Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/66578f-e8bf-40e0-ab30-a4c128075862/1/Gfq1W_38yi4zJY24h97uFFheE60.roa
File: Gfq1W_38yi4zJY24h97uFFheE60.roa (raw, json)
Hash identifier: cD1DOdDlnnWGwQyrDqItM+b8xcF2FezqoaKR8SWjw7Y=
Subject key identifier: 19:FA:B5:5B:FD:FC:CA:2E:33:25:8D:B8:87:DE:EE:14:58:5E:13:AD
Certificate issuer: /CN=27391ae28a91d5991346aedaf17bf8605c8cf22e
Certificate serial: 01856CEF3D43314AAD29249410BC8FC0EA9C
Authority key identifier: 27:39:1A:E2:8A:91:D5:99:13:46:AE:DA:F1:7B:F8:60:5C:8C:F2:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jzka4oqR1ZkTRq7a8Xv4YFyM8i4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/66578f-e8bf-40e0-ab30-a4c128075862/1/Gfq1W_38yi4zJY24h97uFFheE60.roa
Signing time: Sun 01 Jan 2023 10:44:56 +0000
ROA not before: Sun 01 Jan 2023 10:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50252
IP address blocks: 194.102.140.0/23 maxlen: 23
194.102.140.0/24 maxlen: 24
194.102.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:3d:43:31:4a:ad:29:24:94:10:bc:8f:c0:ea:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27391ae28a91d5991346aedaf17bf8605c8cf22e
Validity
Not Before: Jan 1 10:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19fab55bfdfcca2e33258db887deee14585e13ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:af:ba:ee:d7:97:30:43:06:31:06:a8:69:52:
00:4d:a7:99:3c:30:b4:b7:50:33:e1:ec:a1:57:83:
82:5d:9c:40:da:af:01:82:da:0b:6a:49:5a:31:07:
18:9e:9d:df:6d:19:74:37:84:1d:b4:70:27:75:09:
68:58:01:11:17:d2:f9:4b:c4:94:7d:ad:2d:ab:d4:
99:b3:10:5a:41:68:fa:e2:7f:5f:92:8f:8c:4c:38:
49:94:02:db:d3:12:c4:a3:0d:bf:1f:05:c6:fc:ed:
4e:60:7d:a7:0f:cd:62:2f:09:10:ce:36:57:1a:04:
16:61:48:41:a1:42:dd:67:7e:be:41:14:c2:09:59:
d7:6d:2c:7b:00:d1:d5:9a:33:5e:6a:3b:2f:f1:fb:
53:59:8c:e9:a6:af:ca:24:43:9e:ea:34:38:23:59:
aa:f0:09:59:77:5b:dc:d1:0f:a6:98:e8:c6:00:3c:
58:53:d5:7d:dc:d9:1f:c1:46:06:af:52:91:6e:93:
98:75:23:51:9c:db:10:46:d8:e2:1d:76:35:35:a6:
53:dc:a0:6f:24:ee:a5:40:8b:63:d9:b3:de:c2:19:
55:30:73:51:21:4f:5a:f6:fe:07:f8:ef:f6:c3:4f:
cf:29:fa:53:5d:48:46:56:23:fb:09:3b:e8:fb:00:
01:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:FA:B5:5B:FD:FC:CA:2E:33:25:8D:B8:87:DE:EE:14:58:5E:13:AD
X509v3 Authority Key Identifier:
keyid:27:39:1A:E2:8A:91:D5:99:13:46:AE:DA:F1:7B:F8:60:5C:8C:F2:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jzka4oqR1ZkTRq7a8Xv4YFyM8i4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/66578f-e8bf-40e0-ab30-a4c128075862/1/Gfq1W_38yi4zJY24h97uFFheE60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/66578f-e8bf-40e0-ab30-a4c128075862/1/Jzka4oqR1ZkTRq7a8Xv4YFyM8i4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.102.140.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:27:11:1c:59:5e:ca:16:3a:dd:4c:cf:da:d5:7b:9b:00:86:
b1:41:bc:91:54:8c:40:6c:d1:16:21:43:2e:6c:e8:1d:c5:80:
fd:52:73:8f:85:0a:8f:1a:99:35:07:32:3c:d5:b2:32:7f:06:
08:44:4c:1f:a1:ba:2b:81:e0:83:a4:c6:dd:5a:83:f3:10:60:
85:fa:c5:48:02:49:ad:ef:67:16:0c:98:a8:f7:81:81:b2:82:
d9:da:d8:49:a5:66:3f:89:b6:c9:d6:8f:0b:f5:36:dc:35:4d:
b4:3c:49:63:fa:fc:9c:bf:61:c8:98:b9:2e:6e:71:7f:13:3e:
20:2a:dc:4f:5d:c3:4b:10:27:2f:7f:9d:55:9b:37:c3:c3:cd:
b9:9d:ec:ea:12:3b:40:02:2e:0b:d6:50:70:cd:89:bd:5d:ec:
5c:64:de:49:2e:f5:0e:2e:fb:ce:92:90:56:09:9b:d2:be:4c:
ba:0b:f1:10:10:69:77:f9:ca:43:64:c5:6d:1d:e2:db:2b:8e:
d6:5f:e5:bf:da:8f:47:9b:fa:d4:ca:65:b6:3f:ff:08:0c:1f:
7c:b8:40:f1:9d:10:2a:8d:f9:a6:49:39:6a:c5:1e:65:7d:c9:
76:ae:4f:a9:d7:fe:54:11:48:c1:50:07:62:a6:3d:ec:3b:2c:
ec:67:9d:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7z1DMUqtKSSUELyPwOqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MzkxYWUyOGE5MWQ1OTkxMzQ2YWVkYWYxN2JmODYwNWM4
Y2YyMmUwHhcNMjMwMTAxMTA0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWZhYjU1YmZkZmNjYTJlMzMyNThkYjg4N2RlZWUxNDU4NWUxM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq+67teXMEMGMQaoaVIATaeZPDC0
t1Az4eyhV4OCXZxA2q8BgtoLaklaMQcYnp3fbRl0N4QdtHAndQloWAERF9L5S8SU
fa0tq9SZsxBaQWj64n9fko+MTDhJlALb0xLEow2/HwXG/O1OYH2nD81iLwkQzjZX
GgQWYUhBoULdZ36+QRTCCVnXbSx7ANHVmjNeajsv8ftTWYzppq/KJEOe6jQ4I1mq
8AlZd1vc0Q+mmOjGADxYU9V93NkfwUYGr1KRbpOYdSNRnNsQRtjiHXY1NaZT3KBv
JO6lQItj2bPewhlVMHNRIU9a9v4H+O/2w0/PKfpTXUhGViP7CTvo+wABQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBn6tVv9/MouMyWNuIfe7hRYXhOtMB8GA1UdIwQY
MBaAFCc5GuKKkdWZE0au2vF7+GBcjPIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnprYTRvcVIxWmtUUnE3YThYdjRZRnlNOGk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82NjU3OGYtZThiZi00MGUwLWFiMzAt
YTRjMTI4MDc1ODYyLzEvR2ZxMVdfMzh5aTR6SlkyNGg5N3VGRmhlRTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82NjU3OGYtZThiZi00MGUwLWFiMzAtYTRjMTI4MDc1ODYy
LzEvSnprYTRvcVIxWmtUUnE3YThYdjRZRnlNOGk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwmaMMA0G
CSqGSIb3DQEBCwUAA4IBAQA+JxEcWV7KFjrdTM/a1XubAIaxQbyRVIxAbNEWIUMu
bOgdxYD9UnOPhQqPGpk1BzI81bIyfwYIREwfoborgeCDpMbdWoPzEGCF+sVIAkmt
72cWDJio94GBsoLZ2thJpWY/ibbJ1o8L9TbcNU20PElj+vycv2HImLkubnF/Ez4g
KtxPXcNLECcvf51VmzfDw825nezqEjtAAi4L1lBwzYm9XexcZN5JLvUOLvvOkpBW
CZvSvky6C/EQEGl3+cpDZMVtHeLbK47WX+W/2o9Hm/rUymW2P/8IDB98uEDxnRAq
jfmmSTlqxR5lfcl2rk+p1/5UEUjBUAdipj3sOyzsZ537
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:33 2024 by rpki-client on console-fra.rpki-client.org