Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/oN5Ur7EOhPnYa9hjnrR1yb48d3o.roa
File: oN5Ur7EOhPnYa9hjnrR1yb48d3o.roa (raw, json)
Hash identifier: ys7yNx+ZG6+i3dDx2/zHI2r0GJSh29qerxAYEDH0kCU=
Subject key identifier: A0:DE:54:AF:B1:0E:84:F9:D8:6B:D8:63:9E:B4:75:C9:BE:3C:77:7A
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 018F95545AECB3DACB8E2A8E5C096A8C9AB6
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/oN5Ur7EOhPnYa9hjnrR1yb48d3o.roa
Signing time: Mon 20 May 2024 09:28:04 +0000
ROA not before: Mon 20 May 2024 09:28:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.246.36.0/24 maxlen: 24
194.247.44.0/24 maxlen: 24
194.247.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 07:56:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:95:54:5a:ec:b3:da:cb:8e:2a:8e:5c:09:6a:8c:9a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: May 20 09:28:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0de54afb10e84f9d86bd8639eb475c9be3c777a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8b:b8:c0:05:80:94:dd:98:33:fc:36:2d:94:
1d:64:88:13:9c:c2:c6:55:39:f7:a0:2f:dc:ea:78:
a5:05:3d:f9:c2:81:c8:2a:b2:2d:55:42:a9:28:75:
1b:64:16:77:c5:00:e9:9a:22:d2:06:0d:7e:1e:48:
ab:92:27:9d:88:64:51:89:78:43:d1:35:16:f4:3d:
31:61:f6:cc:f4:93:1f:2e:14:e1:87:96:ff:5d:57:
35:e1:a4:9b:8d:a2:fe:c1:b4:30:9c:3d:0a:79:4e:
b3:56:49:48:e0:17:20:3d:b7:4d:f6:be:b3:42:cb:
20:99:f0:24:ee:04:0b:55:a9:e2:d9:a3:11:79:24:
74:99:88:93:ef:cd:41:4a:a5:89:c3:c1:5a:0f:49:
c5:c3:84:d7:1c:b2:b2:38:84:90:5d:32:e3:1a:d5:
a1:dd:10:8f:6c:04:5c:d6:f3:1a:3a:b6:97:35:d2:
b7:e1:e0:e9:08:26:dd:dd:61:56:95:5f:6f:fa:8a:
2a:08:7f:4b:e9:82:b8:e4:e2:7a:d0:f6:6e:9f:22:
00:60:df:46:1a:99:53:d3:8a:2b:1b:75:fd:d7:42:
82:ec:fc:a4:9a:9f:03:1a:f3:80:de:a5:9f:3e:f8:
4c:d4:90:8c:71:63:7f:3b:ca:5c:86:15:5a:9d:d5:
aa:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DE:54:AF:B1:0E:84:F9:D8:6B:D8:63:9E:B4:75:C9:BE:3C:77:7A
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/oN5Ur7EOhPnYa9hjnrR1yb48d3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.36.0/24
194.247.44.0/23
Signature Algorithm: sha256WithRSAEncryption
88:e8:b5:6f:b4:0a:15:15:e8:0b:3c:b4:78:a6:9e:16:25:d2:
f1:c0:2b:e4:f9:73:48:f1:32:66:09:31:e7:92:e0:56:7a:b8:
d2:49:42:16:88:04:80:80:c5:8f:fb:69:d7:10:82:f5:17:82:
5b:7d:b5:37:6c:5f:a8:59:17:7e:14:c9:b1:de:92:7b:be:63:
9d:cd:b5:29:0c:62:ab:58:74:84:c0:01:f7:17:07:dd:fa:f4:
f1:b6:47:b5:13:79:54:f0:b5:94:19:30:a4:fe:28:40:b6:8c:
62:44:06:73:bd:9e:86:47:15:20:92:01:24:4f:fe:e7:29:2b:
b6:06:7e:cf:cf:4e:2e:de:7c:a9:c3:73:7d:50:63:72:41:b4:
fe:d3:ad:db:26:23:54:af:e1:58:6f:9b:8c:90:66:f2:fa:94:
9d:e2:bc:9a:db:d2:f7:04:d6:fe:ea:45:ed:f5:5d:04:35:4c:
5b:4e:61:10:33:12:29:56:6e:e9:79:42:62:b1:82:b6:49:8d:
97:b5:9f:32:7f:dc:0a:ef:48:d2:da:c6:c5:fe:f6:a0:66:05:
75:da:2d:ca:c2:78:73:f2:c2:80:cd:16:1d:07:2a:2e:09:e3:
b8:1c:c8:59:79:41:27:f8:05:0a:b5:be:cf:c3:3f:bc:ab:1a:
e8:e4:25:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+VVFrss9rLjiqOXAlqjJq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjQwNTIwMDkyODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGRlNTRhZmIxMGU4NGY5ZDg2YmQ4NjM5ZWI0NzVjOWJlM2M3NzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIu4wAWAlN2YM/w2LZQdZIgTnMLG
VTn3oC/c6nilBT35woHIKrItVUKpKHUbZBZ3xQDpmiLSBg1+HkirkiediGRRiXhD
0TUW9D0xYfbM9JMfLhThh5b/XVc14aSbjaL+wbQwnD0KeU6zVklI4BcgPbdN9r6z
QssgmfAk7gQLVani2aMReSR0mYiT781BSqWJw8FaD0nFw4TXHLKyOISQXTLjGtWh
3RCPbARc1vMaOraXNdK34eDpCCbd3WFWlV9v+ooqCH9L6YK45OJ60PZunyIAYN9G
GplT04orG3X910KC7Pykmp8DGvOA3qWfPvhM1JCMcWN/O8pchhVandWqNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKDeVK+xDoT52GvYY560dcm+PHd6MB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvb041VXI3RU9oUG5ZYTloam5yUjF5YjQ4ZDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwvYkAwQB
wvcsMA0GCSqGSIb3DQEBCwUAA4IBAQCI6LVvtAoVFegLPLR4pp4WJdLxwCvk+XNI
8TJmCTHnkuBWerjSSUIWiASAgMWP+2nXEIL1F4JbfbU3bF+oWRd+FMmx3pJ7vmOd
zbUpDGKrWHSEwAH3Fwfd+vTxtke1E3lU8LWUGTCk/ihAtoxiRAZzvZ6GRxUgkgEk
T/7nKSu2Bn7Pz04u3nypw3N9UGNyQbT+063bJiNUr+FYb5uMkGby+pSd4rya29L3
BNb+6kXt9V0ENUxbTmEQMxIpVm7peUJisYK2SY2XtZ8yf9wK70jS2sbF/vagZgV1
2i3Kwnhz8sKAzRYdByouCeO4HMhZeUEn+AUKtb7Pwz+8qxro5CUD
-----END CERTIFICATE-----
Generated at Wed Jun 26 11:54:51 2024 by rpki-client on console-fra.rpki-client.org