Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/XOjCRHCrXiDbqpAMkEqGvy02fY4.roa
File: XOjCRHCrXiDbqpAMkEqGvy02fY4.roa (raw, json)
Hash identifier: y1AWrYRRDwebu3QEVm2b13cY6PlR+YOkV6SoUcN+K0E=
Subject key identifier: 5C:E8:C2:44:70:AB:5E:20:DB:AA:90:0C:90:4A:86:BF:2D:36:7D:8E
Certificate issuer: /CN=ffbe256565e1c27c4b26560190e9978286a82b52
Certificate serial: 018572311012D9BC54E2DE8C966410263143
Authority key identifier: FF:BE:25:65:65:E1:C2:7C:4B:26:56:01:90:E9:97:82:86:A8:2B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_74lZWXhwnxLJlYBkOmXgoaoK1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/XOjCRHCrXiDbqpAMkEqGvy02fY4.roa
Signing time: Mon 02 Jan 2023 11:14:56 +0000
ROA not before: Mon 02 Jan 2023 11:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201080
IP address blocks: 194.146.205.0/24 maxlen: 24
194.146.206.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:10:12:d9:bc:54:e2:de:8c:96:64:10:26:31:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffbe256565e1c27c4b26560190e9978286a82b52
Validity
Not Before: Jan 2 11:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ce8c24470ab5e20dbaa900c904a86bf2d367d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f0:3a:4b:6f:15:aa:5f:eb:22:1b:ad:cd:57:
04:67:47:c4:f0:ab:f6:3c:de:d4:9b:dc:18:2d:a2:
55:81:36:90:fd:9c:89:c8:8a:f3:8b:4a:77:08:e2:
1d:d7:27:f1:2c:0f:c2:ba:cb:95:90:a0:55:da:18:
b1:b8:61:d0:3c:0c:54:3b:87:69:70:23:12:18:45:
51:50:26:e0:2a:67:eb:52:8a:96:d8:e0:35:bd:3d:
56:cc:04:b3:cc:7d:34:44:97:61:d6:91:75:1a:a6:
7c:09:83:0f:f1:67:7a:69:9a:ea:f1:71:c4:b0:f3:
ce:69:bf:34:5e:f8:2e:93:69:98:d5:b2:0d:39:b5:
e9:8d:f6:3e:74:01:7c:dd:32:7e:18:40:91:4d:dc:
69:05:4c:65:99:86:1e:4a:6d:c1:57:6e:70:c6:47:
e5:50:8e:a5:27:6a:4b:4a:fe:4b:af:62:f4:1a:4c:
26:6c:dd:94:cf:70:25:2c:7b:c2:c4:51:c6:c7:c9:
98:10:c1:7f:e0:7d:41:6f:e5:59:c3:21:8b:89:60:
3e:32:00:e1:74:59:a2:8a:73:c6:d1:be:bb:63:9a:
97:c7:76:04:7f:7f:49:f3:fa:35:9b:a8:d3:47:6f:
73:86:aa:e6:8d:a6:7b:e9:bc:32:bf:a6:81:b1:2a:
1d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E8:C2:44:70:AB:5E:20:DB:AA:90:0C:90:4A:86:BF:2D:36:7D:8E
X509v3 Authority Key Identifier:
keyid:FF:BE:25:65:65:E1:C2:7C:4B:26:56:01:90:E9:97:82:86:A8:2B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_74lZWXhwnxLJlYBkOmXgoaoK1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/XOjCRHCrXiDbqpAMkEqGvy02fY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/_74lZWXhwnxLJlYBkOmXgoaoK1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.205.0-194.146.207.255
Signature Algorithm: sha256WithRSAEncryption
0f:f0:ab:71:90:11:0e:7a:00:17:af:a0:b0:f5:67:b6:5f:d4:
9b:50:00:47:ca:34:2f:5a:57:6b:96:24:57:3c:24:38:c5:0f:
6c:b6:b7:7f:70:87:7b:76:36:e1:ed:d1:2b:2c:00:99:9b:c7:
c4:fc:74:94:1c:9f:46:dd:b9:59:da:7c:8a:ff:fe:c8:aa:18:
8a:4b:30:87:f9:a0:3e:24:67:39:ad:e7:ca:fc:cb:c0:18:ab:
32:29:19:28:bc:a4:1b:25:d8:0e:ae:73:85:18:b7:76:d9:80:
8c:9b:c5:97:83:4c:71:f8:72:f8:40:6d:3d:94:b2:e3:23:35:
97:8d:7e:37:ac:59:77:fb:35:7b:3b:23:19:da:04:43:f5:e5:
96:cd:d6:0b:30:23:36:25:1d:35:67:f3:4b:a1:88:88:c5:a3:
90:94:7b:3d:82:5e:90:05:cf:f0:6a:91:6d:26:de:7e:0d:99:
aa:b0:40:87:0b:fe:ec:b8:62:d3:e5:1c:9c:a9:81:41:1a:b2:
31:59:5a:8a:99:3f:72:b9:91:c4:5f:1f:44:19:c5:94:65:a7:
8f:1c:37:6a:ae:78:15:ec:e0:e7:d2:72:e7:93:46:64:f1:d1:
91:40:c2:9e:25:11:a7:02:0b:39:e4:0a:7f:0c:46:50:0e:39:
77:8d:c8:0d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVyMRAS2bxU4t6MlmQQJjFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYmUyNTY1NjVlMWMyN2M0YjI2NTYwMTkwZTk5NzgyODZh
ODJiNTIwHhcNMjMwMTAyMTExNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U4YzI0NDcwYWI1ZTIwZGJhYTkwMGM5MDRhODZiZjJkMzY3ZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/A6S28Vql/rIhutzVcEZ0fE8Kv2
PN7Um9wYLaJVgTaQ/ZyJyIrzi0p3COId1yfxLA/CusuVkKBV2hixuGHQPAxUO4dp
cCMSGEVRUCbgKmfrUoqW2OA1vT1WzASzzH00RJdh1pF1GqZ8CYMP8Wd6aZrq8XHE
sPPOab80Xvguk2mY1bINObXpjfY+dAF83TJ+GECRTdxpBUxlmYYeSm3BV25wxkfl
UI6lJ2pLSv5Lr2L0GkwmbN2Uz3AlLHvCxFHGx8mYEMF/4H1Bb+VZwyGLiWA+MgDh
dFmiinPG0b67Y5qXx3YEf39J8/o1m6jTR29zhqrmjaZ76bwyv6aBsSodzwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFzowkRwq14g26qQDJBKhr8tNn2OMB8GA1UdIwQY
MBaAFP++JWVl4cJ8SyZWAZDpl4KGqCtSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzc0bFpXWGh3bnhMSmxZQmtPbVhnb2FvSzFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8yN2M5MjgtMDJmZS00MDUyLTlkNjUt
YjFmYzIwODNjOTA2LzEvWE9qQ1JIQ3JYaURicXBBTWtFcUd2eTAyZlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8yN2M5MjgtMDJmZS00MDUyLTlkNjUtYjFmYzIwODNjOTA2
LzEvXzc0bFpXWGh3bnhMSmxZQmtPbVhnb2FvSzFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCks0D
BATCksAwDQYJKoZIhvcNAQELBQADggEBAA/wq3GQEQ56ABevoLD1Z7Zf1JtQAEfK
NC9aV2uWJFc8JDjFD2y2t39wh3t2NuHt0SssAJmbx8T8dJQcn0bduVnafIr//siq
GIpLMIf5oD4kZzmt58r8y8AYqzIpGSi8pBsl2A6uc4UYt3bZgIybxZeDTHH4cvhA
bT2UsuMjNZeNfjesWXf7NXs7IxnaBEP15ZbN1gswIzYlHTVn80uhiIjFo5CUez2C
XpAFz/BqkW0m3n4NmaqwQIcL/uy4YtPlHJypgUEasjFZWoqZP3K5kcRfH0QZxZRl
p48cN2queBXs4OfScueTRmTx0ZFAwp4lEacCCznkCn8MRlAOOXeNyA0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:42 2024 by rpki-client on console-ams.rpki-client.org