Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DiyOAxlABvxTxlnFj9eYV4R9mk0.roa
File: DiyOAxlABvxTxlnFj9eYV4R9mk0.roa (raw, json)
Hash identifier: x5SEamz+jQjqIj2yZg3nYQbyo87Yna8ZNMjjdrnTrFs=
Subject key identifier: 0E:2C:8E:03:19:40:06:FC:53:C6:59:C5:8F:D7:98:57:84:7D:9A:4D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A90BF4C8816784FFD59FE8FD7EAD468E7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DiyOAxlABvxTxlnFj9eYV4R9mk0.roa
Signing time: Wed 13 Sep 2023 22:52:50 +0000
ROA not before: Wed 13 Sep 2023 22:52:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Oct 2023 22:51:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:90:bf:4c:88:16:78:4f:fd:59:fe:8f:d7:ea:d4:68:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 13 22:52:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e2c8e03194006fc53c659c58fd79857847d9a4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1c:29:4f:f4:59:0a:17:d1:57:3c:d7:2b:6a:
75:d9:82:d6:96:7e:b4:1c:64:f9:97:e9:fc:84:7d:
31:30:be:d7:6e:4e:d5:0e:6f:43:aa:a1:c4:f4:59:
1e:27:ea:cd:33:a2:55:db:75:ad:17:82:95:30:ae:
aa:1d:17:19:0b:ff:cb:d8:af:93:f8:db:3a:64:df:
b7:4b:95:ca:7d:28:cc:ab:ba:3c:16:44:9c:9a:80:
23:6c:51:3d:cf:97:34:ba:89:d4:b4:9e:9e:94:f6:
a0:e1:0c:c7:e2:a7:9c:10:7d:67:66:c7:8a:72:f4:
5f:1e:71:f3:de:7b:4e:c8:62:42:0d:ae:f7:f4:31:
17:c3:b8:60:96:96:cf:8d:29:78:30:af:b1:d3:36:
8a:db:26:48:f9:a9:df:36:91:8c:8b:c8:5d:84:af:
fe:1a:9f:ab:10:cb:a8:1e:b8:0d:72:fc:f4:92:e9:
ad:25:b5:5c:ec:19:0d:e1:73:6f:c9:85:83:19:79:
bb:ed:88:22:dd:17:8d:58:f5:98:c6:2b:26:21:f0:
7b:06:02:2d:f4:0d:29:07:87:13:41:03:d7:ef:e7:
62:6b:50:24:df:6b:d8:04:92:dc:5d:f6:b2:ab:61:
8b:22:24:ff:03:a9:b8:10:58:f0:de:65:c6:b2:ec:
f0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2C:8E:03:19:40:06:FC:53:C6:59:C5:8F:D7:98:57:84:7D:9A:4D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DiyOAxlABvxTxlnFj9eYV4R9mk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
Signature Algorithm: sha256WithRSAEncryption
40:e8:8b:c2:8b:55:a7:f0:32:b5:fd:40:f2:da:95:ff:ea:a5:
d6:ed:d5:1a:02:bd:7f:fc:30:83:29:dc:9b:2f:41:fb:66:fe:
17:5d:b8:57:53:4c:a1:4c:14:db:31:6b:91:1c:ae:8b:02:c1:
f6:b1:89:93:55:46:17:a0:fd:d1:30:5a:b8:aa:eb:f5:6e:83:
a4:78:2c:c6:19:12:77:2c:c2:cb:d2:bf:41:39:36:4b:6e:22:
9b:3a:98:b6:4e:d7:56:b9:03:19:27:94:41:e6:2d:0a:b8:32:
3b:ad:64:12:81:a4:73:44:1e:58:f0:4e:a5:c3:09:82:1a:f9:
93:ad:65:f4:ef:20:84:ca:8b:5e:1d:28:3e:36:a1:8f:c2:5e:
3c:2f:60:4c:9c:40:da:b3:59:5c:69:71:7e:42:de:00:dd:3f:
9c:9d:d3:50:15:a6:bb:6c:5c:2a:59:b3:e5:e1:f3:2e:32:1a:
c6:df:38:65:07:8d:96:88:76:27:55:44:a8:32:0b:c3:21:2e:
51:bd:6f:96:bd:4c:8b:c8:42:da:ca:a2:0a:cc:10:bc:66:a6:
07:17:c1:a5:d6:bf:ee:aa:11:38:b4:d6:3f:ab:a6:07:f5:0d:
0a:b2:76:35:e1:23:f7:7e:9a:0b:75:4f:78:08:4e:e1:8c:57:
86:a5:75:c2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYqQv0yIFnhP/Vn+j9fq1GjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTEzMjI1MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJjOGUwMzE5NDAwNmZjNTNjNjU5YzU4ZmQ3OTg1Nzg0N2Q5YTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhwpT/RZChfRVzzXK2p12YLWln60
HGT5l+n8hH0xML7Xbk7VDm9DqqHE9FkeJ+rNM6JV23WtF4KVMK6qHRcZC//L2K+T
+Ns6ZN+3S5XKfSjMq7o8FkScmoAjbFE9z5c0uonUtJ6elPag4QzH4qecEH1nZseK
cvRfHnHz3ntOyGJCDa739DEXw7hglpbPjSl4MK+x0zaK2yZI+anfNpGMi8hdhK/+
Gp+rEMuoHrgNcvz0kumtJbVc7BkN4XNvyYWDGXm77Ygi3ReNWPWYxismIfB7BgIt
9A0pB4cTQQPX7+dia1Ak32vYBJLcXfayq2GLIiT/A6m4EFjw3mXGsuzwwwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA4sjgMZQAb8U8ZZxY/XmFeEfZpNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRGl5T0F4bEFCdnhUeGxuRmo5ZVlWNFI5bWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQAwjJvMB8E
AgACMBkDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgMA0GCSqGSIb3DQEBCwUAA4IB
AQBA6IvCi1Wn8DK1/UDy2pX/6qXW7dUaAr1//DCDKdybL0H7Zv4XXbhXU0yhTBTb
MWuRHK6LAsH2sYmTVUYXoP3RMFq4quv1boOkeCzGGRJ3LMLL0r9BOTZLbiKbOpi2
TtdWuQMZJ5RB5i0KuDI7rWQSgaRzRB5Y8E6lwwmCGvmTrWX07yCEyoteHSg+NqGP
wl48L2BMnEDas1lcaXF+Qt4A3T+cndNQFaa7bFwqWbPl4fMuMhrG3zhlB42WiHYn
VUSoMgvDIS5RvW+WvUyLyELayqIKzBC8ZqYHF8Gl1r/uqhE4tNY/q6YH9Q0KsnY1
4SP3fpoLdU94CE7hjFeGpXXC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:28 2024 by rpki-client on console-fra.rpki-client.org