Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/0ea9ca-ac97-43f0-8577-1c70d1e7b782/1/0K16QjACYZUqKkmQcCNhsaQ4HlI.roa
File: 0K16QjACYZUqKkmQcCNhsaQ4HlI.roa (raw, json)
Hash identifier: LNpm575dthz786KNV5HO7LLY+AD0psy7kX3V02IVwAA=
Subject key identifier: D0:AD:7A:42:30:02:61:95:2A:2A:49:90:70:23:61:B1:A4:38:1E:52
Certificate issuer: /CN=7bbf58975b81e8f9f9c15e4d8b899190cec00687
Certificate serial: 01856F3937C653EB4CFF3A58448D858B350E
Authority key identifier: 7B:BF:58:97:5B:81:E8:F9:F9:C1:5E:4D:8B:89:91:90:CE:C0:06:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e79Yl1uB6Pn5wV5Ni4mRkM7ABoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/0ea9ca-ac97-43f0-8577-1c70d1e7b782/1/0K16QjACYZUqKkmQcCNhsaQ4HlI.roa
Signing time: Sun 01 Jan 2023 21:24:58 +0000
ROA not before: Sun 01 Jan 2023 21:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199181
IP address blocks: 194.31.253.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:37:c6:53:eb:4c:ff:3a:58:44:8d:85:8b:35:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bbf58975b81e8f9f9c15e4d8b899190cec00687
Validity
Not Before: Jan 1 21:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0ad7a42300261952a2a4990702361b1a4381e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:66:9d:c9:81:e6:85:5e:17:d4:44:f7:27:a4:
30:04:4a:a9:92:80:d9:1f:64:5b:23:ba:50:b1:50:
8a:85:34:03:a0:5b:31:80:9d:59:91:13:a3:55:7f:
45:2c:c5:74:83:c8:de:0a:34:75:66:25:13:f6:c9:
bb:30:83:89:ab:1d:e6:2f:32:f9:c8:b9:82:37:e3:
6f:d1:e6:0f:bc:b5:0a:02:7f:38:8c:f9:70:ae:bc:
0c:d5:eb:22:d3:21:79:cd:8c:7c:a6:33:54:e3:03:
fe:73:ca:a2:7a:9a:36:42:a9:65:53:fe:69:d1:ba:
b0:09:b5:9b:8d:81:03:3f:06:13:5c:62:32:fb:9b:
0b:4c:6e:ec:cc:5d:95:29:a3:1f:93:77:c4:32:4d:
48:3e:00:4b:cc:7d:85:fc:56:ea:1e:90:62:a7:f4:
49:53:66:48:7d:1f:77:68:51:8c:7f:4a:5d:f3:a3:
00:7f:4a:de:2f:b5:24:37:8e:db:75:20:39:25:36:
c8:f5:54:e2:25:09:75:de:2c:16:55:ae:9a:ee:9e:
2c:31:c7:2c:01:cf:c0:eb:06:fa:19:16:e5:bf:71:
99:d3:af:22:63:b8:06:02:92:ee:5f:9a:f2:13:60:
a9:83:f5:f2:cf:d0:a7:3d:09:7c:6c:0b:4e:ee:0a:
33:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AD:7A:42:30:02:61:95:2A:2A:49:90:70:23:61:B1:A4:38:1E:52
X509v3 Authority Key Identifier:
keyid:7B:BF:58:97:5B:81:E8:F9:F9:C1:5E:4D:8B:89:91:90:CE:C0:06:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e79Yl1uB6Pn5wV5Ni4mRkM7ABoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/0ea9ca-ac97-43f0-8577-1c70d1e7b782/1/0K16QjACYZUqKkmQcCNhsaQ4HlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/0ea9ca-ac97-43f0-8577-1c70d1e7b782/1/e79Yl1uB6Pn5wV5Ni4mRkM7ABoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.253.0/24
Signature Algorithm: sha256WithRSAEncryption
40:02:a9:ba:2d:98:ed:16:63:66:fe:a8:08:73:2b:51:4e:65:
58:dc:02:10:3d:ea:a4:ad:2c:94:38:37:8a:30:62:5e:9a:3d:
c1:55:97:02:ef:2d:16:fa:d4:56:b4:5b:72:4f:12:9f:a8:50:
7a:f4:5e:3f:48:a0:10:a5:a4:5b:76:33:e7:00:c4:de:3a:ac:
6f:42:9d:7b:dd:29:bc:e1:0d:ba:b8:e3:4c:50:94:6a:7c:31:
0e:30:1b:5f:bc:20:38:16:e3:6c:d1:35:a7:eb:d8:1b:78:56:
d6:ec:a3:7c:8a:6c:4e:96:ef:2b:ec:2d:6b:ce:6d:d2:8f:3b:
a1:a8:01:b2:6b:9d:33:c5:12:e1:20:56:95:98:2b:58:33:20:
e1:46:29:cd:3e:f7:27:a9:3b:a7:7c:c0:bb:6f:74:12:ce:2d:
2b:b8:58:e6:a3:5d:96:6d:da:f0:3b:bf:98:5e:59:be:6a:14:
e5:97:a5:35:69:e8:b9:8b:f0:be:fd:e4:2c:4c:69:22:f6:44:
70:e1:75:c9:40:58:79:3a:58:10:ba:b6:57:63:69:68:1d:c0:
a2:37:48:af:be:b3:b8:23:9a:90:fa:5b:ff:13:e7:c7:d8:78:
59:cd:5e:c5:b7:3a:18:98:3f:52:c5:16:ff:24:02:7d:c9:e7:
03:d7:da:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOTfGU+tM/zpYRI2FizUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYmY1ODk3NWI4MWU4ZjlmOWMxNWU0ZDhiODk5MTkwY2Vj
MDA2ODcwHhcNMjMwMTAxMjEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGFkN2E0MjMwMDI2MTk1MmEyYTQ5OTA3MDIzNjFiMWE0MzgxZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2adyYHmhV4X1ET3J6QwBEqpkoDZ
H2RbI7pQsVCKhTQDoFsxgJ1ZkROjVX9FLMV0g8jeCjR1ZiUT9sm7MIOJqx3mLzL5
yLmCN+Nv0eYPvLUKAn84jPlwrrwM1esi0yF5zYx8pjNU4wP+c8qiepo2QqllU/5p
0bqwCbWbjYEDPwYTXGIy+5sLTG7szF2VKaMfk3fEMk1IPgBLzH2F/FbqHpBip/RJ
U2ZIfR93aFGMf0pd86MAf0reL7UkN47bdSA5JTbI9VTiJQl13iwWVa6a7p4sMccs
Ac/A6wb6GRblv3GZ068iY7gGApLuX5ryE2Cpg/Xyz9CnPQl8bAtO7gozuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCtekIwAmGVKipJkHAjYbGkOB5SMB8GA1UdIwQY
MBaAFHu/WJdbgej5+cFeTYuJkZDOwAaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTc5WWwxdUI2UG41d1Y1Tmk0bVJrTTdBQm9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8wZWE5Y2EtYWM5Ny00M2YwLTg1Nzct
MWM3MGQxZTdiNzgyLzEvMEsxNlFqQUNZWlVxS2ttUWNDTmhzYVE0SGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8wZWE5Y2EtYWM5Ny00M2YwLTg1NzctMWM3MGQxZTdiNzgy
LzEvZTc5WWwxdUI2UG41d1Y1Tmk0bVJrTTdBQm9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh/9MA0G
CSqGSIb3DQEBCwUAA4IBAQBAAqm6LZjtFmNm/qgIcytRTmVY3AIQPeqkrSyUODeK
MGJemj3BVZcC7y0W+tRWtFtyTxKfqFB69F4/SKAQpaRbdjPnAMTeOqxvQp173Sm8
4Q26uONMUJRqfDEOMBtfvCA4FuNs0TWn69gbeFbW7KN8imxOlu8r7C1rzm3Sjzuh
qAGya50zxRLhIFaVmCtYMyDhRinNPvcnqTunfMC7b3QSzi0ruFjmo12WbdrwO7+Y
Xlm+ahTll6U1aei5i/C+/eQsTGki9kRw4XXJQFh5OlgQurZXY2loHcCiN0ivvrO4
I5qQ+lv/E+fH2HhZzV7FtzoYmD9SxRb/JAJ9yecD19qD
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:00 2024 by rpki-client on console-ams.rpki-client.org