Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/dc2c04-59f6-4f22-b7bd-fe671c1d5150/1/UiQmRge1Lv0zfXknE9MZzJnVfE0.roa
File: UiQmRge1Lv0zfXknE9MZzJnVfE0.roa (raw, json)
Hash identifier: xbP9LMTvhECvjxUnri9KlTy4783XlPfEobGOXrqS6p0=
Subject key identifier: 52:24:26:46:07:B5:2E:FD:33:7D:79:27:13:D3:19:CC:99:D5:7C:4D
Certificate issuer: /CN=23d34dd3d211e5c2ea7bd2f527a13e1e996820ec
Certificate serial: 018571FA211A78A61CEE0459C36826D42805
Authority key identifier: 23:D3:4D:D3:D2:11:E5:C2:EA:7B:D2:F5:27:A1:3E:1E:99:68:20:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9NN09IR5cLqe9L1J6E-HploIOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/dc2c04-59f6-4f22-b7bd-fe671c1d5150/1/UiQmRge1Lv0zfXknE9MZzJnVfE0.roa
Signing time: Mon 02 Jan 2023 10:14:55 +0000
ROA not before: Mon 02 Jan 2023 10:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205509
IP address blocks: 194.9.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:21:1a:78:a6:1c:ee:04:59:c3:68:26:d4:28:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d34dd3d211e5c2ea7bd2f527a13e1e996820ec
Validity
Not Before: Jan 2 10:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5224264607b52efd337d792713d319cc99d57c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:82:87:b0:19:b8:31:91:50:3f:f4:bc:06:50:
0a:86:2c:de:7b:71:eb:da:4e:f7:e4:e4:47:f0:a2:
26:52:c1:2b:e3:7b:7c:80:0e:23:e1:49:a1:8e:cb:
bb:19:13:84:cf:c2:61:07:35:f3:5e:21:69:c4:4b:
e9:75:c7:af:ea:32:24:09:b5:1a:88:f2:1a:da:88:
30:12:db:8f:31:ba:d1:58:2b:2f:e9:84:c7:d0:16:
3c:82:70:bc:25:45:4e:f0:32:bc:fe:98:44:19:33:
13:d2:f7:df:ef:a7:ea:10:a5:d5:90:da:85:67:c8:
0a:cd:32:c7:1e:a4:d3:37:c7:4a:12:2f:06:4e:09:
ae:9e:1f:0e:a5:df:93:69:29:2a:59:47:b2:18:97:
de:6c:db:f3:b0:94:85:86:a9:7c:85:18:37:dd:99:
ea:3d:1e:22:18:89:56:b4:44:af:83:bd:ff:51:18:
4d:54:4b:ec:a4:82:02:8e:85:16:be:28:eb:19:c9:
e9:4f:f8:85:74:e0:0e:cd:94:b6:47:64:1d:9b:c8:
e2:fe:cb:16:d7:a5:13:b7:8b:67:fd:59:7c:77:75:
6f:b8:12:da:00:5c:48:40:48:af:8c:a6:f2:cd:b2:
9e:fa:7f:2d:f0:26:0e:28:f2:e9:2f:35:90:73:6d:
36:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:24:26:46:07:B5:2E:FD:33:7D:79:27:13:D3:19:CC:99:D5:7C:4D
X509v3 Authority Key Identifier:
keyid:23:D3:4D:D3:D2:11:E5:C2:EA:7B:D2:F5:27:A1:3E:1E:99:68:20:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9NN09IR5cLqe9L1J6E-HploIOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/dc2c04-59f6-4f22-b7bd-fe671c1d5150/1/UiQmRge1Lv0zfXknE9MZzJnVfE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/dc2c04-59f6-4f22-b7bd-fe671c1d5150/1/I9NN09IR5cLqe9L1J6E-HploIOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.29.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:c8:b4:56:fd:f6:63:38:14:78:6f:1e:f0:74:24:3f:29:3a:
4e:f1:0b:ae:2b:a0:20:3a:a9:79:8e:96:02:13:88:52:de:45:
12:05:a0:74:f3:ff:3b:b2:ec:ae:58:9a:67:11:4a:1b:fe:68:
6f:74:30:52:16:25:6c:40:cd:bd:bb:40:b9:7f:32:30:6d:49:
2b:57:94:d0:fa:7c:15:af:98:6b:35:cb:4c:da:61:b4:ee:d5:
dc:c5:f5:fd:b3:d5:8d:a1:a5:45:cc:66:45:be:10:fd:15:02:
1b:97:96:0b:08:ef:c6:52:4a:31:86:5f:15:60:07:78:dc:92:
de:c7:f6:c9:02:ed:95:12:24:40:cc:80:f6:c0:13:b2:74:bc:
e3:48:56:17:11:81:6d:78:3d:d8:b5:86:17:1b:d9:7f:d6:ef:
8d:f6:0f:e7:a0:e0:18:46:17:d4:96:06:7d:6c:4d:44:58:cd:
e2:a8:57:9f:c4:ab:7b:18:35:64:70:b1:ab:fb:fc:c7:87:28:
78:43:27:84:1b:7e:ea:07:dc:d9:5d:0a:2e:8c:36:49:9e:b8:
c6:06:ee:31:0a:c6:a4:84:46:4e:f5:1b:c7:bd:db:8c:50:0f:
9d:ef:b1:be:36:ec:d4:d2:dd:95:3d:3e:18:cf:43:f1:a0:0d:
33:58:59:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+iEaeKYc7gRZw2gm1CgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDM0ZGQzZDIxMWU1YzJlYTdiZDJmNTI3YTEzZTFlOTk2
ODIwZWMwHhcNMjMwMTAyMTAxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjI0MjY0NjA3YjUyZWZkMzM3ZDc5MjcxM2QzMTljYzk5ZDU3YzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloKHsBm4MZFQP/S8BlAKhizee3Hr
2k735ORH8KImUsEr43t8gA4j4Umhjsu7GROEz8JhBzXzXiFpxEvpdcev6jIkCbUa
iPIa2ogwEtuPMbrRWCsv6YTH0BY8gnC8JUVO8DK8/phEGTMT0vff76fqEKXVkNqF
Z8gKzTLHHqTTN8dKEi8GTgmunh8Opd+TaSkqWUeyGJfebNvzsJSFhql8hRg33Znq
PR4iGIlWtESvg73/URhNVEvspIICjoUWvijrGcnpT/iFdOAOzZS2R2Qdm8ji/ssW
16UTt4tn/Vl8d3VvuBLaAFxIQEivjKbyzbKe+n8t8CYOKPLpLzWQc202wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIkJkYHtS79M315JxPTGcyZ1XxNMB8GA1UdIwQY
MBaAFCPTTdPSEeXC6nvS9SehPh6ZaCDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlOTjA5SVI1Y0xxZTlMMUo2RS1IcGxvSU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kYzJjMDQtNTlmNi00ZjIyLWI3YmQt
ZmU2NzFjMWQ1MTUwLzEvVWlRbVJnZTFMdjB6ZlhrbkU5TVp6Sm5WZkUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kYzJjMDQtNTlmNi00ZjIyLWI3YmQtZmU2NzFjMWQ1MTUw
LzEvSTlOTjA5SVI1Y0xxZTlMMUo2RS1IcGxvSU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgkdMA0G
CSqGSIb3DQEBCwUAA4IBAQC/yLRW/fZjOBR4bx7wdCQ/KTpO8QuuK6AgOql5jpYC
E4hS3kUSBaB08/87suyuWJpnEUob/mhvdDBSFiVsQM29u0C5fzIwbUkrV5TQ+nwV
r5hrNctM2mG07tXcxfX9s9WNoaVFzGZFvhD9FQIbl5YLCO/GUkoxhl8VYAd43JLe
x/bJAu2VEiRAzID2wBOydLzjSFYXEYFteD3YtYYXG9l/1u+N9g/noOAYRhfUlgZ9
bE1EWM3iqFefxKt7GDVkcLGr+/zHhyh4QyeEG37qB9zZXQoujDZJnrjGBu4xCsak
hEZO9RvHvduMUA+d77G+NuzU0t2VPT4Yz0PxoA0zWFlA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org