Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/ba2bad-ed35-45c3-b84e-22bdef99bcea/1/1h1m2TkrCwM2urQg7L2DlKuJGUU.roa
File: 1h1m2TkrCwM2urQg7L2DlKuJGUU.roa (raw, json)
Hash identifier: fqBF/QykNW7/3+eAFHPpbQVzCOgd8mHju/Nt/V3PFOI=
Subject key identifier: D6:1D:66:D9:39:2B:0B:03:36:BA:B4:20:EC:BD:83:94:AB:89:19:45
Certificate issuer: /CN=db4d52ab09b16d72f4c3e48cc4b49025d083676d
Certificate serial: 01856BB7DE845BB2DB8887DA7BEF81AF6457
Authority key identifier: DB:4D:52:AB:09:B1:6D:72:F4:C3:E4:8C:C4:B4:90:25:D0:83:67:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/201SqwmxbXL0w-SMxLSQJdCDZ20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/ba2bad-ed35-45c3-b84e-22bdef99bcea/1/1h1m2TkrCwM2urQg7L2DlKuJGUU.roa
Signing time: Sun 01 Jan 2023 05:04:50 +0000
ROA not before: Sun 01 Jan 2023 05:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197185
IP address blocks: 194.213.102.0/23 maxlen: 23
194.213.103.0/24 maxlen: 24
194.213.102.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:de:84:5b:b2:db:88:87:da:7b:ef:81:af:64:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db4d52ab09b16d72f4c3e48cc4b49025d083676d
Validity
Not Before: Jan 1 05:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d61d66d9392b0b0336bab420ecbd8394ab891945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6d:4b:7d:b8:5a:19:2e:05:15:af:c1:d8:dc:
9d:4f:f6:8b:17:e9:0e:58:57:9c:fa:1b:00:40:7c:
82:35:0d:9f:fb:c1:78:f4:68:68:55:43:cb:e0:ef:
f5:ee:e3:3a:64:a7:a7:eb:e1:01:98:ce:7a:e8:14:
bc:75:8c:96:7f:64:5a:f4:3b:1f:a5:12:0b:2d:b7:
f0:7e:10:00:c0:07:39:34:9a:c2:82:06:0e:8a:a9:
ad:97:f0:1a:2e:88:63:45:a6:bd:c2:4e:be:aa:c2:
da:36:4e:17:30:1f:b4:19:1d:7b:88:00:24:b4:53:
5b:9e:61:a8:26:fe:ed:7c:8f:18:ed:84:a8:81:43:
f8:a6:c8:d6:d6:24:9a:b5:f1:4e:2e:0e:51:be:2c:
19:b2:d5:70:dc:d6:c0:28:f6:47:42:3d:d2:bf:10:
6e:2f:18:2d:ed:f4:b4:f0:b0:8e:3b:5c:38:97:a2:
73:e7:d1:72:9d:f0:25:b7:47:b5:2b:37:4e:89:5c:
e0:cf:02:2d:08:03:d7:9d:0e:60:3d:9e:b6:9b:93:
32:45:f1:a1:3a:90:7e:bd:5a:0f:aa:a1:eb:8b:bd:
5c:80:c3:e4:15:4a:22:cb:5f:20:70:fd:bc:98:ec:
f8:e6:be:c0:19:32:e3:5c:d5:b7:ea:4a:bf:7b:58:
61:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1D:66:D9:39:2B:0B:03:36:BA:B4:20:EC:BD:83:94:AB:89:19:45
X509v3 Authority Key Identifier:
keyid:DB:4D:52:AB:09:B1:6D:72:F4:C3:E4:8C:C4:B4:90:25:D0:83:67:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/201SqwmxbXL0w-SMxLSQJdCDZ20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/ba2bad-ed35-45c3-b84e-22bdef99bcea/1/1h1m2TkrCwM2urQg7L2DlKuJGUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/ba2bad-ed35-45c3-b84e-22bdef99bcea/1/201SqwmxbXL0w-SMxLSQJdCDZ20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.213.102.0/23
Signature Algorithm: sha256WithRSAEncryption
52:de:11:bf:14:a2:56:15:0c:e4:72:7c:49:5b:2a:86:27:3f:
56:a4:c5:81:7d:96:66:bd:3d:bb:9e:d1:a5:e7:51:31:db:95:
3e:9e:3d:bc:15:37:41:0a:7e:26:84:aa:2f:83:d3:65:38:07:
8a:94:8d:a8:be:8f:72:47:18:10:0b:a7:65:e3:55:29:5e:11:
37:5b:59:24:fb:8f:b5:1e:91:51:83:89:30:7e:38:6a:dc:8f:
42:77:d8:64:a3:22:d3:64:ec:ff:6a:02:36:47:d8:9d:07:bc:
aa:96:3e:7b:95:77:23:ef:20:f8:ae:d2:75:84:51:46:19:11:
2c:b5:4f:b8:36:3b:50:c1:29:30:2b:ea:b6:f5:2d:60:53:a5:
e3:17:cd:32:6b:6f:3a:ee:4b:c9:6d:11:1d:c0:4a:6a:cf:f6:
ee:dc:6a:a0:b1:39:d8:29:2f:8c:1d:35:16:d4:0d:44:36:11:
02:78:19:b4:cf:ff:b1:5e:95:6a:e0:ee:9d:de:00:1b:25:b0:
f2:8d:f1:ec:79:45:9f:75:b7:c4:9d:ce:bc:4f:de:ae:9d:4e:
67:7b:f6:ff:5b:19:08:08:a4:51:ed:0d:78:70:5f:d1:2f:ff:
e0:1e:8e:2e:ef:97:ec:c7:2d:44:a5:dc:d6:5c:24:02:d0:a8:
93:b0:19:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrt96EW7LbiIfae++Br2RXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNGQ1MmFiMDliMTZkNzJmNGMzZTQ4Y2M0YjQ5MDI1ZDA4
MzY3NmQwHhcNMjMwMTAxMDUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjFkNjZkOTM5MmIwYjAzMzZiYWI0MjBlY2JkODM5NGFiODkxOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm1LfbhaGS4FFa/B2NydT/aLF+kO
WFec+hsAQHyCNQ2f+8F49GhoVUPL4O/17uM6ZKen6+EBmM566BS8dYyWf2Ra9Dsf
pRILLbfwfhAAwAc5NJrCggYOiqmtl/AaLohjRaa9wk6+qsLaNk4XMB+0GR17iAAk
tFNbnmGoJv7tfI8Y7YSogUP4psjW1iSatfFOLg5RviwZstVw3NbAKPZHQj3SvxBu
Lxgt7fS08LCOO1w4l6Jz59FynfAlt0e1KzdOiVzgzwItCAPXnQ5gPZ62m5MyRfGh
OpB+vVoPqqHri71cgMPkFUoiy18gcP28mOz45r7AGTLjXNW36kq/e1hhqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYdZtk5KwsDNrq0IOy9g5SriRlFMB8GA1UdIwQY
MBaAFNtNUqsJsW1y9MPkjMS0kCXQg2dtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjAxU3F3bXhiWEwwdy1TTXhMU1FKZENEWjIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iYTJiYWQtZWQzNS00NWMzLWI4NGUt
MjJiZGVmOTliY2VhLzEvMWgxbTJUa3JDd00ydXJRZzdMMkRsS3VKR1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iYTJiYWQtZWQzNS00NWMzLWI4NGUtMjJiZGVmOTliY2Vh
LzEvMjAxU3F3bXhiWEwwdy1TTXhMU1FKZENEWjIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwtVmMA0G
CSqGSIb3DQEBCwUAA4IBAQBS3hG/FKJWFQzkcnxJWyqGJz9WpMWBfZZmvT27ntGl
51Ex25U+nj28FTdBCn4mhKovg9NlOAeKlI2ovo9yRxgQC6dl41UpXhE3W1kk+4+1
HpFRg4kwfjhq3I9Cd9hkoyLTZOz/agI2R9idB7yqlj57lXcj7yD4rtJ1hFFGGREs
tU+4NjtQwSkwK+q29S1gU6XjF80ya2867kvJbREdwEpqz/bu3GqgsTnYKS+MHTUW
1A1ENhECeBm0z/+xXpVq4O6d3gAbJbDyjfHseUWfdbfEnc68T96unU5ne/b/WxkI
CKRR7Q14cF/RL//gHo4u75fsxy1EpdzWXCQC0KiTsBnh
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:36 2024 by rpki-client on console-ams.rpki-client.org