Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/rg4CqNIkWpOoaEFp17kXJWZxxQc.roa
File: rg4CqNIkWpOoaEFp17kXJWZxxQc.roa (raw, json)
Hash identifier: NPlYUy6JSOh388rsY0yjzmszI50XzcuoINkotZ5z8Uo=
Subject key identifier: AE:0E:02:A8:D2:24:5A:93:A8:68:41:69:D7:B9:17:25:66:71:C5:07
Certificate issuer: /CN=14fb7c3336acd4189d3fac639a280d9b0020f298
Certificate serial: 01856FC293403061B090423A3AA149E310DD
Authority key identifier: 14:FB:7C:33:36:AC:D4:18:9D:3F:AC:63:9A:28:0D:9B:00:20:F2:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FPt8Mzas1BidP6xjmigNmwAg8pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/rg4CqNIkWpOoaEFp17kXJWZxxQc.roa
Signing time: Sun 01 Jan 2023 23:55:00 +0000
ROA not before: Sun 01 Jan 2023 23:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.90.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:93:40:30:61:b0:90:42:3a:3a:a1:49:e3:10:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14fb7c3336acd4189d3fac639a280d9b0020f298
Validity
Not Before: Jan 1 23:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae0e02a8d2245a93a8684169d7b917256671c507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bc:0b:6d:da:87:a0:94:2f:76:4f:a1:a6:bc:
b9:c8:af:3d:4c:f0:fb:90:41:e1:38:ce:49:65:62:
68:28:fc:5d:5c:b1:1f:37:ab:22:1f:e3:ac:02:d1:
c5:1b:f7:e8:56:39:ee:db:84:4f:11:66:56:46:0a:
67:8d:de:fe:ba:e6:75:6b:17:c5:ee:a3:71:48:1f:
31:eb:4d:56:eb:00:5f:83:6f:f3:2d:c2:c4:b3:17:
95:89:92:8d:95:71:82:c1:42:26:16:f8:87:fd:26:
90:d6:cb:4c:c2:36:3f:1c:35:8c:06:c8:87:c8:74:
85:1c:06:0e:2d:80:98:ec:67:d2:f5:cb:0b:52:0b:
5d:cf:28:15:86:43:cb:97:c4:e6:f9:63:9f:3a:47:
6d:f0:11:f9:91:a7:f8:9a:2f:c9:d8:fc:a4:51:6f:
af:93:ac:39:64:73:18:5a:56:b0:10:d7:d6:ca:2b:
13:b1:22:19:bc:cf:4e:fb:0f:91:44:78:c8:4b:47:
60:10:83:20:60:63:4e:44:78:44:ad:5a:5c:4a:92:
78:1c:cf:ad:0a:86:72:8e:2e:b1:35:fd:c8:7f:bd:
19:49:91:00:5e:53:e5:5e:10:73:a3:5a:36:12:92:
ea:0a:f0:25:50:38:3f:91:6d:6b:40:1d:6a:da:23:
55:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:0E:02:A8:D2:24:5A:93:A8:68:41:69:D7:B9:17:25:66:71:C5:07
X509v3 Authority Key Identifier:
keyid:14:FB:7C:33:36:AC:D4:18:9D:3F:AC:63:9A:28:0D:9B:00:20:F2:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FPt8Mzas1BidP6xjmigNmwAg8pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/rg4CqNIkWpOoaEFp17kXJWZxxQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/FPt8Mzas1BidP6xjmigNmwAg8pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.119.0/24
Signature Algorithm: sha256WithRSAEncryption
50:f8:03:99:55:f7:d3:6f:bd:83:5e:32:9f:ff:02:2a:d5:61:
00:a7:4c:7b:bf:ca:8b:93:db:df:f6:21:26:64:49:cc:a7:3e:
21:de:5c:8b:4f:9b:ba:dd:7b:55:d1:4e:c1:ed:e3:3d:90:a4:
62:33:a1:7a:24:11:a9:8f:5f:92:7b:e2:5c:87:4b:b6:06:25:
93:cf:a2:21:7f:c5:9a:0c:c8:3a:04:a5:ad:97:9a:4d:ce:9f:
e1:46:f4:92:26:fc:26:c4:b5:31:30:27:06:ae:0b:be:a7:70:
ae:cd:97:12:77:28:a3:f8:3f:33:00:9b:70:8a:a8:a8:22:fc:
e4:c3:66:75:97:74:be:52:a5:f7:7e:e8:ab:55:f7:c5:2a:f4:
ec:35:0c:27:12:90:d4:14:de:8f:a7:a0:88:ac:61:2f:db:1c:
86:00:3c:f6:fd:10:94:65:e8:74:d0:09:9b:7d:d1:ac:cb:d8:
81:a3:a3:74:d6:3a:f4:8e:ec:af:4b:f6:a6:0d:d7:f1:97:6c:
58:cc:0f:38:c4:1e:cf:9e:f1:45:35:5d:0a:75:8d:d1:71:f1:
59:38:82:96:7d:3a:8c:3f:49:03:0c:e3:fa:d6:ed:a8:4d:d8:
61:5b:a5:bd:ed:cc:98:f1:98:26:d7:b1:42:e6:85:43:c8:95:
ad:69:09:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwpNAMGGwkEI6OqFJ4xDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZmI3YzMzMzZhY2Q0MTg5ZDNmYWM2MzlhMjgwZDliMDAy
MGYyOTgwHhcNMjMwMTAxMjM1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBlMDJhOGQyMjQ1YTkzYTg2ODQxNjlkN2I5MTcyNTY2NzFjNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrwLbdqHoJQvdk+hpry5yK89TPD7
kEHhOM5JZWJoKPxdXLEfN6siH+OsAtHFG/foVjnu24RPEWZWRgpnjd7+uuZ1axfF
7qNxSB8x601W6wBfg2/zLcLEsxeViZKNlXGCwUImFviH/SaQ1stMwjY/HDWMBsiH
yHSFHAYOLYCY7GfS9csLUgtdzygVhkPLl8Tm+WOfOkdt8BH5kaf4mi/J2PykUW+v
k6w5ZHMYWlawENfWyisTsSIZvM9O+w+RRHjIS0dgEIMgYGNORHhErVpcSpJ4HM+t
CoZyji6xNf3If70ZSZEAXlPlXhBzo1o2EpLqCvAlUDg/kW1rQB1q2iNVtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4OAqjSJFqTqGhBade5FyVmccUHMB8GA1UdIwQY
MBaAFBT7fDM2rNQYnT+sY5ooDZsAIPKYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlB0OE16YXMxQmlkUDZ4am1pZ05td0FnOHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NGRmOGUtNGIwNC00MjIzLTg0Njct
OTkzOWRmMWQwZDA5LzEvcmc0Q3FOSWtXcE9vYUVGcDE3a1hKV1p4eFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NGRmOGUtNGIwNC00MjIzLTg0NjctOTkzOWRmMWQwZDA5
LzEvRlB0OE16YXMxQmlkUDZ4am1pZ05td0FnOHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVp3MA0G
CSqGSIb3DQEBCwUAA4IBAQBQ+AOZVffTb72DXjKf/wIq1WEAp0x7v8qLk9vf9iEm
ZEnMpz4h3lyLT5u63XtV0U7B7eM9kKRiM6F6JBGpj1+Se+Jch0u2BiWTz6Ihf8Wa
DMg6BKWtl5pNzp/hRvSSJvwmxLUxMCcGrgu+p3CuzZcSdyij+D8zAJtwiqioIvzk
w2Z1l3S+UqX3fuirVffFKvTsNQwnEpDUFN6Pp6CIrGEv2xyGADz2/RCUZeh00Amb
fdGsy9iBo6N01jr0juyvS/amDdfxl2xYzA84xB7PnvFFNV0KdY3RcfFZOIKWfTqM
P0kDDOP61u2oTdhhW6W97cyY8Zgm17FC5oVDyJWtaQmU
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:31 2024 by rpki-client on console-fra.rpki-client.org