Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/r9q68d-bgtttF8itCIBt4zRANW4.roa
File: r9q68d-bgtttF8itCIBt4zRANW4.roa (raw, json)
Hash identifier: 0CaGCIF3grKCYh1VzrDdNYIDVyK2xLmueIrZ9T3rZRc=
Subject key identifier: AF:DA:BA:F1:DF:9B:82:DB:6D:17:C8:AD:08:80:6D:E3:34:40:35:6E
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018CC8DF96A5628408A4A33D9B28B33E1FD1
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/r9q68d-bgtttF8itCIBt4zRANW4.roa
Signing time: Tue 02 Jan 2024 06:32:25 +0000
ROA not before: Tue 02 Jan 2024 06:32:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207408
IP address blocks: 194.76.227.0/24 maxlen: 24
2a0b:7140:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 08:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:96:a5:62:84:08:a4:a3:3d:9b:28:b3:3e:1f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 06:32:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afdabaf1df9b82db6d17c8ad08806de33440356e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:52:76:0b:fb:eb:7c:7e:06:64:86:5a:4e:e6:
bb:cf:26:80:d6:f2:0b:f6:2c:58:01:d6:eb:6a:35:
db:f3:bd:d9:ec:06:7a:76:cd:93:7e:de:91:8f:70:
c7:e3:c1:c7:ab:d1:36:2f:df:e9:3b:fe:8e:cb:d2:
57:12:9e:2c:aa:25:6b:a7:97:4e:56:ee:af:f8:4b:
49:ed:b4:e9:37:5e:39:1a:b9:8c:24:96:5b:c4:a0:
f8:00:c6:df:3b:d6:a3:e8:21:c7:99:3c:f0:83:d6:
f7:5d:5a:71:25:53:9b:2c:03:d7:d5:c5:53:85:94:
05:d5:ac:47:ad:58:38:fa:b9:34:22:bb:0c:46:87:
bc:08:28:42:98:b9:04:2e:9f:c9:5d:53:fc:d1:9b:
47:22:37:79:a4:12:f4:47:51:bb:07:19:1d:1f:76:
e2:ed:67:ba:41:4e:31:82:ea:4c:ea:2b:4e:9f:0b:
51:9b:36:76:89:e7:f3:6f:9b:d5:2d:c9:ac:ff:88:
3c:97:ab:88:b5:0f:a3:15:bb:32:c0:3f:62:a8:a3:
6c:12:6a:d2:5c:5e:77:fd:60:14:a4:b3:f6:b8:43:
58:63:37:2c:bc:98:e1:07:3c:7b:b5:82:65:bb:9e:
fa:e5:2f:e3:51:71:c1:e8:da:d5:88:4f:2b:3e:55:
83:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:DA:BA:F1:DF:9B:82:DB:6D:17:C8:AD:08:80:6D:E3:34:40:35:6E
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/r9q68d-bgtttF8itCIBt4zRANW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.227.0/24
IPv6:
2a0b:7140:1::/48
Signature Algorithm: sha256WithRSAEncryption
67:93:4d:c8:8b:cc:68:02:93:04:78:e2:c2:46:8d:78:8c:92:
f3:0e:9a:fd:9d:75:57:89:da:18:e2:69:6f:26:4f:3a:12:6e:
71:d9:26:dd:a6:c0:93:9d:f6:59:77:1b:84:73:6c:1f:8e:ae:
1b:72:7a:b7:b9:36:79:f2:9f:94:f2:3a:44:7c:ab:58:83:ef:
92:d7:92:6e:13:0f:fb:57:f5:0f:e5:c1:e6:c5:8c:86:bd:90:
0e:fa:12:8c:90:c2:f6:3f:ec:54:3e:c5:ca:62:e5:61:9b:d2:
c5:01:a4:e7:60:1b:e2:3a:4a:be:76:46:95:cf:d7:12:4f:9b:
47:6b:2b:10:bf:02:ce:93:10:85:b5:22:a9:7b:f0:80:95:bc:
2c:94:21:35:7a:6a:9f:b5:ba:b5:5d:05:52:c9:3a:d0:85:d9:
07:36:cb:b6:65:4c:02:79:55:94:77:39:09:45:29:9f:2b:f3:
62:7c:51:7d:46:b9:02:24:5c:0d:82:d9:87:f4:ba:2a:f0:3a:
84:35:04:65:7f:72:d5:32:a9:d5:e5:33:5b:a7:87:4c:7e:1f:
8e:32:44:3a:7a:43:7c:6e:da:f2:cd:d6:ff:ef:63:b6:15:e3:
a2:03:2b:3b:a8:bb:07:c9:94:fe:cd:92:fa:39:7e:6a:8b:b4:
84:e3:98:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI35alYoQIpKM9myizPh/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjQwMTAyMDYzMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmRhYmFmMWRmOWI4MmRiNmQxN2M4YWQwODgwNmRlMzM0NDAzNTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFJ2C/vrfH4GZIZaTua7zyaA1vIL
9ixYAdbrajXb873Z7AZ6ds2Tft6Rj3DH48HHq9E2L9/pO/6Oy9JXEp4sqiVrp5dO
Vu6v+EtJ7bTpN145GrmMJJZbxKD4AMbfO9aj6CHHmTzwg9b3XVpxJVObLAPX1cVT
hZQF1axHrVg4+rk0IrsMRoe8CChCmLkELp/JXVP80ZtHIjd5pBL0R1G7BxkdH3bi
7We6QU4xgupM6itOnwtRmzZ2iefzb5vVLcms/4g8l6uItQ+jFbsywD9iqKNsEmrS
XF53/WAUpLP2uENYYzcsvJjhBzx7tYJlu5765S/jUXHB6NrViE8rPlWDfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK/auvHfm4LbbRfIrQiAbeM0QDVuMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvcjlxNjhkLWJndHR0RjhpdENJQnQ0elJBTlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwkzjMA8E
AgACMAkDBwAqC3FAAAEwDQYJKoZIhvcNAQELBQADggEBAGeTTciLzGgCkwR44sJG
jXiMkvMOmv2ddVeJ2hjiaW8mTzoSbnHZJt2mwJOd9ll3G4RzbB+Orhtyere5Nnny
n5TyOkR8q1iD75LXkm4TD/tX9Q/lwebFjIa9kA76EoyQwvY/7FQ+xcpi5WGb0sUB
pOdgG+I6Sr52RpXP1xJPm0drKxC/As6TEIW1Iql78ICVvCyUITV6ap+1urVdBVLJ
OtCF2Qc2y7ZlTAJ5VZR3OQlFKZ8r82J8UX1GuQIkXA2C2Yf0uirwOoQ1BGV/ctUy
qdXlM1unh0x+H44yRDp6Q3xu2vLN1v/vY7YV46IDKzuouwfJlP7Nkvo5fmqLtITj
mJI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:56 2024 by rpki-client on console-ams.rpki-client.org