Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/3be7b4-7f42-4217-819b-2476291d70ee/1/Sk5Ipy2SRtXEEzekbfBtpwvtglc.roa
File: Sk5Ipy2SRtXEEzekbfBtpwvtglc.roa (raw, json)
Hash identifier: +T+Gbq79ryNvGPvOSRnygYy9SwEODmpyQhLyrufapLQ=
Subject key identifier: 4A:4E:48:A7:2D:92:46:D5:C4:13:37:A4:6D:F0:6D:A7:0B:ED:82:57
Certificate issuer: /CN=a08e0aef1cd1e9d32a616adf58245a3ab88a554b
Certificate serial: 01856C412A580B315492479E4433DBFECB19
Authority key identifier: A0:8E:0A:EF:1C:D1:E9:D3:2A:61:6A:DF:58:24:5A:3A:B8:8A:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oI4K7xzR6dMqYWrfWCRaOriKVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/3be7b4-7f42-4217-819b-2476291d70ee/1/Sk5Ipy2SRtXEEzekbfBtpwvtglc.roa
Signing time: Sun 01 Jan 2023 07:34:47 +0000
ROA not before: Sun 01 Jan 2023 07:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15576
IP address blocks: 194.153.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:2a:58:0b:31:54:92:47:9e:44:33:db:fe:cb:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a08e0aef1cd1e9d32a616adf58245a3ab88a554b
Validity
Not Before: Jan 1 07:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a4e48a72d9246d5c41337a46df06da70bed8257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:42:e8:fc:43:f7:4f:0d:87:a0:95:ae:60:29:
93:d5:bc:d0:fa:cc:a2:0a:fd:43:a7:15:2c:55:bf:
9d:bd:cc:47:c3:5f:0c:d7:39:d4:86:54:6d:8d:28:
0b:5e:d9:2a:1d:dd:70:4f:5c:85:bd:ba:a9:cc:57:
81:30:83:7b:67:62:97:a4:ad:76:52:08:9d:a3:b2:
00:03:a9:98:5c:7e:34:38:b6:e8:e5:77:a3:be:21:
dc:65:2b:c7:51:17:4d:56:a2:9c:c2:74:1c:09:fe:
26:3b:78:4a:ad:b8:12:d1:e4:73:4e:16:4e:5b:2c:
bd:ae:ef:0f:94:58:d1:f5:ba:52:89:b7:84:3d:a4:
7c:f3:81:1e:f2:24:f8:61:ba:bf:7d:dd:f5:e5:49:
35:fb:cb:87:95:14:ae:aa:cc:24:b0:b8:2f:f0:2f:
5a:02:cc:e9:12:d6:07:56:84:3c:8c:a3:8d:45:3e:
0a:31:a1:98:6c:6d:62:d9:52:46:8b:51:1c:f3:db:
12:7c:f1:7b:8b:05:ac:0e:8f:dc:e7:41:e5:20:6a:
4f:d5:07:6c:f0:b1:62:80:e5:e3:91:91:64:bf:7a:
12:a2:a3:ce:81:0b:35:b1:d5:e3:fd:63:c2:4a:c6:
ac:84:40:71:f2:db:d0:0f:f7:00:64:05:b2:87:84:
6c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4E:48:A7:2D:92:46:D5:C4:13:37:A4:6D:F0:6D:A7:0B:ED:82:57
X509v3 Authority Key Identifier:
keyid:A0:8E:0A:EF:1C:D1:E9:D3:2A:61:6A:DF:58:24:5A:3A:B8:8A:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oI4K7xzR6dMqYWrfWCRaOriKVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3be7b4-7f42-4217-819b-2476291d70ee/1/Sk5Ipy2SRtXEEzekbfBtpwvtglc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3be7b4-7f42-4217-819b-2476291d70ee/1/oI4K7xzR6dMqYWrfWCRaOriKVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.94.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:31:51:ee:6e:ca:fb:19:5d:4f:2c:ce:08:19:6a:b5:5a:a6:
ab:e6:6c:94:4e:35:5b:b9:7d:7d:da:a1:10:06:e6:d7:c4:4b:
e6:14:b8:98:4c:1d:c7:cb:3f:43:4e:0a:7b:e9:3a:8a:80:2f:
81:45:89:c5:e6:20:7d:7b:94:66:89:be:a1:dc:be:40:38:b3:
ce:84:05:00:58:2c:f7:5b:9d:95:b5:19:e6:9e:24:5c:63:94:
ad:16:95:d6:16:1a:93:d0:29:f2:06:02:7d:69:15:29:9d:07:
d1:fb:b8:1a:3c:04:2b:3f:ee:2f:d6:25:5b:be:bf:e1:2d:f9:
a2:3b:a3:19:60:00:74:21:c7:03:2d:39:d2:13:ba:ea:6f:38:
2c:12:ab:7f:5a:f8:17:7f:29:a7:83:70:64:6b:ff:b1:c7:7e:
4f:f0:55:af:c2:4b:b4:d6:3d:60:24:53:2e:01:54:52:60:5b:
48:ab:db:60:57:7b:b9:96:7d:fe:7a:df:f1:25:b7:66:95:7f:
db:b2:a0:ea:52:a7:4d:12:1a:47:49:79:3c:4b:32:9f:61:6a:
4c:fc:f8:cb:e0:73:d8:06:2e:f3:b5:c4:f1:62:43:22:ab:1b:
01:9e:61:55:20:28:1a:ca:d8:e8:4f:c1:66:41:ad:68:5f:8a:
4e:05:a4:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQSpYCzFUkkeeRDPb/ssZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOGUwYWVmMWNkMWU5ZDMyYTYxNmFkZjU4MjQ1YTNhYjg4
YTU1NGIwHhcNMjMwMTAxMDczNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTRlNDhhNzJkOTI0NmQ1YzQxMzM3YTQ2ZGYwNmRhNzBiZWQ4MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0Lo/EP3Tw2HoJWuYCmT1bzQ+syi
Cv1DpxUsVb+dvcxHw18M1znUhlRtjSgLXtkqHd1wT1yFvbqpzFeBMIN7Z2KXpK12
Ugido7IAA6mYXH40OLbo5XejviHcZSvHURdNVqKcwnQcCf4mO3hKrbgS0eRzThZO
Wyy9ru8PlFjR9bpSibeEPaR884Ee8iT4Ybq/fd315Uk1+8uHlRSuqswksLgv8C9a
AszpEtYHVoQ8jKONRT4KMaGYbG1i2VJGi1Ec89sSfPF7iwWsDo/c50HlIGpP1Qds
8LFigOXjkZFkv3oSoqPOgQs1sdXj/WPCSsashEBx8tvQD/cAZAWyh4RslQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpOSKctkkbVxBM3pG3wbacL7YJXMB8GA1UdIwQY
MBaAFKCOCu8c0enTKmFq31gkWjq4ilVLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0k0Szd4elI2ZE1xWVdyZldDUmFPcmlLVlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zYmU3YjQtN2Y0Mi00MjE3LTgxOWIt
MjQ3NjI5MWQ3MGVlLzEvU2s1SXB5MlNSdFhFRXpla2JmQnRwd3Z0Z2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zYmU3YjQtN2Y0Mi00MjE3LTgxOWItMjQ3NjI5MWQ3MGVl
LzEvb0k0Szd4elI2ZE1xWVdyZldDUmFPcmlLVlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpleMA0G
CSqGSIb3DQEBCwUAA4IBAQAuMVHubsr7GV1PLM4IGWq1Wqar5myUTjVbuX192qEQ
BubXxEvmFLiYTB3Hyz9DTgp76TqKgC+BRYnF5iB9e5Rmib6h3L5AOLPOhAUAWCz3
W52VtRnmniRcY5StFpXWFhqT0CnyBgJ9aRUpnQfR+7gaPAQrP+4v1iVbvr/hLfmi
O6MZYAB0IccDLTnSE7rqbzgsEqt/WvgXfymng3Bka/+xx35P8FWvwku01j1gJFMu
AVRSYFtIq9tgV3u5ln3+et/xJbdmlX/bsqDqUqdNEhpHSXk8SzKfYWpM/PjL4HPY
Bi7ztcTxYkMiqxsBnmFVICgaytjoT8FmQa1oX4pOBaRQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:46 2024 by rpki-client on console-fra.rpki-client.org