Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/iOwCeIf2W8cRkhGzhO3geojIvZ0.roa
File: iOwCeIf2W8cRkhGzhO3geojIvZ0.roa (raw, json)
Hash identifier: 1ROrICNnsRleMl0JZbOgAppJeVhpctycXF5cvBL6/Zs=
Subject key identifier: 88:EC:02:78:87:F6:5B:C7:11:92:11:B3:84:ED:E0:7A:88:C8:BD:9D
Certificate issuer: /CN=d027c609faf4a6c22adf1f8c4a70a07ae7cf2e81
Certificate serial: 018D5F6BD7EB2654702B4C0926C434C1BB0D
Authority key identifier: D0:27:C6:09:FA:F4:A6:C2:2A:DF:1F:8C:4A:70:A0:7A:E7:CF:2E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0CfGCfr0psIq3x-MSnCgeufPLoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/iOwCeIf2W8cRkhGzhO3geojIvZ0.roa
Signing time: Wed 31 Jan 2024 12:08:39 +0000
ROA not before: Wed 31 Jan 2024 12:08:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15699
IP address blocks: 194.36.122.0/23 maxlen: 32
194.36.138.0/23 maxlen: 32
195.162.18.0/23 maxlen: 32
Validation: Failed, certificate revoked on Wed 31 Jan 2024 12:21:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:6b:d7:eb:26:54:70:2b:4c:09:26:c4:34:c1:bb:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d027c609faf4a6c22adf1f8c4a70a07ae7cf2e81
Validity
Not Before: Jan 31 12:08:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88ec027887f65bc7119211b384ede07a88c8bd9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:2f:9d:45:5e:09:a6:2e:e0:43:dc:b9:f1:
ac:cf:bf:7d:92:af:9e:47:52:80:eb:1f:63:ca:e2:
0e:82:37:ae:f6:e3:00:1a:88:56:36:63:75:28:9c:
de:93:d1:9f:fd:97:9b:5f:7d:60:32:99:d1:1a:08:
36:cc:c2:5e:58:a2:39:04:f8:af:57:11:84:9d:76:
59:45:09:55:cd:2b:c4:9b:28:a0:68:ea:d8:aa:6a:
51:12:b1:4b:fe:d6:c4:72:bb:07:2f:b1:bc:9a:c9:
7f:56:96:60:38:3b:c2:76:37:9d:f5:ca:53:a1:58:
f6:c5:ef:18:21:a5:50:d6:b5:e2:22:04:c1:ca:6d:
3f:d0:27:6b:ec:74:d1:68:18:75:8b:03:f0:56:3b:
8b:8b:16:d4:9d:ec:94:97:25:91:ad:d5:bd:3c:ec:
76:b3:7a:a8:f2:7d:e2:fa:2c:95:44:77:8f:9c:63:
d5:ad:df:9c:99:d0:9e:7f:b0:a9:76:64:69:27:8b:
68:45:12:ef:cf:70:5b:f2:c8:75:e0:a4:0d:7a:6c:
e5:1d:20:ad:f4:18:71:d7:03:65:f2:ca:7e:d5:32:
49:81:1f:1f:a8:a9:57:d3:97:8d:2d:3f:48:db:45:
a8:ec:d2:d5:fb:7a:b9:ba:20:e7:1b:b6:bf:3d:92:
98:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EC:02:78:87:F6:5B:C7:11:92:11:B3:84:ED:E0:7A:88:C8:BD:9D
X509v3 Authority Key Identifier:
keyid:D0:27:C6:09:FA:F4:A6:C2:2A:DF:1F:8C:4A:70:A0:7A:E7:CF:2E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0CfGCfr0psIq3x-MSnCgeufPLoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/iOwCeIf2W8cRkhGzhO3geojIvZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/0CfGCfr0psIq3x-MSnCgeufPLoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.122.0/23
194.36.138.0/23
195.162.18.0/23
Signature Algorithm: sha256WithRSAEncryption
29:92:9c:17:36:12:7f:fa:8b:de:64:7e:55:f5:9c:c8:80:28:
a6:e8:f8:58:9e:27:4d:ca:93:f4:ce:50:34:ec:b9:03:83:22:
e3:53:62:c5:19:8d:0c:24:31:47:62:04:95:cf:7d:81:60:fe:
ea:d2:ba:a6:7a:20:f0:24:9c:9b:2a:36:49:a4:be:7b:4b:86:
e0:fc:e1:60:ea:ae:29:7b:be:88:f5:4b:43:af:7f:b4:90:af:
19:65:98:fd:5a:65:79:64:57:64:50:44:db:9d:e3:d8:37:bb:
78:b5:f6:dc:02:a9:59:ff:5b:5d:98:64:8d:4a:39:c8:4a:01:
57:5a:bf:e8:f9:40:c7:d6:f2:f0:6b:10:0d:a8:46:b8:b7:65:
fc:eb:c4:dd:f2:ad:b8:cc:32:1e:90:86:fb:6b:c7:9c:2b:0d:
92:e8:2d:00:01:c0:e6:1a:29:93:a1:97:a2:2b:4c:cd:33:be:
85:46:fb:94:34:c5:21:32:3a:9b:4f:7c:8b:f9:7f:59:bf:19:
86:ef:ca:63:3e:49:22:8d:15:2a:4b:d9:38:21:11:92:a2:5b:
01:d9:3f:3d:a0:0e:bb:cb:1a:86:8e:5f:d7:bd:28:7b:29:52:
01:58:d7:38:d5:58:b4:e0:f6:bc:9a:36:ec:6f:27:7e:f8:da:
93:f6:ef:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1fa9frJlRwK0wJJsQ0wbsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjdjNjA5ZmFmNGE2YzIyYWRmMWY4YzRhNzBhMDdhZTdj
ZjJlODEwHhcNMjQwMTMxMTIwODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGVjMDI3ODg3ZjY1YmM3MTE5MjExYjM4NGVkZTA3YTg4YzhiZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixAvnUVeCaYu4EPcufGsz799kq+e
R1KA6x9jyuIOgjeu9uMAGohWNmN1KJzek9Gf/ZebX31gMpnRGgg2zMJeWKI5BPiv
VxGEnXZZRQlVzSvEmyigaOrYqmpRErFL/tbEcrsHL7G8msl/VpZgODvCdjed9cpT
oVj2xe8YIaVQ1rXiIgTBym0/0Cdr7HTRaBh1iwPwVjuLixbUneyUlyWRrdW9POx2
s3qo8n3i+iyVRHePnGPVrd+cmdCef7CpdmRpJ4toRRLvz3Bb8sh14KQNemzlHSCt
9Bhx1wNl8sp+1TJJgR8fqKlX05eNLT9I20Wo7NLV+3q5uiDnG7a/PZKY3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIjsAniH9lvHEZIRs4Tt4HqIyL2dMB8GA1UdIwQY
MBaAFNAnxgn69KbCKt8fjEpwoHrnzy6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENmR0NmcjBwc0lxM3gtTVNuQ2dldWZQTG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mNzFkNmYtN2VhNy00NWZjLWIxYjUt
M2FjYjgxNDkwNGEwLzEvaU93Q2VJZjJXOGNSa2hHemhPM2dlb2pJdlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mNzFkNmYtN2VhNy00NWZjLWIxYjUtM2FjYjgxNDkwNGEw
LzEvMENmR0NmcjBwc0lxM3gtTVNuQ2dldWZQTG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwiR6AwQB
wiSKAwQBw6ISMA0GCSqGSIb3DQEBCwUAA4IBAQApkpwXNhJ/+oveZH5V9ZzIgCim
6PhYnidNypP0zlA07LkDgyLjU2LFGY0MJDFHYgSVz32BYP7q0rqmeiDwJJybKjZJ
pL57S4bg/OFg6q4pe76I9UtDr3+0kK8ZZZj9WmV5ZFdkUETbnePYN7t4tfbcAqlZ
/1tdmGSNSjnISgFXWr/o+UDH1vLwaxANqEa4t2X868Td8q24zDIekIb7a8ecKw2S
6C0AAcDmGimToZeiK0zNM76FRvuUNMUhMjqbT3yL+X9ZvxmG78pjPkkijRUqS9k4
IRGSolsB2T89oA67yxqGjl/XvSh7KVIBWNc41Vi04Pa8mjbsbyd++NqT9u+5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:50 2024 by rpki-client on console-fra.rpki-client.org