Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/d237fa-b105-432e-83cb-6d35b7956fce/1/2sW7b6AvgigDpmjXQeKxxbNDPf0.roa
File: 2sW7b6AvgigDpmjXQeKxxbNDPf0.roa (raw, json)
Hash identifier: HVV0+aAYv2//JyKi/qpfKLwT31GOA9NAaRQ/T84qYhw=
Subject key identifier: DA:C5:BB:6F:A0:2F:82:28:03:A6:68:D7:41:E2:B1:C5:B3:43:3D:FD
Certificate issuer: /CN=c4c3bc05aa52ab9eb5d184f50889f1ff0c90ce78
Certificate serial: 01856EEFF081AB46C984561B54BF5B3BBABF
Authority key identifier: C4:C3:BC:05:AA:52:AB:9E:B5:D1:84:F5:08:89:F1:FF:0C:90:CE:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xMO8BapSq5610YT1CInx_wyQzng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/d237fa-b105-432e-83cb-6d35b7956fce/1/2sW7b6AvgigDpmjXQeKxxbNDPf0.roa
Signing time: Sun 01 Jan 2023 20:04:56 +0000
ROA not before: Sun 01 Jan 2023 20:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 194.176.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:f0:81:ab:46:c9:84:56:1b:54:bf:5b:3b:ba:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4c3bc05aa52ab9eb5d184f50889f1ff0c90ce78
Validity
Not Before: Jan 1 20:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dac5bb6fa02f822803a668d741e2b1c5b3433dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1e:ed:63:28:33:08:a8:78:7e:0f:0c:40:7e:
f1:d3:fd:4f:e8:2f:51:e8:eb:df:98:1e:85:2e:dd:
69:24:d1:49:24:1c:51:2c:04:c3:ea:09:6c:8b:93:
40:03:a9:23:8d:71:d2:40:63:b8:14:55:d8:56:8d:
5b:53:00:8a:cb:49:c6:b3:5a:1b:e1:9f:a6:87:2e:
ff:13:54:4e:96:2a:4c:de:c1:8e:a2:4d:70:e1:2c:
11:5b:7f:5b:1a:d8:af:68:20:70:a4:ed:26:5d:15:
e5:d6:10:82:9f:09:58:a9:9c:bb:fd:49:cb:57:c6:
79:c0:f2:de:23:9f:c1:ba:f1:83:3a:c8:b5:d4:4a:
a8:d3:d8:35:16:0e:2c:7f:2e:fb:12:c0:08:1c:84:
6c:84:a5:8f:49:91:a8:eb:dd:cc:df:1e:77:21:23:
a9:fd:b4:2a:c7:30:60:29:54:2e:eb:83:1f:99:b9:
d2:ff:cd:a2:42:46:6b:22:5e:bc:19:b5:ac:5e:ee:
ac:00:3b:08:b5:42:dc:0f:c1:9d:2a:a5:46:20:56:
f4:46:f5:7f:c8:41:6d:aa:e7:75:d0:65:63:88:7b:
18:0c:ca:86:40:2f:b0:60:45:a8:f7:26:cb:a6:e4:
ca:98:66:10:c8:7a:26:dd:68:f8:d5:61:1b:d3:c9:
d6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C5:BB:6F:A0:2F:82:28:03:A6:68:D7:41:E2:B1:C5:B3:43:3D:FD
X509v3 Authority Key Identifier:
keyid:C4:C3:BC:05:AA:52:AB:9E:B5:D1:84:F5:08:89:F1:FF:0C:90:CE:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xMO8BapSq5610YT1CInx_wyQzng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/d237fa-b105-432e-83cb-6d35b7956fce/1/2sW7b6AvgigDpmjXQeKxxbNDPf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/d237fa-b105-432e-83cb-6d35b7956fce/1/xMO8BapSq5610YT1CInx_wyQzng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.176.173.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:39:1c:f8:39:a9:a8:0c:a0:f9:34:3e:c9:74:f2:e7:b0:6d:
2f:93:1d:4a:20:00:92:50:98:55:e1:43:b5:5a:58:34:3a:ee:
5a:77:94:b0:bd:55:5f:42:b7:ad:38:5a:f1:96:62:b6:61:36:
d2:ca:10:3b:91:3f:e0:db:69:d7:0e:00:e5:02:f4:9a:af:37:
7b:a3:16:61:8c:aa:b7:68:4e:81:38:44:b2:43:7f:7c:01:a6:
c9:35:40:c3:c2:5f:06:97:a9:98:1e:17:65:6e:fa:bf:7c:7c:
73:22:a2:5a:b0:e2:0c:27:05:0a:2a:78:06:ca:7b:9c:b8:37:
20:da:8b:23:33:6a:bd:81:6a:33:08:75:43:74:19:3d:e7:d1:
19:05:9c:44:d2:d0:39:5b:62:55:4f:9e:5f:03:98:76:70:9c:
66:af:27:ad:8d:39:c0:e2:14:b5:2a:41:4f:8d:66:a8:a3:c4:
77:78:47:82:8e:6b:95:f5:c1:95:90:4a:ff:50:ae:02:ab:ff:
a1:e6:fc:fb:4b:d4:05:82:56:b9:71:72:c6:97:39:ca:10:ea:
28:52:b8:45:25:7c:76:49:18:34:f6:95:f6:2c:07:b3:40:d1:
60:3f:05:47:b5:bf:39:4b:81:0a:09:a4:a5:c5:9f:0b:53:f4:
cb:85:9a:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu7/CBq0bJhFYbVL9bO7q/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YzNiYzA1YWE1MmFiOWViNWQxODRmNTA4ODlmMWZmMGM5
MGNlNzgwHhcNMjMwMTAxMjAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWM1YmI2ZmEwMmY4MjI4MDNhNjY4ZDc0MWUyYjFjNWIzNDMzZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth7tYygzCKh4fg8MQH7x0/1P6C9R
6OvfmB6FLt1pJNFJJBxRLATD6glsi5NAA6kjjXHSQGO4FFXYVo1bUwCKy0nGs1ob
4Z+mhy7/E1ROlipM3sGOok1w4SwRW39bGtivaCBwpO0mXRXl1hCCnwlYqZy7/UnL
V8Z5wPLeI5/BuvGDOsi11Eqo09g1Fg4sfy77EsAIHIRshKWPSZGo693M3x53ISOp
/bQqxzBgKVQu64MfmbnS/82iQkZrIl68GbWsXu6sADsItULcD8GdKqVGIFb0RvV/
yEFtqud10GVjiHsYDMqGQC+wYEWo9ybLpuTKmGYQyHom3Wj41WEb08nWUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrFu2+gL4IoA6Zo10HiscWzQz39MB8GA1UdIwQY
MBaAFMTDvAWqUquetdGE9QiJ8f8MkM54MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE1POEJhcFNxNTYxMFlUMUNJbnhfd3lRem5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kMjM3ZmEtYjEwNS00MzJlLTgzY2It
NmQzNWI3OTU2ZmNlLzEvMnNXN2I2QXZnaWdEcG1qWFFlS3h4Yk5EUGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kMjM3ZmEtYjEwNS00MzJlLTgzY2ItNmQzNWI3OTU2ZmNl
LzEveE1POEJhcFNxNTYxMFlUMUNJbnhfd3lRem5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrCtMA0G
CSqGSIb3DQEBCwUAA4IBAQBLORz4OamoDKD5ND7JdPLnsG0vkx1KIACSUJhV4UO1
Wlg0Ou5ad5SwvVVfQretOFrxlmK2YTbSyhA7kT/g22nXDgDlAvSarzd7oxZhjKq3
aE6BOESyQ398AabJNUDDwl8Gl6mYHhdlbvq/fHxzIqJasOIMJwUKKngGynucuDcg
2osjM2q9gWozCHVDdBk959EZBZxE0tA5W2JVT55fA5h2cJxmryetjTnA4hS1KkFP
jWaoo8R3eEeCjmuV9cGVkEr/UK4Cq/+h5vz7S9QFgla5cXLGlznKEOooUrhFJXx2
SRg09pX2LAezQNFgPwVHtb85S4EKCaSlxZ8LU/TLhZpg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:33 2024 by rpki-client on console-ams.rpki-client.org