Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/1xQpTp7JF2sF7My2_oqFaKxkYGk.roa
File: 1xQpTp7JF2sF7My2_oqFaKxkYGk.roa (raw, json)
Hash identifier: fgHfinZADtiwb+joTYPrTDEujScz549gyB6TEzGfKvM=
Subject key identifier: D7:14:29:4E:9E:C9:17:6B:05:EC:CC:B6:FE:8A:85:68:AC:64:60:69
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 019200056DE02CDE46D7532D188C5A5C7C3F
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/1xQpTp7JF2sF7My2_oqFaKxkYGk.roa
Signing time: Tue 17 Sep 2024 12:46:48 +0000
ROA not before: Tue 17 Sep 2024 12:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149020
IP address blocks: 194.5.97.0/24 maxlen: 24
194.5.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Sep 2024 11:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:00:05:6d:e0:2c:de:46:d7:53:2d:18:8c:5a:5c:7c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Sep 17 12:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d714294e9ec9176b05ecccb6fe8a8568ac646069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1e:4c:9e:78:75:f3:d7:96:ff:17:bd:0e:f2:
00:9c:b8:cb:f3:a7:dd:50:d2:b9:2a:5c:94:14:de:
26:2d:46:d6:42:a0:ef:92:df:45:f5:60:fd:b4:91:
59:7d:dd:2a:f2:20:10:54:fa:78:a4:7b:3b:11:9d:
71:f7:4f:2b:e5:b5:ac:23:ef:f4:f4:fb:ad:0d:77:
8a:2e:10:90:a2:e6:51:25:e5:bf:15:21:df:68:c1:
71:33:bb:9a:ed:64:62:fd:e9:2e:6a:83:4c:0d:ab:
a6:6d:4d:59:0e:77:01:21:20:02:de:2d:7d:6f:6b:
d9:56:5c:9a:bf:9b:f9:ef:ee:0a:80:a1:73:c2:66:
1f:47:92:df:1c:a1:c2:5a:a7:de:61:f0:b4:77:23:
c7:24:7b:42:65:b3:7d:67:39:96:05:7c:8d:20:53:
4e:1a:5a:d1:3a:46:f6:e9:65:47:cd:4c:8c:ff:81:
ef:76:34:6d:f1:89:6b:d0:2f:11:04:48:50:59:ad:
e1:e1:8d:38:bb:3f:7d:92:89:a0:ec:53:19:26:2d:
55:3b:3e:09:98:90:1a:16:6a:37:47:02:d0:8a:bc:
87:34:b0:d1:20:53:9a:18:52:8b:b4:f9:07:69:67:
38:09:e8:97:9f:f4:03:12:ab:1a:fe:6e:b1:ae:b7:
b1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:14:29:4E:9E:C9:17:6B:05:EC:CC:B6:FE:8A:85:68:AC:64:60:69
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/1xQpTp7JF2sF7My2_oqFaKxkYGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.97.0-194.5.98.255
Signature Algorithm: sha256WithRSAEncryption
04:36:b0:4d:a2:11:f8:bc:99:c2:f3:26:cb:0a:e7:64:46:b2:
7c:1f:b4:89:72:e1:6f:1f:a7:4d:86:cf:92:ff:a7:f2:d0:95:
a8:d9:83:1d:52:2b:d7:9e:e4:24:fb:80:1f:14:ff:40:93:55:
40:93:11:8c:4a:c6:aa:0b:9a:c8:d5:4f:a3:49:b7:54:48:6a:
39:1f:13:3b:83:9a:b0:18:54:4d:af:0a:4a:0f:e0:df:b4:58:
43:23:be:72:89:65:39:68:25:bb:16:ae:ce:f4:06:ce:b8:d6:
96:7d:c5:48:6a:b7:ad:64:d5:40:8b:9f:a6:cb:8d:4c:44:07:
cc:7a:e1:b0:d9:f8:9b:e9:38:95:d0:dd:44:47:ef:2d:4c:9e:
0b:42:24:ac:54:5e:34:5e:ea:a5:fb:ea:38:d2:31:8f:6a:76:
0a:ea:8d:0e:66:d2:29:2b:02:41:d7:f9:65:89:03:d0:1b:1c:
4f:cf:d8:fb:f8:4e:96:1f:87:48:8b:89:8a:a7:58:9e:4d:cb:
e0:6c:6f:3a:fb:52:bb:be:43:07:d3:73:3a:5c:a0:89:76:a9:
91:85:6c:f1:3f:ae:4f:5d:3d:e3:ca:bd:17:41:f6:92:44:6b:
84:78:49:cf:2c:d4:80:55:ac:a8:27:c0:84:e8:a5:b9:52:e7:
83:12:74:fe
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZIABW3gLN5G11MtGIxaXHw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjQwOTE3MTI0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzE0Mjk0ZTllYzkxNzZiMDVlY2NjYjZmZThhODU2OGFjNjQ2MDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR5Mnnh189eW/xe9DvIAnLjL86fd
UNK5KlyUFN4mLUbWQqDvkt9F9WD9tJFZfd0q8iAQVPp4pHs7EZ1x908r5bWsI+/0
9PutDXeKLhCQouZRJeW/FSHfaMFxM7ua7WRi/ekuaoNMDaumbU1ZDncBISAC3i19
b2vZVlyav5v57+4KgKFzwmYfR5LfHKHCWqfeYfC0dyPHJHtCZbN9ZzmWBXyNIFNO
GlrROkb26WVHzUyM/4HvdjRt8Ylr0C8RBEhQWa3h4Y04uz99komg7FMZJi1VOz4J
mJAaFmo3RwLQiryHNLDRIFOaGFKLtPkHaWc4CeiXn/QDEqsa/m6xrrex2QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNcUKU6eyRdrBezMtv6KhWisZGBpMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvMXhRcFRwN0pGMnNGN015Ml9vcUZhS3hrWUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCBWED
BADCBWIwDQYJKoZIhvcNAQELBQADggEBAAQ2sE2iEfi8mcLzJssK52RGsnwftIly
4W8fp02Gz5L/p/LQlajZgx1SK9ee5CT7gB8U/0CTVUCTEYxKxqoLmsjVT6NJt1RI
ajkfEzuDmrAYVE2vCkoP4N+0WEMjvnKJZTloJbsWrs70Bs641pZ9xUhqt61k1UCL
n6bLjUxEB8x64bDZ+JvpOJXQ3URH7y1MngtCJKxUXjRe6qX76jjSMY9qdgrqjQ5m
0ikrAkHX+WWJA9AbHE/P2Pv4TpYfh0iLiYqnWJ5Ny+Bsbzr7Uru+QwfTczpcoIl2
qZGFbPE/rk9dPePKvRdB9pJEa4R4Sc8s1IBVrKgnwITopblS54MSdP4=
-----END CERTIFICATE-----
Generated at Thu Sep 19 17:01:53 2024 by rpki-client on console-ams.rpki-client.org