Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/0s3dPBNEOuhlGzYN_jaESWpEKUM.roa
File: 0s3dPBNEOuhlGzYN_jaESWpEKUM.roa (raw, json)
Hash identifier: EFqo2Gbj2BG46xEMFh4kSUpVQ8Pkzn1MFJkvX2hGwfA=
Subject key identifier: D2:CD:DD:3C:13:44:3A:E8:65:1B:36:0D:FE:36:84:49:6A:44:29:43
Certificate issuer: /CN=f4b9dd9e34fe66d75138903708f8ce1fbd342d64
Certificate serial: 01856B00CD3E29009F1CE38C9E70F1B5A39E
Authority key identifier: F4:B9:DD:9E:34:FE:66:D7:51:38:90:37:08:F8:CE:1F:BD:34:2D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LndnjT-ZtdROJA3CPjOH700LWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/0s3dPBNEOuhlGzYN_jaESWpEKUM.roa
Signing time: Sun 01 Jan 2023 01:44:52 +0000
ROA not before: Sun 01 Jan 2023 01:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35008
IP address blocks: 194.246.109.0/24 maxlen: 24
2001:67c:760::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:cd:3e:29:00:9f:1c:e3:8c:9e:70:f1:b5:a3:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9dd9e34fe66d75138903708f8ce1fbd342d64
Validity
Not Before: Jan 1 01:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2cddd3c13443ae8651b360dfe3684496a442943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b4:19:c9:35:21:94:1a:e3:7c:00:c7:fa:a5:
19:1c:14:03:15:f1:87:22:61:67:98:d8:39:aa:d3:
ab:6b:ab:35:8f:59:f9:2f:9d:fc:c8:d0:1f:a1:27:
ba:d2:66:e5:1a:61:e5:25:73:ea:a9:41:97:da:82:
fc:12:77:e6:51:a3:25:02:10:a8:15:88:90:ce:f3:
c6:91:ef:4d:3b:9c:5f:21:5c:6a:21:f6:5e:bc:64:
57:50:09:f5:33:65:b6:43:7d:8d:e9:60:f6:b7:15:
42:66:5c:b5:f5:a6:8a:86:6a:f5:eb:37:6e:fa:55:
1d:e1:fd:db:4f:e0:3f:3c:ec:4a:90:c5:98:8d:45:
8c:52:81:02:b6:dc:e4:ad:ca:8f:3b:f8:61:19:5f:
1e:b4:90:5d:aa:99:e5:6a:7f:b0:b3:6b:d0:43:bc:
48:31:6c:fa:3b:8d:a6:33:f4:87:58:6c:ab:70:a8:
ab:65:da:70:cf:57:d4:00:a3:64:dd:88:39:ad:1c:
53:a7:9d:67:25:85:57:2d:6d:f0:af:e5:8a:a5:33:
2f:35:17:de:ec:d5:2d:0d:1a:85:58:52:72:ab:0d:
cf:ca:a0:fd:b3:f3:4e:6b:19:01:c6:42:ff:92:58:
98:c8:e2:d5:d7:d4:81:ef:c9:cf:b8:ea:21:a4:b3:
8f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:CD:DD:3C:13:44:3A:E8:65:1B:36:0D:FE:36:84:49:6A:44:29:43
X509v3 Authority Key Identifier:
keyid:F4:B9:DD:9E:34:FE:66:D7:51:38:90:37:08:F8:CE:1F:BD:34:2D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LndnjT-ZtdROJA3CPjOH700LWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/0s3dPBNEOuhlGzYN_jaESWpEKUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/9LndnjT-ZtdROJA3CPjOH700LWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.109.0/24
IPv6:
2001:67c:760::/48
Signature Algorithm: sha256WithRSAEncryption
1f:22:1e:f5:b2:90:e5:03:6b:0d:fd:5b:65:77:41:11:43:58:
25:9e:0b:4a:ee:7d:15:dd:72:24:5c:00:6c:75:85:3d:26:ce:
aa:41:b8:d5:b6:bf:3f:c9:5f:c8:b0:32:98:05:39:88:9d:ce:
da:8f:bc:c8:73:15:e7:7a:24:7e:11:9e:92:ad:19:0d:d3:2d:
dd:7b:c8:68:78:32:21:e6:36:1f:02:85:f6:17:79:72:54:d1:
14:41:d4:d2:95:5e:4d:7d:10:69:fb:b5:29:f0:1d:17:38:47:
df:79:12:b4:ad:81:f4:e4:ea:6d:f2:c7:91:29:0a:55:96:9e:
b7:99:a0:11:58:35:7c:51:fc:b3:96:3c:a6:56:96:2d:76:d4:
56:56:5c:c8:33:b7:29:cc:66:bc:a0:4c:9e:98:da:1f:4f:aa:
a3:6b:cb:6f:23:12:77:ce:d0:48:20:1a:c3:22:8e:6d:a9:5d:
ec:8d:c0:61:aa:13:5e:b6:31:c4:39:af:d6:61:cd:65:fe:31:
37:70:fa:17:60:06:a9:bc:98:75:2d:8d:c8:1c:84:0f:5e:6d:
e3:90:e9:88:e4:0e:14:20:8b:a5:ae:2e:ff:b3:26:f3:7d:ac:
a8:4d:c1:75:d0:be:1f:ce:04:2e:fa:a0:ae:48:fa:a6:ce:ea:
dc:22:ec:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrAM0+KQCfHOOMnnDxtaOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjlkZDllMzRmZTY2ZDc1MTM4OTAzNzA4ZjhjZTFmYmQz
NDJkNjQwHhcNMjMwMTAxMDE0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmNkZGQzYzEzNDQzYWU4NjUxYjM2MGRmZTM2ODQ0OTZhNDQyOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrQZyTUhlBrjfADH+qUZHBQDFfGH
ImFnmNg5qtOra6s1j1n5L538yNAfoSe60mblGmHlJXPqqUGX2oL8EnfmUaMlAhCo
FYiQzvPGke9NO5xfIVxqIfZevGRXUAn1M2W2Q32N6WD2txVCZly19aaKhmr16zdu
+lUd4f3bT+A/POxKkMWYjUWMUoECttzkrcqPO/hhGV8etJBdqpnlan+ws2vQQ7xI
MWz6O42mM/SHWGyrcKirZdpwz1fUAKNk3Yg5rRxTp51nJYVXLW3wr+WKpTMvNRfe
7NUtDRqFWFJyqw3PyqD9s/NOaxkBxkL/kliYyOLV19SB78nPuOohpLOPBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNLN3TwTRDroZRs2Df42hElqRClDMB8GA1UdIwQY
MBaAFPS53Z40/mbXUTiQNwj4zh+9NC1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxuZG5qVC1adGRST0pBM0NQak9INzAwTFdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lY2FmNDQtMDhjYy00MWJiLTgxZDMt
MjYyYmVjNzE3YjE3LzEvMHMzZFBCTkVPdWhsR3pZTl9qYUVTV3BFS1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lY2FmNDQtMDhjYy00MWJiLTgxZDMtMjYyYmVjNzE3YjE3
LzEvOUxuZG5qVC1adGRST0pBM0NQak9INzAwTFdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwvZtMA8E
AgACMAkDBwAgAQZ8B2AwDQYJKoZIhvcNAQELBQADggEBAB8iHvWykOUDaw39W2V3
QRFDWCWeC0rufRXdciRcAGx1hT0mzqpBuNW2vz/JX8iwMpgFOYidztqPvMhzFed6
JH4RnpKtGQ3TLd17yGh4MiHmNh8ChfYXeXJU0RRB1NKVXk19EGn7tSnwHRc4R995
ErStgfTk6m3yx5EpClWWnreZoBFYNXxR/LOWPKZWli121FZWXMgztynMZrygTJ6Y
2h9PqqNry28jEnfO0EggGsMijm2pXeyNwGGqE162McQ5r9ZhzWX+MTdw+hdgBqm8
mHUtjcgchA9ebeOQ6YjkDhQgi6WuLv+zJvN9rKhNwXXQvh/OBC76oK5I+qbO6twi
7Ec=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:40 2024 by rpki-client on console-ams.rpki-client.org