Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/8686cd-1f1c-4845-812d-4ad4035fae7b/1/t0lBd53qbeo8fIPRb55xn1W4a1M.roa
File: t0lBd53qbeo8fIPRb55xn1W4a1M.roa (raw, json)
Hash identifier: bRFoIXtM8aMm38vLHLWjWtpshmokHTqN8W9Ova0wBNE=
Subject key identifier: B7:49:41:77:9D:EA:6D:EA:3C:7C:83:D1:6F:9E:71:9F:55:B8:6B:53
Certificate issuer: /CN=c49b1f76bb5bac6d0c796ba47130c768b1c73b1c
Certificate serial: 0186541DECC899C44E5A60AFB1ECB2001E19
Authority key identifier: C4:9B:1F:76:BB:5B:AC:6D:0C:79:6B:A4:71:30:C7:68:B1:C7:3B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJsfdrtbrG0MeWukcTDHaLHHOxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/8686cd-1f1c-4845-812d-4ad4035fae7b/1/t0lBd53qbeo8fIPRb55xn1W4a1M.roa
Signing time: Wed 15 Feb 2023 08:08:12 +0000
ROA not before: Wed 15 Feb 2023 08:08:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20546
IP address blocks: 194.147.196.0/22 maxlen: 24
194.147.200.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:1d:ec:c8:99:c4:4e:5a:60:af:b1:ec:b2:00:1e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c49b1f76bb5bac6d0c796ba47130c768b1c73b1c
Validity
Not Before: Feb 15 08:08:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b74941779dea6dea3c7c83d16f9e719f55b86b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8a:12:66:8c:13:b5:b9:d8:5f:af:37:ca:e6:
35:78:bc:4a:b3:5a:3b:24:0b:98:b0:eb:70:a7:94:
7d:4c:9d:07:61:de:d3:1f:ba:82:cc:87:9c:3a:b4:
5d:17:a1:82:d9:e4:53:31:b0:d2:e4:ff:b4:3c:41:
a9:64:e4:19:62:32:8b:da:4a:6d:e8:fa:eb:70:64:
96:b5:b8:0c:2e:11:b7:7e:fb:e1:d9:5a:0a:cc:91:
5b:ee:c3:bd:a8:1e:4e:87:56:e1:58:80:82:6e:78:
cb:88:06:e7:1a:6b:cc:a9:8a:c9:80:d8:a2:b2:89:
ab:09:fa:b8:67:ee:90:d2:33:f4:52:a8:32:76:85:
43:77:e9:2f:e1:fc:da:15:43:32:ac:b4:f4:23:d3:
20:01:d5:29:ca:5a:61:85:c7:1f:f4:ff:ac:6b:e6:
a3:05:67:84:f5:ee:6d:92:b6:e0:5e:0c:df:64:a8:
7f:39:25:ec:90:9b:c5:ca:40:70:7f:03:d7:b4:f3:
f0:39:70:7d:ba:b2:4a:ca:47:c1:c2:b5:20:cd:7b:
9a:50:5b:0b:0e:e9:c7:25:41:0a:68:fe:6a:bc:7e:
d8:fa:18:ca:bf:d7:8b:49:01:cd:fd:16:8d:d1:4f:
66:45:c5:bc:1a:c4:c3:99:cf:d4:a4:54:98:57:a5:
db:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:49:41:77:9D:EA:6D:EA:3C:7C:83:D1:6F:9E:71:9F:55:B8:6B:53
X509v3 Authority Key Identifier:
keyid:C4:9B:1F:76:BB:5B:AC:6D:0C:79:6B:A4:71:30:C7:68:B1:C7:3B:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJsfdrtbrG0MeWukcTDHaLHHOxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8686cd-1f1c-4845-812d-4ad4035fae7b/1/t0lBd53qbeo8fIPRb55xn1W4a1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8686cd-1f1c-4845-812d-4ad4035fae7b/1/xJsfdrtbrG0MeWukcTDHaLHHOxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.196.0-194.147.207.255
Signature Algorithm: sha256WithRSAEncryption
20:c3:28:8f:e5:75:1c:50:ab:f3:7e:b2:03:f1:6c:bf:3c:c3:
79:c1:f0:18:45:bd:c1:4c:9c:ab:98:1d:b6:4d:99:ba:a1:07:
7e:e8:b8:a3:a2:5c:0d:bf:1e:95:18:a8:10:c4:41:9c:18:52:
62:32:11:49:3c:28:30:a9:cd:8c:bd:8f:dc:54:96:9b:35:f3:
a2:d8:ef:65:29:38:ff:b0:4f:5e:97:aa:d3:9a:7e:e6:47:36:
0f:47:a4:ec:c4:47:b8:52:85:9e:b1:ed:c0:d2:69:9c:bd:10:
36:8d:82:1a:c5:4d:d1:3f:15:9a:5c:2c:e2:7c:6a:2c:56:22:
eb:19:72:1b:f5:50:3b:e0:fa:8f:31:fd:4b:bc:87:23:3c:9b:
a2:d1:e7:5a:98:c6:ee:4f:4e:c9:26:8c:cf:61:6c:c0:7a:ea:
73:d2:87:f2:0c:aa:a0:7b:02:63:20:c8:99:2a:ff:00:5c:dd:
1b:8d:44:89:78:c5:f3:c9:85:c2:a9:5c:6b:9f:04:b0:67:d2:
8b:4f:4b:d4:eb:62:30:25:8c:be:e5:23:d4:f8:8a:38:e0:4f:
b1:53:3e:9f:17:82:a4:15:a5:11:1f:50:90:63:ba:a5:8f:8a:
e2:f4:e0:7b:b4:8e:be:f4:ff:4d:4d:7d:eb:25:58:94:06:67:
8a:04:50:9a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYZUHezImcROWmCvseyyAB4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OWIxZjc2YmI1YmFjNmQwYzc5NmJhNDcxMzBjNzY4YjFj
NzNiMWMwHhcNMjMwMjE1MDgwODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQ5NDE3NzlkZWE2ZGVhM2M3YzgzZDE2ZjllNzE5ZjU1Yjg2YjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYoSZowTtbnYX683yuY1eLxKs1o7
JAuYsOtwp5R9TJ0HYd7TH7qCzIecOrRdF6GC2eRTMbDS5P+0PEGpZOQZYjKL2kpt
6PrrcGSWtbgMLhG3fvvh2VoKzJFb7sO9qB5Oh1bhWICCbnjLiAbnGmvMqYrJgNii
somrCfq4Z+6Q0jP0UqgydoVDd+kv4fzaFUMyrLT0I9MgAdUpylphhccf9P+sa+aj
BWeE9e5tkrbgXgzfZKh/OSXskJvFykBwfwPXtPPwOXB9urJKykfBwrUgzXuaUFsL
DunHJUEKaP5qvH7Y+hjKv9eLSQHN/RaN0U9mRcW8GsTDmc/UpFSYV6Xb+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLdJQXed6m3qPHyD0W+ecZ9VuGtTMB8GA1UdIwQY
MBaAFMSbH3a7W6xtDHlrpHEwx2ixxzscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEpzZmRydGJyRzBNZVd1a2NUREhhTEhIT3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84Njg2Y2QtMWYxYy00ODQ1LTgxMmQt
NGFkNDAzNWZhZTdiLzEvdDBsQmQ1M3FiZW84ZklQUmI1NXhuMVc0YTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84Njg2Y2QtMWYxYy00ODQ1LTgxMmQtNGFkNDAzNWZhZTdi
LzEveEpzZmRydGJyRzBNZVd1a2NUREhhTEhIT3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALCk8QD
BATCk8AwDQYJKoZIhvcNAQELBQADggEBACDDKI/ldRxQq/N+sgPxbL88w3nB8BhF
vcFMnKuYHbZNmbqhB37ouKOiXA2/HpUYqBDEQZwYUmIyEUk8KDCpzYy9j9xUlps1
86LY72UpOP+wT16XqtOafuZHNg9HpOzER7hShZ6x7cDSaZy9EDaNghrFTdE/FZpc
LOJ8aixWIusZchv1UDvg+o8x/Uu8hyM8m6LR51qYxu5PTskmjM9hbMB66nPSh/IM
qqB7AmMgyJkq/wBc3RuNRIl4xfPJhcKpXGufBLBn0otPS9TrYjAljL7lI9T4ijjg
T7FTPp8XgqQVpREfUJBjuqWPiuL04Hu0jr70/01NfeslWJQGZ4oEUJo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:08 2024 by rpki-client on console-ams.rpki-client.org