Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f3a02-0650-4e5c-b8d0-c701f279c6de/1/rbPR1irvpIqTzRCReOGCNnAXwj0.roa
File: rbPR1irvpIqTzRCReOGCNnAXwj0.roa (raw, json)
Hash identifier: KhB6ZGQa2XJl2EyCDeqqDQMOOXBnEh3PuS3oEWLOO/M=
Subject key identifier: AD:B3:D1:D6:2A:EF:A4:8A:93:CD:10:91:78:E1:82:36:70:17:C2:3D
Certificate issuer: /CN=eb91e993a4a40ce7e5d9c86325f186df069ecacd
Certificate serial: 018AF5A93CD525D5FE9520BE3FC8A8B0E6BD
Authority key identifier: EB:91:E9:93:A4:A4:0C:E7:E5:D9:C8:63:25:F1:86:DF:06:9E:CA:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/65Hpk6SkDOfl2chjJfGG3waeys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f3a02-0650-4e5c-b8d0-c701f279c6de/1/rbPR1irvpIqTzRCReOGCNnAXwj0.roa
Signing time: Tue 03 Oct 2023 13:10:23 +0000
ROA not before: Tue 03 Oct 2023 13:10:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202269
IP address blocks: 194.146.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:a9:3c:d5:25:d5:fe:95:20:be:3f:c8:a8:b0:e6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb91e993a4a40ce7e5d9c86325f186df069ecacd
Validity
Not Before: Oct 3 13:10:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adb3d1d62aefa48a93cd109178e182367017c23d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:45:4d:35:a2:42:f8:1b:16:90:cf:3d:a8:34:
33:8f:58:71:02:e9:19:ae:83:32:0c:88:43:b3:20:
c4:0a:81:06:26:0a:86:fb:8b:35:96:22:5a:00:5d:
4a:c4:67:c1:71:36:5b:66:09:c8:c0:73:5f:74:3a:
96:31:2a:30:d0:7f:34:8a:65:5c:fd:69:eb:5c:51:
51:a1:c4:fb:7d:29:44:ab:cc:59:26:1f:28:a4:b0:
2f:a4:b5:3e:79:69:bb:8c:a5:61:d4:e9:f8:43:68:
7a:cb:64:8b:3c:88:8b:79:fd:30:b1:fb:8f:59:3f:
ec:1d:a7:0e:b9:89:ec:c1:05:77:ac:a2:5d:9a:cc:
58:37:7f:bc:5c:90:47:35:35:37:c0:18:3b:fd:8e:
db:a3:c3:a7:7c:32:48:9b:22:dd:61:5f:85:56:16:
ee:7e:39:83:81:09:49:09:a2:be:89:35:94:01:cb:
96:a4:af:29:86:6f:8d:7c:7f:0f:cf:17:82:4a:46:
e1:c9:c2:3a:92:3a:eb:bb:b6:3f:b9:81:98:5a:ae:
63:9a:33:0c:db:7e:ce:20:52:63:54:7d:28:9e:e6:
44:2f:02:71:e3:1d:43:aa:cd:c2:87:46:9e:f2:90:
b5:10:97:a5:4f:2e:be:a4:02:16:f9:d5:9d:0d:37:
cb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B3:D1:D6:2A:EF:A4:8A:93:CD:10:91:78:E1:82:36:70:17:C2:3D
X509v3 Authority Key Identifier:
keyid:EB:91:E9:93:A4:A4:0C:E7:E5:D9:C8:63:25:F1:86:DF:06:9E:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/65Hpk6SkDOfl2chjJfGG3waeys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f3a02-0650-4e5c-b8d0-c701f279c6de/1/rbPR1irvpIqTzRCReOGCNnAXwj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f3a02-0650-4e5c-b8d0-c701f279c6de/1/65Hpk6SkDOfl2chjJfGG3waeys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.123.0/24
Signature Algorithm: sha256WithRSAEncryption
08:05:e2:48:47:17:4d:b6:34:5e:1b:8c:f4:c1:c6:9c:91:92:
a0:dc:d8:59:79:ec:29:d9:91:16:a0:be:d8:0e:84:2e:03:55:
ee:19:d6:78:8b:db:24:b8:59:0c:de:58:68:c1:55:b4:af:28:
68:d2:39:b3:29:08:2b:87:50:2b:71:ab:28:ef:1a:4b:ec:a5:
48:68:82:ba:00:21:ed:9d:dc:af:b8:ad:a7:8e:fe:9a:4a:0c:
2d:c2:2d:62:5a:01:4f:2d:c1:e1:13:0e:2e:9f:4d:42:5a:0b:
d4:7d:6b:05:87:25:1f:65:88:33:5d:9f:f5:c3:b4:85:0c:ab:
87:96:d2:cb:ca:10:f7:cb:63:7d:2e:6f:32:74:1e:83:ce:c7:
79:fc:e0:33:de:06:a3:d0:8f:10:aa:2b:e3:99:17:33:78:17:
47:23:2b:12:8d:37:8a:d4:62:3d:f9:9f:75:f7:3d:c6:c6:a7:
2c:8d:62:69:25:7b:37:54:7b:92:a9:e1:2f:1f:ff:37:22:2e:
04:4d:d6:b2:46:8b:c0:bb:40:f8:0d:55:c2:88:0f:8d:93:cc:
f9:4f:8e:ef:14:cd:ff:b4:08:c3:e7:35:bc:67:e0:0c:b5:f1:
5d:e4:ca:0d:08:da:f2:34:ab:e3:03:b4:8f:e8:2d:1a:70:d0:
34:84:c9:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr1qTzVJdX+lSC+P8iosOa9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViOTFlOTkzYTRhNDBjZTdlNWQ5Yzg2MzI1ZjE4NmRmMDY5
ZWNhY2QwHhcNMjMxMDAzMTMxMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGIzZDFkNjJhZWZhNDhhOTNjZDEwOTE3OGUxODIzNjcwMTdjMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkVNNaJC+BsWkM89qDQzj1hxAukZ
roMyDIhDsyDECoEGJgqG+4s1liJaAF1KxGfBcTZbZgnIwHNfdDqWMSow0H80imVc
/WnrXFFRocT7fSlEq8xZJh8opLAvpLU+eWm7jKVh1On4Q2h6y2SLPIiLef0wsfuP
WT/sHacOuYnswQV3rKJdmsxYN3+8XJBHNTU3wBg7/Y7bo8OnfDJImyLdYV+FVhbu
fjmDgQlJCaK+iTWUAcuWpK8phm+NfH8PzxeCSkbhycI6kjrru7Y/uYGYWq5jmjMM
237OIFJjVH0onuZELwJx4x1Dqs3Ch0ae8pC1EJelTy6+pAIW+dWdDTfLGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2z0dYq76SKk80QkXjhgjZwF8I9MB8GA1UdIwQY
MBaAFOuR6ZOkpAzn5dnIYyXxht8GnsrNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjVIcGs2U2tET2ZsMmNoakpmR0czd2FleXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81ZjNhMDItMDY1MC00ZTVjLWI4ZDAt
YzcwMWYyNzljNmRlLzEvcmJQUjFpcnZwSXFUelJDUmVPR0NObkFYd2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81ZjNhMDItMDY1MC00ZTVjLWI4ZDAtYzcwMWYyNzljNmRl
LzEvNjVIcGs2U2tET2ZsMmNoakpmR0czd2FleXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpJ7MA0G
CSqGSIb3DQEBCwUAA4IBAQAIBeJIRxdNtjReG4z0wcackZKg3NhZeewp2ZEWoL7Y
DoQuA1XuGdZ4i9skuFkM3lhowVW0ryho0jmzKQgrh1Arcaso7xpL7KVIaIK6ACHt
ndyvuK2njv6aSgwtwi1iWgFPLcHhEw4un01CWgvUfWsFhyUfZYgzXZ/1w7SFDKuH
ltLLyhD3y2N9Lm8ydB6Dzsd5/OAz3gaj0I8QqivjmRczeBdHIysSjTeK1GI9+Z91
9z3GxqcsjWJpJXs3VHuSqeEvH/83Ii4ETdayRovAu0D4DVXCiA+Nk8z5T47vFM3/
tAjD5zW8Z+AMtfFd5MoNCNryNKvjA7SP6C0acNA0hMnL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:21 2024 by rpki-client on console-ams.rpki-client.org