Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/1197f2-7f8e-48e4-bda9-f5bb2b2d63be/1/7MSFcIQnesvgL5BN2jz8StOKv9c.roa
File: 7MSFcIQnesvgL5BN2jz8StOKv9c.roa (raw, json)
Hash identifier: FXdKatrR8FxfMdlrMo0u7C1IbwoGL2w7FYmmcS6cNBA=
Subject key identifier: EC:C4:85:70:84:27:7A:CB:E0:2F:90:4D:DA:3C:FC:4A:D3:8A:BF:D7
Certificate issuer: /CN=8a2e2ee3be7d7525ed74b7aae07e92aecaf84936
Certificate serial: 018F85FA005714CE67807212C57374A7BC20
Authority key identifier: 8A:2E:2E:E3:BE:7D:75:25:ED:74:B7:AA:E0:7E:92:AE:CA:F8:49:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ii4u4759dSXtdLeq4H6Srsr4STY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/1197f2-7f8e-48e4-bda9-f5bb2b2d63be/1/7MSFcIQnesvgL5BN2jz8StOKv9c.roa
Signing time: Fri 17 May 2024 09:55:04 +0000
ROA not before: Fri 17 May 2024 09:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5089
IP address blocks: 194.169.100.0/24 maxlen: 24
194.169.116.0/24 maxlen: 24
194.169.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 14:53:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:85:fa:00:57:14:ce:67:80:72:12:c5:73:74:a7:bc:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a2e2ee3be7d7525ed74b7aae07e92aecaf84936
Validity
Not Before: May 17 09:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecc4857084277acbe02f904dda3cfc4ad38abfd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e8:86:c6:91:6a:74:51:69:b9:f1:45:38:fd:
6b:c7:1b:47:fc:94:bf:5f:e6:2a:e9:0b:f7:be:2a:
75:d4:a1:03:39:07:56:20:91:d6:96:6d:7c:08:1d:
a0:87:3b:5d:1b:1b:74:a0:a8:30:98:4f:b3:35:cb:
80:05:36:b1:de:1a:98:47:44:e0:4b:b1:97:94:fa:
cd:00:ed:5a:c6:18:38:af:f5:99:b6:45:6c:ce:d1:
74:0b:0f:2f:1b:80:1b:b2:c6:d7:cd:bd:dd:23:3f:
3e:0b:23:83:b3:03:b9:0e:08:93:f1:d3:62:cf:a0:
f8:b0:f4:b3:d0:46:b5:dc:b2:eb:d5:92:d9:44:06:
e9:cc:87:35:de:8b:7b:95:5b:70:36:93:f9:6d:fa:
a3:eb:31:53:39:7c:82:8f:09:c8:66:d3:f2:65:b5:
a5:81:60:8e:7e:8e:4f:df:dc:cb:0f:df:cc:52:b3:
2f:0b:71:65:05:70:7b:ae:0b:24:d6:e3:99:c6:51:
1b:d5:7b:c3:0f:00:01:d7:ed:38:fe:dd:3b:8a:e0:
92:55:fe:40:18:ab:d1:25:76:8d:5a:17:63:59:03:
fa:29:1e:08:4a:43:18:ed:f7:82:cd:40:14:ef:d2:
ef:68:ed:5f:a1:7b:8d:be:fc:04:c1:09:67:66:83:
a9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C4:85:70:84:27:7A:CB:E0:2F:90:4D:DA:3C:FC:4A:D3:8A:BF:D7
X509v3 Authority Key Identifier:
keyid:8A:2E:2E:E3:BE:7D:75:25:ED:74:B7:AA:E0:7E:92:AE:CA:F8:49:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ii4u4759dSXtdLeq4H6Srsr4STY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/1197f2-7f8e-48e4-bda9-f5bb2b2d63be/1/7MSFcIQnesvgL5BN2jz8StOKv9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/1197f2-7f8e-48e4-bda9-f5bb2b2d63be/1/ii4u4759dSXtdLeq4H6Srsr4STY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.100.0/24
194.169.116.0/23
Signature Algorithm: sha256WithRSAEncryption
08:48:4e:a0:8c:a6:23:ae:af:46:97:86:4f:0a:50:1e:c3:b2:
fe:c2:6e:92:fc:65:14:47:23:87:7e:3a:b9:47:a2:50:bf:cd:
6e:a8:13:fc:3c:45:73:28:e3:35:79:35:c2:fb:5f:42:a9:d6:
41:e7:8d:47:54:e2:9b:cd:7b:ce:3f:66:7f:e5:09:17:f1:fe:
7f:bb:a6:48:06:bd:00:af:2d:fc:04:d8:32:b5:fe:ea:3e:0d:
b9:b6:33:f0:93:d9:61:ab:55:1b:69:8a:af:6a:8e:5c:0f:67:
8b:0f:78:4b:1d:05:e9:c9:8b:bb:a9:75:22:bc:c2:f2:02:4d:
9c:32:4a:ae:42:b6:49:1e:fa:1b:69:85:a9:7f:1f:11:8a:bb:
f7:5f:13:9d:fa:57:33:27:eb:10:36:ac:58:08:dd:de:b0:3b:
67:6e:08:16:88:bb:ed:cd:20:01:1e:b3:90:18:83:69:1d:77:
05:cf:dd:a9:50:e3:36:37:17:b0:0e:e2:ef:96:b1:b4:aa:41:
2b:f8:38:4f:e7:39:dd:7b:0e:7f:4c:24:0a:0f:55:e6:64:1e:
3b:f2:5c:16:a2:82:78:bf:e5:f1:12:77:85:69:2f:42:d9:c8:
de:c3:ae:c4:00:4e:8e:c5:38:b1:c9:c6:a2:7f:19:90:d4:f1:
9f:9e:bb:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+F+gBXFM5ngHISxXN0p7wgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMmUyZWUzYmU3ZDc1MjVlZDc0YjdhYWUwN2U5MmFlY2Fm
ODQ5MzYwHhcNMjQwNTE3MDk1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2M0ODU3MDg0Mjc3YWNiZTAyZjkwNGRkYTNjZmM0YWQzOGFiZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+iGxpFqdFFpufFFOP1rxxtH/JS/
X+Yq6Qv3vip11KEDOQdWIJHWlm18CB2ghztdGxt0oKgwmE+zNcuABTax3hqYR0Tg
S7GXlPrNAO1axhg4r/WZtkVsztF0Cw8vG4AbssbXzb3dIz8+CyODswO5DgiT8dNi
z6D4sPSz0Ea13LLr1ZLZRAbpzIc13ot7lVtwNpP5bfqj6zFTOXyCjwnIZtPyZbWl
gWCOfo5P39zLD9/MUrMvC3FlBXB7rgsk1uOZxlEb1XvDDwAB1+04/t07iuCSVf5A
GKvRJXaNWhdjWQP6KR4ISkMY7feCzUAU79LvaO1foXuNvvwEwQlnZoOp+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOzEhXCEJ3rL4C+QTdo8/ErTir/XMB8GA1UdIwQY
MBaAFIouLuO+fXUl7XS3quB+kq7K+Ek2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWk0dTQ3NTlkU1h0ZExlcTRINlNyc3I0U1RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xMTk3ZjItN2Y4ZS00OGU0LWJkYTkt
ZjViYjJiMmQ2M2JlLzEvN01TRmNJUW5lc3ZnTDVCTjJqejhTdE9LdjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xMTk3ZjItN2Y4ZS00OGU0LWJkYTktZjViYjJiMmQ2M2Jl
LzEvaWk0dTQ3NTlkU1h0ZExlcTRINlNyc3I0U1RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwqlkAwQB
wql0MA0GCSqGSIb3DQEBCwUAA4IBAQAISE6gjKYjrq9Gl4ZPClAew7L+wm6S/GUU
RyOHfjq5R6JQv81uqBP8PEVzKOM1eTXC+19CqdZB541HVOKbzXvOP2Z/5QkX8f5/
u6ZIBr0Ary38BNgytf7qPg25tjPwk9lhq1UbaYqvao5cD2eLD3hLHQXpyYu7qXUi
vMLyAk2cMkquQrZJHvobaYWpfx8Rirv3XxOd+lczJ+sQNqxYCN3esDtnbggWiLvt
zSABHrOQGINpHXcFz92pUOM2NxewDuLvlrG0qkEr+DhP5zndew5/TCQKD1XmZB47
8lwWooJ4v+XxEneFaS9C2cjew67EAE6OxTixycaifxmQ1PGfnrsr
-----END CERTIFICATE-----
Generated at Tue Sep 3 17:39:36 2024 by rpki-client on console-ams.rpki-client.org