Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/lSohJx_4BKtAVPIBpKrEyK1KEcQ.roa
File: lSohJx_4BKtAVPIBpKrEyK1KEcQ.roa (raw, json)
Hash identifier: PgurgZuBWnly1nUTlf3FR7XaQXEA+/fnOCWyY/hC3j4=
Subject key identifier: 95:2A:21:27:1F:F8:04:AB:40:54:F2:01:A4:AA:C4:C8:AD:4A:11:C4
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0185C8BA7106B06E707A12EE2220D532242B
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/lSohJx_4BKtAVPIBpKrEyK1KEcQ.roa
Signing time: Thu 19 Jan 2023 06:32:19 +0000
ROA not before: Thu 19 Jan 2023 06:32:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60490
IP address blocks: 194.150.89.0/24 maxlen: 24
194.150.90.0/24 maxlen: 24
194.150.88.0/24 maxlen: 24
194.150.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c8:ba:71:06:b0:6e:70:7a:12:ee:22:20:d5:32:24:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 19 06:32:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=952a21271ff804ab4054f201a4aac4c8ad4a11c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f7:9d:42:67:a2:ba:b1:c2:55:bf:42:1c:62:
a2:c4:3f:d7:0a:bb:e3:63:28:6c:6e:e0:d0:c7:15:
43:23:5d:15:17:4e:71:01:83:b4:f5:e7:75:8b:06:
7f:ca:fa:6b:3b:0d:4f:a2:ce:fd:72:b2:85:57:1a:
03:c2:af:37:27:5b:b0:f2:d4:ce:60:3b:bc:c5:92:
6a:8b:5c:02:d9:d0:55:4e:3f:37:8a:a2:4c:ce:00:
5a:6e:ef:be:c2:ac:af:fa:48:77:d1:d0:80:9f:a6:
f2:be:21:83:4d:b5:e2:76:6c:ad:fd:69:15:ba:2f:
b0:ab:b4:99:c8:5f:69:c0:05:02:e1:a7:bb:82:06:
6b:c8:79:05:29:4b:bf:e6:40:fb:ef:16:ae:d6:74:
9d:08:e9:77:14:b4:ae:aa:82:d0:5f:2c:77:e3:e2:
ad:80:eb:0a:5d:68:7c:c2:16:d5:c1:9b:7e:c1:0a:
55:f0:b8:44:f1:a9:4f:2d:96:f8:d9:f5:13:da:d4:
50:4d:1e:2e:57:5c:a3:f7:e5:27:c2:80:02:20:4f:
b7:65:c6:b0:43:bd:bf:49:12:f8:c8:fa:9c:ce:08:
65:c1:4f:30:22:d6:62:77:b3:32:00:93:22:5b:b4:
02:52:d1:00:9a:2f:ad:6e:78:51:72:f0:f4:7f:48:
96:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2A:21:27:1F:F8:04:AB:40:54:F2:01:A4:AA:C4:C8:AD:4A:11:C4
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/lSohJx_4BKtAVPIBpKrEyK1KEcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.88.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:29:25:21:dd:d8:bd:dd:b4:35:8e:97:84:8e:82:80:c8:12:
1d:83:10:cc:6b:0d:41:2d:90:93:0a:e1:0e:d9:44:24:f3:90:
c3:21:61:47:cf:a4:c8:e3:8f:19:8b:27:82:71:b0:8a:35:98:
21:44:d6:78:d6:96:69:3c:07:c6:ed:f3:08:20:25:80:ee:fa:
7a:ce:c1:22:c1:d9:79:46:e0:a5:8e:af:04:1d:1e:f8:45:56:
ae:2b:e5:1a:3f:1d:cd:07:8d:02:d0:1d:59:9f:fd:e4:d3:0e:
ce:92:37:ec:f5:de:75:f6:c8:a9:a9:d0:2b:4b:69:a4:e1:d2:
39:61:53:6a:b1:c0:d4:c4:eb:7f:22:73:ad:86:4f:cf:26:11:
cc:c8:dd:0f:bd:5f:2a:e6:78:bc:90:72:a1:c9:92:de:4e:88:
68:7c:fa:4f:2d:d8:4c:14:8e:3e:07:4a:bb:49:86:c4:ef:75:
2a:5e:4b:4d:e6:2a:a4:fc:fe:94:c7:28:0d:16:59:9c:13:01:
c7:50:f0:76:ac:c0:7a:59:20:8a:6b:84:6a:24:df:f0:60:56:
4f:14:b3:aa:d8:7b:97:2f:4c:9a:0a:f1:59:fd:04:3b:68:cd:
53:65:79:3a:45:a7:10:35:b5:50:c1:b7:34:21:81:97:2a:38:
1a:74:09:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXIunEGsG5wehLuIiDVMiQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMwMTE5MDYzMjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTJhMjEyNzFmZjgwNGFiNDA1NGYyMDFhNGFhYzRjOGFkNGExMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvedQmeiurHCVb9CHGKixD/XCrvj
YyhsbuDQxxVDI10VF05xAYO09ed1iwZ/yvprOw1Pos79crKFVxoDwq83J1uw8tTO
YDu8xZJqi1wC2dBVTj83iqJMzgBabu++wqyv+kh30dCAn6byviGDTbXidmyt/WkV
ui+wq7SZyF9pwAUC4ae7ggZryHkFKUu/5kD77xau1nSdCOl3FLSuqoLQXyx34+Kt
gOsKXWh8whbVwZt+wQpV8LhE8alPLZb42fUT2tRQTR4uV1yj9+UnwoACIE+3Zcaw
Q72/SRL4yPqczghlwU8wItZid7MyAJMiW7QCUtEAmi+tbnhRcvD0f0iWsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUqIScf+ASrQFTyAaSqxMitShHEMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvbFNvaEp4XzRCS3RBVlBJQnBLckV5SzFLRWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpZYMA0G
CSqGSIb3DQEBCwUAA4IBAQCNKSUh3di93bQ1jpeEjoKAyBIdgxDMaw1BLZCTCuEO
2UQk85DDIWFHz6TI448ZiyeCcbCKNZghRNZ41pZpPAfG7fMIICWA7vp6zsEiwdl5
RuCljq8EHR74RVauK+UaPx3NB40C0B1Zn/3k0w7Okjfs9d519sipqdArS2mk4dI5
YVNqscDUxOt/InOthk/PJhHMyN0PvV8q5ni8kHKhyZLeTohofPpPLdhMFI4+B0q7
SYbE73UqXktN5iqk/P6UxygNFlmcEwHHUPB2rMB6WSCKa4RqJN/wYFZPFLOq2HuX
L0yaCvFZ/QQ7aM1TZXk6RacQNbVQwbc0IYGXKjgadAn2
-----END CERTIFICATE-----
Generated at Tue Dec 5 16:45:23 2023 by rpki-client on console-fra.rpki-client.org