Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/f2kf62TIo_NsRe00y-MR7zSioYc.roa
File: f2kf62TIo_NsRe00y-MR7zSioYc.roa (raw, json)
Hash identifier: Nnsgz/eNOJNezG5xfkSR/mdc6UJRMhNQ3hEY9e5EaNs=
Subject key identifier: 7F:69:1F:EB:64:C8:A3:F3:6C:45:ED:34:CB:E3:11:EF:34:A2:A1:87
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 018E98B5F42F94BD6B113B99D25FD2DAC33D
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/f2kf62TIo_NsRe00y-MR7zSioYc.roa
Signing time: Mon 01 Apr 2024 08:10:45 +0000
ROA not before: Mon 01 Apr 2024 08:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.143.214.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 11:59:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:98:b5:f4:2f:94:bd:6b:11:3b:99:d2:5f:d2:da:c3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 1 08:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f691feb64c8a3f36c45ed34cbe311ef34a2a187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:75:82:0a:24:de:35:54:70:44:e0:ee:ad:fc:
3d:1b:6d:cc:59:d3:e9:3d:0c:b3:73:55:71:f9:a5:
12:98:83:b3:17:93:8e:eb:d3:cc:12:95:14:5c:0e:
32:ab:52:85:90:42:cf:43:d3:51:8f:11:7a:b0:3b:
0b:6c:a8:7e:11:7a:d0:84:fa:27:a8:b3:cf:47:f2:
02:9a:71:d0:a9:e3:a5:5f:e1:fc:86:e2:7d:89:19:
cf:4b:6d:38:4f:d0:cb:07:f1:28:e7:47:52:cc:5d:
a3:a1:30:60:bb:e9:d0:a0:e9:f5:9c:27:ca:7c:c4:
35:72:83:4e:ab:aa:51:94:82:e7:0a:bd:d3:21:1b:
15:54:01:a3:db:f2:c8:9c:23:d9:76:7d:19:ea:b4:
9a:d1:d8:32:ac:fb:d4:e4:4a:cf:43:74:a0:0a:f1:
bc:6e:aa:dc:f5:b9:b8:bc:54:a5:1b:7d:01:3d:e0:
74:bf:5a:a9:b1:6e:7e:98:c6:da:67:91:3a:0a:86:
59:90:18:ae:e8:a5:ae:c1:f2:4f:91:96:90:1f:6e:
b7:3d:a3:9a:1f:a6:42:09:01:48:21:b2:21:ab:a8:
c8:4d:2d:e4:e9:3a:c6:70:c2:4e:ab:ac:3b:b1:a2:
12:e0:a5:d9:23:2a:66:25:50:21:1e:1c:a9:ab:e0:
68:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:69:1F:EB:64:C8:A3:F3:6C:45:ED:34:CB:E3:11:EF:34:A2:A1:87
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/f2kf62TIo_NsRe00y-MR7zSioYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.214.0/24
195.114.192.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:3a:95:2b:83:7c:a7:22:e5:13:b7:dc:a6:1e:19:bc:16:4b:
b5:17:69:b8:c6:8f:aa:e1:26:9f:e6:6c:3f:7e:22:78:69:df:
8d:2d:21:68:10:00:98:e5:7a:c9:f4:34:5c:ae:87:a9:38:fa:
f1:35:bc:01:88:6d:88:96:00:cf:28:a8:ef:db:1f:f6:db:db:
e6:73:69:9c:b6:86:ef:7c:bf:d2:72:b9:bd:84:96:4a:9b:71:
19:55:29:4a:c4:78:76:3a:da:2b:9d:72:cf:a4:20:45:43:76:
20:bc:ad:55:c6:f2:5c:07:27:80:31:97:1f:ce:70:c5:50:06:
54:86:dd:41:eb:38:34:7b:ed:86:ef:b6:1d:40:96:4a:5e:98:
ed:fc:bb:e8:78:a2:d3:fe:8e:41:13:6a:c9:95:f3:07:4c:bd:
78:2b:0a:97:e9:7f:d5:e6:8a:46:4d:be:61:4b:1e:21:49:93:
5e:41:72:61:2c:43:53:75:09:e5:b8:76:3c:fe:b0:de:00:34:
f6:d2:5f:f4:5b:20:b7:36:e8:5c:2b:8f:27:96:0f:55:a0:10:
bc:1b:e0:1c:79:df:d7:ee:e3:65:9e:fd:50:fa:29:b3:4e:19:
e7:70:85:a6:2e:b2:b2:a6:e1:6a:25:e3:ee:62:d3:03:d4:e8:
1f:81:a4:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6YtfQvlL1rETuZ0l/S2sM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwNDAxMDgxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjY5MWZlYjY0YzhhM2YzNmM0NWVkMzRjYmUzMTFlZjM0YTJhMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHWCCiTeNVRwRODurfw9G23MWdPp
PQyzc1Vx+aUSmIOzF5OO69PMEpUUXA4yq1KFkELPQ9NRjxF6sDsLbKh+EXrQhPon
qLPPR/ICmnHQqeOlX+H8huJ9iRnPS204T9DLB/Eo50dSzF2joTBgu+nQoOn1nCfK
fMQ1coNOq6pRlILnCr3TIRsVVAGj2/LInCPZdn0Z6rSa0dgyrPvU5ErPQ3SgCvG8
bqrc9bm4vFSlG30BPeB0v1qpsW5+mMbaZ5E6CoZZkBiu6KWuwfJPkZaQH263PaOa
H6ZCCQFIIbIhq6jITS3k6TrGcMJOq6w7saIS4KXZIypmJVAhHhypq+BoyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH9pH+tkyKPzbEXtNMvjEe80oqGHMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvZjJrZjYyVElvX05zUmUwMHktTVI3elNpb1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwo/WAwQA
w3LAMA0GCSqGSIb3DQEBCwUAA4IBAQBsOpUrg3ynIuUTt9ymHhm8Fku1F2m4xo+q
4Saf5mw/fiJ4ad+NLSFoEACY5XrJ9DRcroepOPrxNbwBiG2IlgDPKKjv2x/229vm
c2mctobvfL/Scrm9hJZKm3EZVSlKxHh2OtornXLPpCBFQ3YgvK1VxvJcByeAMZcf
znDFUAZUht1B6zg0e+2G77YdQJZKXpjt/LvoeKLT/o5BE2rJlfMHTL14KwqX6X/V
5opGTb5hSx4hSZNeQXJhLENTdQnluHY8/rDeADT20l/0WyC3NuhcK48nlg9VoBC8
G+Aced/X7uNlnv1Q+imzThnncIWmLrKypuFqJePuYtMD1OgfgaSJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:40 2024 by rpki-client on console-ams.rpki-client.org