Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/_Qaz3rtuE-6kEZRzY4Gtpcboi1s.roa
File: _Qaz3rtuE-6kEZRzY4Gtpcboi1s.roa (raw, json)
Hash identifier: Z2N5wx8DwqvLPhIJLseqvNsfS1+D5aAPLr/QnbDy3wM=
Subject key identifier: FD:06:B3:DE:BB:6E:13:EE:A4:11:94:73:63:81:AD:A5:C6:E8:8B:5B
Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Certificate serial: 018573718B9215583148FB5BC7C211347E45
Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/_Qaz3rtuE-6kEZRzY4Gtpcboi1s.roa
Signing time: Mon 02 Jan 2023 17:04:59 +0000
ROA not before: Mon 02 Jan 2023 17:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45012
IP address blocks: 194.34.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:8b:92:15:58:31:48:fb:5b:c7:c2:11:34:7e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Validity
Not Before: Jan 2 17:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd06b3debb6e13eea41194736381ada5c6e88b5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d5:06:97:e1:d8:5b:b9:aa:f8:5d:fb:5a:bc:
65:49:be:d1:f7:fb:be:09:cd:60:71:03:65:b0:4c:
4e:0a:0a:01:44:68:30:00:2c:a7:f1:60:1d:9f:af:
67:4f:b6:19:69:cc:0b:88:09:37:7f:0c:6e:be:d1:
01:22:73:20:c6:c6:3c:cb:5c:a5:cb:2d:44:a1:94:
71:9f:fb:d6:9c:de:73:4a:65:00:93:e1:07:90:89:
f6:e4:ac:cc:65:cd:8c:62:8b:8f:ba:ff:cb:5b:29:
4b:60:5c:77:31:bf:e6:bd:9f:10:70:b6:f0:3f:36:
2e:2e:bd:b0:5f:64:0f:97:a4:b8:1c:48:57:10:ef:
f3:fd:8a:ea:f4:87:de:7b:32:ed:a8:2e:cd:3f:c1:
a4:f0:02:48:42:c6:62:b7:12:98:1e:c0:49:dc:8b:
66:ee:bd:24:45:42:46:ce:c3:f4:34:65:8f:e6:b7:
5d:cb:cf:85:ad:72:ac:c4:d6:0a:2c:b0:69:2f:47:
38:d9:b8:fa:66:2a:c7:26:ec:02:53:3b:b3:5a:35:
9c:fc:cf:7a:bb:eb:4d:29:a3:3b:0c:b2:a9:06:65:
36:2f:7e:26:d0:ca:33:ff:ab:a3:e2:30:71:99:f9:
d1:7c:0d:3f:f8:5d:b3:44:dd:ee:64:ab:e4:02:37:
6c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:06:B3:DE:BB:6E:13:EE:A4:11:94:73:63:81:AD:A5:C6:E8:8B:5B
X509v3 Authority Key Identifier:
keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/_Qaz3rtuE-6kEZRzY4Gtpcboi1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.225.0/24
Signature Algorithm: sha256WithRSAEncryption
09:bb:35:a5:6f:bd:cd:6f:a3:60:d7:6c:a0:8f:17:e8:bf:30:
ea:6d:02:1a:61:01:49:13:e8:fa:d3:98:f8:22:93:7d:d0:ab:
99:09:94:f3:87:c6:05:ad:78:ed:73:d4:bb:ac:a3:66:2c:83:
0a:78:7d:63:f1:fb:da:0b:ca:04:90:b1:75:b7:58:5e:e7:0f:
a3:31:a4:a9:fd:eb:06:1b:45:00:5d:30:d7:a1:7f:fa:da:98:
48:dc:f7:a1:73:d0:00:c0:d5:4e:12:fd:e9:2d:30:4a:cf:ce:
d0:83:a6:8d:9c:5e:6a:ee:5e:cc:90:62:60:83:20:59:9f:af:
73:a6:06:41:c1:3b:5b:e5:14:3d:3d:1d:00:43:b3:19:f0:c8:
b8:8a:b9:56:b0:dd:5d:b6:5e:b7:f4:cc:89:66:7a:68:0b:2b:
57:e0:46:ed:a9:2f:54:5b:1f:35:cf:1e:02:32:c2:a0:be:45:
e5:b7:38:dc:24:ca:37:c3:79:1a:df:b8:0d:f6:ab:a7:11:a2:
e6:b1:54:8a:85:12:50:b2:60:4e:ef:fa:b9:a5:e1:4b:f6:fb:
2e:fb:a0:f0:dd:0c:e0:6d:c9:16:88:c0:bd:9b:2e:89:ef:ea:
96:d8:8b:25:81:5f:a5:8e:4a:fb:a9:ef:2e:c2:98:38:64:27:
0f:80:8a:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzcYuSFVgxSPtbx8IRNH5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0
ZTQzZWEwHhcNMjMwMTAyMTcwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDA2YjNkZWJiNmUxM2VlYTQxMTk0NzM2MzgxYWRhNWM2ZTg4YjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNUGl+HYW7mq+F37WrxlSb7R9/u+
Cc1gcQNlsExOCgoBRGgwACyn8WAdn69nT7YZacwLiAk3fwxuvtEBInMgxsY8y1yl
yy1EoZRxn/vWnN5zSmUAk+EHkIn25KzMZc2MYouPuv/LWylLYFx3Mb/mvZ8QcLbw
PzYuLr2wX2QPl6S4HEhXEO/z/Yrq9IfeezLtqC7NP8Gk8AJIQsZitxKYHsBJ3Itm
7r0kRUJGzsP0NGWP5rddy8+FrXKsxNYKLLBpL0c42bj6ZirHJuwCUzuzWjWc/M96
u+tNKaM7DLKpBmU2L34m0Moz/6uj4jBxmfnRfA0/+F2zRN3uZKvkAjds1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0Gs967bhPupBGUc2OBraXG6ItbMB8GA1UdIwQY
MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt
ZmVhMGFmZjM1OWY1LzEvX1FhejNydHVFLTZrRVpSelk0R3RwY2JvaTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1
LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiLhMA0G
CSqGSIb3DQEBCwUAA4IBAQAJuzWlb73Nb6Ng12ygjxfovzDqbQIaYQFJE+j605j4
IpN90KuZCZTzh8YFrXjtc9S7rKNmLIMKeH1j8fvaC8oEkLF1t1he5w+jMaSp/esG
G0UAXTDXoX/62phI3Pehc9AAwNVOEv3pLTBKz87Qg6aNnF5q7l7MkGJggyBZn69z
pgZBwTtb5RQ9PR0AQ7MZ8Mi4irlWsN1dtl639MyJZnpoCytX4EbtqS9UWx81zx4C
MsKgvkXltzjcJMo3w3ka37gN9qunEaLmsVSKhRJQsmBO7/q5peFL9vsu+6Dw3Qzg
bckWiMC9my6J7+qW2IslgV+ljkr7qe8uwpg4ZCcPgIqE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:05 2024 by rpki-client on console-ams.rpki-client.org