Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/44H3pWYc1k4FGk83VGRJQpOnGUg.roa
File: 44H3pWYc1k4FGk83VGRJQpOnGUg.roa (raw, json)
Hash identifier: j0vD4GFTueRtQZUBScs1HEIM+enMGfNIDopdKaRrBQw=
Subject key identifier: E3:81:F7:A5:66:1C:D6:4E:05:1A:4F:37:54:64:49:42:93:A7:19:48
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 018D56F69EBD0341125860DAB2CF042ECB5C
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/44H3pWYc1k4FGk83VGRJQpOnGUg.roa
Signing time: Mon 29 Jan 2024 20:43:39 +0000
ROA not before: Mon 29 Jan 2024 20:43:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399976
IP address blocks: 194.54.146.0/24 maxlen: 24
2a12:c6c0::/29 maxlen: 64
2a12:c6c0::/32 maxlen: 48
2a12:c6c1::/32 maxlen: 48
2a12:c6c2::/32 maxlen: 48
2a12:c6c3::/32 maxlen: 48
2a12:c6c4::/32 maxlen: 48
2a12:c6c5::/32 maxlen: 48
2a12:c6c6::/32 maxlen: 48
2a12:c6c7::/32 maxlen: 48
Validation: Failed, certificate revoked on Sun 04 Feb 2024 20:03:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:f6:9e:bd:03:41:12:58:60:da:b2:cf:04:2e:cb:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Jan 29 20:43:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e381f7a5661cd64e051a4f375464494293a71948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:89:3c:c6:4c:0c:6e:1a:83:06:b4:dc:e1:b5:
dd:d9:b5:53:a8:30:3b:56:2d:38:dd:a6:d8:14:85:
e4:2d:c0:64:42:db:28:97:01:fc:16:0c:20:e7:20:
f9:6f:93:e6:d6:1d:ce:05:54:53:6f:a6:44:59:d2:
63:f3:34:d4:ba:d9:9c:bf:56:69:8b:ae:96:7e:bf:
88:f9:b9:a5:1e:8c:99:56:79:c2:8d:4a:c8:6a:88:
9d:17:ce:3d:d1:c1:66:53:07:07:54:6f:05:ad:ec:
27:1f:ad:b7:d9:a7:d4:cf:32:3a:db:ac:58:de:23:
1d:11:e9:3a:88:dc:8a:5e:65:75:6e:e5:69:65:42:
df:d2:b3:f5:db:78:64:24:73:9f:7e:d5:28:4b:b1:
b4:0a:bd:04:4f:7d:f2:f3:e1:ab:c7:65:67:24:ca:
7e:0b:ad:de:93:c2:46:21:e8:d5:a1:34:c9:8b:ae:
cd:8b:c3:fa:e0:1b:1f:f4:e9:76:c6:e9:2b:e1:26:
48:7f:89:6b:e5:e0:4b:d5:24:0d:16:c5:f2:13:4c:
6f:92:15:6c:94:1f:10:bc:41:b1:24:d3:fa:e2:d4:
a4:df:72:be:fc:ba:d8:63:60:82:01:cb:e4:53:0c:
1f:71:a8:48:35:2a:f3:48:35:9f:e3:a0:ac:4f:c6:
47:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:81:F7:A5:66:1C:D6:4E:05:1A:4F:37:54:64:49:42:93:A7:19:48
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/44H3pWYc1k4FGk83VGRJQpOnGUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.54.146.0/24
IPv6:
2a12:c6c0::/29
Signature Algorithm: sha256WithRSAEncryption
bb:bd:2b:83:77:1a:5d:b8:6f:c7:07:65:ac:ec:46:42:fc:af:
bd:42:92:e3:02:a6:69:79:5f:5a:f0:c9:a9:92:c3:95:45:51:
1e:df:42:1c:ba:20:49:8e:f7:78:a3:fe:24:c9:f6:bf:fb:28:
c3:7f:48:d7:5b:c9:f9:8b:37:1f:45:d2:7b:75:4f:ff:c6:3e:
8e:4e:47:b4:e6:1f:50:f7:2b:25:35:ab:de:f2:f1:af:81:02:
26:f0:8a:b2:d1:51:99:4e:45:d8:1d:2d:78:ec:a7:d3:4d:bc:
0d:4e:9f:45:f1:a1:aa:3f:ed:d1:d0:e4:e4:26:07:8b:b1:6b:
ee:20:de:e1:12:4a:7b:7c:66:3b:0f:d7:64:47:3b:20:40:77:
a7:e6:77:84:19:fc:e7:77:98:aa:ff:bc:53:74:bb:2b:3c:28:
35:77:30:1c:14:44:ea:f7:b4:53:ff:13:e1:16:c4:4a:e5:a9:
5a:06:8f:56:f8:e5:c3:6b:4f:6a:ff:c5:8c:d7:9f:97:4e:1d:
ba:0d:f0:b4:50:86:d7:59:1a:d8:18:4f:b8:2b:89:f2:9e:36:
24:5e:19:f5:dd:d2:f3:f8:36:7b:dd:c5:86:cc:e2:cd:5a:fa:
b4:2b:e5:80:83:ca:26:9a:39:ef:e9:85:a0:fe:c3:a5:96:40:
27:35:6c:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1W9p69A0ESWGDass8ELstcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjQwMTI5MjA0MzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzgxZjdhNTY2MWNkNjRlMDUxYTRmMzc1NDY0NDk0MjkzYTcxOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4k8xkwMbhqDBrTc4bXd2bVTqDA7
Vi043abYFIXkLcBkQtsolwH8Fgwg5yD5b5Pm1h3OBVRTb6ZEWdJj8zTUutmcv1Zp
i66Wfr+I+bmlHoyZVnnCjUrIaoidF8490cFmUwcHVG8FrewnH6232afUzzI626xY
3iMdEek6iNyKXmV1buVpZULf0rP123hkJHOfftUoS7G0Cr0ET33y8+Grx2VnJMp+
C63ek8JGIejVoTTJi67Ni8P64Bsf9Ol2xukr4SZIf4lr5eBL1SQNFsXyE0xvkhVs
lB8QvEGxJNP64tSk33K+/LrYY2CCAcvkUwwfcahINSrzSDWf46CsT8ZHmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOOB96VmHNZOBRpPN1RkSUKTpxlIMB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvNDRIM3BXWWMxazRGR2s4M1ZHUkpRcE9uR1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwjaSMA0E
AgACMAcDBQMqEsbAMA0GCSqGSIb3DQEBCwUAA4IBAQC7vSuDdxpduG/HB2Ws7EZC
/K+9QpLjAqZpeV9a8MmpksOVRVEe30IcuiBJjvd4o/4kyfa/+yjDf0jXW8n5izcf
RdJ7dU//xj6OTke05h9Q9yslNave8vGvgQIm8Iqy0VGZTkXYHS147KfTTbwNTp9F
8aGqP+3R0OTkJgeLsWvuIN7hEkp7fGY7D9dkRzsgQHen5neEGfznd5iq/7xTdLsr
PCg1dzAcFETq97RT/xPhFsRK5alaBo9W+OXDa09q/8WM15+XTh26DfC0UIbXWRrY
GE+4K4nynjYkXhn13dLz+DZ73cWGzOLNWvq0K+WAg8ommjnv6YWg/sOllkAnNWyQ
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:01:05 2025 by rpki-client