Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/cbac08-c11e-4806-a2fd-7c88c4e04f91/1/As0YtkU27oaURXAInNwOertcKb0.roa
File: As0YtkU27oaURXAInNwOertcKb0.roa (raw, json)
Hash identifier: 4rdTBOjVgLVXpfskH3xeBB6LeS2fyVlBMBASrCLLcug=
Subject key identifier: 02:CD:18:B6:45:36:EE:86:94:45:70:08:9C:DC:0E:7A:BB:5C:29:BD
Certificate issuer: /CN=f16090c5f6233cbaeaf319dcfae692a956eea102
Certificate serial: 01856F6701128DE715C9E88E56D002DB97D1
Authority key identifier: F1:60:90:C5:F6:23:3C:BA:EA:F3:19:DC:FA:E6:92:A9:56:EE:A1:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8WCQxfYjPLrq8xnc-uaSqVbuoQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/cbac08-c11e-4806-a2fd-7c88c4e04f91/1/As0YtkU27oaURXAInNwOertcKb0.roa
Signing time: Sun 01 Jan 2023 22:14:59 +0000
ROA not before: Sun 01 Jan 2023 22:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210206
IP address blocks: 194.5.4.0/22 maxlen: 24
2a0d:7ac0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:01:12:8d:e7:15:c9:e8:8e:56:d0:02:db:97:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f16090c5f6233cbaeaf319dcfae692a956eea102
Validity
Not Before: Jan 1 22:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02cd18b64536ee86944570089cdc0e7abb5c29bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:6e:58:0a:12:a0:62:22:36:5b:dc:93:d7:
3e:4d:fc:a2:7f:c9:d8:9e:0a:12:ab:06:54:50:26:
c4:6a:2d:4a:c6:b1:85:a2:de:5d:b4:35:27:bd:b2:
65:b0:ae:ec:da:93:c6:e7:3d:c0:d0:ac:20:d2:a0:
49:18:9e:3f:97:4e:5d:3d:84:8d:9d:79:6a:e9:94:
bf:50:9c:ad:94:d1:71:79:ff:d2:1c:2f:f0:19:ae:
4f:49:05:51:ad:48:31:38:37:a6:09:2c:5b:eb:e7:
95:67:01:7b:27:ba:18:2d:c9:07:4a:08:bd:2a:e8:
0a:e2:bb:b8:19:7e:03:ec:3b:09:d1:a5:03:0d:23:
b5:e4:66:ee:d9:f9:2a:68:37:52:4e:e3:23:ea:ba:
9b:f6:aa:36:3f:48:fe:eb:d6:ef:c0:1c:25:3a:53:
b0:a6:83:e5:bc:42:25:24:78:58:12:1b:b7:7f:30:
89:10:bc:81:77:e1:35:74:ef:76:23:a7:1a:85:d3:
0f:15:33:5f:86:07:3c:da:92:03:ae:40:48:29:a5:
86:94:8e:7a:51:27:a4:91:13:3f:92:6b:3b:61:e1:
da:ba:51:23:5c:45:56:e1:76:a2:23:0c:6b:b5:2f:
3a:06:fb:e1:e2:f5:03:87:2b:b8:2b:24:70:14:95:
78:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:CD:18:B6:45:36:EE:86:94:45:70:08:9C:DC:0E:7A:BB:5C:29:BD
X509v3 Authority Key Identifier:
keyid:F1:60:90:C5:F6:23:3C:BA:EA:F3:19:DC:FA:E6:92:A9:56:EE:A1:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8WCQxfYjPLrq8xnc-uaSqVbuoQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/cbac08-c11e-4806-a2fd-7c88c4e04f91/1/As0YtkU27oaURXAInNwOertcKb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/cbac08-c11e-4806-a2fd-7c88c4e04f91/1/8WCQxfYjPLrq8xnc-uaSqVbuoQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.4.0/22
IPv6:
2a0d:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
32:28:95:6e:04:89:bf:dd:7b:90:8c:2c:ea:19:25:d8:0b:cf:
d7:33:21:c2:05:c4:ea:74:4a:6e:c2:d8:b0:47:e5:7c:f3:59:
05:7c:de:52:03:27:a1:46:a7:6b:10:6d:f0:d9:68:bd:ee:cc:
fa:13:cf:98:82:ca:74:ac:2e:b4:1a:c8:04:4b:e3:8d:d5:a3:
c4:fd:7f:f1:72:5c:e6:24:5e:dc:4a:c5:e9:96:8a:50:89:6f:
b1:99:0d:c3:92:15:af:a6:90:da:7c:b0:50:48:f7:88:0e:98:
97:4b:4a:67:58:d7:31:2c:f4:ca:02:79:54:3e:e4:ef:60:e7:
b8:83:17:26:f2:4a:80:bf:05:c7:91:03:ad:aa:52:fc:e5:a8:
b7:4f:b9:60:a2:81:89:fc:dc:d4:a6:e1:11:13:9f:e9:67:5d:
26:49:b9:57:77:41:58:cc:e3:a3:c1:eb:5b:d1:ec:f2:69:e8:
82:f6:8f:ee:30:0b:2e:a5:67:74:05:8e:95:e7:22:ec:35:94:
a1:f0:0f:37:07:b6:5d:d7:d9:f6:0b:b4:e0:56:37:9b:87:75:
3f:2c:46:b2:ba:dc:09:de:31:44:4b:6d:02:35:9b:82:6d:a9:
56:02:08:78:6d:db:e9:cb:ad:6b:c2:77:83:9e:a8:1a:0d:92:
bd:26:90:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvZwESjecVyeiOVtAC25fRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNjA5MGM1ZjYyMzNjYmFlYWYzMTlkY2ZhZTY5MmE5NTZl
ZWExMDIwHhcNMjMwMTAxMjIxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmNkMThiNjQ1MzZlZTg2OTQ0NTcwMDg5Y2RjMGU3YWJiNWMyOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4BuWAoSoGIiNlvck9c+Tfyif8nY
ngoSqwZUUCbEai1KxrGFot5dtDUnvbJlsK7s2pPG5z3A0Kwg0qBJGJ4/l05dPYSN
nXlq6ZS/UJytlNFxef/SHC/wGa5PSQVRrUgxODemCSxb6+eVZwF7J7oYLckHSgi9
KugK4ru4GX4D7DsJ0aUDDSO15Gbu2fkqaDdSTuMj6rqb9qo2P0j+69bvwBwlOlOw
poPlvEIlJHhYEhu3fzCJELyBd+E1dO92I6cahdMPFTNfhgc82pIDrkBIKaWGlI56
USekkRM/kms7YeHaulEjXEVW4XaiIwxrtS86Bvvh4vUDhyu4KyRwFJV43QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFALNGLZFNu6GlEVwCJzcDnq7XCm9MB8GA1UdIwQY
MBaAFPFgkMX2Izy66vMZ3PrmkqlW7qECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFdDUXhmWWpQTHJxOHhuYy11YVNxVmJ1b1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jYmFjMDgtYzExZS00ODA2LWEyZmQt
N2M4OGM0ZTA0ZjkxLzEvQXMwWXRrVTI3b2FVUlhBSW5Od09lcnRjS2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jYmFjMDgtYzExZS00ODA2LWEyZmQtN2M4OGM0ZTA0Zjkx
LzEvOFdDUXhmWWpQTHJxOHhuYy11YVNxVmJ1b1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwgUEMA0E
AgACMAcDBQMqDXrAMA0GCSqGSIb3DQEBCwUAA4IBAQAyKJVuBIm/3XuQjCzqGSXY
C8/XMyHCBcTqdEpuwtiwR+V881kFfN5SAyehRqdrEG3w2Wi97sz6E8+Ygsp0rC60
GsgES+ON1aPE/X/xclzmJF7cSsXplopQiW+xmQ3DkhWvppDafLBQSPeIDpiXS0pn
WNcxLPTKAnlUPuTvYOe4gxcm8kqAvwXHkQOtqlL85ai3T7lgooGJ/NzUpuERE5/p
Z10mSblXd0FYzOOjwetb0ezyaeiC9o/uMAsupWd0BY6V5yLsNZSh8A83B7Zd19n2
C7TgVjebh3U/LEayutwJ3jFES20CNZuCbalWAgh4bdvpy61rwneDnqgaDZK9JpD6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:58 2024 by rpki-client on console-ams.rpki-client.org