Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/1jcoHNNzVlSVQ5DG4c6FDFe1hng.roa
File: 1jcoHNNzVlSVQ5DG4c6FDFe1hng.roa (raw, json)
Hash identifier: pbrOziYMnCn0mL7DTcyVB+XERmaJEMHP4wbs1Nzy7zA=
Subject key identifier: D6:37:28:1C:D3:73:56:54:95:43:90:C6:E1:CE:85:0C:57:B5:86:78
Certificate issuer: /CN=69854a57ab0d8a3c922c8f6a79aa8fe8a6a2c09e
Certificate serial: 018570027E5345B675380A41C93314FE48AD
Authority key identifier: 69:85:4A:57:AB:0D:8A:3C:92:2C:8F:6A:79:AA:8F:E8:A6:A2:C0:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYVKV6sNijySLI9qeaqP6KaiwJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/1jcoHNNzVlSVQ5DG4c6FDFe1hng.roa
Signing time: Mon 02 Jan 2023 01:04:49 +0000
ROA not before: Mon 02 Jan 2023 01:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203836
IP address blocks: 194.34.201.0/24 maxlen: 24
194.34.202.0/24 maxlen: 24
194.34.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:7e:53:45:b6:75:38:0a:41:c9:33:14:fe:48:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69854a57ab0d8a3c922c8f6a79aa8fe8a6a2c09e
Validity
Not Before: Jan 2 01:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d637281cd3735654954390c6e1ce850c57b58678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:70:0c:81:f8:ac:ac:23:b0:c9:f9:17:e4:e3:
95:ae:de:75:da:88:44:8f:f9:55:b5:3c:fe:ef:8d:
9d:46:0f:6f:34:3c:14:52:30:7a:05:cb:6b:b8:a2:
ad:b3:9c:a6:1f:36:4b:6d:76:ce:86:b2:8b:fb:c5:
43:d4:b1:d5:6d:18:f5:7c:dc:e2:9f:8b:0d:6a:9f:
25:5b:56:e1:8b:00:df:b8:4e:b8:69:9c:38:36:cc:
67:27:09:99:66:bd:67:b9:a4:2e:b6:30:17:99:5e:
43:96:cf:37:2b:97:09:e8:6f:82:43:9b:92:89:03:
42:13:47:83:19:bd:cb:89:ad:bc:4d:38:c0:ca:b7:
69:5b:2c:a7:27:ba:7e:62:77:29:9d:1f:c2:75:9a:
cd:ca:9e:dc:2b:ab:5e:59:a0:2d:7b:ee:8f:d3:0b:
99:83:84:e0:8b:8e:d1:7a:cf:d2:18:4b:d4:99:d5:
70:8c:ca:af:ae:29:ec:ed:54:d2:1c:40:28:4c:4e:
3c:58:b7:74:98:8e:6f:d9:fe:52:f7:c2:e6:85:26:
c4:75:8d:71:5a:94:15:eb:a6:08:1a:fd:22:e6:c3:
6a:89:a0:d6:a1:93:84:aa:43:99:3a:03:c1:d0:33:
e6:2d:0c:8b:31:77:c7:98:44:73:21:0c:95:cb:26:
9f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:37:28:1C:D3:73:56:54:95:43:90:C6:E1:CE:85:0C:57:B5:86:78
X509v3 Authority Key Identifier:
keyid:69:85:4A:57:AB:0D:8A:3C:92:2C:8F:6A:79:AA:8F:E8:A6:A2:C0:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYVKV6sNijySLI9qeaqP6KaiwJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/1jcoHNNzVlSVQ5DG4c6FDFe1hng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/aYVKV6sNijySLI9qeaqP6KaiwJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.200.0-194.34.202.255
Signature Algorithm: sha256WithRSAEncryption
a4:51:dc:27:7a:93:f3:9b:15:3b:63:45:4d:81:b7:10:cf:76:
3d:96:81:69:52:b0:ce:6b:a5:1e:2b:01:9e:c0:05:2f:60:df:
b9:be:bb:fe:84:01:aa:4b:cd:06:ab:51:cd:f8:0c:98:fd:7b:
53:0c:20:17:bd:35:96:7a:05:2f:cd:72:a1:31:1e:87:ec:d7:
88:26:02:77:9e:66:2b:e7:3e:45:3d:0c:a1:8f:1a:14:53:94:
93:25:86:3c:c3:13:b6:83:6c:51:af:8e:52:32:c6:e3:7c:0d:
2c:3f:2f:ac:10:b9:16:0d:b5:be:5c:78:19:92:af:39:3b:32:
77:e7:9d:91:6b:22:24:ed:c9:bf:8d:07:2a:f0:34:5f:95:8d:
8d:21:40:46:e3:ec:ac:33:97:2d:03:a2:a2:ac:32:14:eb:4c:
46:fb:56:06:02:1e:69:d0:f0:c0:67:ee:b2:93:df:b2:d1:96:
84:32:32:66:7a:f5:ea:14:8a:e9:65:f1:4a:35:44:6a:63:24:
bf:7f:ea:77:d0:f6:85:56:34:af:8a:76:d6:fd:52:fd:cb:cc:
cd:f6:3e:3b:df:f6:57:88:5d:d4:16:7a:2c:5c:11:15:dd:ef:
14:76:8d:14:fa:3a:a9:3d:8d:d6:8c:42:02:d7:96:eb:7d:fe:
e4:9a:c0:78
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwAn5TRbZ1OApByTMU/kitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODU0YTU3YWIwZDhhM2M5MjJjOGY2YTc5YWE4ZmU4YTZh
MmMwOWUwHhcNMjMwMTAyMDEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjM3MjgxY2QzNzM1NjU0OTU0MzkwYzZlMWNlODUwYzU3YjU4Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnAMgfisrCOwyfkX5OOVrt512ohE
j/lVtTz+742dRg9vNDwUUjB6BctruKKts5ymHzZLbXbOhrKL+8VD1LHVbRj1fNzi
n4sNap8lW1bhiwDfuE64aZw4NsxnJwmZZr1nuaQutjAXmV5Dls83K5cJ6G+CQ5uS
iQNCE0eDGb3Lia28TTjAyrdpWyynJ7p+YncpnR/CdZrNyp7cK6teWaAte+6P0wuZ
g4Tgi47Res/SGEvUmdVwjMqvrins7VTSHEAoTE48WLd0mI5v2f5S98LmhSbEdY1x
WpQV66YIGv0i5sNqiaDWoZOEqkOZOgPB0DPmLQyLMXfHmERzIQyVyyaffQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNY3KBzTc1ZUlUOQxuHOhQxXtYZ4MB8GA1UdIwQY
MBaAFGmFSlerDYo8kiyPanmqj+imosCeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlWS1Y2c05panlTTEk5cWVhcVA2S2Fpd0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZjgxMDctZmMxNS00YzcxLTgxZDQt
NTIzOGIwMzU0NWNhLzEvMWpjb0hOTnpWbFNWUTVERzRjNkZERmUxaG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZjgxMDctZmMxNS00YzcxLTgxZDQtNTIzOGIwMzU0NWNh
LzEvYVlWS1Y2c05panlTTEk5cWVhcVA2S2Fpd0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPCIsgD
BADCIsowDQYJKoZIhvcNAQELBQADggEBAKRR3Cd6k/ObFTtjRU2BtxDPdj2WgWlS
sM5rpR4rAZ7ABS9g37m+u/6EAapLzQarUc34DJj9e1MMIBe9NZZ6BS/NcqExHofs
14gmAneeZivnPkU9DKGPGhRTlJMlhjzDE7aDbFGvjlIyxuN8DSw/L6wQuRYNtb5c
eBmSrzk7MnfnnZFrIiTtyb+NByrwNF+VjY0hQEbj7Kwzly0DoqKsMhTrTEb7VgYC
HmnQ8MBn7rKT37LRloQyMmZ69eoUiull8Uo1RGpjJL9/6nfQ9oVWNK+Kdtb9Uv3L
zM32Pjvf9leIXdQWeixcERXd7xR2jRT6Oqk9jdaMQgLXlut9/uSawHg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:44 2024 by rpki-client on console-ams.rpki-client.org