Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/5c3a4c-9843-4bec-a162-18c0365307bf/1/jaSwZ3b4DiwFLGdwNUGtnvdqw0w.roa
File: jaSwZ3b4DiwFLGdwNUGtnvdqw0w.roa (raw, json)
Hash identifier: 9ldiTUEW379kUh5oLrN75o0mQI1vYw5bgKMa9Ug3rSA=
Subject key identifier: 8D:A4:B0:67:76:F8:0E:2C:05:2C:67:70:35:41:AD:9E:F7:6A:C3:4C
Certificate issuer: /CN=7d8c74143c2273e201a675715431dfaf28fe17b2
Certificate serial: 01856F14B376DEE0789BFCD433D4E03B978A
Authority key identifier: 7D:8C:74:14:3C:22:73:E2:01:A6:75:71:54:31:DF:AF:28:FE:17:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fYx0FDwic-IBpnVxVDHfryj-F7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/5c3a4c-9843-4bec-a162-18c0365307bf/1/jaSwZ3b4DiwFLGdwNUGtnvdqw0w.roa
Signing time: Sun 01 Jan 2023 20:45:05 +0000
ROA not before: Sun 01 Jan 2023 20:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207797
IP address blocks: 194.76.252.0/24 maxlen: 24
2a0f:ab40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:b3:76:de:e0:78:9b:fc:d4:33:d4:e0:3b:97:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d8c74143c2273e201a675715431dfaf28fe17b2
Validity
Not Before: Jan 1 20:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8da4b06776f80e2c052c67703541ad9ef76ac34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7e:8c:49:1e:af:e5:a5:06:65:03:2a:69:06:
dc:97:cb:c5:b2:e4:74:01:6c:f9:b5:7c:c4:3b:03:
48:de:cd:95:c9:3a:0a:20:d0:87:e6:5a:d2:9e:ee:
bd:0d:17:98:fb:bc:ad:8f:54:f4:e5:e0:c8:02:b9:
55:33:b1:d9:df:88:9c:60:59:18:d5:f8:f9:ab:a6:
5e:04:c8:25:da:19:c7:d2:d0:f8:25:66:b3:19:6c:
12:69:65:12:3a:9e:4a:a4:26:91:bf:3b:62:8a:1e:
3c:fb:6d:1f:70:a0:f8:eb:65:62:37:8a:13:6d:7f:
37:a4:c0:d6:36:62:7f:5e:2f:0e:6c:9a:e2:6c:9f:
0a:e3:2f:a8:68:35:b5:bd:07:b9:c2:ec:8b:60:c5:
cd:44:d0:83:11:be:c7:17:cd:c8:52:b4:16:da:c4:
f2:a3:e6:b9:0e:a1:ac:83:4b:73:08:64:2e:bc:a3:
a6:13:b6:01:59:86:3f:c7:aa:af:40:f1:be:cc:6c:
a7:b3:f3:9b:13:24:66:46:f7:00:e9:f4:7d:4e:49:
24:b9:8a:38:c8:54:75:49:3c:f9:eb:cf:82:11:a8:
e2:cf:50:52:ac:9b:1a:97:88:20:fd:ed:9f:3d:dd:
57:05:6d:04:e2:cb:70:7b:18:90:e4:97:0a:ec:09:
47:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A4:B0:67:76:F8:0E:2C:05:2C:67:70:35:41:AD:9E:F7:6A:C3:4C
X509v3 Authority Key Identifier:
keyid:7D:8C:74:14:3C:22:73:E2:01:A6:75:71:54:31:DF:AF:28:FE:17:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fYx0FDwic-IBpnVxVDHfryj-F7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5c3a4c-9843-4bec-a162-18c0365307bf/1/jaSwZ3b4DiwFLGdwNUGtnvdqw0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5c3a4c-9843-4bec-a162-18c0365307bf/1/fYx0FDwic-IBpnVxVDHfryj-F7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.252.0/24
IPv6:
2a0f:ab40::/32
Signature Algorithm: sha256WithRSAEncryption
30:47:e4:9a:95:42:8c:13:fe:bb:46:30:6b:73:c6:06:38:4a:
9d:3a:25:aa:5c:7e:26:70:47:66:f8:d2:ff:b1:cd:ea:8b:59:
8a:05:0e:74:87:e6:46:55:f8:b6:b8:c0:81:45:c7:59:7f:91:
07:5e:1c:67:14:94:cf:0b:2f:8f:28:43:03:c6:df:29:92:d2:
21:f8:a3:6f:70:85:0c:29:24:df:df:64:5d:74:db:68:e4:7d:
6d:a9:57:22:02:c2:2e:de:32:8c:ef:86:15:6e:ab:2e:87:a2:
11:d6:ff:47:7d:ae:9a:70:11:db:8f:dc:35:e7:39:65:3a:03:
93:76:a8:ff:0a:a5:07:7c:ee:85:e8:2a:f2:36:32:40:61:2c:
a8:fb:8e:b8:35:2e:65:85:b4:e3:e8:23:b0:1a:79:99:1c:6f:
be:d0:6e:d6:81:d5:35:68:b2:90:b0:43:8e:9a:f7:4a:e1:a1:
97:fc:27:d5:16:20:91:1b:99:86:47:e7:10:51:0f:67:fb:08:
fb:65:16:72:d9:a7:54:98:ea:c1:fc:c7:c5:25:a1:7e:5c:ef:
80:ed:ac:30:7e:1d:a8:7b:2e:37:2b:c5:fd:81:f5:ee:83:ce:
e9:eb:09:57:f0:f8:6b:6d:ee:a4:14:65:fb:2d:80:47:90:d8:
67:9b:27:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFLN23uB4m/zUM9TgO5eKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOGM3NDE0M2MyMjczZTIwMWE2NzU3MTU0MzFkZmFmMjhm
ZTE3YjIwHhcNMjMwMTAxMjA0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGE0YjA2Nzc2ZjgwZTJjMDUyYzY3NzAzNTQxYWQ5ZWY3NmFjMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n6MSR6v5aUGZQMqaQbcl8vFsuR0
AWz5tXzEOwNI3s2VyToKINCH5lrSnu69DReY+7ytj1T05eDIArlVM7HZ34icYFkY
1fj5q6ZeBMgl2hnH0tD4JWazGWwSaWUSOp5KpCaRvztiih48+20fcKD462ViN4oT
bX83pMDWNmJ/Xi8ObJribJ8K4y+oaDW1vQe5wuyLYMXNRNCDEb7HF83IUrQW2sTy
o+a5DqGsg0tzCGQuvKOmE7YBWYY/x6qvQPG+zGyns/ObEyRmRvcA6fR9TkkkuYo4
yFR1STz568+CEajiz1BSrJsal4gg/e2fPd1XBW0E4stwexiQ5JcK7AlHZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI2ksGd2+A4sBSxncDVBrZ73asNMMB8GA1UdIwQY
MBaAFH2MdBQ8InPiAaZ1cVQx368o/heyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZll4MEZEd2ljLUlCcG5WeFZESGZyeWotRjdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS81YzNhNGMtOTg0My00YmVjLWExNjIt
MThjMDM2NTMwN2JmLzEvamFTd1ozYjREaXdGTEdkd05VR3RudmRxdzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS81YzNhNGMtOTg0My00YmVjLWExNjItMThjMDM2NTMwN2Jm
LzEvZll4MEZEd2ljLUlCcG5WeFZESGZyeWotRjdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwkz8MA0E
AgACMAcDBQAqD6tAMA0GCSqGSIb3DQEBCwUAA4IBAQAwR+SalUKME/67RjBrc8YG
OEqdOiWqXH4mcEdm+NL/sc3qi1mKBQ50h+ZGVfi2uMCBRcdZf5EHXhxnFJTPCy+P
KEMDxt8pktIh+KNvcIUMKSTf32RddNto5H1tqVciAsIu3jKM74YVbqsuh6IR1v9H
fa6acBHbj9w15zllOgOTdqj/CqUHfO6F6CryNjJAYSyo+464NS5lhbTj6COwGnmZ
HG++0G7WgdU1aLKQsEOOmvdK4aGX/CfVFiCRG5mGR+cQUQ9n+wj7ZRZy2adUmOrB
/MfFJaF+XO+A7awwfh2oey43K8X9gfXug87p6wlX8Phrbe6kFGX7LYBHkNhnmyf4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:36 2024 by rpki-client on console-ams.rpki-client.org