Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/rh8Ahx0x3VR8_dlIF08OouS7OJw.roa
File: rh8Ahx0x3VR8_dlIF08OouS7OJw.roa (raw, json)
Hash identifier: lvlGhwr+eoIWLXyMOPHO9WBGNFc5SLDNiOeH/TQv47Q=
Subject key identifier: AE:1F:00:87:1D:31:DD:54:7C:FD:D9:48:17:4F:0E:A2:E4:BB:38:9C
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018CC72775E13C1398CFCB2786521BB28567
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/rh8Ahx0x3VR8_dlIF08OouS7OJw.roa
Signing time: Mon 01 Jan 2024 22:31:41 +0000
ROA not before: Mon 01 Jan 2024 22:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39131
IP address blocks: 194.190.253.0/24 maxlen: 24
194.190.251.0/24 maxlen: 24
194.190.252.0/24 maxlen: 24
194.190.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Apr 2024 11:56:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:75:e1:3c:13:98:cf:cb:27:86:52:1b:b2:85:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 22:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae1f00871d31dd547cfdd948174f0ea2e4bb389c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cd:fc:70:c8:09:47:af:f4:2d:c6:be:1d:f8:
1e:64:4f:60:f7:4f:26:8b:20:18:fb:2e:53:b5:e8:
03:ee:08:32:35:d3:27:80:cf:1d:83:7e:c8:11:a2:
01:e9:35:2d:16:88:e7:e2:c8:b5:4e:d6:87:25:0c:
cb:25:13:42:b5:5a:49:c7:cf:2d:7f:dc:63:95:d8:
4b:56:b8:c2:03:88:50:c3:ee:96:ff:33:7f:f3:87:
36:7d:55:4a:f4:f2:2b:46:08:05:ce:a5:52:d8:89:
be:e4:16:60:24:64:35:44:25:79:d7:de:aa:67:66:
19:52:bf:5f:34:7b:3a:d2:4d:6e:25:8d:25:8b:97:
c0:e7:71:da:4d:5b:f5:f1:26:f4:fa:c4:63:b2:a3:
d1:f6:84:05:37:ef:99:ea:bb:32:82:54:9f:62:8a:
2e:62:e2:a6:f4:f4:b9:3f:3d:79:64:b3:4f:23:bd:
8e:a7:bb:51:e6:37:9a:02:40:81:f6:85:0a:fb:b4:
7a:8d:c3:2a:db:9e:c8:36:b4:be:54:c3:25:91:62:
3e:23:83:bb:36:a5:0a:8f:19:98:71:ec:ae:e6:eb:
e4:a9:8f:54:08:2c:d9:5d:68:c2:72:8a:1d:4b:a3:
e2:6f:6e:97:9b:c8:3f:02:41:95:cd:db:53:5e:9f:
a1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1F:00:87:1D:31:DD:54:7C:FD:D9:48:17:4F:0E:A2:E4:BB:38:9C
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/rh8Ahx0x3VR8_dlIF08OouS7OJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.190.250.0-194.190.253.255
Signature Algorithm: sha256WithRSAEncryption
3a:37:bc:3b:dd:89:82:30:ed:99:88:9a:2d:3b:47:de:06:1c:
2a:73:59:03:8e:35:6e:26:80:aa:66:5c:60:99:8d:57:10:3e:
00:73:54:cc:c6:5f:13:31:ff:3d:4d:03:13:45:54:c7:dc:52:
6c:9e:f2:4a:08:45:67:55:79:24:84:29:b2:46:bd:54:4b:85:
b0:c4:17:f7:6f:9f:78:c8:f3:72:74:98:15:6e:7f:24:cc:4b:
05:f9:38:01:5a:a8:25:1e:a6:92:69:cf:fb:70:d2:eb:fd:9a:
44:32:96:77:70:8a:ae:f9:d6:09:8a:02:08:48:52:41:ea:bb:
e3:d9:1d:b5:7d:df:02:ac:10:11:0d:47:ad:b2:a7:ce:ca:58:
7f:0a:a5:49:b3:7a:83:ef:7c:e6:f7:cc:fc:a3:1c:4a:ea:4a:
0e:d7:ce:49:bc:3c:1a:3a:93:d8:25:66:7f:d1:b4:47:f9:b5:
1b:64:51:ba:1e:73:9e:96:f6:a9:a3:bd:db:ed:ce:d1:00:34:
48:25:6f:06:21:43:3f:13:d3:5b:3c:2d:0d:bb:11:6a:68:84:
44:24:e5:f8:f5:b8:e1:04:be:88:87:a1:3a:9e:f2:b1:6f:f5:
a2:48:81:4d:52:06:26:d7:80:bb:56:4d:c0:4f:d1:b7:c0:1c:
b1:4d:73:a3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHJ3XhPBOYz8snhlIbsoVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMTAxMjIzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFmMDA4NzFkMzFkZDU0N2NmZGQ5NDgxNzRmMGVhMmU0YmIzODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc38cMgJR6/0Lca+HfgeZE9g908m
iyAY+y5TtegD7ggyNdMngM8dg37IEaIB6TUtFojn4si1TtaHJQzLJRNCtVpJx88t
f9xjldhLVrjCA4hQw+6W/zN/84c2fVVK9PIrRggFzqVS2Im+5BZgJGQ1RCV5196q
Z2YZUr9fNHs60k1uJY0li5fA53HaTVv18Sb0+sRjsqPR9oQFN++Z6rsyglSfYoou
YuKm9PS5Pz15ZLNPI72Op7tR5jeaAkCB9oUK+7R6jcMq257INrS+VMMlkWI+I4O7
NqUKjxmYceyu5uvkqY9UCCzZXWjCcoodS6Pib26Xm8g/AkGVzdtTXp+hhQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK4fAIcdMd1UfP3ZSBdPDqLkuzicMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvcmg4QWh4MHgzVlI4X2RsSUYwOE9vdVM3T0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHCvvoD
BAHCvvwwDQYJKoZIhvcNAQELBQADggEBADo3vDvdiYIw7ZmImi07R94GHCpzWQOO
NW4mgKpmXGCZjVcQPgBzVMzGXxMx/z1NAxNFVMfcUmye8koIRWdVeSSEKbJGvVRL
hbDEF/dvn3jI83J0mBVufyTMSwX5OAFaqCUeppJpz/tw0uv9mkQylndwiq751gmK
AghIUkHqu+PZHbV93wKsEBENR62yp87KWH8KpUmzeoPvfOb3zPyjHErqSg7Xzkm8
PBo6k9glZn/RtEf5tRtkUboec56W9qmjvdvtztEANEglbwYhQz8T01s8LQ27EWpo
hEQk5fj1uOEEvoiHoTqe8rFv9aJIgU1SBibXgLtWTcBP0bfAHLFNc6M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org