Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/77e92a-eae1-48c0-8d9c-6fc4cdcb3f17/1/9bQ54f-MVKcMS4nO4f1-663x-4c.roa
File: 9bQ54f-MVKcMS4nO4f1-663x-4c.roa (raw, json)
Hash identifier: KQMglbQsTP5Q4OWzQfvYsyIJh2UtlzS4TfIcUi/g3J8=
Subject key identifier: F5:B4:39:E1:FF:8C:54:A7:0C:4B:89:CE:E1:FD:7E:EB:AD:F1:FB:87
Certificate issuer: /CN=55b9cdf8b7e53efcd9799b11e740f555fd53f4c6
Certificate serial: 0185714C21CE8367F1989D0A20DC92A8306C
Authority key identifier: 55:B9:CD:F8:B7:E5:3E:FC:D9:79:9B:11:E7:40:F5:55:FD:53:F4:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbnN-LflPvzZeZsR50D1Vf1T9MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/77e92a-eae1-48c0-8d9c-6fc4cdcb3f17/1/9bQ54f-MVKcMS4nO4f1-663x-4c.roa
Signing time: Mon 02 Jan 2023 07:04:52 +0000
ROA not before: Mon 02 Jan 2023 07:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209106
IP address blocks: 194.246.74.0/24 maxlen: 24
5.182.96.0/22 maxlen: 22
2a0e:1400::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:21:ce:83:67:f1:98:9d:0a:20:dc:92:a8:30:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b9cdf8b7e53efcd9799b11e740f555fd53f4c6
Validity
Not Before: Jan 2 07:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5b439e1ff8c54a70c4b89cee1fd7eebadf1fb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:21:24:36:6a:5e:a0:02:c2:c6:51:4a:86:f2:
10:1e:03:1a:e7:4b:30:36:a8:0c:f7:31:41:03:58:
e0:57:67:55:c3:ef:ae:c3:49:60:ec:0d:18:cd:37:
78:37:93:69:16:7b:6b:4f:1c:7f:41:e9:57:c3:cd:
5a:58:a7:c8:7f:55:50:63:d9:9f:0d:0d:58:3f:60:
55:e7:5d:6d:d4:79:a0:80:40:66:db:fd:6d:86:bf:
48:92:82:71:9f:d6:18:01:76:24:05:a1:c2:39:13:
23:b9:89:60:b2:f2:2c:e1:e0:02:3f:e5:ab:91:bf:
4b:96:aa:27:e4:47:12:f6:0b:8f:44:45:89:c4:31:
11:c6:5c:a9:cb:ea:d5:22:64:4f:67:57:57:51:5f:
ff:ec:ac:a4:a1:cd:14:4b:eb:48:83:9b:ae:0d:f0:
13:47:f6:f8:9d:c8:05:37:e7:3e:f8:29:f1:ae:b0:
ec:d4:ba:ca:6a:71:e9:40:dc:cc:ca:6d:9d:66:6f:
85:ae:6b:1c:0e:59:9f:9d:63:46:36:fc:57:f3:9d:
95:25:59:09:3e:63:ea:00:24:bd:1f:39:7b:9f:d6:
e6:6a:b2:c8:3e:ec:11:6b:4c:c8:33:ef:45:07:d6:
bb:d1:4d:ed:5a:73:e6:47:1c:69:f2:df:55:48:37:
3b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B4:39:E1:FF:8C:54:A7:0C:4B:89:CE:E1:FD:7E:EB:AD:F1:FB:87
X509v3 Authority Key Identifier:
keyid:55:B9:CD:F8:B7:E5:3E:FC:D9:79:9B:11:E7:40:F5:55:FD:53:F4:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbnN-LflPvzZeZsR50D1Vf1T9MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/77e92a-eae1-48c0-8d9c-6fc4cdcb3f17/1/9bQ54f-MVKcMS4nO4f1-663x-4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/77e92a-eae1-48c0-8d9c-6fc4cdcb3f17/1/VbnN-LflPvzZeZsR50D1Vf1T9MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.96.0/22
194.246.74.0/24
IPv6:
2a0e:1400::/29
Signature Algorithm: sha256WithRSAEncryption
ad:9a:83:a6:75:2f:5e:45:79:10:ee:75:bb:69:1f:d3:07:b0:
c1:43:60:5f:df:59:7a:90:c2:f5:0a:cc:26:7c:5f:c7:df:7c:
28:f9:cd:fb:0e:e2:49:1e:0d:c5:54:dd:02:52:7f:a8:21:20:
49:9a:b4:92:df:65:94:71:39:e4:a7:91:ad:12:4a:25:f9:ea:
41:9a:ca:56:35:91:00:65:fa:ee:e7:79:d8:ac:38:e2:f9:8f:
4e:8e:ef:6c:fb:28:9c:dc:6f:1f:2e:23:80:fa:3d:c9:96:16:
96:0d:07:35:82:86:4f:95:2f:15:3e:68:a5:1a:a4:e9:88:bb:
57:66:37:85:52:80:6e:9b:2c:24:22:1a:8a:58:8d:75:ed:cd:
42:3e:ed:58:46:27:27:7f:61:6d:13:93:9a:22:26:c7:20:0f:
a8:2b:88:e8:43:ff:73:fe:bc:06:8b:0d:ed:11:b6:7f:ef:3c:
9d:43:64:1e:ab:9e:e3:be:84:62:37:77:9f:69:13:8c:4e:14:
9b:98:b2:18:44:01:d4:c1:31:11:12:19:1e:23:93:bc:5c:7b:
68:36:22:ad:6e:5c:39:d9:cb:bb:fa:38:85:d6:3b:fa:30:a0:
c9:5f:01:f5:e6:59:c4:fc:e3:29:40:10:59:c0:61:71:0c:6b:
24:23:cc:9d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxTCHOg2fxmJ0KINySqDBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YjljZGY4YjdlNTNlZmNkOTc5OWIxMWU3NDBmNTU1ZmQ1
M2Y0YzYwHhcNMjMwMTAyMDcwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWI0MzllMWZmOGM1NGE3MGM0Yjg5Y2VlMWZkN2VlYmFkZjFmYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCEkNmpeoALCxlFKhvIQHgMa50sw
NqgM9zFBA1jgV2dVw++uw0lg7A0YzTd4N5NpFntrTxx/QelXw81aWKfIf1VQY9mf
DQ1YP2BV511t1HmggEBm2/1thr9IkoJxn9YYAXYkBaHCORMjuYlgsvIs4eACP+Wr
kb9Llqon5EcS9guPREWJxDERxlypy+rVImRPZ1dXUV//7Kykoc0US+tIg5uuDfAT
R/b4ncgFN+c++CnxrrDs1LrKanHpQNzMym2dZm+FrmscDlmfnWNGNvxX852VJVkJ
PmPqACS9Hzl7n9bmarLIPuwRa0zIM+9FB9a70U3tWnPmRxxp8t9VSDc7jQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPW0OeH/jFSnDEuJzuH9fuut8fuHMB8GA1UdIwQY
MBaAFFW5zfi35T782XmbEedA9VX9U/TGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJuTi1MZmxQdnpaZVpzUjUwRDFWZjFUOU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS83N2U5MmEtZWFlMS00OGMwLThkOWMt
NmZjNGNkY2IzZjE3LzEvOWJRNTRmLU1WS2NNUzRuTzRmMS02NjN4LTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS83N2U5MmEtZWFlMS00OGMwLThkOWMtNmZjNGNkY2IzZjE3
LzEvVmJuTi1MZmxQdnpaZVpzUjUwRDFWZjFUOU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBbZgAwQA
wvZKMA0EAgACMAcDBQMqDhQAMA0GCSqGSIb3DQEBCwUAA4IBAQCtmoOmdS9eRXkQ
7nW7aR/TB7DBQ2Bf31l6kML1CswmfF/H33wo+c37DuJJHg3FVN0CUn+oISBJmrSS
32WUcTnkp5GtEkol+epBmspWNZEAZfru53nYrDji+Y9Oju9s+yic3G8fLiOA+j3J
lhaWDQc1goZPlS8VPmilGqTpiLtXZjeFUoBumywkIhqKWI117c1CPu1YRicnf2Ft
E5OaIibHIA+oK4joQ/9z/rwGiw3tEbZ/7zydQ2Qeq57jvoRiN3efaROMThSbmLIY
RAHUwTEREhkeI5O8XHtoNiKtblw52cu7+jiF1jv6MKDJXwH15lnE/OMpQBBZwGFx
DGskI8yd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org