Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/hVpaxGq1uTdZXsqjU-SrUL4EzGU.roa
File: hVpaxGq1uTdZXsqjU-SrUL4EzGU.roa (raw, json)
Hash identifier: etfakbLEprNc5YO7FUSBTSKg9eVCZl418Ps3HxsNHhw=
Subject key identifier: 85:5A:5A:C4:6A:B5:B9:37:59:5E:CA:A3:53:E4:AB:50:BE:04:CC:65
Certificate issuer: /CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Certificate serial: 01856C6F0771981213CBC84AD5FD5D7E95D1
Authority key identifier: 59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/hVpaxGq1uTdZXsqjU-SrUL4EzGU.roa
Signing time: Sun 01 Jan 2023 08:24:53 +0000
ROA not before: Sun 01 Jan 2023 08:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4755
IP address blocks: 194.104.188.0/24 maxlen: 24
194.104.189.0/24 maxlen: 24
194.104.190.0/24 maxlen: 24
194.104.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:07:71:98:12:13:cb:c8:4a:d5:fd:5d:7e:95:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Validity
Not Before: Jan 1 08:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=855a5ac46ab5b937595ecaa353e4ab50be04cc65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:73:6d:e2:fb:e0:ff:97:a2:95:70:80:d1:
79:31:b5:50:ce:b1:b6:b5:ff:f5:50:ed:b6:82:35:
78:21:50:b1:11:67:7d:6f:ef:6e:87:d0:99:c8:79:
42:ed:a4:aa:aa:fc:da:70:67:a5:34:2b:26:3e:0e:
cd:ba:f1:b9:af:b0:48:63:11:be:d5:45:d4:e1:91:
a4:7f:b8:b6:72:e9:41:25:13:bc:fe:5b:90:65:73:
b3:d0:b2:9b:fc:57:b4:b7:c9:60:5a:e2:02:1e:46:
52:4a:33:bd:9f:c0:93:9e:80:fe:c8:df:c4:b1:03:
06:9c:87:99:3b:a1:50:fc:4c:b2:ce:62:11:af:e4:
03:18:b5:7b:42:37:bc:be:e5:a7:7d:8c:91:a8:ae:
6f:67:99:57:19:37:94:e0:b0:c9:5e:ba:d5:b3:f2:
2d:91:37:63:b5:8a:c6:c1:16:ab:b8:e7:65:15:e8:
5f:6b:36:42:02:f8:28:70:fb:e1:f6:69:b2:c0:05:
04:ea:b5:76:7e:63:52:54:8f:b7:ce:17:c5:b5:fd:
51:d0:95:bd:79:b7:78:1d:e5:18:8f:c7:64:c6:2d:
f1:dc:de:d3:7f:83:fe:fc:37:78:fa:15:de:3f:86:
00:6f:ed:c8:31:85:52:67:72:ef:47:9f:e0:80:ca:
f4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5A:5A:C4:6A:B5:B9:37:59:5E:CA:A3:53:E4:AB:50:BE:04:CC:65
X509v3 Authority Key Identifier:
keyid:59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/hVpaxGq1uTdZXsqjU-SrUL4EzGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/WUmzHrtuTLvQzHcMxvTVD3jw63s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.188.0/22
Signature Algorithm: sha256WithRSAEncryption
77:a2:52:b5:2c:95:36:65:81:6c:2c:e7:af:a5:2a:f2:99:7b:
55:c7:47:a1:4f:bc:65:c5:77:18:25:f5:e0:ec:64:fb:0e:65:
5b:17:4a:c4:1a:65:c9:ff:0e:ef:e0:b0:f4:80:b2:8f:cc:05:
90:99:7b:37:0f:11:69:87:1a:54:fc:22:4f:1f:d9:8f:36:6a:
4a:d8:66:46:b2:7f:16:8a:66:cf:6a:2f:4e:d2:50:ec:6d:af:
59:8e:b8:5b:18:f0:45:ea:8b:69:95:9d:98:ef:db:2c:10:0a:
38:dc:21:64:6d:33:55:6c:7a:39:ad:61:47:6d:39:58:0f:35:
1d:63:2c:a8:e3:6b:f1:60:29:57:bf:07:c3:21:97:b4:cf:f6:
62:f5:fc:95:9a:d6:f6:34:23:a9:a6:90:32:21:78:a4:7b:ba:
5d:0b:63:eb:dd:60:ad:d3:20:61:66:15:c1:e0:25:76:aa:d2:
d5:3a:09:f6:74:e8:b1:42:71:dc:e6:2c:63:93:a1:ea:16:ac:
8d:8e:eb:02:bc:ce:bf:92:45:86:62:5d:20:eb:96:3e:cc:44:
ff:4b:51:23:38:0b:78:fc:a9:0b:34:d2:ad:27:48:27:75:da:
cf:9f:22:fe:72:ca:a7:df:92:a7:59:43:93:da:0f:c8:97:bc:
21:89:68:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbwdxmBITy8hK1f1dfpXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NDliMzFlYmI2ZTRjYmJkMGNjNzcwY2M2ZjRkNTBmNzhm
MGViN2IwHhcNMjMwMTAxMDgyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTVhNWFjNDZhYjViOTM3NTk1ZWNhYTM1M2U0YWI1MGJlMDRjYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt09zbeL74P+XopVwgNF5MbVQzrG2
tf/1UO22gjV4IVCxEWd9b+9uh9CZyHlC7aSqqvzacGelNCsmPg7NuvG5r7BIYxG+
1UXU4ZGkf7i2culBJRO8/luQZXOz0LKb/Fe0t8lgWuICHkZSSjO9n8CTnoD+yN/E
sQMGnIeZO6FQ/EyyzmIRr+QDGLV7Qje8vuWnfYyRqK5vZ5lXGTeU4LDJXrrVs/It
kTdjtYrGwRaruOdlFehfazZCAvgocPvh9mmywAUE6rV2fmNSVI+3zhfFtf1R0JW9
ebd4HeUYj8dkxi3x3N7Tf4P+/Dd4+hXeP4YAb+3IMYVSZ3LvR5/ggMr0NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVaWsRqtbk3WV7Ko1Pkq1C+BMxlMB8GA1UdIwQY
MBaAFFlJsx67bky70Mx3DMb01Q948Ot7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1VtekhydHVUTHZRekhjTXh2VFZEM2p3NjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kZTVhZGQtYWM2OC00ZmIxLTg0MTkt
MzE4MGFlNDI3NGYzLzEvaFZwYXhHcTF1VGRaWHNxalUtU3JVTDRFekdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kZTVhZGQtYWM2OC00ZmIxLTg0MTktMzE4MGFlNDI3NGYz
LzEvV1VtekhydHVUTHZRekhjTXh2VFZEM2p3NjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwmi8MA0G
CSqGSIb3DQEBCwUAA4IBAQB3olK1LJU2ZYFsLOevpSrymXtVx0ehT7xlxXcYJfXg
7GT7DmVbF0rEGmXJ/w7v4LD0gLKPzAWQmXs3DxFphxpU/CJPH9mPNmpK2GZGsn8W
imbPai9O0lDsba9ZjrhbGPBF6otplZ2Y79ssEAo43CFkbTNVbHo5rWFHbTlYDzUd
Yyyo42vxYClXvwfDIZe0z/Zi9fyVmtb2NCOpppAyIXike7pdC2Pr3WCt0yBhZhXB
4CV2qtLVOgn2dOixQnHc5ixjk6HqFqyNjusCvM6/kkWGYl0g65Y+zET/S1EjOAt4
/KkLNNKtJ0gnddrPnyL+csqn35KnWUOT2g/Il7whiWiF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:48 2024 by rpki-client on console-fra.rpki-client.org