Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/G8ZVD5DrqdoWt5fAbtu51yn5j5k.roa
File: G8ZVD5DrqdoWt5fAbtu51yn5j5k.roa (raw, json)
Hash identifier: QTGpdwgOJM6TC+6gWLwbkkk+2PL85njdlvnUmEtdxQ4=
Subject key identifier: 1B:C6:55:0F:90:EB:A9:DA:16:B7:97:C0:6E:DB:B9:D7:29:F9:8F:99
Certificate issuer: /CN=b5c7d81ec4c4055c673ff571ccad07c3a699105e
Certificate serial: 0186FF515B817A6AF1A73B231811130C370F
Authority key identifier: B5:C7:D8:1E:C4:C4:05:5C:67:3F:F5:71:CC:AD:07:C3:A6:99:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/G8ZVD5DrqdoWt5fAbtu51yn5j5k.roa
Signing time: Mon 20 Mar 2023 13:59:27 +0000
ROA not before: Mon 20 Mar 2023 13:59:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20853
IP address blocks: 194.88.151.0/24 maxlen: 24
194.88.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Jun 2023 13:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ff:51:5b:81:7a:6a:f1:a7:3b:23:18:11:13:0c:37:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5c7d81ec4c4055c673ff571ccad07c3a699105e
Validity
Not Before: Mar 20 13:59:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bc6550f90eba9da16b797c06edbb9d729f98f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7a:4f:0e:11:c3:87:45:5f:4e:13:cc:1f:95:
9e:5d:37:df:a1:2d:b7:04:70:f1:6d:ed:67:17:e1:
b7:95:f5:50:c5:67:dc:ff:0f:80:a0:dc:da:06:a7:
31:e5:6d:7e:70:e1:0e:62:80:8f:dc:12:ca:80:33:
34:67:45:a0:30:b1:f2:6d:7e:fa:25:b9:35:c4:cc:
f5:1a:67:1c:b6:d0:20:1f:f7:5d:c6:d4:b9:2d:9e:
1a:0e:5c:e0:dd:ef:54:6c:e8:d9:54:bf:62:f2:a4:
fd:ca:b1:18:98:ce:20:fc:e0:80:18:80:dd:7c:be:
8d:ef:80:8e:01:c9:85:ed:c7:9a:6a:f8:c2:33:34:
51:cc:a8:ec:7c:5b:75:73:91:0d:fc:6a:61:3e:f9:
1f:6f:75:35:ce:9e:b8:5c:fb:d4:02:e8:22:f8:7c:
b1:45:06:d1:5a:de:4a:48:2f:b0:eb:b6:79:85:4f:
55:06:fd:38:d5:e6:85:6d:5d:86:84:71:e0:ca:9b:
26:3d:10:21:36:e2:d4:3f:7b:46:95:bd:8f:8a:2a:
2b:4e:16:94:e4:ec:82:1b:6d:95:2f:af:e5:66:53:
00:80:d2:dc:6d:01:4c:eb:2b:be:35:81:22:51:d1:
0e:07:68:75:7a:9a:c5:aa:b7:e1:73:e9:79:3c:03:
51:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C6:55:0F:90:EB:A9:DA:16:B7:97:C0:6E:DB:B9:D7:29:F9:8F:99
X509v3 Authority Key Identifier:
keyid:B5:C7:D8:1E:C4:C4:05:5C:67:3F:F5:71:CC:AD:07:C3:A6:99:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/G8ZVD5DrqdoWt5fAbtu51yn5j5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.150.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:16:ed:97:4a:06:61:60:c9:6e:25:a4:68:25:df:40:b4:0b:
82:b6:96:55:7b:51:17:06:01:45:be:fb:f2:b8:1b:53:7a:82:
34:25:4a:a3:f3:a5:46:38:b8:98:dc:9d:9f:7f:88:68:43:3e:
68:68:f6:76:0a:c1:e6:0f:02:61:25:34:78:14:83:e4:e2:78:
1a:34:cb:3a:2a:9a:80:91:33:6d:70:a1:94:3e:4d:df:17:df:
82:25:e7:c7:42:4c:2b:6a:0a:94:ec:06:2b:63:fc:47:62:4c:
e1:17:55:88:d2:6a:2f:aa:a3:bd:aa:da:b7:97:68:31:98:df:
bd:b5:29:68:e5:78:c7:d8:0e:3b:7d:e3:ea:4b:e3:e8:45:01:
1d:f7:6a:46:71:19:da:14:ff:ef:71:87:8d:7b:aa:2f:3d:ef:
24:51:22:9e:6a:f6:f6:cf:c2:78:5c:ab:cd:2f:7d:ae:7d:4f:
50:70:42:12:42:81:30:ed:34:d5:ef:77:01:c0:5a:1c:44:3d:
25:f5:97:f0:5c:64:f9:b1:0f:ab:a2:f2:97:c8:7a:92:3e:ca:
50:77:b6:36:64:65:84:5e:74:34:eb:27:bb:2b:6e:7a:a4:1d:
6f:0e:fe:f3:0f:4c:4b:f2:2b:5f:59:ec:ca:c3:46:ea:cf:b5:
9b:26:d5:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb/UVuBemrxpzsjGBETDDcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YzdkODFlYzRjNDA1NWM2NzNmZjU3MWNjYWQwN2MzYTY5
OTEwNWUwHhcNMjMwMzIwMTM1OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM2NTUwZjkwZWJhOWRhMTZiNzk3YzA2ZWRiYjlkNzI5Zjk4Zjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXpPDhHDh0VfThPMH5WeXTffoS23
BHDxbe1nF+G3lfVQxWfc/w+AoNzaBqcx5W1+cOEOYoCP3BLKgDM0Z0WgMLHybX76
Jbk1xMz1GmccttAgH/ddxtS5LZ4aDlzg3e9UbOjZVL9i8qT9yrEYmM4g/OCAGIDd
fL6N74COAcmF7ceaavjCMzRRzKjsfFt1c5EN/GphPvkfb3U1zp64XPvUAugi+Hyx
RQbRWt5KSC+w67Z5hU9VBv041eaFbV2GhHHgypsmPRAhNuLUP3tGlb2PiiorThaU
5OyCG22VL6/lZlMAgNLcbQFM6yu+NYEiUdEOB2h1eprFqrfhc+l5PANRPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvGVQ+Q66naFreXwG7budcp+Y+ZMB8GA1UdIwQY
MBaAFLXH2B7ExAVcZz/1ccytB8OmmRBeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGNmWUhzVEVCVnhuUF9WeHpLMEh3NmFaRUY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82NzJhMmYtYWMyYi00NjMxLWFiM2Qt
YzJiYzE0NTFmMjcxLzEvRzhaVkQ1RHJxZG9XdDVmQWJ0dTUxeW41ajVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82NzJhMmYtYWMyYi00NjMxLWFiM2QtYzJiYzE0NTFmMjcx
LzEvdGNmWUhzVEVCVnhuUF9WeHpLMEh3NmFaRUY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwliWMA0G
CSqGSIb3DQEBCwUAA4IBAQBuFu2XSgZhYMluJaRoJd9AtAuCtpZVe1EXBgFFvvvy
uBtTeoI0JUqj86VGOLiY3J2ff4hoQz5oaPZ2CsHmDwJhJTR4FIPk4ngaNMs6KpqA
kTNtcKGUPk3fF9+CJefHQkwragqU7AYrY/xHYkzhF1WI0movqqO9qtq3l2gxmN+9
tSlo5XjH2A47fePqS+PoRQEd92pGcRnaFP/vcYeNe6ovPe8kUSKeavb2z8J4XKvN
L32ufU9QcEISQoEw7TTV73cBwFocRD0l9ZfwXGT5sQ+rovKXyHqSPspQd7Y2ZGWE
XnQ06ye7K256pB1vDv7zD0xL8itfWezKw0bqz7WbJtXN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:30 2024 by rpki-client on console-ams.rpki-client.org