Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/8gIocvmqCCla-KmfRAzxItxXitw.roa
File: 8gIocvmqCCla-KmfRAzxItxXitw.roa (raw, json)
Hash identifier: oemGDQrIHZLhLMMHECK/uyBo/7UkFy53bg39zyKMWwQ=
Subject key identifier: F2:02:28:72:F9:AA:08:29:5A:F8:A9:9F:44:0C:F1:22:DC:57:8A:DC
Certificate issuer: /CN=c5bfa71a5113fed82464776c14371514c9218ef5
Certificate serial: 01857042B40408F467E10E6DA95CF87ED545
Authority key identifier: C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/8gIocvmqCCla-KmfRAzxItxXitw.roa
Signing time: Mon 02 Jan 2023 02:14:57 +0000
ROA not before: Mon 02 Jan 2023 02:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16347
IP address blocks: 194.0.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:b4:04:08:f4:67:e1:0e:6d:a9:5c:f8:7e:d5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5bfa71a5113fed82464776c14371514c9218ef5
Validity
Not Before: Jan 2 02:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2022872f9aa08295af8a99f440cf122dc578adc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:95:63:4f:28:bb:b9:3d:44:dd:9a:ce:0a:33:
01:de:b9:5e:47:64:57:fe:60:bd:72:6f:aa:79:70:
c6:5c:30:98:11:2b:10:60:bf:a0:26:28:3b:a4:79:
00:6c:6f:60:5f:00:f3:91:09:5e:5b:7b:e0:dd:1b:
6b:94:6b:68:1d:cd:ac:5b:e5:b8:42:56:ef:3b:34:
34:44:7f:a5:54:12:93:1e:01:a9:c3:1b:3d:79:e9:
b6:46:30:61:bf:56:0f:cf:f1:c8:03:56:7f:70:81:
b3:b9:4f:fe:31:ef:22:46:8d:be:4f:b3:3a:a1:c2:
ef:16:3f:e9:92:c4:b2:66:9e:57:7a:ad:cb:c4:7e:
e1:72:1e:a7:4c:c0:d7:34:08:83:a2:53:72:26:e5:
e0:21:7e:e0:9d:c5:03:8d:4a:bf:2d:41:e9:4f:e9:
eb:95:dc:99:13:46:7d:d5:aa:c2:13:4b:14:7c:b2:
f3:7e:82:c8:7c:5d:3c:79:c3:4f:e6:c2:ab:c9:ef:
a4:40:52:9b:72:01:f9:9d:c4:25:cb:0c:18:93:b4:
21:40:fd:40:b9:c6:2c:42:f4:cf:97:28:0b:d2:3e:
51:0b:0e:fb:33:43:44:94:2c:5c:2a:ac:eb:c2:4c:
cb:91:90:7e:dc:66:ce:4a:94:d4:16:66:e5:47:5f:
d5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:02:28:72:F9:AA:08:29:5A:F8:A9:9F:44:0C:F1:22:DC:57:8A:DC
X509v3 Authority Key Identifier:
keyid:C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/8gIocvmqCCla-KmfRAzxItxXitw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.153.0/24
Signature Algorithm: sha256WithRSAEncryption
27:21:70:35:63:cf:14:75:2e:9c:ae:fd:20:76:3a:42:bf:59:
9c:82:ee:2a:ba:23:95:95:be:fa:32:2f:83:33:fc:c4:9d:46:
84:d5:14:62:77:6b:d9:14:99:05:43:0b:92:50:5b:aa:55:03:
e9:eb:35:36:42:cf:42:2d:cb:20:dd:fd:51:b0:e8:ac:e7:85:
e9:53:0b:52:9e:80:75:3f:98:bb:9c:60:01:f2:bf:4f:2a:90:
0a:8e:99:97:26:15:dd:d9:1c:17:cd:48:c1:d4:45:e3:c4:69:
c8:e3:62:81:d1:3a:2c:80:94:30:b5:17:ef:78:ba:05:df:ca:
85:36:a4:ac:b2:74:5b:28:e3:b8:37:b8:ff:d1:ac:3d:80:21:
c5:f6:7b:52:41:ac:7e:98:06:0d:e0:3a:0c:d0:09:01:4d:77:
10:60:56:1e:60:10:68:28:91:10:60:4e:01:5c:d6:f3:cf:65:
ba:00:ab:f5:18:f2:d5:b0:8e:06:db:ca:1d:56:28:bd:ef:a8:
c5:75:c8:08:37:a7:db:99:64:82:ca:01:ae:38:a7:6e:f2:96:
e0:35:fa:9e:fe:61:f8:68:50:ec:12:33:5c:05:e2:b8:2b:1d:
ba:06:7d:e8:fa:a0:98:06:5c:5e:fe:f8:94:06:1b:1e:46:6d:
b5:47:5e:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQrQECPRn4Q5tqVz4ftVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmZhNzFhNTExM2ZlZDgyNDY0Nzc2YzE0MzcxNTE0Yzky
MThlZjUwHhcNMjMwMTAyMDIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjAyMjg3MmY5YWEwODI5NWFmOGE5OWY0NDBjZjEyMmRjNTc4YWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJVjTyi7uT1E3ZrOCjMB3rleR2RX
/mC9cm+qeXDGXDCYESsQYL+gJig7pHkAbG9gXwDzkQleW3vg3RtrlGtoHc2sW+W4
QlbvOzQ0RH+lVBKTHgGpwxs9eem2RjBhv1YPz/HIA1Z/cIGzuU/+Me8iRo2+T7M6
ocLvFj/pksSyZp5Xeq3LxH7hch6nTMDXNAiDolNyJuXgIX7gncUDjUq/LUHpT+nr
ldyZE0Z91arCE0sUfLLzfoLIfF08ecNP5sKrye+kQFKbcgH5ncQlywwYk7QhQP1A
ucYsQvTPlygL0j5RCw77M0NElCxcKqzrwkzLkZB+3GbOSpTUFmblR1/V0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPICKHL5qggpWvipn0QM8SLcV4rcMB8GA1UdIwQY
MBaAFMW/pxpRE/7YJGR3bBQ3FRTJIY71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYt
NmZjZTAzMzI1YjNmLzEvOGdJb2N2bXFDQ2xhLUttZlJBenhJdHhYaXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYtNmZjZTAzMzI1YjNm
LzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgCZMA0G
CSqGSIb3DQEBCwUAA4IBAQAnIXA1Y88UdS6crv0gdjpCv1mcgu4quiOVlb76Mi+D
M/zEnUaE1RRid2vZFJkFQwuSUFuqVQPp6zU2Qs9CLcsg3f1RsOis54XpUwtSnoB1
P5i7nGAB8r9PKpAKjpmXJhXd2RwXzUjB1EXjxGnI42KB0TosgJQwtRfveLoF38qF
NqSssnRbKOO4N7j/0aw9gCHF9ntSQax+mAYN4DoM0AkBTXcQYFYeYBBoKJEQYE4B
XNbzz2W6AKv1GPLVsI4G28odVii976jFdcgIN6fbmWSCygGuOKdu8pbgNfqe/mH4
aFDsEjNcBeK4Kx26Bn3o+qCYBlxe/viUBhseRm21R16n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:52 2024 by rpki-client on console-fra.rpki-client.org