Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/9IvniKzN1TAnrdpshOXqhxqAAVQ.roa
File: 9IvniKzN1TAnrdpshOXqhxqAAVQ.roa (raw, json)
Hash identifier: T4Ra3/j3y95xgmXaGiOQ2WND+zsltgfCv72wgFXqRa0=
Subject key identifier: F4:8B:E7:88:AC:CD:D5:30:27:AD:DA:6C:84:E5:EA:87:1A:80:01:54
Certificate issuer: /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial: 018A9471F1CEFC61671C4EC3C9A035B07CF2
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/9IvniKzN1TAnrdpshOXqhxqAAVQ.roa
Signing time: Thu 14 Sep 2023 16:06:50 +0000
ROA not before: Thu 14 Sep 2023 16:06:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 194.1.132.0/22 maxlen: 22
194.1.136.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 18 Sep 2023 14:10:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:94:71:f1:ce:fc:61:67:1c:4e:c3:c9:a0:35:b0:7c:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Validity
Not Before: Sep 14 16:06:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f48be788accdd53027adda6c84e5ea871a800154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:69:21:f5:35:e7:01:33:db:36:d5:7a:a9:0b:
73:c5:ac:6b:5c:b9:1b:0a:e1:98:86:53:2c:dc:66:
63:f9:33:f6:fb:5b:27:8a:d1:7d:13:67:a8:34:7c:
d7:e1:31:b3:4b:2d:60:5b:e9:f9:a9:7a:0e:bd:36:
e4:8a:f6:f0:6f:29:61:ef:de:f1:9e:ce:29:be:10:
38:1b:b5:99:03:cb:23:2c:c1:e2:2d:c2:6c:55:a2:
dc:43:be:bd:9d:86:91:c1:c0:fc:52:68:16:65:36:
c1:7e:ad:9c:6d:83:4c:92:4d:57:05:b0:7c:7d:2d:
a1:7f:0a:d1:40:60:06:17:68:8f:61:fa:ec:73:93:
39:91:77:75:af:19:b6:53:37:57:de:ec:cb:f5:52:
23:c8:71:a2:56:20:28:73:7c:a1:08:dc:34:24:ee:
2a:12:1e:17:35:41:e6:a2:c0:ee:d8:01:97:34:60:
e5:78:3d:a4:5f:36:ee:e8:26:1e:a6:bf:9b:a5:09:
fe:29:19:a4:10:c4:f6:53:62:0d:17:9c:b4:da:af:
d5:b8:38:fb:95:84:28:85:62:6f:28:5b:df:e7:78:
9d:df:ab:92:97:75:c4:6a:3e:26:10:e0:10:a7:3b:
6a:04:d6:e3:ad:d1:d2:a1:cb:ca:4b:ee:3c:7d:b7:
0c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:8B:E7:88:AC:CD:D5:30:27:AD:DA:6C:84:E5:EA:87:1A:80:01:54
X509v3 Authority Key Identifier:
keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/9IvniKzN1TAnrdpshOXqhxqAAVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.132.0-194.1.139.255
Signature Algorithm: sha256WithRSAEncryption
a1:a0:34:48:61:1e:5f:98:91:45:95:3e:3d:29:7d:89:a9:69:
b8:40:bb:b1:b1:1e:47:48:e0:7e:11:ba:a9:f3:fa:f2:7b:40:
fe:fc:ee:78:20:d0:03:b1:0f:7b:d2:ef:23:ab:b8:eb:a9:27:
24:63:4c:21:bf:ef:a8:79:1a:16:0a:53:90:53:56:d0:f6:42:
58:c5:21:1f:74:fa:dd:b0:d8:ae:87:ff:2b:b9:b6:41:15:5c:
39:8e:f0:e9:a5:47:d5:a6:39:ed:b1:f2:2b:8d:b0:45:16:cc:
1b:e8:93:b1:2d:a6:6c:7d:4f:32:5e:55:06:25:6c:98:20:a1:
c7:68:62:a3:b9:6a:d3:9d:c3:e5:1f:5c:ba:52:00:3a:78:85:
c5:89:6f:e2:53:bf:c6:41:80:bc:2d:df:6e:5f:7c:f0:ed:5c:
b0:01:58:ac:8d:5a:6f:c6:f8:59:18:61:19:40:cc:04:42:6b:
d7:0f:7d:42:8f:36:99:ae:03:2a:bc:9c:9d:da:34:02:11:74:
b8:90:ba:6c:04:04:65:e4:12:39:63:1e:1e:ab:1b:ed:28:e4:
f9:f7:e6:b8:20:ce:86:99:4d:8d:03:3c:a7:e4:16:3c:1b:94:
9f:4a:90:39:a5:51:fc:7b:48:b3:e7:6e:c3:a3:de:bb:a8:61:
a0:b6:3e:c4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYqUcfHO/GFnHE7DyaA1sHzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjMwOTE0MTYwNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDhiZTc4OGFjY2RkNTMwMjdhZGRhNmM4NGU1ZWE4NzFhODAwMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2kh9TXnATPbNtV6qQtzxaxrXLkb
CuGYhlMs3GZj+TP2+1snitF9E2eoNHzX4TGzSy1gW+n5qXoOvTbkivbwbylh797x
ns4pvhA4G7WZA8sjLMHiLcJsVaLcQ769nYaRwcD8UmgWZTbBfq2cbYNMkk1XBbB8
fS2hfwrRQGAGF2iPYfrsc5M5kXd1rxm2UzdX3uzL9VIjyHGiViAoc3yhCNw0JO4q
Eh4XNUHmosDu2AGXNGDleD2kXzbu6CYepr+bpQn+KRmkEMT2U2INF5y02q/VuDj7
lYQohWJvKFvf53id36uSl3XEaj4mEOAQpztqBNbjrdHSocvKS+48fbcMIwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPSL54iszdUwJ63abITl6ocagAFUMB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvOUl2bmlLek4xVEFucmRwc2hPWHFoeHFBQVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALCAYQD
BALCAYgwDQYJKoZIhvcNAQELBQADggEBAKGgNEhhHl+YkUWVPj0pfYmpabhAu7Gx
HkdI4H4Ruqnz+vJ7QP787ngg0AOxD3vS7yOruOupJyRjTCG/76h5GhYKU5BTVtD2
QljFIR90+t2w2K6H/yu5tkEVXDmO8OmlR9WmOe2x8iuNsEUWzBvok7Etpmx9TzJe
VQYlbJggocdoYqO5atOdw+UfXLpSADp4hcWJb+JTv8ZBgLwt325ffPDtXLABWKyN
Wm/G+FkYYRlAzARCa9cPfUKPNpmuAyq8nJ3aNAIRdLiQumwEBGXkEjljHh6rG+0o
5Pn35rggzoaZTY0DPKfkFjwblJ9KkDmlUfx7SLPnbsOj3ruoYaC2PsQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:54 2024 by rpki-client on console-ams.rpki-client.org