Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/wrdO8BfFD_WpVjZV97eF-S-CuPk.roa
File: wrdO8BfFD_WpVjZV97eF-S-CuPk.roa (raw, json)
Hash identifier: KnIWo+/zgILSm3cAlRwpCtCQvlvYP4UvLxg9feVge4g=
Subject key identifier: C2:B7:4E:F0:17:C5:0F:F5:A9:56:36:55:F7:B7:85:F9:2F:82:B8:F9
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 018CC34956B4DB4A8A09B3E07346D20D54AE
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/wrdO8BfFD_WpVjZV97eF-S-CuPk.roa
Signing time: Mon 01 Jan 2024 04:30:12 +0000
ROA not before: Mon 01 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.169.48.0/24 maxlen: 24
194.165.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 15:27:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:56:b4:db:4a:8a:09:b3:e0:73:46:d2:0d:54:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jan 1 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2b74ef017c50ff5a9563655f7b785f92f82b8f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:47:5b:3b:42:db:b1:a8:0e:c1:ef:e4:69:6e:
30:6a:61:81:c4:04:11:df:fc:0f:b1:7e:a2:6f:63:
c6:1d:63:bb:62:28:54:d9:fd:f1:eb:3a:13:df:88:
49:ce:a0:a4:dd:0c:0b:99:71:9f:7e:5b:97:9b:45:
7b:0b:7e:25:72:59:5f:ed:d5:e0:ed:53:38:18:80:
eb:a4:0e:b1:b5:fd:13:de:a9:2d:95:1e:74:b0:6c:
18:66:71:38:fe:96:75:51:21:55:8e:25:94:4e:ed:
79:46:fa:a4:26:db:4c:14:e3:2f:fc:1d:b9:f0:09:
be:14:b9:5c:36:32:4b:e5:49:5c:21:18:7f:30:c8:
e1:17:e6:7b:8d:ad:d8:14:a5:22:ae:53:c4:0a:15:
06:f5:05:5c:42:ac:56:93:5b:30:e0:40:21:6c:c4:
31:3d:ec:b8:23:6b:f4:a2:fe:6b:ec:1b:72:8d:0a:
65:2d:73:ef:5d:48:df:3c:8d:19:18:09:3b:91:0f:
74:78:83:e1:4f:91:48:a6:93:f3:8d:5d:79:c5:c1:
ca:1d:21:84:e4:af:69:af:f5:fd:ba:25:db:d5:4e:
2f:a2:01:34:12:0f:9b:39:3f:f4:65:77:d3:6c:93:
2e:79:d4:c9:22:2a:fc:a3:00:7a:10:2a:92:26:3d:
15:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B7:4E:F0:17:C5:0F:F5:A9:56:36:55:F7:B7:85:F9:2F:82:B8:F9
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/wrdO8BfFD_WpVjZV97eF-S-CuPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.27.0/24
194.169.48.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:04:fc:a2:bd:c2:f1:0f:99:a4:39:aa:c8:e5:a1:06:8a:9e:
17:8c:51:f3:5a:0d:c9:fe:93:bf:39:13:35:03:cf:04:95:7e:
d0:c0:4f:43:e4:ec:1f:b2:8f:f8:e6:89:41:e8:5e:bf:01:f8:
3d:3f:9d:c9:11:1b:87:52:cc:1b:43:4a:82:54:aa:82:c0:fe:
87:bc:b1:ef:f3:74:86:c9:8f:a2:e0:50:ef:5e:8f:b9:d3:f2:
1f:5c:84:c6:67:6b:14:02:69:c2:3b:da:90:6b:70:33:a9:33:
38:4b:ba:a2:40:86:dc:aa:28:f4:03:b4:e2:6c:6f:7d:89:fe:
3f:78:5e:9c:ab:b7:e0:de:c0:bb:28:91:16:46:43:a7:2b:60:
80:67:09:fe:4d:2a:77:ce:2d:fb:c8:f8:af:98:19:98:7c:de:
db:c5:27:4e:f4:e0:db:35:97:ed:4e:48:11:61:9a:00:40:e6:
f5:01:79:83:9b:46:ed:07:77:67:d2:2b:8d:10:2f:0b:39:6b:
a9:ea:01:78:b6:4b:d5:89:2e:02:07:c0:5f:bb:51:9b:fa:ed:
d1:7d:b3:97:af:02:f6:38:ac:32:35:a0:a9:1d:1e:5e:ea:3d:
39:c8:1c:7e:ac:08:54:fe:45:39:99:ff:ce:0b:87:2b:2a:46:
f5:38:55:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSVa020qKCbPgc0bSDVSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI3NGVmMDE3YzUwZmY1YTk1NjM2NTVmN2I3ODVmOTJmODJiOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUdbO0LbsagOwe/kaW4wamGBxAQR
3/wPsX6ib2PGHWO7YihU2f3x6zoT34hJzqCk3QwLmXGffluXm0V7C34lcllf7dXg
7VM4GIDrpA6xtf0T3qktlR50sGwYZnE4/pZ1USFVjiWUTu15RvqkJttMFOMv/B25
8Am+FLlcNjJL5UlcIRh/MMjhF+Z7ja3YFKUirlPEChUG9QVcQqxWk1sw4EAhbMQx
Pey4I2v0ov5r7BtyjQplLXPvXUjfPI0ZGAk7kQ90eIPhT5FIppPzjV15xcHKHSGE
5K9pr/X9uiXb1U4vogE0Eg+bOT/0ZXfTbJMuedTJIir8owB6ECqSJj0VUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMK3TvAXxQ/1qVY2Vfe3hfkvgrj5MB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvd3JkTzhCZkZEX1dwVmpaVjk3ZUYtUy1DdVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwqUbAwQA
wqkwMA0GCSqGSIb3DQEBCwUAA4IBAQB6BPyivcLxD5mkOarI5aEGip4XjFHzWg3J
/pO/ORM1A88ElX7QwE9D5Owfso/45olB6F6/Afg9P53JERuHUswbQ0qCVKqCwP6H
vLHv83SGyY+i4FDvXo+50/IfXITGZ2sUAmnCO9qQa3AzqTM4S7qiQIbcqij0A7Ti
bG99if4/eF6cq7fg3sC7KJEWRkOnK2CAZwn+TSp3zi37yPivmBmYfN7bxSdO9ODb
NZftTkgRYZoAQOb1AXmDm0btB3dn0iuNEC8LOWup6gF4tkvViS4CB8Bfu1Gb+u3R
fbOXrwL2OKwyNaCpHR5e6j05yBx+rAhU/kU5mf/OC4crKkb1OFXj
-----END CERTIFICATE-----
Generated at Tue Jan 30 20:09:06 2024 by rpki-client on console-ams.rpki-client.org