Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/d98PdTNX0rKg3lIFqxV52-H7cCI.roa
File: d98PdTNX0rKg3lIFqxV52-H7cCI.roa (raw, json)
Hash identifier: Oy0PjDnxEzx/8s0yAh7fZgt/dz+5SWQH9+14qsQHSBk=
Subject key identifier: 77:DF:0F:75:33:57:D2:B2:A0:DE:52:05:AB:15:79:DB:E1:FB:70:22
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0190A0895A13C25F324ED83D7B6D0C3DB075
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/d98PdTNX0rKg3lIFqxV52-H7cCI.roa
Signing time: Thu 11 Jul 2024 06:44:34 +0000
ROA not before: Thu 11 Jul 2024 06:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.143.214.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jul 2024 06:37:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a0:89:5a:13:c2:5f:32:4e:d8:3d:7b:6d:0c:3d:b0:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jul 11 06:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77df0f753357d2b2a0de5205ab1579dbe1fb7022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7f:79:32:7f:a1:9b:6f:2c:cc:fd:d6:04:49:
60:0c:9c:aa:5c:7a:d0:1b:4b:f4:2e:f6:75:3d:49:
86:b2:ae:f2:02:92:fd:50:f2:d5:f6:cd:fd:a6:d5:
24:d9:c4:46:3b:bf:f3:38:ff:b5:36:a7:7b:0a:ba:
ba:3c:25:91:e8:44:10:2d:99:5e:59:55:18:15:9c:
e1:47:dc:63:78:c2:0c:3b:eb:8d:31:32:79:67:66:
e5:37:58:f9:1b:40:ce:0b:6a:d4:7b:c3:75:a9:06:
a8:4e:98:56:c4:8a:a5:fd:73:b0:a1:2e:c7:87:0a:
26:97:bc:61:d7:bf:df:c9:b8:6b:b7:15:85:1e:8e:
ce:63:38:6a:40:a2:83:c0:db:d2:3b:57:f2:46:49:
15:d8:9b:4d:06:5c:f9:79:80:8b:be:85:98:74:c8:
a4:97:50:8b:b3:3e:36:46:6b:b3:c0:23:36:3a:0c:
35:76:42:db:5c:3d:b6:74:8f:7e:32:dc:2a:74:ef:
ec:8a:4f:92:df:5b:b7:ff:4c:e1:03:78:8d:43:d1:
fd:09:93:5d:a6:ae:25:76:16:23:64:9c:50:3d:72:
a9:2f:ab:fd:77:6b:e8:33:8a:cd:5f:28:bb:e3:8a:
db:9f:a2:9c:38:da:af:14:01:9c:a4:44:d9:64:41:
a4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DF:0F:75:33:57:D2:B2:A0:DE:52:05:AB:15:79:DB:E1:FB:70:22
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/d98PdTNX0rKg3lIFqxV52-H7cCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.214.0/24
195.114.195.0/24
195.114.200.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ac:57:a2:97:a3:c6:be:22:50:dd:6b:18:2f:f5:31:5d:ed:
96:62:6f:62:50:79:1b:97:1c:97:59:66:1c:1b:d1:5f:35:25:
0a:71:1b:c5:8d:08:88:2b:9a:9b:6f:97:d2:0d:7a:d6:78:51:
ef:57:1a:29:93:ea:6d:3e:20:f7:a9:bd:4d:58:a1:c0:f8:c4:
b4:5c:9f:39:6c:2e:86:49:ac:d6:2b:24:e4:e3:99:ef:ee:86:
e7:e4:ae:e2:a2:7e:7b:0d:41:c7:60:ea:61:88:f7:7d:e1:5f:
46:25:8e:78:a6:36:48:f1:19:5c:13:5f:40:80:a7:f8:1b:31:
5d:41:bf:1a:c1:a4:8a:5d:74:cb:a8:f1:53:30:39:57:fb:da:
ac:2f:ee:2f:b7:75:33:c2:61:f8:cc:a3:b7:17:9a:4a:78:ca:
c8:63:97:8f:ea:5c:c1:77:d5:ce:36:b1:f9:ef:56:7f:d0:3f:
6f:b5:df:f0:dc:f9:14:bb:bb:49:22:34:61:90:87:ad:a2:ef:
22:33:f2:3a:7c:99:08:10:a3:dd:38:1a:f3:7c:8c:58:bd:07:
68:f6:4c:f6:b3:5e:e7:b2:bd:ea:46:16:f2:76:b6:fb:65:46:
44:12:d3:5e:d8:8c:3c:84:4c:d9:12:91:c3:09:5b:85:ab:e3:
88:2e:49:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCgiVoTwl8yTtg9e20MPbB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwNzExMDY0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RmMGY3NTMzNTdkMmIyYTBkZTUyMDVhYjE1NzlkYmUxZmI3MDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz395Mn+hm28szP3WBElgDJyqXHrQ
G0v0LvZ1PUmGsq7yApL9UPLV9s39ptUk2cRGO7/zOP+1Nqd7Crq6PCWR6EQQLZle
WVUYFZzhR9xjeMIMO+uNMTJ5Z2blN1j5G0DOC2rUe8N1qQaoTphWxIql/XOwoS7H
hwoml7xh17/fybhrtxWFHo7OYzhqQKKDwNvSO1fyRkkV2JtNBlz5eYCLvoWYdMik
l1CLsz42RmuzwCM2Ogw1dkLbXD22dI9+MtwqdO/sik+S31u3/0zhA3iNQ9H9CZNd
pq4ldhYjZJxQPXKpL6v9d2voM4rNXyi744rbn6KcONqvFAGcpETZZEGkowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHffD3UzV9KyoN5SBasVedvh+3AiMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvZDk4UGRUTlgwcktnM2xJRnF4VjUyLUg3Y0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwo/WAwQA
w3LDAwQAw3LIMA0GCSqGSIb3DQEBCwUAA4IBAQAYrFeil6PGviJQ3WsYL/UxXe2W
Ym9iUHkblxyXWWYcG9FfNSUKcRvFjQiIK5qbb5fSDXrWeFHvVxopk+ptPiD3qb1N
WKHA+MS0XJ85bC6GSazWKyTk45nv7obn5K7ion57DUHHYOphiPd94V9GJY54pjZI
8RlcE19AgKf4GzFdQb8awaSKXXTLqPFTMDlX+9qsL+4vt3UzwmH4zKO3F5pKeMrI
Y5eP6lzBd9XONrH571Z/0D9vtd/w3PkUu7tJIjRhkIetou8iM/I6fJkIEKPdOBrz
fIxYvQdo9kz2s17nsr3qRhbydrb7ZUZEEtNe2Iw8hEzZEpHDCVuFq+OILkkM
-----END CERTIFICATE-----
Generated at Mon Jul 15 08:34:30 2024 by rpki-client on console-fra.rpki-client.org