Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fqZlF6iW81HnladnCeGYWP8LCyE.roa
File: fqZlF6iW81HnladnCeGYWP8LCyE.roa (raw, json)
Hash identifier: DNdBQ/Yhf52WdY75FybN9f4X21QFBuiGSrqtBHWaPdc=
Subject key identifier: 7E:A6:65:17:A8:96:F3:51:E7:95:A7:67:09:E1:98:58:FF:0B:0B:21
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D41752447FD55E793B42EDDB0B854D0AA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fqZlF6iW81HnladnCeGYWP8LCyE.roa
Signing time: Thu 25 Jan 2024 16:30:12 +0000
ROA not before: Thu 25 Jan 2024 16:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 146.19.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jan 2024 11:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:75:24:47:fd:55:e7:93:b4:2e:dd:b0:b8:54:d0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 25 16:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ea66517a896f351e795a76709e19858ff0b0b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c4:70:8b:5d:c9:0e:79:f2:93:9e:fa:19:b3:
91:83:25:19:33:20:94:12:4f:d8:83:da:54:ad:4e:
b6:76:33:c0:84:bf:72:8d:37:c0:fa:c2:c2:f3:93:
21:b7:71:f3:32:c9:34:ce:79:32:f6:8c:b4:a1:ed:
a6:14:8f:ee:7e:57:3c:22:aa:e2:69:83:56:5c:cd:
0c:03:0f:96:7e:5e:8f:82:fe:75:e3:da:7f:85:e8:
e8:96:8f:eb:d7:c3:f7:78:9e:ad:91:bc:df:f9:c3:
11:cb:4f:5b:11:65:d0:15:0e:9e:ba:c8:5e:12:d1:
f2:ae:96:06:db:ce:74:ef:b3:49:c0:ca:62:53:f2:
5d:e7:7e:3e:46:52:8a:d6:28:65:8c:00:2b:62:a2:
1e:95:ca:a4:01:15:e2:43:b9:94:bb:3d:41:5d:13:
06:ed:00:10:a1:8e:5a:c7:c7:8b:64:4e:dc:0a:1e:
59:5f:85:c6:ea:7e:de:1a:48:f0:41:40:75:c3:b7:
b3:27:12:b9:60:4f:be:e2:b3:17:b4:95:28:69:40:
03:14:68:a0:48:7b:95:e0:0a:58:76:d3:55:9b:b9:
45:56:8a:7c:53:ad:96:aa:a3:34:b6:67:82:ba:f3:
ff:89:4e:75:86:c0:4a:72:85:3a:4c:10:cc:a1:1f:
7d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A6:65:17:A8:96:F3:51:E7:95:A7:67:09:E1:98:58:FF:0B:0B:21
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fqZlF6iW81HnladnCeGYWP8LCyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.139.0/24
Signature Algorithm: sha256WithRSAEncryption
60:f6:22:11:b2:a2:6e:a3:80:37:4b:33:5d:68:0c:85:5e:90:
0e:f5:d4:ef:d9:5a:eb:97:dc:ac:96:40:88:bb:38:24:3f:e0:
c8:72:0c:37:b9:e2:45:46:23:1e:3d:62:1b:67:8a:36:82:50:
f2:a9:a5:94:46:9c:91:e9:21:04:69:43:78:0b:d6:9c:ff:93:
1d:57:ee:c6:f4:0e:1e:57:05:32:86:ea:83:23:32:54:79:cb:
ae:92:8e:19:ab:f3:a8:b4:af:66:2e:ee:7a:6b:21:ce:c6:8d:
72:c6:91:0d:db:67:20:8e:20:95:49:89:8a:78:bb:b8:5b:85:
35:f5:1c:96:53:b1:3b:d2:d9:16:b9:5e:9c:69:a0:66:fa:bd:
4b:a0:a7:4a:68:31:40:52:37:88:02:d3:bb:be:bd:2c:6f:32:
94:cb:74:82:f4:7d:f9:06:50:b0:ba:8b:f2:51:e5:08:ba:ef:
c0:a3:75:cd:f8:fb:53:5c:e3:df:31:c6:3d:68:2f:b9:08:a7:
98:d5:e3:bc:1c:5d:bd:18:41:41:60:11:05:b5:2f:56:b6:4b:
b4:32:8e:24:80:dd:51:33:29:8c:b2:58:1f:9e:fc:a2:93:dc:
fe:3d:32:52:87:8a:40:21:4b:6e:55:14:b1:b1:4b:21:37:8f:
2b:a5:97:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1BdSRH/VXnk7Qu3bC4VNCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTI1MTYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWE2NjUxN2E4OTZmMzUxZTc5NWE3NjcwOWUxOTg1OGZmMGIwYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMRwi13JDnnyk576GbORgyUZMyCU
Ek/Yg9pUrU62djPAhL9yjTfA+sLC85Mht3HzMsk0znky9oy0oe2mFI/uflc8Iqri
aYNWXM0MAw+Wfl6Pgv5149p/hejolo/r18P3eJ6tkbzf+cMRy09bEWXQFQ6eushe
EtHyrpYG285077NJwMpiU/Jd534+RlKK1ihljAArYqIelcqkARXiQ7mUuz1BXRMG
7QAQoY5ax8eLZE7cCh5ZX4XG6n7eGkjwQUB1w7ezJxK5YE++4rMXtJUoaUADFGig
SHuV4ApYdtNVm7lFVop8U62WqqM0tmeCuvP/iU51hsBKcoU6TBDMoR990QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH6mZReolvNR55WnZwnhmFj/CwshMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZnFabEY2aVc4MUhubGFkbkNlR1lXUDhMQ3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOLMA0G
CSqGSIb3DQEBCwUAA4IBAQBg9iIRsqJuo4A3SzNdaAyFXpAO9dTv2Vrrl9yslkCI
uzgkP+DIcgw3ueJFRiMePWIbZ4o2glDyqaWURpyR6SEEaUN4C9ac/5MdV+7G9A4e
VwUyhuqDIzJUecuuko4Zq/OotK9mLu56ayHOxo1yxpEN22cgjiCVSYmKeLu4W4U1
9RyWU7E70tkWuV6caaBm+r1LoKdKaDFAUjeIAtO7vr0sbzKUy3SC9H35BlCwuovy
UeUIuu/Ao3XN+PtTXOPfMcY9aC+5CKeY1eO8HF29GEFBYBEFtS9Wtku0Mo4kgN1R
MymMslgfnvyik9z+PTJSh4pAIUtuVRSxsUshN48rpZcE
-----END CERTIFICATE-----
Generated at Sat Jan 27 11:40:57 2024 by rpki-client on console-fra.rpki-client.org