Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/0Mj8oBBgItFQ4dMtrNEFCCDo9Ko.roa
File: 0Mj8oBBgItFQ4dMtrNEFCCDo9Ko.roa (raw, json)
Hash identifier: CEg0IjL8uEvTJOBwHgGFy1wv/7ovJcI4mhcjCS5jw5E=
Subject key identifier: D0:C8:FC:A0:10:60:22:D1:50:E1:D3:2D:AC:D1:05:08:20:E8:F4:AA
Certificate issuer: /CN=1aa19c92e96677f5f96f68f1ca0aad9fa311eb45
Certificate serial: 01856D78845AB3D605B634A2FF3CEDDE8FE9
Authority key identifier: 1A:A1:9C:92:E9:66:77:F5:F9:6F:68:F1:CA:0A:AD:9F:A3:11:EB:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/0Mj8oBBgItFQ4dMtrNEFCCDo9Ko.roa
Signing time: Sun 01 Jan 2023 13:14:52 +0000
ROA not before: Sun 01 Jan 2023 13:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49859
IP address blocks: 194.32.111.0/24 maxlen: 24
2a00:e780:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:84:5a:b3:d6:05:b6:34:a2:ff:3c:ed:de:8f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aa19c92e96677f5f96f68f1ca0aad9fa311eb45
Validity
Not Before: Jan 1 13:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0c8fca0106022d150e1d32dacd1050820e8f4aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fc:dc:33:c1:3f:f7:5a:98:41:3e:ab:37:ab:
68:41:38:4d:aa:16:ab:56:98:8d:01:4b:a7:33:68:
33:3f:a1:48:55:a9:6f:7a:a3:27:97:3a:b8:69:b0:
c5:1b:7e:1e:64:f9:53:8f:be:4b:ae:0c:82:b2:cc:
a8:c9:38:23:3a:b1:42:fe:15:c6:7c:8e:55:f5:5a:
5d:26:ae:32:c6:b2:71:80:57:f7:3f:e4:38:38:0a:
71:24:f4:cd:eb:49:a2:07:1e:c2:a0:a7:04:76:b0:
1c:e4:e4:3b:11:af:d4:95:47:7d:b5:23:58:fe:06:
15:31:69:76:e8:69:37:df:6e:42:16:d6:31:67:03:
60:db:3f:dc:4a:9d:0c:f3:4e:ba:38:5b:49:39:9d:
f1:ca:89:b3:79:f8:a5:3c:a8:4f:61:b1:1e:30:05:
fe:16:0e:6f:ff:cc:20:8e:77:cb:9f:15:eb:04:4a:
40:5b:8c:7a:0d:ca:b5:d9:75:cf:32:29:1a:77:85:
90:88:84:fa:15:3e:7c:83:d5:08:54:15:2d:f5:ab:
e8:c1:a1:61:c5:a9:58:6b:26:f0:be:c1:60:bb:1e:
f8:f4:b9:d6:c6:91:aa:c8:93:82:55:63:ea:f7:a0:
90:a7:b7:4d:10:86:04:ca:59:4f:47:7f:b9:fc:09:
b2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C8:FC:A0:10:60:22:D1:50:E1:D3:2D:AC:D1:05:08:20:E8:F4:AA
X509v3 Authority Key Identifier:
keyid:1A:A1:9C:92:E9:66:77:F5:F9:6F:68:F1:CA:0A:AD:9F:A3:11:EB:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/0Mj8oBBgItFQ4dMtrNEFCCDo9Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/GqGckulmd_X5b2jxygqtn6MR60U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.111.0/24
IPv6:
2a00:e780:1::/48
Signature Algorithm: sha256WithRSAEncryption
34:a2:9a:e5:3c:e0:d6:73:38:c3:01:6b:04:79:4e:0c:e6:89:
63:d5:78:b4:29:e9:2b:bd:52:50:92:fd:d5:70:42:d2:b3:bf:
51:ad:25:fd:90:f8:e8:ac:b1:d0:73:e0:dd:d6:4a:cf:18:2c:
60:3e:38:9f:cd:5c:5b:52:e6:e2:7d:fa:ae:84:dd:40:22:af:
84:1a:54:be:18:f2:48:1a:52:8f:01:3a:25:35:8f:38:5a:82:
0b:6e:af:ff:30:1f:c7:96:06:b0:8c:7b:37:8c:75:01:78:02:
4d:3a:b9:75:0c:fc:12:58:c4:fd:56:b7:3e:bb:cd:c0:88:d6:
57:dc:03:e1:b9:50:ea:8b:ca:cb:3a:4e:78:0e:79:e3:fd:42:
74:7d:97:e6:33:8e:2a:d5:6f:39:c3:4c:bb:35:3a:55:25:be:
19:99:ff:13:24:5e:f6:0a:a0:f4:41:df:11:e2:8f:c5:9b:14:
76:cf:80:a5:e6:a1:31:04:dd:ae:fc:74:c9:01:47:bd:bf:50:
1c:f1:c6:03:57:b6:e2:86:9e:61:1a:c5:22:1d:fd:8e:5a:4c:
8e:53:66:6e:13:b7:a9:8f:88:c7:35:9f:68:01:85:8c:8e:53:
9c:05:b6:0f:15:23:29:c5:0d:a5:fc:03:96:1e:da:e6:7e:52:
0b:9e:ce:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVteIRas9YFtjSi/zzt3o/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYTE5YzkyZTk2Njc3ZjVmOTZmNjhmMWNhMGFhZDlmYTMx
MWViNDUwHhcNMjMwMTAxMTMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGM4ZmNhMDEwNjAyMmQxNTBlMWQzMmRhY2QxMDUwODIwZThmNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPzcM8E/91qYQT6rN6toQThNqhar
VpiNAUunM2gzP6FIValveqMnlzq4abDFG34eZPlTj75LrgyCssyoyTgjOrFC/hXG
fI5V9VpdJq4yxrJxgFf3P+Q4OApxJPTN60miBx7CoKcEdrAc5OQ7Ea/UlUd9tSNY
/gYVMWl26Gk3325CFtYxZwNg2z/cSp0M8066OFtJOZ3xyomzefilPKhPYbEeMAX+
Fg5v/8wgjnfLnxXrBEpAW4x6Dcq12XXPMikad4WQiIT6FT58g9UIVBUt9avowaFh
xalYaybwvsFgux749LnWxpGqyJOCVWPq96CQp7dNEIYEyllPR3+5/AmyQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNDI/KAQYCLRUOHTLazRBQgg6PSqMB8GA1UdIwQY
MBaAFBqhnJLpZnf1+W9o8coKrZ+jEetFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FHY2t1bG1kX1g1YjJqeHlncXRuNk1SNjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8wMGFkYjAtODkwZC00N2FkLWExOGMt
NGFkMGFiZWMyNzVlLzEvME1qOG9CQmdJdEZRNGRNdHJORUZDQ0RvOUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8wMGFkYjAtODkwZC00N2FkLWExOGMtNGFkMGFiZWMyNzVl
LzEvR3FHY2t1bG1kX1g1YjJqeHlncXRuNk1SNjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwiBvMA8E
AgACMAkDBwAqAOeAAAEwDQYJKoZIhvcNAQELBQADggEBADSimuU84NZzOMMBawR5
TgzmiWPVeLQp6Su9UlCS/dVwQtKzv1GtJf2Q+OissdBz4N3WSs8YLGA+OJ/NXFtS
5uJ9+q6E3UAir4QaVL4Y8kgaUo8BOiU1jzhaggtur/8wH8eWBrCMezeMdQF4Ak06
uXUM/BJYxP1Wtz67zcCI1lfcA+G5UOqLyss6TngOeeP9QnR9l+YzjirVbznDTLs1
OlUlvhmZ/xMkXvYKoPRB3xHij8WbFHbPgKXmoTEE3a78dMkBR72/UBzxxgNXtuKG
nmEaxSId/Y5aTI5TZm4Tt6mPiMc1n2gBhYyOU5wFtg8VIynFDaX8A5Ye2uZ+Ugue
zv0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:18 2024 by rpki-client on console-ams.rpki-client.org