Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/1-Oz3Ko2qrFwnuE8W102_vTpZFl4.roa
File: 1-Oz3Ko2qrFwnuE8W102_vTpZFl4.roa (raw, json)
Hash identifier: blnzRsSJR9NU1ovkk+QgY3Cy/dwBVTq+0FQzpkuhla0=
Subject key identifier: F8:EC:F7:2A:8D:AA:AC:5C:27:B8:4F:16:D7:4D:BF:BD:3A:59:16:5E
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01856ED4A504FD815FBFFE07E609B86C7518
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/1-Oz3Ko2qrFwnuE8W102_vTpZFl4.roa
Signing time: Sun 01 Jan 2023 19:35:07 +0000
ROA not before: Sun 01 Jan 2023 19:35:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14576
IP address blocks: 194.110.150.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:a5:04:fd:81:5f:bf:fe:07:e6:09:b8:6c:75:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 1 19:35:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8ecf72a8daaac5c27b84f16d74dbfbd3a59165e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5b:12:2f:ac:3c:80:3d:38:c1:4e:1e:aa:77:
0f:c2:a0:00:2c:2e:a2:1e:95:c9:3c:11:36:86:d4:
0e:e5:2a:5a:86:e8:86:fc:11:db:fe:bd:26:a0:b7:
cc:1d:90:ad:1c:a5:f3:c5:d4:9c:dc:27:89:a2:36:
b4:ca:3d:cd:33:d7:17:77:7c:ca:db:61:8b:48:ee:
86:3a:9c:d0:77:7c:3e:14:83:68:c4:70:23:73:b3:
fe:cc:17:2b:fa:d5:6f:18:81:f2:dd:6e:f8:62:ef:
64:ae:ec:c5:e1:7b:69:09:bc:88:b3:2f:f0:d1:3d:
3b:f9:57:a6:71:df:b9:d3:7e:40:98:c3:4a:0e:4a:
4b:a0:75:bd:ea:c6:6f:d8:54:86:67:67:36:7c:1d:
ea:11:d2:6d:3c:c9:e1:bd:9d:52:2f:81:f9:0e:6f:
2f:0f:c0:2b:ab:25:57:8a:1c:1d:6d:c4:68:fe:df:
47:1c:69:6e:bd:1a:16:bc:bc:17:04:22:24:87:12:
19:1b:e5:5c:02:a2:cc:08:b0:b6:4a:c9:ac:ca:05:
7b:cb:53:70:a2:4b:1a:20:1f:74:28:61:b2:01:f1:
34:50:ca:bd:d5:02:1c:25:b6:af:5f:e6:44:d4:a0:
81:49:7e:4d:49:1c:f8:b1:d7:2e:d6:01:b8:f6:4f:
10:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EC:F7:2A:8D:AA:AC:5C:27:B8:4F:16:D7:4D:BF:BD:3A:59:16:5E
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/1-Oz3Ko2qrFwnuE8W102_vTpZFl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.150.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:49:9a:a8:3d:77:15:be:e3:f9:98:1b:34:05:7e:c8:a0:ca:
bf:44:ee:21:48:e2:c3:52:9b:c1:19:bd:af:ad:71:e0:e7:8a:
c8:92:f7:4c:ae:7e:57:f2:fc:e3:6c:b8:73:8f:93:94:fb:02:
ed:c5:ca:89:48:47:1c:8d:af:f3:8d:95:8e:92:3e:50:12:64:
4e:32:fc:9c:a7:d4:11:40:76:a7:68:60:6f:73:c2:9b:a0:56:
e3:e0:c9:a9:41:a8:22:53:88:d3:29:1f:bf:0a:0d:3e:85:43:
30:e3:8c:00:5b:10:bb:32:63:47:4f:00:88:8c:d8:e1:b8:3f:
98:46:80:02:b0:cc:55:16:76:79:2e:a7:42:d9:b2:ef:b8:c1:
9b:2d:84:72:af:05:5f:8a:29:b0:67:00:97:3a:df:f0:d5:04:
c4:e1:77:dd:24:b3:81:4f:c4:96:5c:42:4f:d7:07:1c:16:a8:
9a:33:3e:fc:31:23:9b:f7:7c:73:6b:d7:04:34:b0:41:7e:1d:
59:61:dd:a3:70:45:a1:b7:9e:36:a0:a4:53:65:f0:8f:9a:40:
8c:1c:97:aa:67:78:90:c3:02:c6:33:63:3a:30:30:e0:78:ee:
70:5a:55:08:b1:ca:9a:5e:c9:0d:26:76:8e:da:fa:db:a8:74:
29:a2:9f:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVu1KUE/YFfv/4H5gm4bHUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMTAxMTkzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGVjZjcyYThkYWFhYzVjMjdiODRmMTZkNzRkYmZiZDNhNTkxNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FsSL6w8gD04wU4eqncPwqAALC6i
HpXJPBE2htQO5SpahuiG/BHb/r0moLfMHZCtHKXzxdSc3CeJoja0yj3NM9cXd3zK
22GLSO6GOpzQd3w+FINoxHAjc7P+zBcr+tVvGIHy3W74Yu9kruzF4XtpCbyIsy/w
0T07+Vemcd+5035AmMNKDkpLoHW96sZv2FSGZ2c2fB3qEdJtPMnhvZ1SL4H5Dm8v
D8ArqyVXihwdbcRo/t9HHGluvRoWvLwXBCIkhxIZG+VcAqLMCLC2SsmsygV7y1Nw
oksaIB90KGGyAfE0UMq91QIcJbavX+ZE1KCBSX5NSRz4sdcu1gG49k8QJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjs9yqNqqxcJ7hPFtdNv706WRZeMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvMS1PejNLbzJxckZ3bnVFOFcxMDJfdlRwWkZsNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzgvM2YyNDliLWU4MzYtNDFiNC05YTNhLTk5NDgwNmYwODFm
MC8xLzRzSzROUHZKR3ZEc2F4MDBfV1FGVFNKcG9mMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJuljAN
BgkqhkiG9w0BAQsFAAOCAQEAXEmaqD13Fb7j+ZgbNAV+yKDKv0TuIUjiw1KbwRm9
r61x4OeKyJL3TK5+V/L842y4c4+TlPsC7cXKiUhHHI2v842VjpI+UBJkTjL8nKfU
EUB2p2hgb3PCm6BW4+DJqUGoIlOI0ykfvwoNPoVDMOOMAFsQuzJjR08AiIzY4bg/
mEaAArDMVRZ2eS6nQtmy77jBmy2Ecq8FX4opsGcAlzrf8NUExOF33SSzgU/EllxC
T9cHHBaomjM+/DEjm/d8c2vXBDSwQX4dWWHdo3BFobeeNqCkU2Xwj5pAjByXqmd4
kMMCxjNjOjAw4HjucFpVCLHKml7JDSZ2jtr626h0KaKfLA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:24 2023 by rpki-client on console-ams.rpki-client.org