:73:24:05:7e:63:8c:4d:67:68:b6:a6:
67:15:22:00:00:15:63:09:e1:e5:a8:d0:7e:4d:76:
a0:fe:da:be:b4:78:a5:3f:6b:ec:c6:f0:69:6f:98:
a8:57:45:43:07:56:3b:55:71:33:10:ba:9e:03:23:
9a:1d:f4:61:28:39:30:c1:2f:e4:fc:3a:0b:47:d0:
84:87:18:21:38:2c:30:f5:3b:98:cd:65:ee:e8:64:
31:76:bc:74:cd:39:e6:8f:33:6d:f1:f7:8e:62:ba:
86:5a:16:1b:ba:6f:ad:83:bd:11:3b:03:05:9f:9f:
2f:03:ca:d8:c5:f8:39:b0:85:a3:bc:17:a4:49:0a:
73:c2:cf:f0:fd:5c:43:8b:2d:1a:fc:86:4d:bc:3f:
e8:0e:39:b0:c9:6b:96:35:ae:1e:52:3a:c7:90:48:
d9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:CF:67:06:69:96:E3:2A:EA:4A:89:CD:99:E8:7E:E9:39:0A:55:77
X509v3 Authority Key Identifier:
keyid:09:AA:D1:7B:10:67:75:E4:84:F6:1E:BB:5E:C1:04:C2:7C:18:7E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CarRexBndeSE9h67XsEEwnwYfkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/82fb1d-f4f4-436a-a993-b4a1700f2172/1/j89nBmmW4yrqSonNmeh-6TkKVXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/82fb1d-f4f4-436a-a993-b4a1700f2172/1/CarRexBndeSE9h67XsEEwnwYfkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.94.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:b0:98:ab:50:c9:8e:3d:10:c3:e4:1e:98:e5:54:56:fa:3b:
82:bb:c0:0c:88:3d:6d:cb:2a:aa:5e:a5:bf:d6:67:aa:f9:7a:
2f:85:ff:e6:d3:83:36:47:20:5c:47:0c:62:0c:ec:79:61:98:
bf:54:b4:ff:a9:72:5e:ef:fa:fe:3b:d9:d4:f1:d7:2e:7f:18:
b3:c2:5e:2a:c5:fe:f7:33:9d:fa:52:15:76:01:1d:41:26:77:
d4:fc:b4:66:87:6a:f2:bb:6b:53:c8:87:a1:ac:31:89:2a:da:
b4:60:5c:9b:7b:67:6f:14:99:05:49:7b:38:fe:c5:1b:a2:66:
c4:54:30:b8:f0:12:62:a6:32:b7:7b:a8:a4:96:64:04:b4:64:
84:9a:7c:60:86:05:8c:38:b0:56:13:a0:5d:39:79:ed:bd:04:
c3:d2:04:c8:bf:76:ca:ae:dd:93:0b:0f:86:46:b6:2a:e6:b0:
cf:ab:e4:61:b1:ad:68:43:49:24:cb:4b:35:ca:b3:28:67:e0:
da:f7:9a:2b:70:54:9b:84:da:4b:47:a3:1c:72:73:1a:e1:0c:
58:5d:1d:a4:49:01:b2:b4:03:0d:7a:43:ac:b1:ef:ae:5c:83:
69:1d:1f:ef:ec:ae:67:41:c1:37:67:73:a2:dd:c3:18:77:0d:
85:3a:4d:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwm4GAEd+ynJ+tISlceh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YWFkMTdiMTA2Nzc1ZTQ4NGY2MWViYjVlYzEwNGMyN2Mx
ODdlNDgwHhcNMjMwMTAxMjM1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmNmNjcwNjY5OTZlMzJhZWE0YTg5Y2Q5OWU4N2VlOTM5MGE1NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwKruUkRn5ogtgsEeAz3dLnAPun9
50hw/hqpQJ8cxkNxh0ZiYlaSE7B3ewKHGrl9CqK5J1bzpmNlHERta3bI+5ZKFsIB
3IkAUoSPglEQpWezVgnLvxvQXXuuQnjZcyQFfmOMTWdotqZnFSIAABVjCeHlqNB+
TXag/tq+tHilP2vsxvBpb5ioV0VDB1Y7VXEzELqeAyOaHfRhKDkwwS/k/DoLR9CE
hxghOCww9TuYzWXu6GQxdrx0zTnmjzNt8feOYrqGWhYbum+tg70ROwMFn58vA8rY
xfg5sIWjvBekSQpzws/w/VxDiy0a/IZNvD/oDjmwyWuWNa4eUjrHkEjZ6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI/PZwZpluMq6kqJzZnofuk5ClV3MB8GA1UdIwQY
MBaAFAmq0XsQZ3XkhPYeu17BBMJ8GH5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2FyUmV4Qm5kZVNFOWg2N1hzRUV3bndZZmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84MmZiMWQtZjRmNC00MzZhLWE5OTMt
YjRhMTcwMGYyMTcyLzEvajg5bkJtbVc0eXJxU29uTm1laC02VGtLVlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS84MmZiMWQtZjRmNC00MzZhLWE5OTMtYjRhMTcwMGYyMTcy
LzEvQ2FyUmV4Qm5kZVNFOWg2N1hzRUV3bndZZmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwh9eMA0G
CSqGSIb3DQEBCwUAA4IBAQCLsJirUMmOPRDD5B6Y5VRW+juCu8AMiD1tyyqqXqW/
1meq+Xovhf/m04M2RyBcRwxiDOx5YZi/VLT/qXJe7/r+O9nU8dcufxizwl4qxf73
M536UhV2AR1BJnfU/LRmh2ryu2tTyIehrDGJKtq0YFybe2dvFJkFSXs4/sUbombE
VDC48BJipjK3e6iklmQEtGSEmnxghgWMOLBWE6BdOXntvQTD0gTIv3bKrt2TCw+G
RrYq5rDPq+Rhsa1oQ0kky0s1yrMoZ+Da95orcFSbhNpLR6MccnMa4QxYXR2kSQGy
tAMNekOsse+uXINpHR/v7K5nQcE3Z3Oi3cMYdw2FOk2O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:56 2024 by rpki-client on console-ams.rpki-client.org