Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/U448lKIhTCLvAFTFS0gcuV2kmRY.roa
File: U448lKIhTCLvAFTFS0gcuV2kmRY.roa (raw, json)
Hash identifier: iaKhcNYNuSkDWMtMkla5ipq6Ye7LtgV86Bn+eOeb0W4=
Subject key identifier: 53:8E:3C:94:A2:21:4C:22:EF:00:54:C5:4B:48:1C:B9:5D:A4:99:16
Certificate issuer: /CN=c35adeebc28d7e27fd9eb9efb23551dae20b1d0f
Certificate serial: 018E4628D6064EC99B92CC2CAD0B6C44E541
Authority key identifier: C3:5A:DE:EB:C2:8D:7E:27:FD:9E:B9:EF:B2:35:51:DA:E2:0B:1D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w1re68KNfif9nrnvsjVR2uILHQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/U448lKIhTCLvAFTFS0gcuV2kmRY.roa
Signing time: Sat 16 Mar 2024 07:27:45 +0000
ROA not before: Sat 16 Mar 2024 07:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47951
IP address blocks: 194.104.137.0/24 maxlen: 24
2a11:5fc0::/29 maxlen: 29
2a11:5fc0::/32 maxlen: 32
2a11:5fc4::/30 maxlen: 30
Validation: Failed, certificate revoked on Sat 16 Mar 2024 09:53:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:46:28:d6:06:4e:c9:9b:92:cc:2c:ad:0b:6c:44:e5:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35adeebc28d7e27fd9eb9efb23551dae20b1d0f
Validity
Not Before: Mar 16 07:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=538e3c94a2214c22ef0054c54b481cb95da49916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d2:d5:43:29:db:a7:41:29:2a:80:9e:3e:66:
8b:a5:57:22:fc:5f:df:f9:03:cd:87:14:16:42:30:
7e:54:34:1b:66:6c:a8:e2:06:1d:89:25:e8:98:ec:
f6:23:0e:e0:88:ca:06:8e:f9:a6:6c:46:8c:89:1a:
63:87:ae:50:24:e9:a0:6e:0c:1f:ca:02:8a:87:49:
1c:57:d5:77:81:be:ad:af:23:2e:36:d9:26:9f:5a:
4c:91:45:82:3e:1b:7c:c4:cf:48:f3:de:fb:6b:0f:
74:8a:90:48:0d:ca:8b:d5:2e:e1:d4:29:22:18:a4:
65:90:0c:d0:16:75:d1:1e:92:39:51:fc:f9:d0:71:
2a:86:f1:77:cb:b3:47:f3:17:78:e7:f6:38:0f:8d:
f6:84:0b:75:7e:08:50:ae:bf:46:2b:06:1f:ce:25:
a9:1e:83:a4:6d:86:64:16:a3:50:80:73:da:25:a0:
11:61:e3:81:82:93:80:9e:74:7e:ce:13:84:58:f2:
7f:9a:30:95:4d:21:4f:ae:1c:9b:46:33:28:05:2d:
2b:82:ce:a7:22:bc:79:58:84:4c:a9:43:a8:da:06:
62:b2:7b:8e:ab:94:c7:13:bb:53:d8:0c:c2:24:fb:
8b:e1:ab:67:48:01:7e:25:11:78:7e:c1:c1:17:45:
77:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8E:3C:94:A2:21:4C:22:EF:00:54:C5:4B:48:1C:B9:5D:A4:99:16
X509v3 Authority Key Identifier:
keyid:C3:5A:DE:EB:C2:8D:7E:27:FD:9E:B9:EF:B2:35:51:DA:E2:0B:1D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w1re68KNfif9nrnvsjVR2uILHQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/U448lKIhTCLvAFTFS0gcuV2kmRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/w1re68KNfif9nrnvsjVR2uILHQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.137.0/24
IPv6:
2a11:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:09:a0:43:46:e1:82:a6:de:59:cd:89:ad:b9:9c:b5:6e:19:
19:09:a5:3c:60:ad:02:99:0b:9a:46:62:b9:db:03:03:8f:a4:
74:da:d3:d1:f8:18:30:8f:b9:5f:37:44:4e:de:38:b5:fe:bf:
30:a4:44:e5:db:90:d4:32:73:5f:d8:08:53:fa:f4:b1:ca:d3:
46:3c:da:7a:d0:d9:7b:fc:72:2f:4b:bc:3e:9e:43:28:9d:c7:
18:88:42:60:88:56:ab:db:4b:64:2c:5c:be:89:00:81:ab:ad:
93:93:6a:31:2c:b7:c1:68:aa:c6:24:c8:78:6e:aa:bd:74:c2:
83:2b:a2:9d:47:5d:ce:db:d6:01:7e:99:9a:bb:8f:e1:12:e7:
72:fd:19:36:fc:7b:f9:09:e8:69:b6:c2:aa:7d:6e:e3:72:a2:
24:b2:7f:19:28:47:ec:82:d8:45:ed:77:70:3e:c4:b8:b4:7e:
1b:0f:a0:76:2f:fd:d7:29:85:7d:8f:2f:3f:23:e2:54:7f:c4:
1c:d3:ec:b1:f3:b7:0f:fa:74:3d:fa:00:31:62:3f:23:16:fd:
4e:5b:50:6f:29:2d:dc:bd:e9:d0:55:8f:5d:3d:31:48:45:b6:
0e:b5:09:1f:bd:33:70:4e:8b:95:26:1b:49:f0:e7:05:6e:50:
98:90:07:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5GKNYGTsmbkswsrQtsROVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWFkZWViYzI4ZDdlMjdmZDllYjllZmIyMzU1MWRhZTIw
YjFkMGYwHhcNMjQwMzE2MDcyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzhlM2M5NGEyMjE0YzIyZWYwMDU0YzU0YjQ4MWNiOTVkYTQ5OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdLVQynbp0EpKoCePmaLpVci/F/f
+QPNhxQWQjB+VDQbZmyo4gYdiSXomOz2Iw7giMoGjvmmbEaMiRpjh65QJOmgbgwf
ygKKh0kcV9V3gb6tryMuNtkmn1pMkUWCPht8xM9I8977aw90ipBIDcqL1S7h1Cki
GKRlkAzQFnXRHpI5Ufz50HEqhvF3y7NH8xd45/Y4D432hAt1fghQrr9GKwYfziWp
HoOkbYZkFqNQgHPaJaARYeOBgpOAnnR+zhOEWPJ/mjCVTSFPrhybRjMoBS0rgs6n
Irx5WIRMqUOo2gZisnuOq5THE7tT2AzCJPuL4atnSAF+JRF4fsHBF0V39QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFOOPJSiIUwi7wBUxUtIHLldpJkWMB8GA1UdIwQY
MBaAFMNa3uvCjX4n/Z6577I1UdriCx0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzFyZTY4S05maWY5bnJudnNqVlIydUlMSFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84MzlkMWMtNGRiMy00NWNjLWIwNGYt
YjU1ZDdkN2YyYzQ4LzEvVTQ0OGxLSWhUQ0x2QUZURlMwZ2N1VjJrbVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84MzlkMWMtNGRiMy00NWNjLWIwNGYtYjU1ZDdkN2YyYzQ4
LzEvdzFyZTY4S05maWY5bnJudnNqVlIydUlMSFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmiJMA0E
AgACMAcDBQMqEV/AMA0GCSqGSIb3DQEBCwUAA4IBAQA/CaBDRuGCpt5ZzYmtuZy1
bhkZCaU8YK0CmQuaRmK52wMDj6R02tPR+Bgwj7lfN0RO3ji1/r8wpETl25DUMnNf
2AhT+vSxytNGPNp60Nl7/HIvS7w+nkMonccYiEJgiFar20tkLFy+iQCBq62Tk2ox
LLfBaKrGJMh4bqq9dMKDK6KdR13O29YBfpmau4/hEudy/Rk2/Hv5CehptsKqfW7j
cqIksn8ZKEfsgthF7XdwPsS4tH4bD6B2L/3XKYV9jy8/I+JUf8Qc0+yx87cP+nQ9
+gAxYj8jFv1OW1BvKS3cvenQVY9dPTFIRbYOtQkfvTNwTouVJhtJ8OcFblCYkAeJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:13 2024 by rpki-client on console-ams.rpki-client.org