Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/1-TjTf6Q3Ohp3NfNbq8A17h3VVc4.roa
File: 1-TjTf6Q3Ohp3NfNbq8A17h3VVc4.roa (raw, json)
Hash identifier: sxEg7Lsgde/VGHz4R56kgkLbCeiGzgTrudCLQuwybvQ=
Subject key identifier: F9:38:D3:7F:A4:37:3A:1A:77:35:F3:5B:AB:C0:35:EE:1D:D5:55:CE
Certificate issuer: /CN=c35adeebc28d7e27fd9eb9efb23551dae20b1d0f
Certificate serial: 018571DE816C5402A5558588F1858696C299
Authority key identifier: C3:5A:DE:EB:C2:8D:7E:27:FD:9E:B9:EF:B2:35:51:DA:E2:0B:1D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w1re68KNfif9nrnvsjVR2uILHQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/1-TjTf6Q3Ohp3NfNbq8A17h3VVc4.roa
Signing time: Mon 02 Jan 2023 09:44:45 +0000
ROA not before: Mon 02 Jan 2023 09:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47951
IP address blocks: 194.104.137.0/24 maxlen: 24
2a11:5fc0::/29 maxlen: 29
2a11:5fc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:81:6c:54:02:a5:55:85:88:f1:85:86:96:c2:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35adeebc28d7e27fd9eb9efb23551dae20b1d0f
Validity
Not Before: Jan 2 09:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f938d37fa4373a1a7735f35babc035ee1dd555ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:06:53:52:1c:39:80:43:aa:ec:a3:56:42:23:
ea:28:7f:81:ad:44:f6:33:b3:ce:68:4e:a3:fc:d2:
94:4f:c3:88:e7:5a:86:c0:33:62:f5:b4:c7:e6:06:
f7:5a:b7:fe:8a:e7:17:af:b2:4c:6e:11:c9:ab:66:
9b:66:dc:4e:0e:14:8c:de:fc:b0:9c:b7:ea:29:fb:
8e:0d:f7:65:cc:7e:02:b9:d4:42:6a:c4:4d:7f:9a:
35:91:6c:f8:b1:e5:81:0c:90:5e:84:53:35:fd:16:
8d:20:ab:6b:18:3e:10:ca:72:32:16:4a:e9:b2:48:
05:ba:5f:58:ae:62:78:87:29:4f:3b:0b:c2:02:1e:
f3:7c:b5:2a:15:ae:03:a6:c2:9c:6f:be:04:7f:b6:
c3:b0:f5:1e:c3:07:e4:f3:6d:69:c9:c9:61:70:63:
09:5d:0d:c3:b5:14:29:35:4c:c4:74:2d:6a:9c:e1:
cd:4c:87:6d:0b:dc:9a:b1:a6:a5:40:8b:c5:ab:28:
9d:88:b4:79:74:40:d5:4e:c7:f3:dd:dd:e6:8f:da:
f9:a4:0e:df:4f:20:54:35:8f:a2:22:56:68:9f:6b:
0d:dc:14:5e:58:33:64:29:4b:22:9e:38:db:5f:e1:
65:f1:42:b6:e9:1d:cf:fd:ab:da:f3:e3:f8:2e:a6:
dc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:38:D3:7F:A4:37:3A:1A:77:35:F3:5B:AB:C0:35:EE:1D:D5:55:CE
X509v3 Authority Key Identifier:
keyid:C3:5A:DE:EB:C2:8D:7E:27:FD:9E:B9:EF:B2:35:51:DA:E2:0B:1D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w1re68KNfif9nrnvsjVR2uILHQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/1-TjTf6Q3Ohp3NfNbq8A17h3VVc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/w1re68KNfif9nrnvsjVR2uILHQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.137.0/24
IPv6:
2a11:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:8b:df:ac:87:13:3b:78:82:1d:0c:64:c5:12:47:67:0e:8d:
1f:16:0a:47:00:44:b8:02:ec:99:6e:16:9b:08:ef:cd:5d:4e:
5e:74:2e:ff:0f:7b:4c:27:77:aa:a4:4a:7c:48:e8:b5:c4:7b:
56:4b:b4:5e:c8:dd:e0:db:98:ef:1b:01:c1:07:5d:1d:4f:ff:
4f:c9:34:ff:ad:5d:3c:e7:7e:83:b8:e4:74:79:d0:94:39:15:
14:b6:09:96:47:0f:7d:c9:c5:5e:f0:b0:4a:e7:80:72:aa:30:
9d:f6:79:88:a3:c0:0a:1b:83:86:d4:2b:5f:da:92:80:11:de:
bf:9a:93:41:39:a3:09:ab:83:f7:66:c2:ef:ad:33:ab:b1:1d:
24:47:61:7d:08:9d:a5:8b:41:cb:1b:b9:3b:e0:af:57:f6:60:
d6:46:f2:21:e0:86:71:c1:f2:0f:da:d6:48:6d:72:a3:96:65:
96:d3:38:d3:a2:46:2f:4d:af:b2:8b:55:5c:48:e3:60:ee:7e:
08:79:0c:f4:22:73:82:42:87:b0:1c:78:45:ae:18:1f:25:69:
22:71:40:38:ec:a7:ce:0c:74:64:56:9e:5b:9f:b7:54:26:a4:
99:b1:26:37:11:4c:f9:41:c4:1b:96:25:b8:60:13:eb:a0:df:
a0:de:65:92
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVx3oFsVAKlVYWI8YWGlsKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWFkZWViYzI4ZDdlMjdmZDllYjllZmIyMzU1MWRhZTIw
YjFkMGYwHhcNMjMwMTAyMDk0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTM4ZDM3ZmE0MzczYTFhNzczNWYzNWJhYmMwMzVlZTFkZDU1NWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQZTUhw5gEOq7KNWQiPqKH+BrUT2
M7POaE6j/NKUT8OI51qGwDNi9bTH5gb3Wrf+iucXr7JMbhHJq2abZtxODhSM3vyw
nLfqKfuODfdlzH4CudRCasRNf5o1kWz4seWBDJBehFM1/RaNIKtrGD4QynIyFkrp
skgFul9YrmJ4hylPOwvCAh7zfLUqFa4DpsKcb74Ef7bDsPUewwfk821pyclhcGMJ
XQ3DtRQpNUzEdC1qnOHNTIdtC9yasaalQIvFqyidiLR5dEDVTsfz3d3mj9r5pA7f
TyBUNY+iIlZon2sN3BReWDNkKUsinjjbX+Fl8UK26R3P/ava8+P4LqbcPwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPk403+kNzoadzXzW6vANe4d1VXOMB8GA1UdIwQY
MBaAFMNa3uvCjX4n/Z6577I1UdriCx0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzFyZTY4S05maWY5bnJudnNqVlIydUlMSFE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84MzlkMWMtNGRiMy00NWNjLWIwNGYt
YjU1ZDdkN2YyYzQ4LzEvMS1UalRmNlEzT2hwM05mTmJxOEExN2gzVlZjNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2MvODM5ZDFjLTRkYjMtNDVjYy1iMDRmLWI1NWQ3ZDdmMmM0
OC8xL3cxcmU2OEtOZmlmOW5ybnZzalZSMnVJTEhROC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMJoiTAN
BAIAAjAHAwUDKhFfwDANBgkqhkiG9w0BAQsFAAOCAQEAC4vfrIcTO3iCHQxkxRJH
Zw6NHxYKRwBEuALsmW4WmwjvzV1OXnQu/w97TCd3qqRKfEjotcR7Vku0Xsjd4NuY
7xsBwQddHU//T8k0/61dPOd+g7jkdHnQlDkVFLYJlkcPfcnFXvCwSueAcqownfZ5
iKPAChuDhtQrX9qSgBHev5qTQTmjCauD92bC760zq7EdJEdhfQidpYtByxu5O+Cv
V/Zg1kbyIeCGccHyD9rWSG1yo5ZlltM406JGL02vsotVXEjjYO5+CHkM9CJzgkKH
sBx4Ra4YHyVpInFAOOynzgx0ZFaeW5+3VCakmbEmNxFM+UHEG5YluGAT66DfoN5l
kg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:13 2024 by rpki-client on console-ams.rpki-client.org