Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/9c72ae-8365-4f50-825e-f82137e00bc3/1/j-N3rhdd-0WOdY0WVz2UfMiKaA0.roa
File: j-N3rhdd-0WOdY0WVz2UfMiKaA0.roa (raw, json)
Hash identifier: kMCE6XAWFqUFINWQAFSDm/dJmvn4u1VJmFjZw40Oixk=
Subject key identifier: 8F:E3:77:AE:17:5D:FB:45:8E:75:8D:16:57:3D:94:7C:C8:8A:68:0D
Certificate issuer: /CN=a1e8fee97da365b6480821b18bedf9fc23553826
Certificate serial: 018572D5A5B23B544D614F853C75B50781E9
Authority key identifier: A1:E8:FE:E9:7D:A3:65:B6:48:08:21:B1:8B:ED:F9:FC:23:55:38:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oej-6X2jZbZICCGxi-35_CNVOCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/9c72ae-8365-4f50-825e-f82137e00bc3/1/j-N3rhdd-0WOdY0WVz2UfMiKaA0.roa
Signing time: Mon 02 Jan 2023 14:14:42 +0000
ROA not before: Mon 02 Jan 2023 14:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 194.9.44.0/24 maxlen: 24
194.9.45.0/24 maxlen: 24
2001:678:e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:a5:b2:3b:54:4d:61:4f:85:3c:75:b5:07:81:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1e8fee97da365b6480821b18bedf9fc23553826
Validity
Not Before: Jan 2 14:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fe377ae175dfb458e758d16573d947cc88a680d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:39:6a:ff:03:b6:9e:f8:4c:de:46:66:83:
23:0b:94:d1:86:00:d5:a2:e9:cf:d0:af:c0:69:e4:
0b:bf:26:39:34:ba:8c:18:0f:f8:ee:34:7a:31:31:
d9:64:1c:2c:17:75:28:d3:c3:91:a0:d4:48:d4:2c:
d0:fe:a6:cd:9c:c7:fb:24:c1:bd:8d:c0:7a:62:b2:
6d:25:03:09:22:85:f7:ac:75:5d:4f:9b:0c:ef:4f:
ca:bb:64:b1:5a:a3:ae:c8:d7:9a:ce:8c:d0:20:1e:
03:57:6e:cb:0a:5e:79:c6:52:e0:f6:18:79:68:48:
f0:91:4e:5e:3d:18:07:d7:66:5f:35:df:e7:f9:7a:
f3:50:f7:a7:79:d0:12:86:6d:9b:73:4b:42:8e:17:
a5:87:a2:25:20:5f:19:a8:47:07:91:0a:77:47:cb:
f1:8f:2f:6c:1d:8e:fe:09:5d:0c:78:e5:0f:c3:55:
f8:22:72:ff:cc:cc:7a:b7:ae:eb:55:30:8d:6b:9f:
69:a1:fd:73:01:ff:3c:9b:88:6d:39:f8:83:a2:25:
22:db:05:0e:8c:fd:0e:13:29:fe:fe:67:94:da:f6:
6f:2d:db:89:8e:9c:98:76:31:f2:0a:5c:8d:d5:cc:
a7:a2:37:8f:e9:ae:93:cd:87:63:50:73:33:2a:9e:
06:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E3:77:AE:17:5D:FB:45:8E:75:8D:16:57:3D:94:7C:C8:8A:68:0D
X509v3 Authority Key Identifier:
keyid:A1:E8:FE:E9:7D:A3:65:B6:48:08:21:B1:8B:ED:F9:FC:23:55:38:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oej-6X2jZbZICCGxi-35_CNVOCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9c72ae-8365-4f50-825e-f82137e00bc3/1/j-N3rhdd-0WOdY0WVz2UfMiKaA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9c72ae-8365-4f50-825e-f82137e00bc3/1/oej-6X2jZbZICCGxi-35_CNVOCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.44.0/23
IPv6:
2001:678:e0::/48
Signature Algorithm: sha256WithRSAEncryption
17:3d:ae:9e:a0:bb:51:c2:3c:55:8e:be:ec:df:55:32:88:1d:
16:e7:3e:1c:82:14:2d:c5:0f:c3:e0:1f:e7:0a:45:a3:18:2c:
ee:81:e8:46:15:1c:92:ea:ff:db:02:c6:9e:ec:18:a6:ee:40:
c0:ca:04:3a:37:60:76:5e:97:75:ef:69:28:30:71:d3:60:2d:
3e:af:59:24:8f:65:56:65:bf:23:80:92:b3:b3:d1:ae:2b:5b:
1b:6f:36:9b:c7:8e:8c:21:a7:cf:0d:08:b7:7e:cc:eb:1f:f0:
2d:83:c4:26:20:bc:f2:83:40:e2:40:75:34:d8:5c:fe:b6:7f:
57:58:0a:b5:6d:20:41:eb:cd:a1:7c:a9:e2:4a:70:ee:f9:bd:
e2:78:35:0f:26:49:54:86:79:c0:4b:62:ad:f8:2e:8f:df:8e:
11:2f:03:01:46:e9:32:cb:2b:48:b2:cc:ea:f3:ac:6e:5a:b8:
ee:5c:8e:a0:2e:80:33:d3:ec:76:80:dc:74:3d:6d:ab:2f:39:
08:1a:4c:0e:fa:94:7a:3a:24:53:c7:82:fb:41:9e:ff:47:9b:
db:52:c1:9e:2a:c2:8b:7b:cb:7b:06:3c:31:bc:9d:3f:83:66:
67:cf:3a:07:ca:d1:48:47:39:e0:6a:7c:92:b8:11:8c:1a:8b:
37:14:57:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVy1aWyO1RNYU+FPHW1B4HpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZThmZWU5N2RhMzY1YjY0ODA4MjFiMThiZWRmOWZjMjM1
NTM4MjYwHhcNMjMwMTAyMTQxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmUzNzdhZTE3NWRmYjQ1OGU3NThkMTY1NzNkOTQ3Y2M4OGE2ODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ05av8Dtp74TN5GZoMjC5TRhgDV
ounP0K/AaeQLvyY5NLqMGA/47jR6MTHZZBwsF3Uo08ORoNRI1CzQ/qbNnMf7JMG9
jcB6YrJtJQMJIoX3rHVdT5sM70/Ku2SxWqOuyNeazozQIB4DV27LCl55xlLg9hh5
aEjwkU5ePRgH12ZfNd/n+XrzUPenedAShm2bc0tCjhelh6IlIF8ZqEcHkQp3R8vx
jy9sHY7+CV0MeOUPw1X4InL/zMx6t67rVTCNa59pof1zAf88m4htOfiDoiUi2wUO
jP0OEyn+/meU2vZvLduJjpyYdjHyClyN1cynojeP6a6TzYdjUHMzKp4GNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI/jd64XXftFjnWNFlc9lHzIimgNMB8GA1UdIwQY
MBaAFKHo/ul9o2W2SAghsYvt+fwjVTgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2VqLTZYMmpaYlpJQ0NHeGktMzVfQ05WT0NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85YzcyYWUtODM2NS00ZjUwLTgyNWUt
ZjgyMTM3ZTAwYmMzLzEvai1OM3JoZGQtMFdPZFkwV1Z6MlVmTWlLYUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85YzcyYWUtODM2NS00ZjUwLTgyNWUtZjgyMTM3ZTAwYmMz
LzEvb2VqLTZYMmpaYlpJQ0NHeGktMzVfQ05WT0NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwgksMA8E
AgACMAkDBwAgAQZ4AOAwDQYJKoZIhvcNAQELBQADggEBABc9rp6gu1HCPFWOvuzf
VTKIHRbnPhyCFC3FD8PgH+cKRaMYLO6B6EYVHJLq/9sCxp7sGKbuQMDKBDo3YHZe
l3XvaSgwcdNgLT6vWSSPZVZlvyOAkrOz0a4rWxtvNpvHjowhp88NCLd+zOsf8C2D
xCYgvPKDQOJAdTTYXP62f1dYCrVtIEHrzaF8qeJKcO75veJ4NQ8mSVSGecBLYq34
Lo/fjhEvAwFG6TLLK0iyzOrzrG5auO5cjqAugDPT7HaA3HQ9basvOQgaTA76lHo6
JFPHgvtBnv9Hm9tSwZ4qwot7y3sGPDG8nT+DZmfPOgfK0UhHOeBqfJK4EYwaizcU
V7M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:03 2024 by rpki-client on console-fra.rpki-client.org