Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b7a365-d487-4a28-9d7e-cecd8a182bdf/1/QIrZXKccv988vI273M2IO1nAvu0.roa
File: QIrZXKccv988vI273M2IO1nAvu0.roa (raw, json)
Hash identifier: s9nEDciE6LCiRXTS0ptCO4Ak+UYnwaTOM/lm+rcMVwI=
Subject key identifier: 40:8A:D9:5C:A7:1C:BF:DF:3C:BC:8D:BB:DC:CD:88:3B:59:C0:BE:ED
Certificate issuer: /CN=e6e8adc72014e57a74e3044eb166e760968f2395
Certificate serial: 01856C65B9AB56E2826FE2E510777106ECBE
Authority key identifier: E6:E8:AD:C7:20:14:E5:7A:74:E3:04:4E:B1:66:E7:60:96:8F:23:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5uitxyAU5Xp04wROsWbnYJaPI5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b7a365-d487-4a28-9d7e-cecd8a182bdf/1/QIrZXKccv988vI273M2IO1nAvu0.roa
Signing time: Sun 01 Jan 2023 08:14:43 +0000
ROA not before: Sun 01 Jan 2023 08:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29686
IP address blocks: 194.213.5.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:b9:ab:56:e2:82:6f:e2:e5:10:77:71:06:ec:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6e8adc72014e57a74e3044eb166e760968f2395
Validity
Not Before: Jan 1 08:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=408ad95ca71cbfdf3cbc8dbbdccd883b59c0beed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3f:0c:09:56:c1:4b:e1:cf:46:82:7a:82:7a:
1e:7a:10:09:15:2d:29:b5:b8:15:af:9d:87:29:e0:
a1:73:4e:85:18:fc:bb:59:ff:e8:07:df:a9:1d:6b:
01:6b:ad:f3:d9:5b:12:cc:59:2f:09:eb:6e:1b:3f:
67:1d:b7:50:a0:fc:e2:c4:ff:2f:44:f7:6b:e7:3d:
da:77:c8:2b:a9:a6:4c:2c:87:32:4b:79:60:3c:38:
d2:b2:7a:e1:32:02:b4:e1:1e:38:4e:63:8e:76:7b:
e7:39:2a:6b:90:66:ad:cf:d9:9e:90:77:a7:cd:24:
5c:65:67:35:d3:5c:ea:fa:63:a4:dc:94:6d:4d:e0:
9d:7e:26:8d:a0:f2:81:c3:82:81:e4:b6:c2:13:63:
ee:0f:45:f3:d9:64:87:81:93:47:19:c5:58:c2:79:
0a:ed:cf:0e:70:71:36:15:9f:79:42:87:76:a7:ee:
23:48:7e:e0:e6:d7:79:16:62:ae:0e:04:ef:7e:4f:
7b:ff:8d:e7:fc:d5:1d:75:d2:32:3a:6c:ab:9a:ac:
b3:21:36:3f:cf:f5:ad:b6:dd:86:a3:b7:eb:cd:0e:
e3:a1:61:98:96:1b:03:f8:e2:fa:51:a8:5c:21:28:
2e:ba:32:c5:84:ce:12:39:96:18:76:fb:b5:80:38:
96:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8A:D9:5C:A7:1C:BF:DF:3C:BC:8D:BB:DC:CD:88:3B:59:C0:BE:ED
X509v3 Authority Key Identifier:
keyid:E6:E8:AD:C7:20:14:E5:7A:74:E3:04:4E:B1:66:E7:60:96:8F:23:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5uitxyAU5Xp04wROsWbnYJaPI5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b7a365-d487-4a28-9d7e-cecd8a182bdf/1/QIrZXKccv988vI273M2IO1nAvu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b7a365-d487-4a28-9d7e-cecd8a182bdf/1/5uitxyAU5Xp04wROsWbnYJaPI5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.213.5.0/24
Signature Algorithm: sha256WithRSAEncryption
22:fc:d3:66:e2:7f:0e:2c:5b:d1:68:c4:c4:31:a1:ce:4a:d8:
ad:83:39:07:61:1e:70:36:ca:a2:49:68:45:ab:1c:fe:00:ca:
b4:85:74:1e:57:38:e4:4c:54:17:9b:80:e8:0b:1f:31:ae:95:
7c:1a:7e:32:fd:75:eb:32:ee:d2:2d:fd:40:53:cb:7a:d2:97:
f5:ba:c5:2b:46:a6:33:8b:61:32:5e:2c:b8:75:e7:2c:b1:22:
48:4d:a4:f0:1d:ea:f2:5d:ab:4a:e6:a2:4f:f4:a8:7b:0c:0d:
f7:0b:c9:cb:d4:69:1b:af:9a:df:80:7a:71:65:29:ec:d7:44:
ac:53:50:e8:71:3c:f2:ea:ef:19:3c:a6:ac:34:fe:e2:cd:b0:
c4:2d:98:41:5d:c0:a7:3b:61:c0:25:25:28:15:a1:42:cd:34:
a2:33:de:44:a3:51:79:7d:fd:29:e3:51:d6:2a:df:70:bb:81:
fd:c7:b4:12:bd:d7:3f:d4:35:f9:e6:ca:96:4e:0d:19:b6:c8:
25:cd:27:18:b9:2d:d6:87:5a:aa:e4:19:f6:db:6e:26:b7:a9:
f5:43:a3:85:2d:ba:19:18:46:55:87:60:12:81:00:de:c7:6f:
f2:02:4b:23:8c:d6:14:75:57:ab:56:15:d6:25:62:d6:65:97:
65:fb:de:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZbmrVuKCb+LlEHdxBuy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZThhZGM3MjAxNGU1N2E3NGUzMDQ0ZWIxNjZlNzYwOTY4
ZjIzOTUwHhcNMjMwMTAxMDgxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDhhZDk1Y2E3MWNiZmRmM2NiYzhkYmJkY2NkODgzYjU5YzBiZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT8MCVbBS+HPRoJ6gnoeehAJFS0p
tbgVr52HKeChc06FGPy7Wf/oB9+pHWsBa63z2VsSzFkvCetuGz9nHbdQoPzixP8v
RPdr5z3ad8grqaZMLIcyS3lgPDjSsnrhMgK04R44TmOOdnvnOSprkGatz9mekHen
zSRcZWc101zq+mOk3JRtTeCdfiaNoPKBw4KB5LbCE2PuD0Xz2WSHgZNHGcVYwnkK
7c8OcHE2FZ95Qod2p+4jSH7g5td5FmKuDgTvfk97/43n/NUdddIyOmyrmqyzITY/
z/Wttt2Go7frzQ7joWGYlhsD+OL6UahcISguujLFhM4SOZYYdvu1gDiWJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECK2VynHL/fPLyNu9zNiDtZwL7tMB8GA1UdIwQY
MBaAFOborccgFOV6dOMETrFm52CWjyOVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXVpdHh5QVU1WHAwNHdST3NXYm5ZSmFQSTVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iN2EzNjUtZDQ4Ny00YTI4LTlkN2Ut
Y2VjZDhhMTgyYmRmLzEvUUlyWlhLY2N2OTg4dkkyNzNNMklPMW5BdnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iN2EzNjUtZDQ4Ny00YTI4LTlkN2UtY2VjZDhhMTgyYmRm
LzEvNXVpdHh5QVU1WHAwNHdST3NXYm5ZSmFQSTVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtUFMA0G
CSqGSIb3DQEBCwUAA4IBAQAi/NNm4n8OLFvRaMTEMaHOStitgzkHYR5wNsqiSWhF
qxz+AMq0hXQeVzjkTFQXm4DoCx8xrpV8Gn4y/XXrMu7SLf1AU8t60pf1usUrRqYz
i2EyXiy4decssSJITaTwHeryXatK5qJP9Kh7DA33C8nL1Gkbr5rfgHpxZSns10Ss
U1DocTzy6u8ZPKasNP7izbDELZhBXcCnO2HAJSUoFaFCzTSiM95Eo1F5ff0p41HW
Kt9wu4H9x7QSvdc/1DX55sqWTg0ZtsglzScYuS3Wh1qq5Bn2224mt6n1Q6OFLboZ
GEZVh2ASgQDex2/yAksjjNYUdVerVhXWJWLWZZdl+97l
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:56 2024 by rpki-client on console-fra.rpki-client.org