Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/tmVe6KGjiQJTnkT3q8eNbgVBvfw.roa
File: tmVe6KGjiQJTnkT3q8eNbgVBvfw.roa (raw, json)
Hash identifier: BLZbajnwB0CjlcUxbQ2zg0Z5MauwC9k/DY9f6wRpHsY=
Subject key identifier: B6:65:5E:E8:A1:A3:89:02:53:9E:44:F7:AB:C7:8D:6E:05:41:BD:FC
Certificate issuer: /CN=fd0ef040fba45bce7b07163495cdf5e85077919d
Certificate serial: 018640F2A02E029B3F287BDE728A0165EC4B
Authority key identifier: FD:0E:F0:40:FB:A4:5B:CE:7B:07:16:34:95:CD:F5:E8:50:77:91:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Q7wQPukW857BxY0lc316FB3kZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/tmVe6KGjiQJTnkT3q8eNbgVBvfw.roa
Signing time: Sat 11 Feb 2023 14:48:07 +0000
ROA not before: Sat 11 Feb 2023 14:48:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 194.0.173.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:40:f2:a0:2e:02:9b:3f:28:7b:de:72:8a:01:65:ec:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd0ef040fba45bce7b07163495cdf5e85077919d
Validity
Not Before: Feb 11 14:48:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6655ee8a1a38902539e44f7abc78d6e0541bdfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1e:a1:24:cc:71:61:e6:f2:f7:fd:36:9a:af:
fb:64:f7:f0:8d:5c:07:b2:d9:a1:5f:cc:df:cd:46:
9a:57:bb:d6:b7:cb:4f:a8:c4:08:e2:81:a3:8e:a1:
c6:15:f7:68:b8:19:ad:ce:97:5f:d3:0f:0c:b2:64:
be:bf:15:9e:3a:32:c5:04:8f:c2:87:b0:ec:4a:36:
0b:07:fe:ce:63:b2:8c:6a:3b:3b:b2:7d:85:be:8e:
29:2f:61:bc:bd:5d:3b:3a:24:e3:bf:f5:42:ce:0b:
64:ec:3b:0e:37:0e:99:a0:39:c0:ac:56:83:a6:56:
8a:9a:2c:6c:e5:0c:7a:7d:03:84:59:bd:64:58:6c:
20:cd:ac:8a:7e:cf:33:07:48:00:ca:58:01:dd:35:
c8:67:c0:95:7d:1d:f3:e7:c7:c7:87:98:02:32:96:
21:3b:e2:72:a2:ab:e0:d6:cc:3f:ad:cb:5c:0a:63:
84:18:ea:0d:89:12:1f:20:38:d1:b5:96:aa:65:b9:
c0:d7:b9:e7:6b:6d:26:37:0c:9c:c8:bf:d7:cd:f4:
68:48:12:ca:31:db:a9:42:63:43:48:cb:d4:d6:58:
a0:7a:b0:46:32:b9:62:d2:99:1f:04:1f:ef:83:c5:
07:f4:cc:9b:f9:bf:11:77:f7:e0:e0:72:52:6d:ce:
36:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:65:5E:E8:A1:A3:89:02:53:9E:44:F7:AB:C7:8D:6E:05:41:BD:FC
X509v3 Authority Key Identifier:
keyid:FD:0E:F0:40:FB:A4:5B:CE:7B:07:16:34:95:CD:F5:E8:50:77:91:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Q7wQPukW857BxY0lc316FB3kZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/tmVe6KGjiQJTnkT3q8eNbgVBvfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/_Q7wQPukW857BxY0lc316FB3kZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.173.0/24
Signature Algorithm: sha256WithRSAEncryption
08:d8:83:ef:02:2a:e1:7c:4f:80:44:d6:f5:f2:4e:0d:e0:b7:
80:a8:5a:93:50:98:8a:27:26:02:2b:e3:c7:ca:19:35:ad:68:
0a:44:f5:82:a5:1b:77:65:fa:2f:c1:a4:da:68:58:1d:a5:1e:
71:da:ac:16:88:90:d0:1f:a8:6f:67:2e:83:fc:22:f2:1c:a4:
6a:d4:2a:2d:3f:46:96:87:5e:8f:e5:28:a7:4d:74:6a:5a:7e:
45:e4:24:53:51:17:62:64:70:29:d2:83:59:6b:ce:63:bb:15:
94:51:1b:80:c0:7b:4d:3d:95:85:a1:d6:8a:b7:48:c0:95:7d:
3f:11:50:ff:3e:15:83:44:f0:1b:8a:73:7d:b5:13:77:59:ea:
dd:ac:4c:da:15:76:22:e8:9a:f0:de:ab:0f:13:90:92:b5:5b:
81:63:1d:db:5f:9c:55:b4:5e:0a:4b:2c:62:ec:52:49:f5:66:
c1:f1:6a:b8:9a:59:6c:4e:6f:09:e9:6b:55:12:f6:ec:9f:a2:
af:d2:dc:b4:d5:cc:3c:56:3b:c9:18:8a:88:4a:94:dc:79:45:
94:c3:97:be:57:fa:5a:87:63:9f:6e:f9:8e:ff:7e:37:e3:9b:
29:09:ad:79:db:7a:f0:a5:3e:f8:63:26:e6:8f:42:39:27:3d:
a2:33:53:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZA8qAuAps/KHvecooBZexLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMGVmMDQwZmJhNDViY2U3YjA3MTYzNDk1Y2RmNWU4NTA3
NzkxOWQwHhcNMjMwMjExMTQ0ODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjY1NWVlOGExYTM4OTAyNTM5ZTQ0ZjdhYmM3OGQ2ZTA1NDFiZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzh6hJMxxYeby9/02mq/7ZPfwjVwH
stmhX8zfzUaaV7vWt8tPqMQI4oGjjqHGFfdouBmtzpdf0w8MsmS+vxWeOjLFBI/C
h7DsSjYLB/7OY7KMajs7sn2Fvo4pL2G8vV07OiTjv/VCzgtk7DsONw6ZoDnArFaD
plaKmixs5Qx6fQOEWb1kWGwgzayKfs8zB0gAylgB3TXIZ8CVfR3z58fHh5gCMpYh
O+Jyoqvg1sw/rctcCmOEGOoNiRIfIDjRtZaqZbnA17nna20mNwycyL/XzfRoSBLK
MdupQmNDSMvU1ligerBGMrli0pkfBB/vg8UH9Myb+b8Rd/fg4HJSbc42HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZlXuiho4kCU55E96vHjW4FQb38MB8GA1UdIwQY
MBaAFP0O8ED7pFvOewcWNJXN9ehQd5GdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1E3d1FQdWtXODU3QnhZMGxjMzE2RkIza1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kNzcxNjgtMTMzZi00NTUzLWIxOWQt
NTZjOTRmMzI2ZGMyLzEvdG1WZTZLR2ppUUpUbmtUM3E4ZU5iZ1ZCdmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kNzcxNjgtMTMzZi00NTUzLWIxOWQtNTZjOTRmMzI2ZGMy
LzEvX1E3d1FQdWtXODU3QnhZMGxjMzE2RkIza1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgCtMA0G
CSqGSIb3DQEBCwUAA4IBAQAI2IPvAirhfE+ARNb18k4N4LeAqFqTUJiKJyYCK+PH
yhk1rWgKRPWCpRt3ZfovwaTaaFgdpR5x2qwWiJDQH6hvZy6D/CLyHKRq1CotP0aW
h16P5SinTXRqWn5F5CRTURdiZHAp0oNZa85juxWUURuAwHtNPZWFodaKt0jAlX0/
EVD/PhWDRPAbinN9tRN3WerdrEzaFXYi6Jrw3qsPE5CStVuBYx3bX5xVtF4KSyxi
7FJJ9WbB8Wq4mllsTm8J6WtVEvbsn6Kv0ty01cw8VjvJGIqISpTceUWUw5e+V/pa
h2OfbvmO/34345spCa1523rwpT74Yybmj0I5Jz2iM1Np
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:35 2024 by rpki-client on console-fra.rpki-client.org