Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/hgyQ-TJNJeryCrJ4QhVADSTuv4E.roa
File: hgyQ-TJNJeryCrJ4QhVADSTuv4E.roa (raw, json)
Hash identifier: CuUcQPgOVEwJ+MBL+e7s9hNMCqUe8raqMaHsReafsBQ=
Subject key identifier: 86:0C:90:F9:32:4D:25:EA:F2:0A:B2:78:42:15:40:0D:24:EE:BF:81
Certificate issuer: /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Certificate serial: 0186EE5EAB7A7D0285A1E43829FD0E1E9AE1
Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/hgyQ-TJNJeryCrJ4QhVADSTuv4E.roa
Signing time: Fri 17 Mar 2023 07:00:27 +0000
ROA not before: Fri 17 Mar 2023 07:00:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57344
IP address blocks: 194.24.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ee:5e:ab:7a:7d:02:85:a1:e4:38:29:fd:0e:1e:9a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Validity
Not Before: Mar 17 07:00:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=860c90f9324d25eaf20ab2784215400d24eebf81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ed:91:3a:70:25:3a:93:27:99:0a:46:33:92:
87:f4:dc:5e:a7:a4:7a:f5:5e:24:99:92:c2:75:83:
09:4e:85:78:2a:2a:57:d6:99:cd:21:b7:db:05:0a:
5e:91:3d:7e:30:e3:a7:62:be:70:e7:00:98:bb:b7:
e3:a1:dd:72:c6:f7:91:0b:ce:25:3e:6a:eb:ba:32:
42:cb:03:af:76:a9:df:4b:3a:9f:c4:e4:16:63:f2:
2a:8f:56:17:85:5c:03:9f:b7:dc:04:e4:5d:fe:b5:
39:41:f3:df:91:ad:bb:94:88:38:a0:04:bd:b9:eb:
d4:d7:29:3d:19:5a:98:a1:de:6c:27:53:1b:39:00:
1d:f6:0f:aa:11:36:fc:fe:f4:01:27:3d:c6:21:1c:
2d:99:20:5f:a2:01:e9:b0:76:a2:5e:98:76:e7:da:
2b:fa:bd:a4:5d:9a:3c:b4:46:46:92:84:a0:05:47:
e1:d3:86:dc:42:a9:78:4d:d8:f8:89:19:94:af:9e:
a8:9a:ed:f1:e3:1f:ea:f7:a7:61:d5:ae:1f:0b:18:
72:c4:c0:f3:bd:5f:e0:ba:90:17:76:0f:05:5b:9a:
ab:59:2b:a4:3e:cc:de:3c:38:71:97:ee:89:1f:db:
ba:6b:b9:30:0f:0e:b5:53:93:8a:3f:02:fd:95:3b:
45:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0C:90:F9:32:4D:25:EA:F2:0A:B2:78:42:15:40:0D:24:EE:BF:81
X509v3 Authority Key Identifier:
keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/hgyQ-TJNJeryCrJ4QhVADSTuv4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.189.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:8a:5b:dc:11:f7:1c:75:45:74:cb:bc:44:c2:0e:23:34:b8:
99:cb:a5:4d:de:b0:e0:5e:3a:b6:23:59:46:5e:1a:64:0c:0f:
25:93:97:5e:c1:f3:0d:44:ea:4d:b4:ce:79:92:82:05:da:fd:
26:33:c4:45:3a:e0:ee:d0:8a:c7:b4:b8:79:7d:2b:c6:47:c0:
25:20:ee:f6:55:59:49:e7:74:8c:86:ca:dc:87:17:8b:53:06:
63:81:fe:b4:e2:16:4d:2f:31:bf:0b:d5:0d:4b:1e:69:06:66:
49:ec:df:bd:0a:02:4b:45:13:ab:c7:17:ea:2f:b9:f6:cf:58:
ed:e7:e3:97:6d:f7:ea:b5:6e:25:7b:91:85:8d:93:91:4d:e0:
d4:8c:ee:16:84:4f:a6:07:6e:17:24:ed:30:64:81:0c:6a:64:
f2:b6:9c:d8:2d:d2:28:71:ff:ae:91:24:90:84:3e:fa:92:f6:
81:d6:35:37:88:58:e8:37:48:0e:2c:a6:3c:25:6a:96:7a:a2:
e2:cb:fd:e0:6e:4e:67:86:e1:86:04:1a:21:0c:25:3d:46:62:
f7:7a:f0:b1:62:aa:2c:3f:3e:14:98:e2:4a:f2:b4:65:f0:3c:
80:37:c3:19:f6:63:e8:51:04:f2:d8:c8:37:93:85:e8:04:0d:
eb:f3:2d:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbuXqt6fQKFoeQ4Kf0OHprhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1
YTUwMDAwHhcNMjMwMzE3MDcwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBjOTBmOTMyNGQyNWVhZjIwYWIyNzg0MjE1NDAwZDI0ZWViZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+2ROnAlOpMnmQpGM5KH9Nxep6R6
9V4kmZLCdYMJToV4KipX1pnNIbfbBQpekT1+MOOnYr5w5wCYu7fjod1yxveRC84l
PmrrujJCywOvdqnfSzqfxOQWY/Iqj1YXhVwDn7fcBORd/rU5QfPfka27lIg4oAS9
uevU1yk9GVqYod5sJ1MbOQAd9g+qETb8/vQBJz3GIRwtmSBfogHpsHaiXph259or
+r2kXZo8tEZGkoSgBUfh04bcQql4Tdj4iRmUr56omu3x4x/q96dh1a4fCxhyxMDz
vV/gupAXdg8FW5qrWSukPszePDhxl+6JH9u6a7kwDw61U5OKPwL9lTtFuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYMkPkyTSXq8gqyeEIVQA0k7r+BMB8GA1UdIwQY
MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt
ZGNlNmQ2OTA5MjQ3LzEvaGd5US1USk5KZXJ5Q3JKNFFoVkFEU1R1djRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYtZGNlNmQ2OTA5MjQ3
LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhi9MA0G
CSqGSIb3DQEBCwUAA4IBAQCailvcEfccdUV0y7xEwg4jNLiZy6VN3rDgXjq2I1lG
XhpkDA8lk5dewfMNROpNtM55koIF2v0mM8RFOuDu0IrHtLh5fSvGR8AlIO72VVlJ
53SMhsrchxeLUwZjgf604hZNLzG/C9UNSx5pBmZJ7N+9CgJLRROrxxfqL7n2z1jt
5+OXbffqtW4le5GFjZORTeDUjO4WhE+mB24XJO0wZIEMamTytpzYLdIocf+ukSSQ
hD76kvaB1jU3iFjoN0gOLKY8JWqWeqLiy/3gbk5nhuGGBBohDCU9RmL3evCxYqos
Pz4UmOJK8rRl8DyAN8MZ9mPoUQTy2Mg3k4XoBA3r8y0c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:35 2024 by rpki-client on console-fra.rpki-client.org