Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/8686cd-1f1c-4845-812d-4ad4035fae7b/1/u_3EfHUeaMIw5n9n5bKIvD8o0mc.roa
File: u_3EfHUeaMIw5n9n5bKIvD8o0mc.roa (raw, json)
Hash identifier: HeKpHOoudZFQMxLUC0XRtNCbkNF8DktCwsb5UTL/4uw=
Subject key identifier: BB:FD:C4:7C:75:1E:68:C2:30:E6:7F:67:E5:B2:88:BC:3F:28:D2:67
Certificate issuer: /CN=c49b1f76bb5bac6d0c796ba47130c768b1c73b1c
Certificate serial: 018FA95F8D37F0248818A806B487ED9AAFD8
Authority key identifier: C4:9B:1F:76:BB:5B:AC:6D:0C:79:6B:A4:71:30:C7:68:B1:C7:3B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJsfdrtbrG0MeWukcTDHaLHHOxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/8686cd-1f1c-4845-812d-4ad4035fae7b/1/u_3EfHUeaMIw5n9n5bKIvD8o0mc.roa
Signing time: Fri 24 May 2024 06:52:42 +0000
ROA not before: Fri 24 May 2024 06:52:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202405
IP address blocks: 194.147.196.0/22 maxlen: 24
194.147.200.0/21 maxlen: 24
2001:67c:2ec0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a9:5f:8d:37:f0:24:88:18:a8:06:b4:87:ed:9a:af:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c49b1f76bb5bac6d0c796ba47130c768b1c73b1c
Validity
Not Before: May 24 06:52:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbfdc47c751e68c230e67f67e5b288bc3f28d267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5e:90:1b:69:f7:cb:6e:5f:29:63:32:1c:9f:
9d:56:7e:96:b1:27:7d:c7:68:78:c3:8a:26:70:c2:
5f:31:07:ac:b8:ac:f9:40:8e:be:3a:d6:a2:a9:28:
b3:4f:ce:b4:0b:1f:20:0e:d2:86:d4:bd:aa:66:d7:
6a:df:e3:66:07:24:38:c9:ce:8f:f4:72:45:92:b5:
91:6d:f4:0a:0b:62:a4:c9:49:f8:45:03:53:e5:52:
ff:5b:b9:98:cc:ca:f2:52:e1:03:40:e3:a9:ee:24:
64:28:94:d0:bc:63:fc:2d:12:18:33:f5:cc:01:ce:
74:dd:df:1e:b1:46:bd:50:49:4a:8f:10:28:de:8f:
45:4c:51:9e:18:e5:28:91:b4:82:21:c4:c0:9e:34:
06:8b:4c:ef:4e:78:b6:b1:05:b5:9d:97:4e:14:ce:
18:59:cb:1c:42:28:b9:c2:10:32:53:89:7c:7f:57:
d0:ec:d6:cb:7a:a6:b5:b2:ea:cd:49:cd:03:48:3c:
48:37:26:1b:49:5c:02:08:f4:99:27:7f:53:c5:af:
c1:7a:2a:b4:ac:94:ad:a7:9d:40:a7:48:8a:d8:6c:
7d:17:ec:9c:aa:b6:e3:ad:d7:17:3b:44:59:68:96:
90:36:47:1e:dd:ad:e9:8f:01:0c:28:1f:e7:de:aa:
50:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FD:C4:7C:75:1E:68:C2:30:E6:7F:67:E5:B2:88:BC:3F:28:D2:67
X509v3 Authority Key Identifier:
keyid:C4:9B:1F:76:BB:5B:AC:6D:0C:79:6B:A4:71:30:C7:68:B1:C7:3B:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJsfdrtbrG0MeWukcTDHaLHHOxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8686cd-1f1c-4845-812d-4ad4035fae7b/1/u_3EfHUeaMIw5n9n5bKIvD8o0mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8686cd-1f1c-4845-812d-4ad4035fae7b/1/xJsfdrtbrG0MeWukcTDHaLHHOxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.196.0-194.147.207.255
IPv6:
2001:67c:2ec0::/48
Signature Algorithm: sha256WithRSAEncryption
0d:ef:0c:5a:5d:63:f9:15:e7:ce:a2:6a:fc:9d:ed:3a:c7:09:
3e:db:dc:47:c2:57:1f:f1:85:48:95:fa:32:ce:fe:8b:ed:06:
df:b0:ab:33:9c:4c:99:95:51:45:43:fe:2d:c4:db:e1:c7:c9:
56:82:26:df:24:15:5a:28:d5:f9:c2:de:ed:ad:f5:21:ce:6f:
68:66:92:e5:72:87:66:7c:61:cb:4b:44:c7:7d:7a:ff:84:e8:
0f:3a:55:43:25:28:a5:1e:86:05:8f:16:ca:88:c8:9e:17:71:
40:47:32:96:7a:63:85:ac:47:bc:1c:fc:69:5e:c1:29:6c:e2:
ba:0c:8b:71:d6:99:2f:b0:47:82:0c:ea:d8:db:4a:29:d3:7e:
66:31:ce:ec:b3:1c:68:47:4c:fd:1a:85:5d:42:d8:9b:ad:62:
dc:3f:d1:5c:31:9c:6d:97:28:61:c2:a4:90:1d:ad:cf:da:f7:
aa:6f:d1:80:85:8e:9d:a0:91:4d:86:00:e4:61:79:e9:96:02:
44:42:ff:bb:f0:05:7d:7d:d7:3c:5b:31:3d:8f:ea:d8:1e:9e:
0d:21:77:17:3c:9a:0c:f9:0c:6d:3b:a5:e8:33:3e:2a:8c:03:
09:2f:b2:46:90:a2:15:7f:07:c7:85:a7:46:91:45:1e:8b:b7:
91:7b:66:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+pX4038CSIGKgGtIftmq/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OWIxZjc2YmI1YmFjNmQwYzc5NmJhNDcxMzBjNzY4YjFj
NzNiMWMwHhcNMjQwNTI0MDY1MjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmZkYzQ3Yzc1MWU2OGMyMzBlNjdmNjdlNWIyODhiYzNmMjhkMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl6QG2n3y25fKWMyHJ+dVn6WsSd9
x2h4w4omcMJfMQesuKz5QI6+OtaiqSizT860Cx8gDtKG1L2qZtdq3+NmByQ4yc6P
9HJFkrWRbfQKC2KkyUn4RQNT5VL/W7mYzMryUuEDQOOp7iRkKJTQvGP8LRIYM/XM
Ac503d8esUa9UElKjxAo3o9FTFGeGOUokbSCIcTAnjQGi0zvTni2sQW1nZdOFM4Y
WcscQii5whAyU4l8f1fQ7NbLeqa1surNSc0DSDxINyYbSVwCCPSZJ39Txa/Beiq0
rJStp51Ap0iK2Gx9F+ycqrbjrdcXO0RZaJaQNkce3a3pjwEMKB/n3qpQywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLv9xHx1HmjCMOZ/Z+WyiLw/KNJnMB8GA1UdIwQY
MBaAFMSbH3a7W6xtDHlrpHEwx2ixxzscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEpzZmRydGJyRzBNZVd1a2NUREhhTEhIT3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84Njg2Y2QtMWYxYy00ODQ1LTgxMmQt
NGFkNDAzNWZhZTdiLzEvdV8zRWZIVWVhTUl3NW45bjViS0l2RDhvMG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84Njg2Y2QtMWYxYy00ODQ1LTgxMmQtNGFkNDAzNWZhZTdi
LzEveEpzZmRydGJyRzBNZVd1a2NUREhhTEhIT3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBALCk8QD
BATCk8AwDwQCAAIwCQMHACABBnwuwDANBgkqhkiG9w0BAQsFAAOCAQEADe8MWl1j
+RXnzqJq/J3tOscJPtvcR8JXH/GFSJX6Ms7+i+0G37CrM5xMmZVRRUP+LcTb4cfJ
VoIm3yQVWijV+cLe7a31Ic5vaGaS5XKHZnxhy0tEx316/4ToDzpVQyUopR6GBY8W
yojInhdxQEcylnpjhaxHvBz8aV7BKWziugyLcdaZL7BHggzq2NtKKdN+ZjHO7LMc
aEdM/RqFXULYm61i3D/RXDGcbZcoYcKkkB2tz9r3qm/RgIWOnaCRTYYA5GF56ZYC
REL/u/AFfX3XPFsxPY/q2B6eDSF3FzyaDPkMbTul6DM+KowDCS+yRpCiFX8Hx4Wn
RpFFHou3kXtmXQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:37 2025 by rpki-client