Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/iNIKu1FOLWNQCnmem2OE6HZOi8Y.roa
File: iNIKu1FOLWNQCnmem2OE6HZOi8Y.roa (raw, json)
Hash identifier: 3n4BJ+hRwGRwsBXHaMKlt1FK/zNvTIMwz2swR567tyY=
Subject key identifier: 88:D2:0A:BB:51:4E:2D:63:50:0A:79:9E:9B:63:84:E8:76:4E:8B:C6
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018B23340DD87B82DCD7B92D652C23DA01D9
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/iNIKu1FOLWNQCnmem2OE6HZOi8Y.roa
Signing time: Thu 12 Oct 2023 09:24:55 +0000
ROA not before: Thu 12 Oct 2023 09:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 194.156.102.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:34:0d:d8:7b:82:dc:d7:b9:2d:65:2c:23:da:01:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Oct 12 09:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88d20abb514e2d63500a799e9b6384e8764e8bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ad:3b:69:84:df:3a:6f:9a:9c:30:77:67:e6:
60:30:15:18:a3:95:28:37:47:9e:fb:22:03:28:7b:
e3:65:d8:5d:c2:1c:81:ab:22:76:97:fb:31:1e:05:
60:7a:fb:3c:39:0a:d5:6f:7a:ef:a5:5a:89:63:f0:
b0:a5:9c:84:2a:31:9b:55:f7:ab:40:d8:a4:40:f3:
e1:01:a2:aa:0c:fb:cd:3b:5b:5d:d2:7b:22:e1:90:
47:e8:03:c9:35:20:f1:9f:74:01:88:3e:a3:66:68:
6f:d9:ea:d5:14:e2:1a:7e:44:7a:f3:d1:5a:7a:54:
40:8a:98:38:7d:e8:3e:dc:43:ad:67:cf:44:d3:d7:
00:24:cb:29:d6:aa:ad:38:14:b6:47:38:98:0f:a0:
41:c2:47:a1:c5:0b:62:17:96:54:27:f3:7a:5b:c9:
48:76:6e:fd:ea:c7:8a:1d:3f:a4:4f:58:63:94:81:
97:b1:65:89:fd:11:35:1d:d2:b1:15:e6:f6:52:f1:
4c:ba:42:d7:39:65:6d:df:b9:5c:82:64:f4:19:85:
70:6c:e8:58:07:00:79:0e:6e:3d:b7:3d:5a:55:9b:
86:c5:ab:43:fe:92:72:b9:fb:1e:cd:31:bf:ec:59:
b3:69:31:52:1d:8c:20:38:9f:f2:1f:a1:ba:69:81:
8b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D2:0A:BB:51:4E:2D:63:50:0A:79:9E:9B:63:84:E8:76:4E:8B:C6
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/iNIKu1FOLWNQCnmem2OE6HZOi8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.102.0/24
Signature Algorithm: sha256WithRSAEncryption
65:30:a8:ce:fe:5d:c8:22:92:a6:08:fd:6e:1a:bc:a7:ce:55:
7b:a3:68:28:4f:2a:2c:0f:bb:05:7c:8e:71:89:e5:6c:65:ad:
e1:f9:64:f6:a1:d8:1f:e8:ce:9f:94:f3:80:b5:45:9e:d2:44:
1c:6a:76:fc:bb:0d:76:cb:e0:85:7f:e0:cc:93:22:76:8a:1b:
1a:f9:30:0b:c0:a6:b2:7b:eb:22:c0:93:c5:8d:72:02:2d:9e:
d0:64:88:d2:7c:d1:04:5d:73:8d:b2:a0:1c:f0:41:12:a0:f9:
61:f5:3b:86:2e:8d:a3:a3:d3:fe:da:90:6b:9a:84:b6:d0:3d:
bd:db:78:aa:d7:02:f3:ea:80:76:ff:42:1e:64:c2:6e:aa:68:
2f:c2:b6:81:04:e5:eb:de:14:04:7d:95:a8:b1:99:86:95:a2:
a1:33:11:42:7b:5f:03:fc:d1:e8:0b:1d:92:6a:a3:82:87:cf:
f8:ea:20:e7:36:89:58:d7:5c:a3:9c:7a:f0:20:d6:d7:46:21:
c2:7a:7d:72:bf:4d:9c:29:d2:11:11:b8:ab:48:b0:12:d0:8b:
66:7f:4d:ec:db:d5:f4:23:27:e7:d3:10:c4:0b:99:60:20:10:
51:e0:7a:9b:1a:bd:00:e6:62:fe:74:e9:61:ac:1b:3f:a1:0f:
9f:42:cd:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsjNA3Ye4Lc17ktZSwj2gHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMxMDEyMDkyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQyMGFiYjUxNGUyZDYzNTAwYTc5OWU5YjYzODRlODc2NGU4YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK07aYTfOm+anDB3Z+ZgMBUYo5Uo
N0ee+yIDKHvjZdhdwhyBqyJ2l/sxHgVgevs8OQrVb3rvpVqJY/CwpZyEKjGbVfer
QNikQPPhAaKqDPvNO1td0nsi4ZBH6APJNSDxn3QBiD6jZmhv2erVFOIafkR689Fa
elRAipg4feg+3EOtZ89E09cAJMsp1qqtOBS2RziYD6BBwkehxQtiF5ZUJ/N6W8lI
dm796seKHT+kT1hjlIGXsWWJ/RE1HdKxFeb2UvFMukLXOWVt37lcgmT0GYVwbOhY
BwB5Dm49tz1aVZuGxatD/pJyufsezTG/7FmzaTFSHYwgOJ/yH6G6aYGLhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjSCrtRTi1jUAp5nptjhOh2TovGMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvaU5JS3UxRk9MV05RQ25tZW0yT0U2SFpPaThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpxmMA0G
CSqGSIb3DQEBCwUAA4IBAQBlMKjO/l3IIpKmCP1uGrynzlV7o2goTyosD7sFfI5x
ieVsZa3h+WT2odgf6M6flPOAtUWe0kQcanb8uw12y+CFf+DMkyJ2ihsa+TALwKay
e+siwJPFjXICLZ7QZIjSfNEEXXONsqAc8EESoPlh9TuGLo2jo9P+2pBrmoS20D29
23iq1wLz6oB2/0IeZMJuqmgvwraBBOXr3hQEfZWosZmGlaKhMxFCe18D/NHoCx2S
aqOCh8/46iDnNolY11yjnHrwINbXRiHCen1yv02cKdIREbirSLAS0Itmf03s29X0
Iyfn0xDEC5lgIBBR4HqbGr0A5mL+dOlhrBs/oQ+fQs3f
-----END CERTIFICATE-----
Generated at Thu Oct 12 22:20:35 2023 by rpki-client on console-ams.rpki-client.org