Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/_wQSHk03wW5Lf4blHA4JfIh1oYM.roa
File: _wQSHk03wW5Lf4blHA4JfIh1oYM.roa (raw, json)
Hash identifier: Iq0RNI/RXnzo9CWG7STXxSecZ+twPEF2J+dlj2gvdKU=
Subject key identifier: FF:04:12:1E:4D:37:C1:6E:4B:7F:86:E5:1C:0E:09:7C:88:75:A1:83
Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Certificate serial: 018CC3490E3BAFEE39D1B41D9B318AFC635A
Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/_wQSHk03wW5Lf4blHA4JfIh1oYM.roa
Signing time: Mon 01 Jan 2024 04:29:54 +0000
ROA not before: Mon 01 Jan 2024 04:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212346
IP address blocks: 194.147.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:0e:3b:af:ee:39:d1:b4:1d:9b:31:8a:fc:63:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Validity
Not Before: Jan 1 04:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff04121e4d37c16e4b7f86e51c0e097c8875a183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:41:6c:71:ed:88:0a:8e:60:d6:a8:cc:f3:a9:
f4:dd:86:07:81:15:8e:2e:97:81:96:8e:ce:ea:fd:
ec:ec:e7:bc:25:e8:63:fb:30:b2:b4:43:cd:a1:23:
c1:0f:c0:16:95:d2:e3:11:c2:ab:05:f9:26:5e:7e:
a7:ad:d3:be:a6:7c:ac:b1:12:98:20:3d:83:3a:fa:
e3:f9:52:30:fb:06:fd:cb:fe:64:d8:4c:06:99:84:
3b:a4:f7:fd:d9:52:2b:9e:4f:ea:9a:9e:4c:e4:9b:
5b:ed:13:e4:f1:9e:8c:e7:99:a8:50:32:d3:4b:09:
f7:62:cc:94:bd:4e:56:c2:be:a3:d5:b1:15:8d:f0:
69:8b:c3:35:37:06:5a:dd:fa:b3:86:24:50:74:40:
96:e6:67:e6:d3:b4:43:b0:fa:18:38:d5:72:84:8b:
28:a6:45:dc:b9:8f:a3:6a:0a:5a:48:24:02:03:fe:
e5:8e:5b:bb:7c:15:11:4d:af:e2:04:2e:56:69:fe:
0b:33:64:17:63:15:74:55:20:84:74:97:e6:0b:0c:
2c:15:c5:3c:a8:9a:2d:a9:4c:ac:01:10:d8:a6:dd:
e2:99:1a:7d:82:8b:a2:66:0c:8d:e6:96:20:7a:5e:
6f:b4:93:67:6d:72:62:e4:25:ce:7d:9a:a7:b7:fd:
4b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:04:12:1E:4D:37:C1:6E:4B:7F:86:E5:1C:0E:09:7C:88:75:A1:83
X509v3 Authority Key Identifier:
keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/_wQSHk03wW5Lf4blHA4JfIh1oYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.230.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:cc:e3:35:04:85:ca:ba:ae:79:f1:2d:de:d6:13:26:70:b2:
fa:96:a5:12:b0:6e:20:bd:a9:59:07:cd:b7:3a:7b:2f:de:d6:
00:85:aa:50:91:b0:82:01:55:cb:97:ca:53:c4:e5:27:99:24:
28:4f:d1:93:63:a1:ab:d3:66:89:b6:a0:f5:d5:e6:dd:58:cc:
67:53:a1:93:fa:f0:d7:a4:98:71:77:be:0a:61:48:b7:a8:06:
e0:23:74:36:54:15:78:59:65:f9:98:1b:d0:5b:68:2d:46:41:
1d:9d:da:97:4c:c8:8d:69:42:e0:15:44:74:d3:29:0e:70:ec:
65:77:4e:0f:e9:48:0a:70:33:f9:da:d0:5a:f6:71:92:f4:59:
bd:1b:ff:77:6d:bb:d9:2d:93:ce:d7:51:c6:59:70:ea:f4:a0:
df:f9:41:1e:7e:3c:80:48:40:e0:d0:a8:5e:4e:0b:89:c7:4c:
22:2c:d1:46:2b:43:5b:55:e8:96:45:3f:c6:27:19:bf:ed:ac:
3f:1c:4c:9d:98:15:00:a7:57:cd:a7:57:17:10:0f:21:b4:bb:
a1:68:86:4e:ae:c8:27:3b:e4:12:4e:50:57:b2:a9:68:9e:9d:
97:e7:1d:94:8a:da:b8:28:e0:77:d8:3f:bb:b1:b1:3d:31:45:
1a:4d:e3:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSQ47r+450bQdmzGK/GNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDVlYzE1MTZlZTZkYzE5ZDFlNWMzOTk4Y2I3ZTdhNjQ2
ZjcxNWEwHhcNMjQwMTAxMDQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjA0MTIxZTRkMzdjMTZlNGI3Zjg2ZTUxYzBlMDk3Yzg4NzVhMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20Fsce2ICo5g1qjM86n03YYHgRWO
LpeBlo7O6v3s7Oe8Jehj+zCytEPNoSPBD8AWldLjEcKrBfkmXn6nrdO+pnyssRKY
ID2DOvrj+VIw+wb9y/5k2EwGmYQ7pPf92VIrnk/qmp5M5Jtb7RPk8Z6M55moUDLT
Swn3YsyUvU5Wwr6j1bEVjfBpi8M1NwZa3fqzhiRQdECW5mfm07RDsPoYONVyhIso
pkXcuY+jagpaSCQCA/7ljlu7fBURTa/iBC5Waf4LM2QXYxV0VSCEdJfmCwwsFcU8
qJotqUysARDYpt3imRp9gouiZgyN5pYgel5vtJNnbXJi5CXOfZqnt/1LlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8EEh5NN8FuS3+G5RwOCXyIdaGDMB8GA1UdIwQY
MBaAFLPV7BUW7m3BnR5cOZjLfnpkb3FaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEt
NmMzMDVhNmRiYWI5LzEvX3dRU0hrMDN3VzVMZjRibEhBNEpmSWgxb1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEtNmMzMDVhNmRiYWI5
LzEvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpPmMA0G
CSqGSIb3DQEBCwUAA4IBAQCyzOM1BIXKuq558S3e1hMmcLL6lqUSsG4gvalZB823
Onsv3tYAhapQkbCCAVXLl8pTxOUnmSQoT9GTY6Gr02aJtqD11ebdWMxnU6GT+vDX
pJhxd74KYUi3qAbgI3Q2VBV4WWX5mBvQW2gtRkEdndqXTMiNaULgFUR00ykOcOxl
d04P6UgKcDP52tBa9nGS9Fm9G/93bbvZLZPO11HGWXDq9KDf+UEefjyASEDg0Khe
TguJx0wiLNFGK0NbVeiWRT/GJxm/7aw/HEydmBUAp1fNp1cXEA8htLuhaIZOrsgn
O+QSTlBXsqlonp2X5x2Uitq4KOB32D+7sbE9MUUaTeNQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:40 2025 by rpki-client