Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/CzF0PunZK9DnJqmUDfOx2-Dg0kw.roa
File: CzF0PunZK9DnJqmUDfOx2-Dg0kw.roa (raw, json)
Hash identifier: l60J4Vd8ewu1w9d5LOscU/w8wK4Jj1K0tSg772UUVJk=
Subject key identifier: 0B:31:74:3E:E9:D9:2B:D0:E7:26:A9:94:0D:F3:B1:DB:E0:E0:D2:4C
Certificate issuer: /CN=b5c7d81ec4c4055c673ff571ccad07c3a699105e
Certificate serial: 01889B22D7C166384AE02125F7F16D2043D1
Authority key identifier: B5:C7:D8:1E:C4:C4:05:5C:67:3F:F5:71:CC:AD:07:C3:A6:99:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/CzF0PunZK9DnJqmUDfOx2-Dg0kw.roa
Signing time: Thu 08 Jun 2023 13:12:11 +0000
ROA not before: Thu 08 Jun 2023 13:12:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 194.88.151.0/24 maxlen: 24
194.88.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jul 2023 00:54:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9b:22:d7:c1:66:38:4a:e0:21:25:f7:f1:6d:20:43:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5c7d81ec4c4055c673ff571ccad07c3a699105e
Validity
Not Before: Jun 8 13:12:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b31743ee9d92bd0e726a9940df3b1dbe0e0d24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c3:80:0a:f6:43:d3:62:c3:7c:b5:c2:1e:c1:
1d:f7:a0:4a:d9:b1:c4:df:4b:ee:6f:3b:88:e5:4d:
4d:a9:b2:b0:ff:5e:c7:48:8f:a9:6a:d7:a5:8a:40:
3e:03:fd:49:96:22:80:49:17:75:6d:64:51:0a:69:
37:9b:c8:19:10:1c:20:b3:d8:20:17:4a:50:11:50:
d9:29:e6:2d:a2:f5:71:82:42:1e:12:9d:4c:16:bf:
97:fb:7a:68:b2:05:c6:7c:fe:ee:8c:07:af:95:e7:
06:80:7f:60:a7:f9:b7:38:c6:34:c1:51:35:48:aa:
86:44:b1:3b:a9:74:61:f7:21:df:d0:19:94:cb:46:
6d:bb:4f:a1:5d:0c:d3:e4:b2:6b:ab:3a:ec:5c:42:
87:a7:7a:cb:10:fa:28:06:ee:63:cb:0f:3f:ba:63:
e8:35:e1:8b:43:58:62:86:f4:34:60:18:75:27:1e:
8b:71:8b:64:cd:b0:28:62:60:89:6a:4d:8a:47:66:
7b:17:47:ad:05:72:79:c2:31:28:7e:5b:6d:37:c9:
1c:9a:3c:03:39:d1:a6:0e:71:d4:d8:df:d0:ec:c2:
9b:24:b3:dc:64:e4:18:e6:28:15:a6:f4:3d:88:30:
fa:4c:a3:f0:75:ef:1a:e3:33:5e:bc:d2:b4:78:22:
ee:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:31:74:3E:E9:D9:2B:D0:E7:26:A9:94:0D:F3:B1:DB:E0:E0:D2:4C
X509v3 Authority Key Identifier:
keyid:B5:C7:D8:1E:C4:C4:05:5C:67:3F:F5:71:CC:AD:07:C3:A6:99:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/CzF0PunZK9DnJqmUDfOx2-Dg0kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.150.0/23
Signature Algorithm: sha256WithRSAEncryption
40:7f:c0:b2:14:2b:65:ce:44:b1:48:77:75:cc:1e:2e:9f:02:
39:3e:cd:56:bd:df:7b:84:b3:01:b0:8c:22:68:6f:42:1f:ae:
87:fa:17:5a:55:f6:3c:33:4e:3c:3d:e6:4e:87:c2:f9:94:1e:
63:75:87:8d:8c:c3:bb:13:ff:70:aa:45:05:69:6b:b1:59:02:
de:26:35:57:f0:a7:ce:7a:16:81:5b:fd:be:24:11:8d:cb:f1:
f3:44:ab:d4:30:1b:50:6a:bc:ae:da:0e:d0:6c:59:8c:85:70:
db:d8:b1:44:5c:5e:b7:71:04:51:4d:be:53:c2:75:69:14:41:
5d:52:b4:83:3e:f0:53:c9:d6:43:47:86:f8:54:b0:18:0e:a3:
a6:6c:19:9f:49:50:ef:e9:c5:bc:b4:5b:bc:a7:0d:72:3a:43:
80:7b:2c:40:38:35:11:bc:12:40:b0:a7:c9:b6:05:39:58:6f:
ac:5d:d9:50:08:2e:b3:7a:91:5b:15:d3:51:5e:ca:1e:3c:af:
2f:9d:3b:47:55:d0:18:93:c9:09:0e:6d:24:d2:8c:75:2e:51:
7a:d0:18:15:95:b1:86:3b:7c:a0:d1:0f:bf:24:87:62:ba:76:
63:fb:d4:91:08:b7:fd:09:6d:d1:a2:4a:be:fe:66:39:78:09:
4b:28:4d:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYibItfBZjhK4CEl9/FtIEPRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YzdkODFlYzRjNDA1NWM2NzNmZjU3MWNjYWQwN2MzYTY5
OTEwNWUwHhcNMjMwNjA4MTMxMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjMxNzQzZWU5ZDkyYmQwZTcyNmE5OTQwZGYzYjFkYmUwZTBkMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcOACvZD02LDfLXCHsEd96BK2bHE
30vubzuI5U1NqbKw/17HSI+patelikA+A/1JliKASRd1bWRRCmk3m8gZEBwgs9gg
F0pQEVDZKeYtovVxgkIeEp1MFr+X+3posgXGfP7ujAevlecGgH9gp/m3OMY0wVE1
SKqGRLE7qXRh9yHf0BmUy0Ztu0+hXQzT5LJrqzrsXEKHp3rLEPooBu5jyw8/umPo
NeGLQ1hihvQ0YBh1Jx6LcYtkzbAoYmCJak2KR2Z7F0etBXJ5wjEoflttN8kcmjwD
OdGmDnHU2N/Q7MKbJLPcZOQY5igVpvQ9iDD6TKPwde8a4zNevNK0eCLuQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsxdD7p2SvQ5yaplA3zsdvg4NJMMB8GA1UdIwQY
MBaAFLXH2B7ExAVcZz/1ccytB8OmmRBeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGNmWUhzVEVCVnhuUF9WeHpLMEh3NmFaRUY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82NzJhMmYtYWMyYi00NjMxLWFiM2Qt
YzJiYzE0NTFmMjcxLzEvQ3pGMFB1blpLOURuSnFtVURmT3gyLURnMGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82NzJhMmYtYWMyYi00NjMxLWFiM2QtYzJiYzE0NTFmMjcx
LzEvdGNmWUhzVEVCVnhuUF9WeHpLMEh3NmFaRUY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwliWMA0G
CSqGSIb3DQEBCwUAA4IBAQBAf8CyFCtlzkSxSHd1zB4unwI5Ps1Wvd97hLMBsIwi
aG9CH66H+hdaVfY8M048PeZOh8L5lB5jdYeNjMO7E/9wqkUFaWuxWQLeJjVX8KfO
ehaBW/2+JBGNy/HzRKvUMBtQaryu2g7QbFmMhXDb2LFEXF63cQRRTb5TwnVpFEFd
UrSDPvBTydZDR4b4VLAYDqOmbBmfSVDv6cW8tFu8pw1yOkOAeyxAODURvBJAsKfJ
tgU5WG+sXdlQCC6zepFbFdNRXsoePK8vnTtHVdAYk8kJDm0k0ox1LlF60BgVlbGG
O3yg0Q+/JIdiunZj+9SRCLf9CW3Rokq+/mY5eAlLKE3v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:51 2024 by rpki-client on console-fra.rpki-client.org