Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ee354a-8428-4d86-9824-e5fcebdaa7f2/1/900eQGeWrVicV0zDbLbCUkIuib4.roa
File: 900eQGeWrVicV0zDbLbCUkIuib4.roa (raw, json)
Hash identifier: WHgl4UctkkgaA1A8l5d7D6FeI6hw8A2oG7maVTXgUOw=
Subject key identifier: F7:4D:1E:40:67:96:AD:58:9C:57:4C:C3:6C:B6:C2:52:42:2E:89:BE
Certificate issuer: /CN=66d475bb542f61821be39dbc9b68275d6e0087d4
Certificate serial: 018572B3FE7C64BC1F40CF49F18D44BD0404
Authority key identifier: 66:D4:75:BB:54:2F:61:82:1B:E3:9D:BC:9B:68:27:5D:6E:00:87:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtR1u1QvYYIb4528m2gnXW4Ah9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ee354a-8428-4d86-9824-e5fcebdaa7f2/1/900eQGeWrVicV0zDbLbCUkIuib4.roa
Signing time: Mon 02 Jan 2023 13:37:56 +0000
ROA not before: Mon 02 Jan 2023 13:37:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55002
IP address blocks: 194.37.250.0/23 maxlen: 24
194.39.78.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b3:fe:7c:64:bc:1f:40:cf:49:f1:8d:44:bd:04:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d475bb542f61821be39dbc9b68275d6e0087d4
Validity
Not Before: Jan 2 13:37:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f74d1e406796ad589c574cc36cb6c252422e89be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a9:62:bd:86:22:4c:7c:3a:31:e3:87:cb:db:
fe:d0:3d:0e:43:21:c4:5c:bf:fd:70:b4:f5:fd:30:
41:c2:4f:8a:85:54:15:48:49:cd:1b:92:45:0c:c1:
a6:49:88:9c:a4:25:32:c2:c1:36:b5:6f:ea:0c:a7:
86:68:ed:f7:a4:da:b4:34:cb:67:36:f4:b8:3f:94:
9d:fc:b5:ad:c7:e1:e3:4b:48:4d:25:7d:6f:11:ad:
bd:44:7d:3d:7b:df:07:2f:e0:9c:7d:3a:38:91:2b:
59:6c:2f:eb:04:ba:a1:0a:66:e6:4e:67:ca:3c:41:
6e:81:a4:6e:be:1b:fd:2d:74:41:45:41:1a:73:27:
04:7f:2c:cc:04:fd:90:40:c3:2d:f2:1d:69:c5:43:
82:57:dd:28:2e:fe:24:1e:86:7f:1e:98:68:34:ac:
46:70:cf:49:14:8a:e4:7f:1e:34:ae:a6:4c:14:97:
f7:13:47:e4:ff:98:bd:56:78:f7:b6:e9:79:cc:97:
50:bc:f1:ba:d8:31:36:4d:20:84:3a:1c:fa:28:53:
49:40:54:fe:c6:f3:39:10:54:93:af:80:1a:21:c9:
f4:49:19:5f:d9:fd:7a:23:a6:fe:d6:55:a1:3f:f2:
a5:58:4c:04:e3:dd:77:75:5c:a1:52:72:9f:b4:54:
d1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4D:1E:40:67:96:AD:58:9C:57:4C:C3:6C:B6:C2:52:42:2E:89:BE
X509v3 Authority Key Identifier:
keyid:66:D4:75:BB:54:2F:61:82:1B:E3:9D:BC:9B:68:27:5D:6E:00:87:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtR1u1QvYYIb4528m2gnXW4Ah9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee354a-8428-4d86-9824-e5fcebdaa7f2/1/900eQGeWrVicV0zDbLbCUkIuib4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee354a-8428-4d86-9824-e5fcebdaa7f2/1/ZtR1u1QvYYIb4528m2gnXW4Ah9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.37.250.0/23
194.39.78.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:74:a0:d9:89:e8:28:c4:aa:68:07:ec:88:53:9f:2b:b1:92:
a5:2a:46:c6:8e:6c:a4:e4:70:e3:fa:75:51:31:65:61:fe:88:
ae:62:89:37:54:32:96:4d:61:00:94:53:8b:2e:27:68:c4:3e:
c6:1c:a7:17:6d:23:27:19:a5:c7:4e:df:61:fd:c0:a0:4d:76:
a8:a7:2b:43:2c:dd:63:0a:82:47:17:af:d5:c7:98:9b:61:ec:
34:11:6f:a5:70:89:fa:12:7f:7f:9e:94:a4:2e:d1:6b:5d:f7:
f2:f0:4f:cb:d7:21:63:f1:1f:80:0e:c4:62:9f:35:9f:45:e6:
c8:4b:d9:e8:d5:5a:6e:f5:60:6b:0a:d9:71:d0:f6:e8:c8:ff:
10:8b:67:b1:ec:27:34:e3:4b:7b:94:4f:1a:85:2c:a9:fc:e3:
9e:cd:1f:7c:e0:77:8d:84:61:12:60:e6:c0:7f:66:d9:1a:fd:
eb:19:32:0a:19:ef:71:53:2e:58:7b:87:80:d8:c6:4a:8c:a2:
ad:6f:1d:5a:3d:07:28:ff:a3:35:c7:5e:f4:07:e0:03:85:45:
40:f5:31:66:b1:f1:1a:86:6f:35:4b:85:a6:32:e5:e1:cc:b2:
f2:c9:d0:31:d0:5f:78:93:a3:ca:18:78:fb:1d:92:be:a8:39:
c3:bb:5a:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVys/58ZLwfQM9J8Y1EvQQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDQ3NWJiNTQyZjYxODIxYmUzOWRiYzliNjgyNzVkNmUw
MDg3ZDQwHhcNMjMwMTAyMTMzNzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzRkMWU0MDY3OTZhZDU4OWM1NzRjYzM2Y2I2YzI1MjQyMmU4OWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhalivYYiTHw6MeOHy9v+0D0OQyHE
XL/9cLT1/TBBwk+KhVQVSEnNG5JFDMGmSYicpCUywsE2tW/qDKeGaO33pNq0NMtn
NvS4P5Sd/LWtx+HjS0hNJX1vEa29RH09e98HL+CcfTo4kStZbC/rBLqhCmbmTmfK
PEFugaRuvhv9LXRBRUEacycEfyzMBP2QQMMt8h1pxUOCV90oLv4kHoZ/HphoNKxG
cM9JFIrkfx40rqZMFJf3E0fk/5i9Vnj3tul5zJdQvPG62DE2TSCEOhz6KFNJQFT+
xvM5EFSTr4AaIcn0SRlf2f16I6b+1lWhP/KlWEwE4913dVyhUnKftFTRxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPdNHkBnlq1YnFdMw2y2wlJCLom+MB8GA1UdIwQY
MBaAFGbUdbtUL2GCG+OdvJtoJ11uAIfUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRSMXUxUXZZWUliNDUyOG0yZ25YVzRBaDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lZTM1NGEtODQyOC00ZDg2LTk4MjQt
ZTVmY2ViZGFhN2YyLzEvOTAwZVFHZVdyVmljVjB6RGJMYkNVa0l1aWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lZTM1NGEtODQyOC00ZDg2LTk4MjQtZTVmY2ViZGFhN2Yy
LzEvWnRSMXUxUXZZWUliNDUyOG0yZ25YVzRBaDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwiX6AwQB
widOMA0GCSqGSIb3DQEBCwUAA4IBAQCOdKDZiegoxKpoB+yIU58rsZKlKkbGjmyk
5HDj+nVRMWVh/oiuYok3VDKWTWEAlFOLLidoxD7GHKcXbSMnGaXHTt9h/cCgTXao
pytDLN1jCoJHF6/Vx5ibYew0EW+lcIn6En9/npSkLtFrXffy8E/L1yFj8R+ADsRi
nzWfRebIS9no1Vpu9WBrCtlx0PboyP8Qi2ex7Cc040t7lE8ahSyp/OOezR984HeN
hGESYObAf2bZGv3rGTIKGe9xUy5Ye4eA2MZKjKKtbx1aPQco/6M1x170B+ADhUVA
9TFmsfEahm81S4WmMuXhzLLyydAx0F94k6PKGHj7HZK+qDnDu1pW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:23 2024 by rpki-client on console-fra.rpki-client.org