Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/0pNQkvm8VlbtffWUDoxp8Ighi2I.roa
File: 0pNQkvm8VlbtffWUDoxp8Ighi2I.roa (raw, json)
Hash identifier: J5VT0jssHmScTxgNiyVazf1XCD2FsMX9qoxdN3m7toI=
Subject key identifier: D2:93:50:92:F9:BC:56:56:ED:7D:F5:94:0E:8C:69:F0:88:21:8B:62
Certificate issuer: /CN=e467dbe6ac755a9063c360b1525e844fd2a57b93
Certificate serial: 018BC8ED9F282CF955ACCAA56025A8BB6A69
Authority key identifier: E4:67:DB:E6:AC:75:5A:90:63:C3:60:B1:52:5E:84:4F:D2:A5:7B:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Gfb5qx1WpBjw2CxUl6ET9Kle5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/0pNQkvm8VlbtffWUDoxp8Ighi2I.roa
Signing time: Mon 13 Nov 2023 13:44:57 +0000
ROA not before: Mon 13 Nov 2023 13:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207489
IP address blocks: 194.76.145.0/24 maxlen: 24
194.76.149.0/24 maxlen: 24
194.76.150.0/24 maxlen: 24
194.76.186.0/24 maxlen: 24
2a0f:ae40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:ed:9f:28:2c:f9:55:ac:ca:a5:60:25:a8:bb:6a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e467dbe6ac755a9063c360b1525e844fd2a57b93
Validity
Not Before: Nov 13 13:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2935092f9bc5656ed7df5940e8c69f088218b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0c:b8:2c:c1:ea:f7:f0:35:9d:cf:1d:94:3d:
9f:59:46:b5:ea:40:b7:32:d9:c4:a0:44:aa:36:d7:
7b:bc:12:4e:5c:c6:3f:49:6c:77:c1:bb:cc:9f:c0:
db:e7:27:60:de:0d:59:8f:90:14:18:27:5e:ba:88:
48:7f:4c:64:7f:77:ef:cf:e3:53:58:f4:2c:c6:34:
d7:9e:d7:38:52:d8:29:b6:07:38:fd:06:93:56:74:
c1:74:33:74:59:b7:12:23:d6:f1:f0:50:98:cf:46:
6f:c8:5a:41:4a:63:48:6e:3d:1c:9f:96:4b:0a:1d:
cd:a6:91:b1:36:d4:00:0e:95:0e:50:4f:a5:f2:56:
e4:ee:8f:07:9a:96:bd:ba:f6:ec:28:28:f9:2c:7a:
6d:b4:20:1c:2e:26:09:68:fd:c1:b6:d0:9e:91:ad:
c1:4c:56:43:b8:86:7b:53:85:64:1b:2a:71:09:ca:
a8:55:5f:02:30:28:cb:81:12:59:70:bf:fc:31:9b:
26:28:6c:76:42:28:d9:af:fb:97:4f:13:15:78:4e:
0f:b4:fb:00:24:0d:1a:66:43:e0:ab:a4:98:da:51:
04:ad:37:f7:15:b9:0a:45:d8:6e:97:34:c4:0d:2a:
76:cb:78:84:81:f8:40:bc:b6:dc:53:08:fd:75:22:
fb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:93:50:92:F9:BC:56:56:ED:7D:F5:94:0E:8C:69:F0:88:21:8B:62
X509v3 Authority Key Identifier:
keyid:E4:67:DB:E6:AC:75:5A:90:63:C3:60:B1:52:5E:84:4F:D2:A5:7B:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Gfb5qx1WpBjw2CxUl6ET9Kle5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/0pNQkvm8VlbtffWUDoxp8Ighi2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/5Gfb5qx1WpBjw2CxUl6ET9Kle5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.145.0/24
194.76.149.0-194.76.150.255
194.76.186.0/24
IPv6:
2a0f:ae40::/32
Signature Algorithm: sha256WithRSAEncryption
6b:2a:c3:40:b6:8f:cb:e0:5e:d7:11:81:c4:15:f7:ce:f9:b1:
36:bf:b3:ef:b1:14:21:c7:ac:ad:2e:5f:92:64:42:f4:8b:53:
0b:cd:f9:7f:f2:ff:e3:b9:db:dc:84:7f:b7:4e:32:e9:9b:5c:
c2:81:dc:e2:83:2d:0a:a1:fb:64:2d:35:b3:09:85:e9:70:e9:
fd:65:9f:0f:ac:41:81:a7:73:12:4f:75:71:4a:69:a8:7a:85:
91:c2:20:dc:69:97:92:25:1e:01:5e:f6:cd:36:ed:44:95:07:
34:48:98:6e:af:1f:57:a4:f4:37:a2:a8:35:a6:b1:c1:0a:9a:
8a:c4:12:e5:e7:4f:14:1e:55:d4:1d:9c:b6:79:d3:2c:03:20:
07:b5:6e:f6:42:d7:b6:2c:83:38:8a:70:e1:90:ca:65:16:3e:
f9:5e:f3:7b:85:44:59:a3:48:d7:7d:2d:ca:32:c7:30:75:94:
c5:d8:0b:64:ab:50:54:34:4c:5d:de:3e:7b:ce:15:57:8a:89:
a5:5b:59:7e:72:11:93:ff:bc:e1:3b:c3:b7:ba:85:fe:55:cf:
4d:f2:29:ca:c1:c6:fb:27:d3:57:2d:9b:48:d2:44:3e:5c:b5:
58:f3:2a:1a:82:9d:18:22:6a:41:ee:b5:f1:5f:74:c6:d8:0f:
8a:98:de:a4
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYvI7Z8oLPlVrMqlYCWou2ppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NjdkYmU2YWM3NTVhOTA2M2MzNjBiMTUyNWU4NDRmZDJh
NTdiOTMwHhcNMjMxMTEzMTM0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjkzNTA5MmY5YmM1NjU2ZWQ3ZGY1OTQwZThjNjlmMDg4MjE4YjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQy4LMHq9/A1nc8dlD2fWUa16kC3
MtnEoESqNtd7vBJOXMY/SWx3wbvMn8Db5ydg3g1Zj5AUGCdeuohIf0xkf3fvz+NT
WPQsxjTXntc4Utgptgc4/QaTVnTBdDN0WbcSI9bx8FCYz0ZvyFpBSmNIbj0cn5ZL
Ch3NppGxNtQADpUOUE+l8lbk7o8Hmpa9uvbsKCj5LHpttCAcLiYJaP3BttCeka3B
TFZDuIZ7U4VkGypxCcqoVV8CMCjLgRJZcL/8MZsmKGx2QijZr/uXTxMVeE4PtPsA
JA0aZkPgq6SY2lEErTf3FbkKRdhulzTEDSp2y3iEgfhAvLbcUwj9dSL7ZwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNKTUJL5vFZW7X31lA6MafCIIYtiMB8GA1UdIwQY
MBaAFORn2+asdVqQY8NgsVJehE/SpXuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUdmYjVxeDFXcEJqdzJDeFVsNkVUOUtsZTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS83MTZmNDctMTBiOC00ZjM5LTg1OWYt
ZWNlNTc3ZTMwN2FkLzEvMHBOUWt2bThWbGJ0ZmZXVURveHA4SWdoaTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS83MTZmNDctMTBiOC00ZjM5LTg1OWYtZWNlNTc3ZTMwN2Fk
LzEvNUdmYjVxeDFXcEJqdzJDeFVsNkVUOUtsZTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwkyRMAwD
BADCTJUDBADCTJYDBADCTLowDQQCAAIwBwMFACoPrkAwDQYJKoZIhvcNAQELBQAD
ggEBAGsqw0C2j8vgXtcRgcQV9875sTa/s++xFCHHrK0uX5JkQvSLUwvN+X/y/+O5
29yEf7dOMumbXMKB3OKDLQqh+2QtNbMJhelw6f1lnw+sQYGncxJPdXFKaah6hZHC
INxpl5IlHgFe9s027USVBzRImG6vH1ek9DeiqDWmscEKmorEEuXnTxQeVdQdnLZ5
0ywDIAe1bvZC17YsgziKcOGQymUWPvle83uFRFmjSNd9LcoyxzB1lMXYC2SrUFQ0
TF3ePnvOFVeKiaVbWX5yEZP/vOE7w7e6hf5Vz03yKcrBxvsn01ctm0jSRD5ctVjz
KhqCnRgiakHutfFfdMbYD4qY3qQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:20 2024 by rpki-client on console-fra.rpki-client.org