Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IchxhQo4Bfx29gakwEjKmPcnlVg.roa
File: IchxhQo4Bfx29gakwEjKmPcnlVg.roa (raw, json)
Hash identifier: /IEs0eEjdiSI2yHFD3doJx1x0dtDM78AJiQE08Y7SYg=
Subject key identifier: 21:C8:71:85:0A:38:05:FC:76:F6:06:A4:C0:48:CA:98:F7:27:95:58
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C444F342940B6878B4B5BFA8D3B9E6154
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IchxhQo4Bfx29gakwEjKmPcnlVg.roa
Signing time: Thu 07 Dec 2023 12:44:50 +0000
ROA not before: Thu 07 Dec 2023 12:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 194.50.111.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:4f:34:29:40:b6:87:8b:4b:5b:fa:8d:3b:9e:61:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 7 12:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21c871850a3805fc76f606a4c048ca98f7279558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:39:de:f7:f3:7f:3a:f3:95:ee:c7:e4:02:05:
f2:5a:b7:ca:1e:5c:5c:45:5a:ac:c5:de:3a:d3:1c:
ff:dd:59:97:02:f1:cc:81:73:11:ee:26:94:00:99:
81:ca:c8:18:fb:d6:40:04:4f:7b:87:fc:e3:15:89:
26:cb:dc:89:f2:02:e9:a0:b3:f7:b4:bc:61:7b:5f:
24:91:8b:04:cb:14:4e:82:5e:87:35:08:47:ce:1a:
7b:3b:1f:7b:f4:ca:2a:97:31:4c:22:e6:11:eb:31:
73:d7:94:92:2a:1c:9a:8b:ea:ae:d2:fa:17:be:15:
4b:1c:4e:a5:91:c9:d9:79:36:df:ef:d3:f7:e2:df:
a7:bd:75:43:b1:aa:19:c1:35:43:6c:a5:52:77:2b:
12:3e:7f:89:fc:ec:6e:88:e1:46:3a:39:d3:1b:ea:
fc:28:be:a1:43:2e:ec:41:fd:64:3f:4d:bd:40:33:
41:63:8f:7c:20:c0:24:de:9a:a4:48:bc:72:74:c3:
a9:e2:12:5c:dd:57:46:60:01:d3:d7:80:2b:2d:c6:
3e:3d:78:93:8d:98:44:fb:91:18:ef:7d:d8:9b:d0:
c2:98:7a:5d:f8:e9:36:28:b9:fe:f9:00:54:8b:a7:
72:00:54:12:60:a5:ec:4f:80:ac:27:0e:5e:4e:51:
07:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C8:71:85:0A:38:05:FC:76:F6:06:A4:C0:48:CA:98:F7:27:95:58
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IchxhQo4Bfx29gakwEjKmPcnlVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.111.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:57:e1:d1:20:f8:06:18:2c:22:25:2c:40:89:b5:10:74:74:
cb:00:13:26:76:46:4b:1e:12:aa:8d:fd:e1:fb:9a:9a:32:94:
a9:b7:83:d2:e5:09:87:fb:be:f1:90:c9:b1:ee:ef:b7:57:1d:
98:5b:eb:f8:9b:85:71:cc:e9:fe:5d:63:dc:d0:3e:45:9c:54:
b2:7f:49:18:8b:69:5a:44:45:c4:d6:b9:01:ef:06:9c:b6:ac:
0e:e0:fa:42:e5:e6:6e:50:f8:24:67:19:31:66:f0:85:65:f5:
1c:94:5b:b1:c8:22:e1:bd:2a:c3:c8:30:b7:fd:3b:5f:ff:29:
5d:b6:b6:25:70:f3:3b:d2:8d:0f:99:76:81:40:e7:87:c9:55:
84:4e:02:bd:01:af:22:86:e0:da:e3:10:14:05:08:9d:1b:b6:
d5:c3:23:3c:85:38:0d:9f:c4:31:84:6c:91:b1:2f:89:ba:34:
54:d5:d3:83:97:65:59:5e:8a:d1:29:64:91:4b:49:02:95:d6:
e6:97:b7:72:bd:d1:17:65:99:c3:cf:93:ab:b1:20:c8:87:fd:
db:f9:c8:c5:94:65:59:9a:70:ab:63:6d:03:f4:ec:91:c7:3d:
0a:94:d5:8f:1b:b4:23:10:88:6d:de:ed:cd:a9:67:64:d7:9d:
d1:3f:e3:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxETzQpQLaHi0tb+o07nmFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjA3MTI0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWM4NzE4NTBhMzgwNWZjNzZmNjA2YTRjMDQ4Y2E5OGY3Mjc5NTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTne9/N/OvOV7sfkAgXyWrfKHlxc
RVqsxd460xz/3VmXAvHMgXMR7iaUAJmBysgY+9ZABE97h/zjFYkmy9yJ8gLpoLP3
tLxhe18kkYsEyxROgl6HNQhHzhp7Ox979MoqlzFMIuYR6zFz15SSKhyai+qu0voX
vhVLHE6lkcnZeTbf79P34t+nvXVDsaoZwTVDbKVSdysSPn+J/OxuiOFGOjnTG+r8
KL6hQy7sQf1kP029QDNBY498IMAk3pqkSLxydMOp4hJc3VdGYAHT14ArLcY+PXiT
jZhE+5EY733Ym9DCmHpd+Ok2KLn++QBUi6dyAFQSYKXsT4CsJw5eTlEHEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHIcYUKOAX8dvYGpMBIypj3J5VYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSWNoeGhRbzRCZngyOWdha3dFakttUGNubFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjJvMA0G
CSqGSIb3DQEBCwUAA4IBAQAuV+HRIPgGGCwiJSxAibUQdHTLABMmdkZLHhKqjf3h
+5qaMpSpt4PS5QmH+77xkMmx7u+3Vx2YW+v4m4VxzOn+XWPc0D5FnFSyf0kYi2la
REXE1rkB7wactqwO4PpC5eZuUPgkZxkxZvCFZfUclFuxyCLhvSrDyDC3/Ttf/yld
trYlcPM70o0PmXaBQOeHyVWETgK9Aa8ihuDa4xAUBQidG7bVwyM8hTgNn8QxhGyR
sS+JujRU1dODl2VZXorRKWSRS0kCldbml7dyvdEXZZnDz5OrsSDIh/3b+cjFlGVZ
mnCrY20D9OyRxz0KlNWPG7QjEIht3u3NqWdk153RP+M7
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:50 2024 by rpki-client on console-ams.rpki-client.org