Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/IQyqQk1Y8HiTkzwpwIRNjLd1p-s.roa
File: IQyqQk1Y8HiTkzwpwIRNjLd1p-s.roa (raw, json)
Hash identifier: TNPCBoqhe+w4FiFbEsVeQJd6xVvqLUyxHLNmeDOhGv8=
Subject key identifier: 21:0C:AA:42:4D:58:F0:78:93:93:3C:29:C0:84:4D:8C:B7:75:A7:EB
Certificate issuer: /CN=09b0110ae4b81794a508831fcb5edcc8d5fd2f1b
Certificate serial: 018CC26D0A918FC63C1CCA8FA857859F116B
Authority key identifier: 09:B0:11:0A:E4:B8:17:94:A5:08:83:1F:CB:5E:DC:C8:D5:FD:2F:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbARCuS4F5SlCIMfy17cyNX9Lxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/IQyqQk1Y8HiTkzwpwIRNjLd1p-s.roa
Signing time: Mon 01 Jan 2024 00:29:35 +0000
ROA not before: Mon 01 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212807
IP address blocks: 194.15.40.0/24 maxlen: 24
2a0f:7480::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 11 Feb 2024 19:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0a:91:8f:c6:3c:1c:ca:8f:a8:57:85:9f:11:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b0110ae4b81794a508831fcb5edcc8d5fd2f1b
Validity
Not Before: Jan 1 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=210caa424d58f07893933c29c0844d8cb775a7eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:51:c3:fc:d8:83:72:39:e2:a1:19:54:69:3b:
d7:03:50:0a:72:17:6b:54:f7:14:1d:23:19:61:ac:
b4:ac:a8:40:32:5d:ba:40:5b:08:8f:94:9b:97:3b:
e7:7f:b2:52:fe:28:07:70:7f:6b:2f:9f:ce:2f:71:
38:22:0e:b3:07:f8:df:74:38:5f:a4:63:7f:63:bf:
b2:6e:b2:d8:01:a8:e7:c6:88:ea:84:7c:41:ca:a5:
0c:e0:e0:d5:96:dd:28:43:b7:59:a5:e9:f9:e7:0a:
86:55:89:35:0f:74:f3:03:d5:14:70:b3:ac:db:33:
40:9d:f8:e6:98:ac:08:1f:36:b1:a9:cb:01:66:50:
f4:d9:7b:01:e4:7c:bb:b9:1c:65:0a:29:a5:7a:86:
91:5e:b9:29:e8:4a:f5:75:06:8c:59:ea:d2:9f:1c:
59:dd:4b:26:a9:6b:e6:0e:b6:a2:a7:68:65:ba:3d:
c0:87:5e:8e:30:ca:43:ee:e5:7a:c6:8a:e0:05:b7:
64:1a:07:de:9c:43:4a:b3:8f:30:fa:13:e6:65:4f:
ee:21:26:0b:74:3c:90:2d:d5:c6:45:ef:7c:0d:00:
3d:24:66:02:f9:cc:51:46:7a:9c:a8:60:25:2c:33:
14:71:2b:96:87:f3:12:dd:36:a5:c6:81:93:8c:98:
09:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0C:AA:42:4D:58:F0:78:93:93:3C:29:C0:84:4D:8C:B7:75:A7:EB
X509v3 Authority Key Identifier:
keyid:09:B0:11:0A:E4:B8:17:94:A5:08:83:1F:CB:5E:DC:C8:D5:FD:2F:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbARCuS4F5SlCIMfy17cyNX9Lxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/IQyqQk1Y8HiTkzwpwIRNjLd1p-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/CbARCuS4F5SlCIMfy17cyNX9Lxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.40.0/24
IPv6:
2a0f:7480::/29
Signature Algorithm: sha256WithRSAEncryption
07:a3:b3:d3:4f:68:b6:19:f6:18:59:c5:48:41:ff:4b:3e:89:
b4:a5:09:8a:a6:c4:a7:f4:4d:9b:b4:6a:e2:94:96:4e:e0:5a:
f3:c5:37:06:9f:44:5e:1e:c6:12:e7:6a:a8:10:f1:d1:45:fa:
dc:c3:66:de:9d:9a:e3:ae:3f:bb:7a:30:7e:2c:86:4a:0e:86:
b3:af:cc:c8:05:78:2d:60:53:f4:30:76:7f:ca:ac:39:08:ef:
b1:33:d2:ef:dc:ab:29:16:86:ae:e1:c6:e0:d7:12:0b:66:62:
b5:9c:66:fd:3e:e1:8d:f2:e4:3b:78:3f:cc:ba:ee:1b:47:46:
fe:f7:fa:d9:f5:0f:77:bf:79:0f:61:38:b4:fc:12:03:d0:ff:
8c:40:2a:ed:7e:c5:dc:be:47:e9:67:91:6b:1f:4e:68:6f:b4:
d8:2c:9e:61:9b:21:01:58:fe:ae:b1:fe:b4:48:a7:15:78:c3:
8c:7b:21:a3:eb:01:90:96:3e:62:0a:f3:f8:b6:bf:65:83:9e:
0f:06:20:64:d9:d3:be:4f:f5:3b:b2:da:a9:f1:4f:65:b0:1c:
46:f3:0e:40:ac:34:20:bf:50:1d:da:a3:f1:e7:ee:71:99:21:
57:51:86:cb:d3:66:58:ad:2c:b4:b4:87:e7:5a:14:b1:cc:b1:
8f:d6:b1:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbQqRj8Y8HMqPqFeFnxFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YjAxMTBhZTRiODE3OTRhNTA4ODMxZmNiNWVkY2M4ZDVm
ZDJmMWIwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTBjYWE0MjRkNThmMDc4OTM5MzNjMjljMDg0NGQ4Y2I3NzVhN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllHD/NiDcjnioRlUaTvXA1AKchdr
VPcUHSMZYay0rKhAMl26QFsIj5Sblzvnf7JS/igHcH9rL5/OL3E4Ig6zB/jfdDhf
pGN/Y7+ybrLYAajnxojqhHxByqUM4ODVlt0oQ7dZpen55wqGVYk1D3TzA9UUcLOs
2zNAnfjmmKwIHzaxqcsBZlD02XsB5Hy7uRxlCimleoaRXrkp6Er1dQaMWerSnxxZ
3UsmqWvmDraip2hluj3Ah16OMMpD7uV6xorgBbdkGgfenENKs48w+hPmZU/uISYL
dDyQLdXGRe98DQA9JGYC+cxRRnqcqGAlLDMUcSuWh/MS3TalxoGTjJgJ4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCEMqkJNWPB4k5M8KcCETYy3dafrMB8GA1UdIwQY
MBaAFAmwEQrkuBeUpQiDH8te3MjV/S8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2JBUkN1UzRGNVNsQ0lNZnkxN2N5Tlg5THhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iM2NlMWItZjFmNy00MGNiLWIzZDAt
NmQyMGY1YzE5N2Y2LzEvSVF5cVFrMVk4SGlUa3p3cHdJUk5qTGQxcC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iM2NlMWItZjFmNy00MGNiLWIzZDAtNmQyMGY1YzE5N2Y2
LzEvQ2JBUkN1UzRGNVNsQ0lNZnkxN2N5Tlg5THhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwg8oMA0E
AgACMAcDBQMqD3SAMA0GCSqGSIb3DQEBCwUAA4IBAQAHo7PTT2i2GfYYWcVIQf9L
Pom0pQmKpsSn9E2btGrilJZO4FrzxTcGn0ReHsYS52qoEPHRRfrcw2benZrjrj+7
ejB+LIZKDoazr8zIBXgtYFP0MHZ/yqw5CO+xM9Lv3KspFoau4cbg1xILZmK1nGb9
PuGN8uQ7eD/Muu4bR0b+9/rZ9Q93v3kPYTi0/BID0P+MQCrtfsXcvkfpZ5FrH05o
b7TYLJ5hmyEBWP6usf60SKcVeMOMeyGj6wGQlj5iCvP4tr9lg54PBiBk2dO+T/U7
stqp8U9lsBxG8w5ArDQgv1Ad2qPx5+5xmSFXUYbL02ZYrSy0tIfnWhSxzLGP1rGL
-----END CERTIFICATE-----
Generated at Sun Feb 11 22:30:44 2024 by rpki-client on console-ams.rpki-client.org