Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6118f4-ca11-458d-bc60-11828e0e427b/1/_8MqzUpXHFtvS_-aapsPkkgm398.roa
File: _8MqzUpXHFtvS_-aapsPkkgm398.roa (raw, json)
Hash identifier: aG5nioCsyMWLKMP0LPCoEcRC1BNgh3TKNat+pOR4YYw=
Subject key identifier: FF:C3:2A:CD:4A:57:1C:5B:6F:4B:FF:9A:6A:9B:0F:92:48:26:DF:DF
Certificate issuer: /CN=144b315ae0f24c891fca18456c66917792af165e
Certificate serial: 018CCA28F3C55D4E0C30F8FA3DDF8A4ABC1C
Authority key identifier: 14:4B:31:5A:E0:F2:4C:89:1F:CA:18:45:6C:66:91:77:92:AF:16:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FEsxWuDyTIkfyhhFbGaRd5KvFl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6118f4-ca11-458d-bc60-11828e0e427b/1/_8MqzUpXHFtvS_-aapsPkkgm398.roa
Signing time: Tue 02 Jan 2024 12:32:10 +0000
ROA not before: Tue 02 Jan 2024 12:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8412
IP address blocks: 194.113.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:f3:c5:5d:4e:0c:30:f8:fa:3d:df:8a:4a:bc:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=144b315ae0f24c891fca18456c66917792af165e
Validity
Not Before: Jan 2 12:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffc32acd4a571c5b6f4bff9a6a9b0f924826dfdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c2:b7:81:ef:8b:36:28:d4:bf:70:88:37:eb:
ba:d4:e5:18:5e:8f:69:39:fe:a4:bc:98:30:13:ab:
8a:a4:3d:33:8f:d6:d0:86:cd:ed:79:1e:c4:0c:69:
00:7e:c6:98:40:24:d6:a2:33:01:48:23:a5:c7:24:
3d:0b:53:7f:c2:39:c2:7e:ec:fc:b6:b6:2c:96:e7:
64:13:db:cb:43:51:60:45:c7:98:18:6d:62:12:9e:
8e:99:e7:9b:40:94:00:41:f7:23:c8:0b:73:97:5b:
c7:80:99:e7:c6:94:40:b6:8d:2d:88:23:46:29:7f:
92:de:2f:6d:a1:4b:22:db:6b:f9:14:79:38:e5:95:
cb:51:2f:4a:83:e0:36:6d:f3:5b:41:57:85:bc:97:
e7:24:ee:0f:ab:cd:a2:1e:03:d5:b7:83:35:46:e8:
20:6b:b1:bc:77:1e:a1:9d:d6:51:01:e6:ac:02:14:
dd:c1:04:c1:52:d8:08:f3:20:27:fa:9e:a5:38:d0:
ba:80:f4:da:99:b5:c0:87:06:a3:6a:a7:ce:78:03:
80:e7:f7:c0:14:58:0d:64:c6:3b:3f:f3:05:40:07:
b1:a1:ae:27:0a:4f:22:95:10:7e:b4:c2:f6:c0:51:
60:7d:1d:5f:51:c0:b2:52:82:78:73:03:17:6f:3d:
9a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C3:2A:CD:4A:57:1C:5B:6F:4B:FF:9A:6A:9B:0F:92:48:26:DF:DF
X509v3 Authority Key Identifier:
keyid:14:4B:31:5A:E0:F2:4C:89:1F:CA:18:45:6C:66:91:77:92:AF:16:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FEsxWuDyTIkfyhhFbGaRd5KvFl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6118f4-ca11-458d-bc60-11828e0e427b/1/_8MqzUpXHFtvS_-aapsPkkgm398.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6118f4-ca11-458d-bc60-11828e0e427b/1/FEsxWuDyTIkfyhhFbGaRd5KvFl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.154.0/24
Signature Algorithm: sha256WithRSAEncryption
15:f7:b3:65:25:0f:db:11:d9:e4:e9:1b:ef:c9:22:ba:73:3f:
b3:3c:28:e9:f6:df:90:1c:3f:f4:4d:f7:7b:fc:ab:be:87:7c:
08:61:f5:7f:6f:6d:26:be:bb:3a:ec:89:7b:1c:bf:df:b8:9c:
69:ee:d5:80:05:4e:7c:37:fd:e9:09:70:14:9d:7f:62:77:45:
35:69:6f:d4:c2:ab:3a:78:ac:7e:65:81:93:57:17:07:bf:f3:
fc:f5:d3:58:08:86:d2:5f:75:50:59:84:30:0d:74:b0:bc:1d:
5e:52:e0:45:f4:74:9f:b5:b1:a6:d5:66:f9:03:58:ba:96:d6:
98:47:71:3e:96:5c:e9:63:a6:a6:40:61:d6:cb:63:2f:47:8a:
40:3d:92:e8:23:a2:a5:dc:fa:d0:df:b4:0c:e5:8a:16:4c:4a:
90:1d:60:85:ab:79:30:49:e2:e4:12:4e:98:0c:96:2a:4b:d7:
db:9d:f0:67:68:0b:d5:9c:ff:54:b4:f6:cc:e6:04:b3:ee:37:
a5:30:5f:9c:45:c6:3f:00:d4:e5:42:6f:dc:81:05:38:f1:74:
03:04:37:05:ab:dc:39:af:bb:f5:4f:de:95:dc:61:21:ee:bc:
c6:1e:ca:e1:0f:9a:6b:ce:be:7d:89:0d:35:9d:c0:73:b5:4a:
49:79:ca:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKPPFXU4MMPj6Pd+KSrwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NGIzMTVhZTBmMjRjODkxZmNhMTg0NTZjNjY5MTc3OTJh
ZjE2NWUwHhcNMjQwMTAyMTIzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmMzMmFjZDRhNTcxYzViNmY0YmZmOWE2YTliMGY5MjQ4MjZkZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMK3ge+LNijUv3CIN+u61OUYXo9p
Of6kvJgwE6uKpD0zj9bQhs3teR7EDGkAfsaYQCTWojMBSCOlxyQ9C1N/wjnCfuz8
trYsludkE9vLQ1FgRceYGG1iEp6OmeebQJQAQfcjyAtzl1vHgJnnxpRAto0tiCNG
KX+S3i9toUsi22v5FHk45ZXLUS9Kg+A2bfNbQVeFvJfnJO4Pq82iHgPVt4M1Rugg
a7G8dx6hndZRAeasAhTdwQTBUtgI8yAn+p6lONC6gPTambXAhwajaqfOeAOA5/fA
FFgNZMY7P/MFQAexoa4nCk8ilRB+tML2wFFgfR1fUcCyUoJ4cwMXbz2aWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/DKs1KVxxbb0v/mmqbD5JIJt/fMB8GA1UdIwQY
MBaAFBRLMVrg8kyJH8oYRWxmkXeSrxZeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkVzeFd1RHlUSWtmeWhoRmJHYVJkNUt2Rmw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82MTE4ZjQtY2ExMS00NThkLWJjNjAt
MTE4MjhlMGU0MjdiLzEvXzhNcXpVcFhIRnR2U18tYWFwc1Bra2dtMzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82MTE4ZjQtY2ExMS00NThkLWJjNjAtMTE4MjhlMGU0Mjdi
LzEvRkVzeFd1RHlUSWtmeWhoRmJHYVJkNUt2Rmw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnGaMA0G
CSqGSIb3DQEBCwUAA4IBAQAV97NlJQ/bEdnk6RvvySK6cz+zPCjp9t+QHD/0Tfd7
/Ku+h3wIYfV/b20mvrs67Il7HL/fuJxp7tWABU58N/3pCXAUnX9id0U1aW/Uwqs6
eKx+ZYGTVxcHv/P89dNYCIbSX3VQWYQwDXSwvB1eUuBF9HSftbGm1Wb5A1i6ltaY
R3E+llzpY6amQGHWy2MvR4pAPZLoI6Kl3PrQ37QM5YoWTEqQHWCFq3kwSeLkEk6Y
DJYqS9fbnfBnaAvVnP9UtPbM5gSz7jelMF+cRcY/ANTlQm/cgQU48XQDBDcFq9w5
r7v1T96V3GEh7rzGHsrhD5przr59iQ01ncBztUpJecrU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:21 2025 by rpki-client