Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/Fjh4BAwaIPvdIShRs-naWgrukPM.roa
File: Fjh4BAwaIPvdIShRs-naWgrukPM.roa (raw, json)
Hash identifier: skmKHvtOmIMVGj6AU/stw9mpGDgsijAqUgQ2E1tKTP0=
Subject key identifier: 16:38:78:04:0C:1A:20:FB:DD:21:28:51:B3:E9:DA:5A:0A:EE:90:F3
Certificate issuer: /CN=23a42497970d65541ddb159658e3b0a6e2f516b7
Certificate serial: 01856FD52EA48630B9B3D2591621C50FCB8A
Authority key identifier: 23:A4:24:97:97:0D:65:54:1D:DB:15:96:58:E3:B0:A6:E2:F5:16:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/Fjh4BAwaIPvdIShRs-naWgrukPM.roa
Signing time: Mon 02 Jan 2023 00:15:20 +0000
ROA not before: Mon 02 Jan 2023 00:15:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50134
IP address blocks: 194.246.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:2e:a4:86:30:b9:b3:d2:59:16:21:c5:0f:cb:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23a42497970d65541ddb159658e3b0a6e2f516b7
Validity
Not Before: Jan 2 00:15:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=163878040c1a20fbdd212851b3e9da5a0aee90f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a0:9b:76:0c:c3:64:2e:6e:71:92:52:ff:fa:
8f:5f:b6:6d:5b:cb:43:4c:b7:58:53:5a:ef:0e:4a:
26:c2:86:ed:20:69:0d:b9:b7:c9:fe:dc:89:06:30:
69:ec:f5:2d:7d:f4:d5:3e:22:32:e5:49:bd:15:11:
16:c6:2d:3e:a9:7b:b7:42:c7:28:98:08:ee:61:92:
37:59:0f:0c:0f:10:23:d9:91:3a:03:98:e1:65:1e:
c1:5b:ea:4c:11:be:d1:f9:4a:af:32:49:ba:9b:31:
f8:61:4f:da:63:24:75:07:a5:d7:0e:a6:e5:10:88:
54:c5:4e:79:8a:04:9b:7a:33:ea:3c:09:a5:52:4d:
20:9a:4d:a2:e5:dd:17:cf:dd:74:51:07:78:47:0b:
3c:08:00:e7:30:d8:08:7a:f2:5b:89:af:43:e8:af:
cc:78:5f:db:07:7f:86:97:e4:2b:b4:c3:4f:11:75:
28:4d:a2:01:07:38:3d:93:10:ba:f1:65:86:26:71:
25:ac:fc:ad:29:e4:ce:bd:9e:9f:86:7e:58:1a:72:
fe:e1:c9:5c:4a:89:ce:4a:24:5b:e5:f7:ac:9c:82:
ec:5f:80:78:3b:7a:a0:e8:51:e1:ec:1c:c9:36:ee:
ea:d6:5d:c2:11:8c:7a:22:43:ab:d0:f1:57:fa:a0:
85:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:38:78:04:0C:1A:20:FB:DD:21:28:51:B3:E9:DA:5A:0A:EE:90:F3
X509v3 Authority Key Identifier:
keyid:23:A4:24:97:97:0D:65:54:1D:DB:15:96:58:E3:B0:A6:E2:F5:16:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/Fjh4BAwaIPvdIShRs-naWgrukPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.76.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:5e:70:e2:3b:b7:12:fd:ba:0f:95:03:3d:8b:f4:e4:88:b7:
ed:46:61:55:58:8d:ac:59:a2:a0:2e:8b:2f:7e:1e:c1:08:58:
e7:c5:5f:70:95:73:fc:50:15:02:76:5b:83:5d:e7:df:5e:9e:
42:24:8b:48:19:29:34:9a:fd:ad:a8:82:56:aa:17:61:ba:b7:
02:f8:45:9d:17:63:cf:2f:1c:39:7b:1f:18:d9:5b:5c:a2:4c:
94:89:12:51:34:ad:12:ee:8e:79:66:bb:38:02:5a:3f:36:90:
a2:52:e8:64:0f:4a:d4:2f:f6:ce:82:cb:a1:47:9a:c2:d5:f2:
15:e1:57:e3:e8:95:70:e3:60:11:15:03:3c:18:15:22:df:ef:
df:ee:93:09:c4:7f:cb:fa:6d:64:f6:3e:5d:2e:bf:d8:4a:a7:
23:2a:1d:94:5f:2b:14:18:f1:9b:a4:ac:5f:b3:3d:63:43:70:
cb:6d:25:0f:8a:a1:1e:a2:59:5b:60:e6:6e:b9:ed:4d:60:5d:
6a:fd:f4:01:4b:20:bc:d6:45:8f:bd:1f:49:cd:49:54:12:db:
c0:90:d4:17:3c:0a:bb:28:3d:03:55:b6:25:65:89:17:2c:5f:
c2:bd:90:9d:99:d3:c2:7f:16:d2:24:d0:2d:d0:de:11:96:97:
22:ca:1e:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1S6khjC5s9JZFiHFD8uKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTQyNDk3OTcwZDY1NTQxZGRiMTU5NjU4ZTNiMGE2ZTJm
NTE2YjcwHhcNMjMwMTAyMDAxNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjM4NzgwNDBjMWEyMGZiZGQyMTI4NTFiM2U5ZGE1YTBhZWU5MGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4aCbdgzDZC5ucZJS//qPX7ZtW8tD
TLdYU1rvDkomwobtIGkNubfJ/tyJBjBp7PUtffTVPiIy5Um9FREWxi0+qXu3Qsco
mAjuYZI3WQ8MDxAj2ZE6A5jhZR7BW+pMEb7R+UqvMkm6mzH4YU/aYyR1B6XXDqbl
EIhUxU55igSbejPqPAmlUk0gmk2i5d0Xz910UQd4Rws8CADnMNgIevJbia9D6K/M
eF/bB3+Gl+QrtMNPEXUoTaIBBzg9kxC68WWGJnElrPytKeTOvZ6fhn5YGnL+4clc
SonOSiRb5fesnILsX4B4O3qg6FHh7BzJNu7q1l3CEYx6IkOr0PFX+qCFiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBY4eAQMGiD73SEoUbPp2loK7pDzMB8GA1UdIwQY
MBaAFCOkJJeXDWVUHdsVlljjsKbi9Ra3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZRa2w1Y05aVlFkMnhXV1dPT3dwdUwxRnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iYTI4NTctYzA5OC00NGQyLTljMDEt
ZTcyMGZlYjEwMTAzLzEvRmpoNEJBd2FJUHZkSVNoUnMtbmFXZ3J1a1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iYTI4NTctYzA5OC00NGQyLTljMDEtZTcyMGZlYjEwMTAz
LzEvSTZRa2w1Y05aVlFkMnhXV1dPT3dwdUwxRnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwvZMMA0G
CSqGSIb3DQEBCwUAA4IBAQCnXnDiO7cS/boPlQM9i/TkiLftRmFVWI2sWaKgLosv
fh7BCFjnxV9wlXP8UBUCdluDXeffXp5CJItIGSk0mv2tqIJWqhdhurcC+EWdF2PP
Lxw5ex8Y2VtcokyUiRJRNK0S7o55Zrs4Alo/NpCiUuhkD0rUL/bOgsuhR5rC1fIV
4Vfj6JVw42ARFQM8GBUi3+/f7pMJxH/L+m1k9j5dLr/YSqcjKh2UXysUGPGbpKxf
sz1jQ3DLbSUPiqEeollbYOZuue1NYF1q/fQBSyC81kWPvR9JzUlUEtvAkNQXPAq7
KD0DVbYlZYkXLF/CvZCdmdPCfxbSJNAt0N4Rlpciyh7h
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:57 2024 by rpki-client on console-ams.rpki-client.org