Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/S7L70KcAse8Kig2LonhlxlMuAgE.roa
File: S7L70KcAse8Kig2LonhlxlMuAgE.roa (raw, json)
Hash identifier: VXA3xjSlk4GxVyvQ0rRot4oEAMGnaRZosAfBzDJDaTU=
Subject key identifier: 4B:B2:FB:D0:A7:00:B1:EF:0A:8A:0D:8B:A2:78:65:C6:53:2E:02:01
Certificate issuer: /CN=b5c7d81ec4c4055c673ff571ccad07c3a699105e
Certificate serial: 018975F0DCCCFC15F5EBD8FBED6FFA891431
Authority key identifier: B5:C7:D8:1E:C4:C4:05:5C:67:3F:F5:71:CC:AD:07:C3:A6:99:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/S7L70KcAse8Kig2LonhlxlMuAgE.roa
Signing time: Fri 21 Jul 2023 00:54:26 +0000
ROA not before: Fri 21 Jul 2023 00:54:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 194.88.151.0/24 maxlen: 24
194.88.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:75:f0:dc:cc:fc:15:f5:eb:d8:fb:ed:6f:fa:89:14:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5c7d81ec4c4055c673ff571ccad07c3a699105e
Validity
Not Before: Jul 21 00:54:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bb2fbd0a700b1ef0a8a0d8ba27865c6532e0201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:79:e1:63:bc:99:f8:bb:eb:c6:c3:b6:2b:28:
a5:da:9f:15:81:c1:4e:5e:13:ee:71:01:e1:0a:ff:
1a:7a:ad:bd:04:26:28:f5:2c:13:c9:0e:37:de:49:
05:47:64:8a:4f:b2:01:8b:89:39:64:bc:a7:83:67:
90:6e:62:b8:c1:7d:65:80:d6:2d:91:e5:83:2b:e6:
9a:a5:1b:5a:ea:b9:b3:2b:9e:08:e9:c4:4a:66:b6:
5d:7d:75:d1:11:cf:2f:ac:0c:d2:25:25:01:b7:04:
dc:33:a9:ba:ee:34:47:22:20:44:a3:66:5d:72:a8:
c1:92:a0:e1:c7:d9:d6:92:6d:da:cf:45:b8:1e:1c:
1b:74:eb:b0:e6:ed:4a:9a:81:7e:ea:b0:ea:b5:ca:
cf:45:26:34:59:bc:60:b7:dd:71:7c:e0:88:ea:17:
9a:89:e4:d6:22:93:be:32:b9:00:ea:a2:5b:5e:8f:
0b:44:e4:e0:ad:c4:fd:39:78:a0:4c:18:f5:00:27:
87:ba:7f:c6:26:07:96:4d:3e:5e:3c:09:61:87:ba:
f0:35:07:43:8f:9a:1e:04:c0:9f:a4:c8:35:34:7a:
d4:e4:2f:25:8a:30:26:84:fc:da:18:7d:2e:ef:02:
8b:3b:88:6b:5e:43:08:4d:94:64:0f:2d:0b:a2:2e:
e0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B2:FB:D0:A7:00:B1:EF:0A:8A:0D:8B:A2:78:65:C6:53:2E:02:01
X509v3 Authority Key Identifier:
keyid:B5:C7:D8:1E:C4:C4:05:5C:67:3F:F5:71:CC:AD:07:C3:A6:99:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/S7L70KcAse8Kig2LonhlxlMuAgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.150.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:21:f8:7f:79:be:3d:fd:d1:f2:76:81:87:de:86:c1:7c:14:
8d:1d:a8:ef:b7:59:68:7e:94:bf:9e:5d:32:b0:ee:46:30:a8:
5d:07:b6:91:47:90:aa:a4:b9:08:86:bb:48:ef:51:74:d6:27:
00:bc:d8:fd:5f:db:db:50:de:37:3c:f7:92:79:7d:fe:55:a5:
da:f5:5e:4f:cb:8a:2b:82:27:e6:4b:f0:49:e6:7a:d7:2d:3c:
5e:b0:1c:a1:f8:17:a9:0f:ad:49:bf:0c:24:33:a1:fe:92:b9:
c5:21:57:41:6a:6f:fc:95:bc:33:1c:f8:85:75:50:79:07:1f:
60:a9:12:94:cb:0c:da:92:8e:e2:2e:98:d8:0a:fc:ae:d4:22:
ed:ea:1f:98:f7:67:1c:02:3d:65:b8:a3:1b:aa:2a:77:d9:2f:
29:bd:81:d1:1c:21:95:7a:27:62:49:4a:56:e8:1b:fc:ab:7d:
fc:b3:0a:6e:c5:1c:11:ba:f7:6c:d7:84:0d:41:cc:a9:06:cc:
7e:09:04:18:c8:04:3f:cf:72:02:1a:59:fb:56:6b:2f:96:82:
4b:75:e4:bf:57:04:02:16:8a:fa:1e:eb:d5:52:94:4b:bc:2a:
ab:8b:db:3b:31:48:c8:ba:99:5c:c6:ea:78:56:6d:f4:cb:b0:
36:09:91:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl18NzM/BX169j77W/6iRQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YzdkODFlYzRjNDA1NWM2NzNmZjU3MWNjYWQwN2MzYTY5
OTEwNWUwHhcNMjMwNzIxMDA1NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmIyZmJkMGE3MDBiMWVmMGE4YTBkOGJhMjc4NjVjNjUzMmUwMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHnhY7yZ+LvrxsO2Kyil2p8VgcFO
XhPucQHhCv8aeq29BCYo9SwTyQ433kkFR2SKT7IBi4k5ZLyng2eQbmK4wX1lgNYt
keWDK+aapRta6rmzK54I6cRKZrZdfXXREc8vrAzSJSUBtwTcM6m67jRHIiBEo2Zd
cqjBkqDhx9nWkm3az0W4HhwbdOuw5u1KmoF+6rDqtcrPRSY0Wbxgt91xfOCI6hea
ieTWIpO+MrkA6qJbXo8LROTgrcT9OXigTBj1ACeHun/GJgeWTT5ePAlhh7rwNQdD
j5oeBMCfpMg1NHrU5C8lijAmhPzaGH0u7wKLO4hrXkMITZRkDy0Loi7g+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuy+9CnALHvCooNi6J4ZcZTLgIBMB8GA1UdIwQY
MBaAFLXH2B7ExAVcZz/1ccytB8OmmRBeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGNmWUhzVEVCVnhuUF9WeHpLMEh3NmFaRUY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82NzJhMmYtYWMyYi00NjMxLWFiM2Qt
YzJiYzE0NTFmMjcxLzEvUzdMNzBLY0FzZThLaWcyTG9uaGx4bE11QWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82NzJhMmYtYWMyYi00NjMxLWFiM2QtYzJiYzE0NTFmMjcx
LzEvdGNmWUhzVEVCVnhuUF9WeHpLMEh3NmFaRUY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwliWMA0G
CSqGSIb3DQEBCwUAA4IBAQCaIfh/eb49/dHydoGH3obBfBSNHajvt1lofpS/nl0y
sO5GMKhdB7aRR5CqpLkIhrtI71F01icAvNj9X9vbUN43PPeSeX3+VaXa9V5Py4or
gifmS/BJ5nrXLTxesByh+BepD61JvwwkM6H+krnFIVdBam/8lbwzHPiFdVB5Bx9g
qRKUywzako7iLpjYCvyu1CLt6h+Y92ccAj1luKMbqip32S8pvYHRHCGVeidiSUpW
6Bv8q338swpuxRwRuvds14QNQcypBsx+CQQYyAQ/z3ICGln7VmsvloJLdeS/VwQC
For6HuvVUpRLvCqri9s7MUjIuplcxup4Vm30y7A2CZF2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:30 2024 by rpki-client on console-ams.rpki-client.org