Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/sQ4EYguguzZg6OIKVqjGBA3RzCI.roa
File: sQ4EYguguzZg6OIKVqjGBA3RzCI.roa (raw, json)
Hash identifier: feDiin93H9FOaD+FNOeEMy3lvNL8cf/3GhN9UlHp4NI=
Subject key identifier: B1:0E:04:62:0B:A0:BB:36:60:E8:E2:0A:56:A8:C6:04:0D:D1:CC:22
Certificate issuer: /CN=e467dbe6ac755a9063c360b1525e844fd2a57b93
Certificate serial: 018CC6B94362ACF30349F20F876B2E3D3DBE
Authority key identifier: E4:67:DB:E6:AC:75:5A:90:63:C3:60:B1:52:5E:84:4F:D2:A5:7B:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Gfb5qx1WpBjw2CxUl6ET9Kle5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/sQ4EYguguzZg6OIKVqjGBA3RzCI.roa
Signing time: Mon 01 Jan 2024 20:31:19 +0000
ROA not before: Mon 01 Jan 2024 20:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207489
IP address blocks: 194.76.145.0/24 maxlen: 24
194.76.149.0/24 maxlen: 24
194.76.150.0/24 maxlen: 24
194.76.186.0/24 maxlen: 24
2a0f:ae40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 30 Jan 2024 23:34:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:43:62:ac:f3:03:49:f2:0f:87:6b:2e:3d:3d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e467dbe6ac755a9063c360b1525e844fd2a57b93
Validity
Not Before: Jan 1 20:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b10e04620ba0bb3660e8e20a56a8c6040dd1cc22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9d:7f:d0:5e:a3:aa:74:16:a8:f5:a5:d8:1a:
68:07:0f:cf:c3:e2:a3:9d:52:9e:ce:59:fb:9e:ff:
fc:12:56:93:58:c2:1f:5d:38:96:81:9e:a0:07:91:
15:fd:9e:5c:37:76:c4:23:40:f9:1f:d2:c5:2e:61:
6e:43:5b:ca:70:29:5e:47:75:c3:57:51:9d:e9:23:
b3:27:f7:87:a6:d1:bc:ab:91:8a:05:4d:e9:32:1a:
1c:63:3b:8b:5c:99:dd:e5:66:20:77:8e:d6:f6:6d:
61:3d:98:69:d3:d3:21:c8:d2:3a:93:19:88:0a:e5:
ff:19:63:eb:12:a8:56:93:2b:a2:69:41:82:43:42:
df:e7:2b:d1:2f:42:a7:94:ee:13:15:27:a5:80:d0:
19:6b:2a:63:72:bd:85:71:eb:21:5a:65:33:1e:2a:
0f:05:0b:86:0d:f4:f6:53:b2:56:d6:2a:26:51:00:
05:9a:59:0a:02:ce:9e:1d:cc:56:3e:a8:79:1b:47:
16:a9:64:3d:f5:f9:3b:42:0f:ed:69:76:b6:0b:c1:
b1:3e:a9:a8:99:b5:3a:ab:3e:fa:0e:9c:93:56:51:
ce:52:3b:65:25:68:f3:c8:f8:7a:4e:ef:c7:89:b8:
9c:55:18:bf:d4:23:69:9c:65:e2:13:b9:f2:11:a7:
ee:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0E:04:62:0B:A0:BB:36:60:E8:E2:0A:56:A8:C6:04:0D:D1:CC:22
X509v3 Authority Key Identifier:
keyid:E4:67:DB:E6:AC:75:5A:90:63:C3:60:B1:52:5E:84:4F:D2:A5:7B:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Gfb5qx1WpBjw2CxUl6ET9Kle5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/sQ4EYguguzZg6OIKVqjGBA3RzCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/5Gfb5qx1WpBjw2CxUl6ET9Kle5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.145.0/24
194.76.149.0-194.76.150.255
194.76.186.0/24
IPv6:
2a0f:ae40::/32
Signature Algorithm: sha256WithRSAEncryption
01:0d:b7:f6:98:02:ed:77:a4:2c:fa:f8:75:64:66:28:3f:d1:
69:e6:f0:ef:be:50:a7:0a:9b:71:e6:dc:1d:ce:73:76:20:b1:
26:4a:48:80:37:aa:a7:0b:1e:ff:03:c1:20:d7:e1:8b:b4:9f:
e4:11:93:64:bb:56:56:d3:9c:2f:a2:f1:72:69:e0:83:b3:5a:
39:ff:1c:ad:c6:6a:b5:e1:d1:5b:36:ea:06:65:8e:50:8d:b3:
88:22:06:e5:60:77:e6:a2:fe:c9:57:c5:d3:88:7d:68:20:1d:
57:44:3d:f4:23:f6:a0:9f:bf:a5:06:88:4f:10:c2:3a:38:cf:
2f:20:72:57:a1:29:86:46:a7:c7:08:65:bb:9a:8e:fb:f5:76:
c2:bc:76:b6:d1:23:a4:93:e8:29:37:57:62:b7:9e:ff:68:63:
ea:0e:10:ba:42:b1:66:a6:b7:ca:48:5f:29:12:05:e8:f6:8e:
8f:8a:e2:2a:ff:24:62:62:c6:84:98:11:ea:d6:67:e9:fb:2e:
33:b1:2a:d1:3f:be:eb:38:6f:cf:ae:07:50:d8:86:b1:cc:63:
53:85:41:8c:f2:76:f7:00:07:b7:7c:df:ad:4d:32:68:75:da:
a8:8c:18:a2:87:10:8e:7e:55:4b:62:3b:87:64:e3:04:97:3a:
22:af:2c:90
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzGuUNirPMDSfIPh2suPT2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NjdkYmU2YWM3NTVhOTA2M2MzNjBiMTUyNWU4NDRmZDJh
NTdiOTMwHhcNMjQwMTAxMjAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTBlMDQ2MjBiYTBiYjM2NjBlOGUyMGE1NmE4YzYwNDBkZDFjYzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZ1/0F6jqnQWqPWl2BpoBw/Pw+Kj
nVKezln7nv/8ElaTWMIfXTiWgZ6gB5EV/Z5cN3bEI0D5H9LFLmFuQ1vKcCleR3XD
V1Gd6SOzJ/eHptG8q5GKBU3pMhocYzuLXJnd5WYgd47W9m1hPZhp09MhyNI6kxmI
CuX/GWPrEqhWkyuiaUGCQ0Lf5yvRL0KnlO4TFSelgNAZaypjcr2FceshWmUzHioP
BQuGDfT2U7JW1iomUQAFmlkKAs6eHcxWPqh5G0cWqWQ99fk7Qg/taXa2C8GxPqmo
mbU6qz76DpyTVlHOUjtlJWjzyPh6Tu/HibicVRi/1CNpnGXiE7nyEafuUQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLEOBGILoLs2YOjiClaoxgQN0cwiMB8GA1UdIwQY
MBaAFORn2+asdVqQY8NgsVJehE/SpXuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUdmYjVxeDFXcEJqdzJDeFVsNkVUOUtsZTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS83MTZmNDctMTBiOC00ZjM5LTg1OWYt
ZWNlNTc3ZTMwN2FkLzEvc1E0RVlndWd1elpnNk9JS1ZxakdCQTNSekNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS83MTZmNDctMTBiOC00ZjM5LTg1OWYtZWNlNTc3ZTMwN2Fk
LzEvNUdmYjVxeDFXcEJqdzJDeFVsNkVUOUtsZTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwkyRMAwD
BADCTJUDBADCTJYDBADCTLowDQQCAAIwBwMFACoPrkAwDQYJKoZIhvcNAQELBQAD
ggEBAAENt/aYAu13pCz6+HVkZig/0Wnm8O++UKcKm3Hm3B3Oc3YgsSZKSIA3qqcL
Hv8DwSDX4Yu0n+QRk2S7VlbTnC+i8XJp4IOzWjn/HK3GarXh0Vs26gZljlCNs4gi
BuVgd+ai/slXxdOIfWggHVdEPfQj9qCfv6UGiE8Qwjo4zy8gclehKYZGp8cIZbua
jvv1dsK8drbRI6ST6Ck3V2K3nv9oY+oOELpCsWamt8pIXykSBej2jo+K4ir/JGJi
xoSYEerWZ+n7LjOxKtE/vus4b8+uB1DYhrHMY1OFQYzydvcAB7d8361NMmh12qiM
GKKHEI5+VUtiO4dk4wSXOiKvLJA=
Generated at Wed Jan 31 00:12:54 2024 by rpki-client on console-fra.rpki-client.org