Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/216802-e8f9-4cbc-9d65-b9252cf2cc47/1/xFnKqoOj-45EWe-HgC-u3XD3g5o.roa
File: xFnKqoOj-45EWe-HgC-u3XD3g5o.roa (raw, json)
Hash identifier: 0tUTHONQW6yWd0JEGG647GVWzxl1hrhpEUgcYfpFw7s=
Subject key identifier: C4:59:CA:AA:83:A3:FB:8E:44:59:EF:87:80:2F:AE:DD:70:F7:83:9A
Certificate issuer: /CN=e46e9ab47ca91fa132565860bcdd9a107ba032e4
Certificate serial: 0185A4F393E18971C80F1782281755CA123B
Authority key identifier: E4:6E:9A:B4:7C:A9:1F:A1:32:56:58:60:BC:DD:9A:10:7B:A0:32:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5G6atHypH6EyVlhgvN2aEHugMuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/216802-e8f9-4cbc-9d65-b9252cf2cc47/1/xFnKqoOj-45EWe-HgC-u3XD3g5o.roa
Signing time: Thu 12 Jan 2023 07:48:24 +0000
ROA not before: Thu 12 Jan 2023 07:48:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 194.145.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a4:f3:93:e1:89:71:c8:0f:17:82:28:17:55:ca:12:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e46e9ab47ca91fa132565860bcdd9a107ba032e4
Validity
Not Before: Jan 12 07:48:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c459caaa83a3fb8e4459ef87802faedd70f7839a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1c:4b:cb:cd:68:51:a9:b6:25:d0:70:c9:f9:
6b:84:29:5a:f0:d9:23:4a:dc:c7:13:c0:19:af:0d:
c7:48:fd:b8:7a:f3:c8:51:82:90:7d:4f:cd:e9:85:
0d:c3:32:bc:15:a8:7a:61:94:94:60:80:dd:7a:4b:
20:19:cf:31:4f:c9:61:a9:2b:aa:bf:68:ba:78:39:
ae:3a:11:da:fa:19:3c:e4:65:0f:e8:3c:1c:7d:04:
e1:f8:57:87:52:8a:a0:87:03:53:74:9c:f3:52:72:
52:cb:99:56:a4:af:c8:bd:1d:01:16:5c:a9:21:a8:
25:12:c8:8d:93:bd:6e:14:a5:f0:0e:f7:02:29:a9:
01:8a:7a:32:7c:34:37:93:fc:8f:46:80:0c:03:21:
a9:14:7b:d8:59:85:af:ed:78:6a:f2:08:6f:21:f8:
57:51:68:61:02:4c:67:a6:e4:29:1e:07:ab:89:bc:
7c:04:b1:5d:3f:69:b3:2d:be:94:00:d1:bb:fe:64:
9a:be:f7:4d:41:ee:1b:e0:52:60:45:a1:7e:38:2e:
7d:1c:40:c4:bd:9d:35:4e:88:f1:eb:0f:d9:2d:3f:
04:71:2f:72:c9:60:c8:4a:c5:8d:79:b2:49:91:c5:
bb:89:ff:d8:f4:d3:28:c5:5f:79:66:01:58:d9:28:
79:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:59:CA:AA:83:A3:FB:8E:44:59:EF:87:80:2F:AE:DD:70:F7:83:9A
X509v3 Authority Key Identifier:
keyid:E4:6E:9A:B4:7C:A9:1F:A1:32:56:58:60:BC:DD:9A:10:7B:A0:32:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5G6atHypH6EyVlhgvN2aEHugMuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/216802-e8f9-4cbc-9d65-b9252cf2cc47/1/xFnKqoOj-45EWe-HgC-u3XD3g5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/216802-e8f9-4cbc-9d65-b9252cf2cc47/1/5G6atHypH6EyVlhgvN2aEHugMuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.145.157.0/24
Signature Algorithm: sha256WithRSAEncryption
44:6c:4b:57:ac:bf:39:5a:7c:74:d4:ce:4b:15:9c:5b:dc:57:
8f:dd:aa:bb:9d:ab:ff:7a:3e:61:0d:9f:86:3f:84:07:18:67:
bf:93:a3:57:3d:1a:2a:ef:4e:9a:ea:77:8b:2f:f0:79:29:60:
5e:5a:d2:f6:9a:cf:62:e6:5d:44:9e:c6:3b:fe:49:c7:9d:f8:
01:bc:64:ed:db:46:d0:0d:a7:3e:ca:16:26:bf:f8:49:3f:93:
ab:4e:e8:3d:4a:0e:e3:94:09:fc:ba:60:13:d2:f6:ef:ef:b8:
c6:c9:d3:45:1b:ef:c0:9f:9c:60:73:03:0b:d8:8a:e5:b7:51:
f4:82:5c:f2:4f:4d:9d:5e:39:e7:95:f7:df:16:2a:1c:48:f5:
ec:cc:dd:0f:bf:b9:b9:ef:55:3b:0b:c5:66:b1:1c:45:b0:97:
e8:36:6f:c6:9c:cb:73:56:b9:07:69:f6:f1:95:a5:e9:49:f0:
30:3d:17:ed:bd:d7:12:92:aa:10:ae:1f:55:7f:8c:77:77:c2:
a7:54:ef:36:dd:07:93:15:d4:2e:51:81:5e:c6:78:9d:fb:4c:
c0:47:21:fc:80:cb:9b:ef:ef:99:c2:05:91:43:58:94:5d:7b:
e0:e3:a5:18:a2:64:39:96:ef:9c:b2:25:d1:00:de:8b:85:89:
52:98:a6:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWk85PhiXHIDxeCKBdVyhI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NmU5YWI0N2NhOTFmYTEzMjU2NTg2MGJjZGQ5YTEwN2Jh
MDMyZTQwHhcNMjMwMTEyMDc0ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDU5Y2FhYTgzYTNmYjhlNDQ1OWVmODc4MDJmYWVkZDcwZjc4MzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxxLy81oUam2JdBwyflrhCla8Nkj
StzHE8AZrw3HSP24evPIUYKQfU/N6YUNwzK8Fah6YZSUYIDdeksgGc8xT8lhqSuq
v2i6eDmuOhHa+hk85GUP6DwcfQTh+FeHUoqghwNTdJzzUnJSy5lWpK/IvR0BFlyp
IaglEsiNk71uFKXwDvcCKakBinoyfDQ3k/yPRoAMAyGpFHvYWYWv7Xhq8ghvIfhX
UWhhAkxnpuQpHgeribx8BLFdP2mzLb6UANG7/mSavvdNQe4b4FJgRaF+OC59HEDE
vZ01Tojx6w/ZLT8EcS9yyWDISsWNebJJkcW7if/Y9NMoxV95ZgFY2Sh5KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRZyqqDo/uORFnvh4Avrt1w94OaMB8GA1UdIwQY
MBaAFORumrR8qR+hMlZYYLzdmhB7oDLkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUc2YXRIeXBINkV5VmxoZ3ZOMmFFSHVnTXVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yMTY4MDItZThmOS00Y2JjLTlkNjUt
YjkyNTJjZjJjYzQ3LzEveEZuS3FvT2otNDVFV2UtSGdDLXUzWEQzZzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yMTY4MDItZThmOS00Y2JjLTlkNjUtYjkyNTJjZjJjYzQ3
LzEvNUc2YXRIeXBINkV5VmxoZ3ZOMmFFSHVnTXVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpGdMA0G
CSqGSIb3DQEBCwUAA4IBAQBEbEtXrL85Wnx01M5LFZxb3FeP3aq7nav/ej5hDZ+G
P4QHGGe/k6NXPRoq706a6neLL/B5KWBeWtL2ms9i5l1EnsY7/knHnfgBvGTt20bQ
Dac+yhYmv/hJP5OrTug9Sg7jlAn8umAT0vbv77jGydNFG+/An5xgcwML2Irlt1H0
glzyT02dXjnnlfffFiocSPXszN0Pv7m571U7C8VmsRxFsJfoNm/GnMtzVrkHafbx
laXpSfAwPRftvdcSkqoQrh9Vf4x3d8KnVO823QeTFdQuUYFexnid+0zARyH8gMub
7++ZwgWRQ1iUXXvg46UYomQ5lu+csiXRAN6LhYlSmKal
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:58 2024 by rpki-client on console-fra.rpki-client.org