Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/1-KMG9VG_-IYBuEDSjF4dNbwY0ys.roa
File: 1-KMG9VG_-IYBuEDSjF4dNbwY0ys.roa (raw, json)
Hash identifier: 9YJJxfSqSw/7kcJi5GqkKRwpq+W4t3YB5RS0Qh5zY94=
Subject key identifier: F8:A3:06:F5:51:BF:F8:86:01:B8:40:D2:8C:5E:1D:35:BC:18:D3:2B
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01891A72CB790B932474A7CF972545390E4F
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/1-KMG9VG_-IYBuEDSjF4dNbwY0ys.roa
Signing time: Mon 03 Jul 2023 06:31:18 +0000
ROA not before: Mon 03 Jul 2023 06:31:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 194.143.211.0/24 maxlen: 24
194.143.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1a:72:cb:79:0b:93:24:74:a7:cf:97:25:45:39:0e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jul 3 06:31:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8a306f551bff88601b840d28c5e1d35bc18d32b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:66:a5:27:63:87:d0:0e:d1:e4:84:17:f8:25:
d7:c9:fb:d7:00:96:6f:90:3e:cf:f0:b6:ab:c4:ed:
c8:7e:9d:54:46:5f:d1:ca:c7:f5:25:25:8c:d6:6a:
ce:2a:69:e4:50:40:e1:3a:17:fd:d8:28:c6:27:3e:
bc:08:0d:b2:60:70:62:54:0f:3b:86:e9:43:86:cc:
5e:2c:83:c3:4b:c0:fd:83:bb:50:d6:e0:17:19:f7:
a4:97:98:74:a4:a3:30:d0:d8:cd:71:94:0f:84:13:
1c:8e:39:d4:09:54:3f:b0:d1:d0:64:8c:f0:61:d0:
55:b0:6c:94:3e:ee:44:1e:c8:1f:a7:e4:99:86:34:
ad:9d:0f:7e:2c:ee:dc:1a:dc:ac:35:c3:58:ad:59:
e3:eb:d2:fd:20:67:3d:6e:16:eb:63:11:6b:ed:1e:
8b:24:9e:1f:6c:4f:78:e3:82:65:6e:b4:1d:12:c7:
9f:d2:34:2e:5f:9d:83:fd:6e:13:b9:f4:cf:13:1a:
d8:37:aa:93:03:d0:d2:fb:54:ad:ce:a2:d9:fa:b3:
31:8d:d6:93:50:ad:ae:bb:c0:1a:79:eb:5c:83:fb:
3b:b6:d9:78:3c:3e:08:70:da:8a:ea:b0:0c:69:1b:
9c:b3:76:00:85:d4:6b:2a:4d:24:67:73:76:c0:9c:
79:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A3:06:F5:51:BF:F8:86:01:B8:40:D2:8C:5E:1D:35:BC:18:D3:2B
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/1-KMG9VG_-IYBuEDSjF4dNbwY0ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.210.0/23
Signature Algorithm: sha256WithRSAEncryption
79:5c:47:66:fc:71:c0:04:2a:3f:ed:99:17:12:c0:11:68:27:
33:7d:b1:b4:5b:e4:8c:cf:47:e6:1a:8b:3c:0a:93:7a:e0:ce:
d6:a9:5b:3e:11:04:95:8c:49:17:67:cf:cd:79:c9:be:57:56:
71:2b:7e:7b:df:0b:75:63:3a:8c:67:da:f1:89:ed:99:23:01:
fe:1e:3d:9a:54:1b:6c:7a:3f:b5:2c:dd:81:ab:6f:19:bb:6e:
3a:cd:0b:c9:5a:1a:7f:b6:2b:80:0e:9b:57:83:15:36:76:c5:
05:b2:97:d6:6e:9a:27:28:29:3e:6b:f4:ac:b0:e7:b8:40:a7:
6c:b0:9c:44:f5:01:75:18:54:85:6c:a1:10:6c:01:da:12:46:
55:eb:14:33:49:19:a2:20:d9:85:e6:14:0c:07:b2:41:96:f2:
56:31:3b:5b:7c:b2:c7:e2:b3:3a:8a:90:e4:c2:7c:06:2c:21:
a7:82:9f:4b:38:a5:b5:35:9e:94:f1:24:74:62:b0:f8:29:3a:
b6:b7:25:83:3a:cb:8e:97:88:2b:08:24:d0:f8:42:48:36:21:
d7:0f:61:f0:68:8a:ae:74:9b:46:c9:ed:58:ea:c1:24:ed:25:
a7:a2:3c:3c:42:5d:8b:31:3a:39:95:74:40:31:e9:fb:33:c2:
fc:a4:2c:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYkacst5C5MkdKfPlyVFOQ5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjMwNzAzMDYzMTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGEzMDZmNTUxYmZmODg2MDFiODQwZDI4YzVlMWQzNWJjMThkMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmalJ2OH0A7R5IQX+CXXyfvXAJZv
kD7P8LarxO3Ifp1URl/Rysf1JSWM1mrOKmnkUEDhOhf92CjGJz68CA2yYHBiVA87
hulDhsxeLIPDS8D9g7tQ1uAXGfekl5h0pKMw0NjNcZQPhBMcjjnUCVQ/sNHQZIzw
YdBVsGyUPu5EHsgfp+SZhjStnQ9+LO7cGtysNcNYrVnj69L9IGc9bhbrYxFr7R6L
JJ4fbE9444JlbrQdEsef0jQuX52D/W4TufTPExrYN6qTA9DS+1StzqLZ+rMxjdaT
UK2uu8Aaeetcg/s7ttl4PD4IcNqK6rAMaRucs3YAhdRrKk0kZ3N2wJx5EQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPijBvVRv/iGAbhA0oxeHTW8GNMrMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvMS1LTUc5VkdfLUlZQnVFRFNqRjRkTmJ3WTB5cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWEvMWY5NDkzLWQ0NjgtNGE3Yy04YzRiLTFkZGVjNGNjZTI0
Yy8xL0JuSGN4Nm1zYzFISEhndkNKNHowWDlBZ3JpNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcKP0jAN
BgkqhkiG9w0BAQsFAAOCAQEAeVxHZvxxwAQqP+2ZFxLAEWgnM32xtFvkjM9H5hqL
PAqTeuDO1qlbPhEElYxJF2fPzXnJvldWcSt+e98LdWM6jGfa8YntmSMB/h49mlQb
bHo/tSzdgatvGbtuOs0LyVoaf7YrgA6bV4MVNnbFBbKX1m6aJygpPmv0rLDnuECn
bLCcRPUBdRhUhWyhEGwB2hJGVesUM0kZoiDZheYUDAeyQZbyVjE7W3yyx+KzOoqQ
5MJ8Biwhp4KfSziltTWelPEkdGKw+Ck6trclgzrLjpeIKwgk0PhCSDYh1w9h8GiK
rnSbRsntWOrBJO0lp6I8PEJdizE6OZV0QDHp+zPC/KQsfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:17 2024 by rpki-client on console-fra.rpki-client.org