Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/669ace-f864-44d7-a07e-80597eb44426/1/Rx0fho42JFiXZP4s6vWo_ZbPHw0.roa
File: Rx0fho42JFiXZP4s6vWo_ZbPHw0.roa (raw, json)
Hash identifier: KlPahVUtiyDvB73GGN0IfFyFduiSSm2pkLrfe0pQ6hc=
Subject key identifier: 47:1D:1F:86:8E:36:24:58:97:64:FE:2C:EA:F5:A8:FD:96:CF:1F:0D
Certificate issuer: /CN=caf17800f1943af1c514284cc3be780e9c21dd78
Certificate serial: 018572311BF5663837A3C645886A7EAF9240
Authority key identifier: CA:F1:78:00:F1:94:3A:F1:C5:14:28:4C:C3:BE:78:0E:9C:21:DD:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvF4APGUOvHFFChMw754Dpwh3Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/669ace-f864-44d7-a07e-80597eb44426/1/Rx0fho42JFiXZP4s6vWo_ZbPHw0.roa
Signing time: Mon 02 Jan 2023 11:14:59 +0000
ROA not before: Mon 02 Jan 2023 11:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39658
IP address blocks: 194.50.107.0/24 maxlen: 24
2a01:9080::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:1b:f5:66:38:37:a3:c6:45:88:6a:7e:af:92:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf17800f1943af1c514284cc3be780e9c21dd78
Validity
Not Before: Jan 2 11:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=471d1f868e3624589764fe2ceaf5a8fd96cf1f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c9:1c:e9:e0:81:8a:01:0d:d4:f8:6a:a4:b0:
ec:ab:97:5c:b1:6c:d0:a5:1a:1f:5d:3a:ed:00:7b:
5b:91:e3:80:cb:e8:5b:b1:42:0c:8c:5d:88:10:29:
54:23:c8:82:1d:80:66:2b:b3:d6:89:d2:f2:28:de:
de:4f:a3:5b:f9:9b:69:ef:24:78:85:34:70:b9:0f:
8c:ab:09:58:0f:df:10:e8:87:cd:b3:f9:b3:e9:32:
f2:33:ae:61:dc:c4:10:73:0d:0a:2a:f7:79:bf:83:
03:3b:89:0a:8b:dc:d4:90:5f:f5:d1:b6:ba:09:97:
77:00:f5:9a:3c:23:4b:3b:5a:e1:cc:50:60:b9:ce:
ac:25:f1:b6:33:4a:7d:10:3c:e3:93:24:0b:03:c3:
31:26:fc:73:66:43:01:e8:20:cc:0c:7f:2c:03:e2:
18:c3:6a:14:4e:f2:26:39:88:f6:f2:bb:ff:6e:b5:
b0:88:8a:3b:75:86:51:d4:1f:97:3c:20:65:5f:63:
18:6b:01:6c:bb:c7:ae:6a:bb:f7:94:58:33:46:1c:
6f:a6:5d:a0:dd:9f:30:ed:2f:4c:5f:33:0d:1e:cb:
21:09:80:94:8e:aa:d0:76:fb:5d:c0:84:bb:25:c0:
c4:fa:4d:40:b3:b1:04:77:ef:b3:01:d4:1d:24:92:
7f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1D:1F:86:8E:36:24:58:97:64:FE:2C:EA:F5:A8:FD:96:CF:1F:0D
X509v3 Authority Key Identifier:
keyid:CA:F1:78:00:F1:94:3A:F1:C5:14:28:4C:C3:BE:78:0E:9C:21:DD:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvF4APGUOvHFFChMw754Dpwh3Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/669ace-f864-44d7-a07e-80597eb44426/1/Rx0fho42JFiXZP4s6vWo_ZbPHw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/669ace-f864-44d7-a07e-80597eb44426/1/yvF4APGUOvHFFChMw754Dpwh3Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.107.0/24
IPv6:
2a01:9080::/32
Signature Algorithm: sha256WithRSAEncryption
44:8f:a2:68:4f:4d:15:24:ba:a5:58:05:37:90:cf:42:43:33:
18:81:7a:06:84:d6:19:68:96:0d:1b:8b:79:10:07:56:40:2a:
f7:23:76:9e:cb:9d:51:81:f7:68:27:a9:96:35:5a:1b:ba:4f:
69:8e:17:02:2b:d1:f3:89:df:9e:ca:12:52:b2:bb:be:54:b0:
5a:70:97:ab:22:bb:f0:bf:e8:44:a1:9b:39:b7:ce:29:76:9e:
45:b4:4d:c9:75:c2:05:fc:6d:61:39:0f:e2:14:69:32:7d:61:
bb:4a:30:39:a1:3d:3b:10:ce:c2:2b:16:c7:e1:5c:75:19:e3:
8e:a5:ec:8b:b9:2e:08:ce:94:d9:54:a0:5b:e2:d7:a4:3e:02:
08:40:34:60:0a:3e:2b:b2:f8:72:a4:af:b2:25:48:6d:72:85:
93:9f:97:6b:e4:7a:65:d2:69:47:97:56:e4:62:cd:13:1d:dc:
09:6e:5b:6f:80:8f:14:c1:f9:9a:d5:c0:a1:7f:2f:b1:d1:3f:
cb:d1:45:e7:9d:eb:c9:ba:cb:48:10:14:ce:9e:9b:d7:46:96:
50:04:bb:8d:13:76:f1:b9:40:c5:85:5f:64:e1:e7:e1:8e:2e:
99:a9:ce:ef:e2:5b:e0:8a:26:bc:5b:76:7c:18:92:07:91:aa:
c1:bc:38:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyMRv1Zjg3o8ZFiGp+r5JAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjE3ODAwZjE5NDNhZjFjNTE0Mjg0Y2MzYmU3ODBlOWMy
MWRkNzgwHhcNMjMwMTAyMTExNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzFkMWY4NjhlMzYyNDU4OTc2NGZlMmNlYWY1YThmZDk2Y2YxZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgckc6eCBigEN1PhqpLDsq5dcsWzQ
pRofXTrtAHtbkeOAy+hbsUIMjF2IEClUI8iCHYBmK7PWidLyKN7eT6Nb+Ztp7yR4
hTRwuQ+MqwlYD98Q6IfNs/mz6TLyM65h3MQQcw0KKvd5v4MDO4kKi9zUkF/10ba6
CZd3APWaPCNLO1rhzFBguc6sJfG2M0p9EDzjkyQLA8MxJvxzZkMB6CDMDH8sA+IY
w2oUTvImOYj28rv/brWwiIo7dYZR1B+XPCBlX2MYawFsu8euarv3lFgzRhxvpl2g
3Z8w7S9MXzMNHsshCYCUjqrQdvtdwIS7JcDE+k1As7EEd++zAdQdJJJ/KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEcdH4aONiRYl2T+LOr1qP2Wzx8NMB8GA1UdIwQY
MBaAFMrxeADxlDrxxRQoTMO+eA6cId14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZGNEFQR1VPdkhGRkNoTXc3NTREcHdoM1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjlhY2UtZjg2NC00NGQ3LWEwN2Ut
ODA1OTdlYjQ0NDI2LzEvUngwZmhvNDJKRmlYWlA0czZ2V29fWmJQSHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NjlhY2UtZjg2NC00NGQ3LWEwN2UtODA1OTdlYjQ0NDI2
LzEveXZGNEFQR1VPdkhGRkNoTXc3NTREcHdoM1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwjJrMA0E
AgACMAcDBQAqAZCAMA0GCSqGSIb3DQEBCwUAA4IBAQBEj6JoT00VJLqlWAU3kM9C
QzMYgXoGhNYZaJYNG4t5EAdWQCr3I3aey51RgfdoJ6mWNVobuk9pjhcCK9Hzid+e
yhJSsru+VLBacJerIrvwv+hEoZs5t84pdp5FtE3JdcIF/G1hOQ/iFGkyfWG7SjA5
oT07EM7CKxbH4Vx1GeOOpeyLuS4IzpTZVKBb4tekPgIIQDRgCj4rsvhypK+yJUht
coWTn5dr5Hpl0mlHl1bkYs0THdwJbltvgI8Uwfma1cChfy+x0T/L0UXnnevJustI
EBTOnpvXRpZQBLuNE3bxuUDFhV9k4efhji6Zqc7v4lvgiia8W3Z8GJIHkarBvDi2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:18 2024 by rpki-client on console-ams.rpki-client.org