Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/I0ww3LWZ-kfVufMQsvJLqxYasM4.roa
File: I0ww3LWZ-kfVufMQsvJLqxYasM4.roa (raw, json)
Hash identifier: Q4RQR0MKuSpP0AqtmNuDiX2xV3FkNzlVR1xa2/G2O9M=
Subject key identifier: 23:4C:30:DC:B5:99:FA:47:D5:B9:F3:10:B2:F2:4B:AB:16:1A:B0:CE
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 01856FD53C1C7D489E88321B1942E023E926
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/I0ww3LWZ-kfVufMQsvJLqxYasM4.roa
Signing time: Mon 02 Jan 2023 00:15:23 +0000
ROA not before: Mon 02 Jan 2023 00:15:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207408
IP address blocks: 194.76.227.0/24 maxlen: 24
2a0b:7140:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:3c:1c:7d:48:9e:88:32:1b:19:42:e0:23:e9:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 00:15:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=234c30dcb599fa47d5b9f310b2f24bab161ab0ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3d:ab:e6:12:41:50:0e:19:52:3c:34:67:61:
c8:00:2d:76:0b:0f:86:c3:c9:9a:e9:fa:16:e5:1d:
ea:69:db:78:77:40:39:02:b6:cc:39:16:2a:c5:8b:
1c:2e:9d:d7:75:3c:cb:5e:a0:e7:93:93:ff:30:01:
ac:b8:3c:25:da:63:0f:d9:0e:4b:18:2c:a4:ac:10:
e2:f7:ca:5c:b0:ba:bf:11:00:de:78:d8:1c:0e:42:
bb:7d:af:23:90:da:42:de:e5:ec:3d:71:ca:d2:66:
a9:68:35:a4:fc:5f:54:b4:a7:f5:07:13:23:a4:fb:
84:a6:c8:bd:15:7e:c9:e7:5d:27:3a:07:9c:3c:7e:
88:82:03:1a:6d:42:2f:90:7e:16:1c:1d:fa:e0:63:
c1:c9:d2:c8:66:1e:ce:23:36:86:7c:3c:b7:42:5b:
db:9b:74:e5:83:b9:89:5b:57:27:5f:71:d9:91:3c:
83:74:87:09:14:56:49:2a:2d:30:ff:72:07:55:46:
82:35:cb:d8:3c:25:fb:b6:cf:bd:f8:2a:0c:76:06:
63:c9:b2:47:1f:45:35:17:6c:d5:39:5c:61:1b:a5:
fe:01:d4:02:5c:5a:d1:08:6c:b5:4a:c3:2f:af:ca:
7d:66:0e:8c:80:01:69:82:5f:15:39:a6:33:cc:1e:
8c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:4C:30:DC:B5:99:FA:47:D5:B9:F3:10:B2:F2:4B:AB:16:1A:B0:CE
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/I0ww3LWZ-kfVufMQsvJLqxYasM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.227.0/24
IPv6:
2a0b:7140:1::/48
Signature Algorithm: sha256WithRSAEncryption
48:41:31:31:25:44:4a:28:c0:b1:19:d6:36:bc:05:64:02:cf:
3e:65:09:85:cd:ec:34:0c:bb:29:32:b5:59:6a:18:01:54:9b:
7e:55:70:c1:27:d7:11:3d:da:64:a3:d6:92:c6:7c:ef:6e:5d:
21:70:c5:52:83:6e:c4:8e:bb:c4:3b:89:70:46:c2:77:ed:35:
0a:13:43:f4:ed:4b:64:ff:4c:01:31:7b:42:15:23:f1:4c:bc:
75:d7:1a:e6:6b:b5:14:6f:28:81:7f:bb:8e:b1:1b:ef:48:7c:
4a:90:07:6d:bd:3b:59:ca:e4:6e:90:1a:4f:c0:08:90:b1:1f:
86:1e:a1:5d:cc:6c:e6:f7:ff:ec:35:3b:17:8a:17:d3:f8:b7:
0d:6c:d4:6c:cb:f8:54:91:f1:62:a8:ce:f3:16:2f:71:6b:fa:
c0:ec:6e:40:c3:34:ae:92:b0:16:00:10:34:91:a9:6c:15:74:
5e:c1:7e:bf:d8:9e:d2:39:80:3a:e8:ef:c9:ef:f7:00:06:31:
f6:88:20:2a:6a:4d:86:10:4f:e3:4b:a9:ad:20:3d:4a:0a:44:
8c:d2:8c:0f:64:e2:b3:3a:12:db:dc:15:28:50:ee:15:7c:a2:
de:d0:42:43:20:b5:97:fb:96:07:24:15:6a:00:ad:3a:f4:a6:
4a:4e:c6:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv1TwcfUieiDIbGULgI+kmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwMTAyMDAxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzRjMzBkY2I1OTlmYTQ3ZDViOWYzMTBiMmYyNGJhYjE2MWFiMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD2r5hJBUA4ZUjw0Z2HIAC12Cw+G
w8ma6foW5R3qadt4d0A5ArbMORYqxYscLp3XdTzLXqDnk5P/MAGsuDwl2mMP2Q5L
GCykrBDi98pcsLq/EQDeeNgcDkK7fa8jkNpC3uXsPXHK0mapaDWk/F9UtKf1BxMj
pPuEpsi9FX7J510nOgecPH6IggMabUIvkH4WHB364GPBydLIZh7OIzaGfDy3Qlvb
m3Tlg7mJW1cnX3HZkTyDdIcJFFZJKi0w/3IHVUaCNcvYPCX7ts+9+CoMdgZjybJH
H0U1F2zVOVxhG6X+AdQCXFrRCGy1SsMvr8p9Zg6MgAFpgl8VOaYzzB6M6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCNMMNy1mfpH1bnzELLyS6sWGrDOMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvSTB3dzNMV1ota2ZWdWZNUXN2SkxxeFlhc000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwkzjMA8E
AgACMAkDBwAqC3FAAAEwDQYJKoZIhvcNAQELBQADggEBAEhBMTElREoowLEZ1ja8
BWQCzz5lCYXN7DQMuykytVlqGAFUm35VcMEn1xE92mSj1pLGfO9uXSFwxVKDbsSO
u8Q7iXBGwnftNQoTQ/TtS2T/TAExe0IVI/FMvHXXGuZrtRRvKIF/u46xG+9IfEqQ
B229O1nK5G6QGk/ACJCxH4YeoV3MbOb3/+w1OxeKF9P4tw1s1GzL+FSR8WKozvMW
L3Fr+sDsbkDDNK6SsBYAEDSRqWwVdF7Bfr/YntI5gDro78nv9wAGMfaIICpqTYYQ
T+NLqa0gPUoKRIzSjA9k4rM6EtvcFShQ7hV8ot7QQkMgtZf7lgckFWoArTr0pkpO
xgo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org