Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/c1ab26-28b0-4637-b51b-3992c54e187b/1/cSokJyacFW3sB4xGttFkKcNRcKY.roa
File: cSokJyacFW3sB4xGttFkKcNRcKY.roa (raw, json)
Hash identifier: u38gDb61lT4+4+wfD3s1XWXHseAtUuaPzKqnda9cZoo=
Subject key identifier: 71:2A:24:27:26:9C:15:6D:EC:07:8C:46:B6:D1:64:29:C3:51:70:A6
Certificate issuer: /CN=47aa878f76b50947cbd7deca04ac832e287b514d
Certificate serial: 01856F02467BF58FF4135887AB84309EC6B4
Authority key identifier: 47:AA:87:8F:76:B5:09:47:CB:D7:DE:CA:04:AC:83:2E:28:7B:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R6qHj3a1CUfL197KBKyDLih7UU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/c1ab26-28b0-4637-b51b-3992c54e187b/1/cSokJyacFW3sB4xGttFkKcNRcKY.roa
Signing time: Sun 01 Jan 2023 20:24:58 +0000
ROA not before: Sun 01 Jan 2023 20:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15814
IP address blocks: 194.36.224.0/20 maxlen: 24
2a03:98c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:46:7b:f5:8f:f4:13:58:87:ab:84:30:9e:c6:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47aa878f76b50947cbd7deca04ac832e287b514d
Validity
Not Before: Jan 1 20:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=712a2427269c156dec078c46b6d16429c35170a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:89:6b:13:45:cc:8b:07:d4:a4:5f:95:8f:de:
b2:5c:66:7b:47:36:ad:c0:db:0c:81:2c:65:6d:3c:
a2:d5:eb:11:36:9a:9e:81:28:f1:24:6f:20:47:56:
a4:7c:d7:fb:d3:e0:ee:f7:09:a1:22:fc:c5:cd:c7:
12:02:22:f5:de:98:f5:4d:52:3d:6f:f2:a3:52:ae:
75:cf:dc:9f:a0:87:c3:58:4b:52:6f:88:57:cf:f7:
bf:6e:6b:34:9f:37:f7:62:cd:8e:2a:bd:16:a8:f2:
ba:3a:f0:16:8a:08:fa:29:02:0d:eb:87:80:c8:9c:
c1:f8:64:6d:71:12:dc:4a:1c:6a:d1:31:f3:a1:26:
f5:21:14:18:55:2a:05:da:d9:73:f3:7b:bc:ca:da:
a4:3d:44:13:5f:53:72:89:ba:e8:67:74:f8:09:94:
df:68:88:50:24:df:06:5b:14:f6:4a:cc:dc:77:0d:
88:94:a6:a0:1f:61:65:8a:ae:d7:14:43:58:14:10:
53:3e:e5:a7:37:94:42:a4:71:4c:80:46:0e:45:e6:
da:d9:3e:8b:45:ec:0b:be:f4:16:c9:0e:b8:61:bc:
c2:0b:9a:48:7a:98:86:5f:cf:80:d2:60:37:5e:fc:
3c:51:b0:6b:0c:7a:36:f3:48:7e:6f:87:1e:4d:87:
cb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:2A:24:27:26:9C:15:6D:EC:07:8C:46:B6:D1:64:29:C3:51:70:A6
X509v3 Authority Key Identifier:
keyid:47:AA:87:8F:76:B5:09:47:CB:D7:DE:CA:04:AC:83:2E:28:7B:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R6qHj3a1CUfL197KBKyDLih7UU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/c1ab26-28b0-4637-b51b-3992c54e187b/1/cSokJyacFW3sB4xGttFkKcNRcKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/c1ab26-28b0-4637-b51b-3992c54e187b/1/R6qHj3a1CUfL197KBKyDLih7UU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.224.0/20
IPv6:
2a03:98c0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:d2:61:81:f9:25:9b:0d:ca:3e:38:96:ba:10:0e:8a:4d:ce:
df:64:9d:f7:d1:08:f8:c1:9c:8a:f7:3c:9f:e3:1e:55:38:cb:
01:c4:01:7e:bb:f8:53:a5:47:e7:43:84:d7:4f:62:83:1b:9f:
bd:7c:97:02:5b:fc:80:0b:86:36:25:ad:34:06:50:80:9c:01:
5b:26:60:44:27:f2:a9:a7:10:c3:50:64:4e:92:78:4c:46:ce:
26:f6:f9:ee:1d:06:11:e6:1b:94:38:fc:26:27:2c:2e:16:d9:
aa:0e:84:1b:94:c4:0c:df:13:22:5c:cd:18:f8:b1:91:3d:b0:
60:50:f7:ce:e7:dc:ab:0b:d3:ab:20:3c:d3:e7:39:39:6a:b8:
dc:5c:d1:15:41:74:6d:07:39:35:bf:fb:05:e4:72:10:5f:96:
23:b9:82:63:f7:d7:df:c0:27:ea:29:aa:34:54:be:98:57:bb:
36:2b:67:b5:f2:98:2e:39:3a:4c:8f:aa:f3:d3:d0:55:f5:45:
bc:8c:9f:c0:55:e9:7a:8d:cc:ba:48:03:f3:16:ee:da:08:3f:
46:b1:ef:db:5a:7a:24:21:17:fc:fb:c8:0d:d9:42:6c:07:48:
82:2e:ad:46:ef:26:5c:b2:d4:82:9d:70:b1:0a:9e:16:cc:e7:
15:15:26:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvAkZ79Y/0E1iHq4Qwnsa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YWE4NzhmNzZiNTA5NDdjYmQ3ZGVjYTA0YWM4MzJlMjg3
YjUxNGQwHhcNMjMwMTAxMjAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTJhMjQyNzI2OWMxNTZkZWMwNzhjNDZiNmQxNjQyOWMzNTE3MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+YlrE0XMiwfUpF+Vj96yXGZ7Rzat
wNsMgSxlbTyi1esRNpqegSjxJG8gR1akfNf70+Du9wmhIvzFzccSAiL13pj1TVI9
b/KjUq51z9yfoIfDWEtSb4hXz/e/bms0nzf3Ys2OKr0WqPK6OvAWigj6KQIN64eA
yJzB+GRtcRLcShxq0THzoSb1IRQYVSoF2tlz83u8ytqkPUQTX1NyibroZ3T4CZTf
aIhQJN8GWxT2Sszcdw2IlKagH2Fliq7XFENYFBBTPuWnN5RCpHFMgEYOReba2T6L
RewLvvQWyQ64YbzCC5pIepiGX8+A0mA3Xvw8UbBrDHo280h+b4ceTYfLoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHEqJCcmnBVt7AeMRrbRZCnDUXCmMB8GA1UdIwQY
MBaAFEeqh492tQlHy9feygSsgy4oe1FNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjZxSGozYTFDVWZMMTk3S0JLeURMaWg3VVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jMWFiMjYtMjhiMC00NjM3LWI1MWIt
Mzk5MmM1NGUxODdiLzEvY1Nva0p5YWNGVzNzQjR4R3R0RmtLY05SY0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jMWFiMjYtMjhiMC00NjM3LWI1MWItMzk5MmM1NGUxODdi
LzEvUjZxSGozYTFDVWZMMTk3S0JLeURMaWg3VVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEwiTgMA0E
AgACMAcDBQAqA5jAMA0GCSqGSIb3DQEBCwUAA4IBAQBa0mGB+SWbDco+OJa6EA6K
Tc7fZJ330Qj4wZyK9zyf4x5VOMsBxAF+u/hTpUfnQ4TXT2KDG5+9fJcCW/yAC4Y2
Ja00BlCAnAFbJmBEJ/KppxDDUGROknhMRs4m9vnuHQYR5huUOPwmJywuFtmqDoQb
lMQM3xMiXM0Y+LGRPbBgUPfO59yrC9OrIDzT5zk5arjcXNEVQXRtBzk1v/sF5HIQ
X5YjuYJj99ffwCfqKao0VL6YV7s2K2e18pguOTpMj6rz09BV9UW8jJ/AVel6jcy6
SAPzFu7aCD9Gse/bWnokIRf8+8gN2UJsB0iCLq1G7yZcstSCnXCxCp4WzOcVFSZZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org