Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/CERoNJz0kMk1a-cuVK_7bC2b_8U.roa
File: CERoNJz0kMk1a-cuVK_7bC2b_8U.roa (raw, json)
Hash identifier: LiQIJNcPuEwWIW+w5ifcUI4u6+IndU03BWFDtTzLjgM=
Subject key identifier: 08:44:68:34:9C:F4:90:C9:35:6B:E7:2E:54:AF:FB:6C:2D:9B:FF:C5
Certificate issuer: /CN=47cf2714f29db80352e9f309ea2e8c528c946bd9
Certificate serial: 018570FB9953D1BAE7DAB988671DED9781A4
Authority key identifier: 47:CF:27:14:F2:9D:B8:03:52:E9:F3:09:EA:2E:8C:52:8C:94:6B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R88nFPKduANS6fMJ6i6MUoyUa9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/CERoNJz0kMk1a-cuVK_7bC2b_8U.roa
Signing time: Mon 02 Jan 2023 05:36:55 +0000
ROA not before: Mon 02 Jan 2023 05:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204861
IP address blocks: 194.169.190.0/24 maxlen: 24
194.169.193.0/24 maxlen: 24
194.169.196.0/24 maxlen: 24
194.169.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:99:53:d1:ba:e7:da:b9:88:67:1d:ed:97:81:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47cf2714f29db80352e9f309ea2e8c528c946bd9
Validity
Not Before: Jan 2 05:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=084468349cf490c9356be72e54affb6c2d9bffc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:54:a6:db:ec:b1:cf:2b:9d:00:9b:eb:2d:79:
3d:aa:38:cf:f0:8e:4e:5f:f7:cd:0b:0f:ab:01:e3:
04:39:db:43:5a:8e:9e:b5:b0:94:93:b6:fe:99:8c:
96:ca:ab:82:78:c3:66:cd:c7:97:92:87:9e:f8:8c:
1e:93:37:ca:c9:d5:2a:48:e3:d1:3c:83:e0:59:b6:
78:0c:bf:63:70:be:19:40:58:a3:62:c8:c2:32:ad:
49:ac:e4:4e:7c:2d:25:cd:cd:a8:c9:b4:58:d5:8b:
d0:e5:ba:11:6c:cd:b2:8a:15:38:ce:78:86:9f:01:
5c:44:d8:75:9e:05:9b:67:b0:74:25:06:cf:2a:7b:
44:6e:67:2b:0c:89:be:34:02:48:c6:a4:b0:1e:46:
0e:d5:0d:d5:62:5d:58:3f:58:b6:65:23:19:b6:79:
c0:07:d7:07:70:f0:1b:ac:3b:fe:3b:82:95:5c:7d:
79:54:34:45:bb:b1:dd:d5:af:a5:95:5e:0e:36:2a:
7e:7f:01:3c:2c:2b:89:d1:78:1f:bf:ee:e2:55:fe:
ac:42:b1:37:44:9a:a6:d2:78:9a:ea:c3:35:87:9f:
a1:80:96:c9:7c:18:d1:56:9e:11:ac:da:9a:c8:ca:
ef:b7:29:ec:70:f3:75:85:02:87:cf:68:e1:36:40:
9d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:44:68:34:9C:F4:90:C9:35:6B:E7:2E:54:AF:FB:6C:2D:9B:FF:C5
X509v3 Authority Key Identifier:
keyid:47:CF:27:14:F2:9D:B8:03:52:E9:F3:09:EA:2E:8C:52:8C:94:6B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R88nFPKduANS6fMJ6i6MUoyUa9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/CERoNJz0kMk1a-cuVK_7bC2b_8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/R88nFPKduANS6fMJ6i6MUoyUa9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.190.0/24
194.169.193.0/24
194.169.196.0/24
194.169.213.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:54:67:7f:0c:dd:f3:20:ce:c6:a6:02:64:5c:f7:03:ef:b8:
5a:42:83:af:ed:88:3d:90:46:29:fd:76:ae:e4:85:e9:26:8b:
2e:81:0d:66:f8:45:1c:ba:6c:d7:ba:5f:eb:00:fb:95:30:84:
8e:86:93:5d:8c:02:41:f1:b2:33:b8:3a:f8:01:24:2f:a3:a2:
fb:e8:33:16:08:03:fa:6a:6b:5c:6b:4f:89:c5:73:e8:91:a5:
66:19:1f:91:4c:e4:92:84:b4:7e:bf:f4:0f:45:59:3c:5d:1b:
d3:b8:27:ee:51:14:fc:f0:f1:b1:ba:2e:ee:9f:55:37:f5:3d:
89:50:f4:e4:3c:69:c5:25:ee:38:fe:11:3d:8c:fa:75:51:0f:
0e:61:49:40:22:c4:5a:3a:57:7f:2f:10:9c:66:68:3b:de:ed:
cc:93:d3:67:c2:84:ac:54:0b:be:77:f2:2b:42:67:bb:78:10:
e0:49:e4:e8:b3:4c:2c:95:91:9b:25:8f:6f:ca:4a:a3:d2:de:
f2:c0:2f:aa:a8:af:cf:11:46:3d:64:11:c0:19:33:7b:16:0d:
ed:47:67:69:2e:6a:17:c6:06:b8:dc:b0:d7:a4:64:4c:6f:45:
77:00:a3:cb:d5:51:fd:38:49:ed:51:a5:b1:cd:52:a2:60:a7:
62:92:3c:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVw+5lT0brn2rmIZx3tl4GkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3Y2YyNzE0ZjI5ZGI4MDM1MmU5ZjMwOWVhMmU4YzUyOGM5
NDZiZDkwHhcNMjMwMTAyMDUzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODQ0NjgzNDljZjQ5MGM5MzU2YmU3MmU1NGFmZmI2YzJkOWJmZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVSm2+yxzyudAJvrLXk9qjjP8I5O
X/fNCw+rAeMEOdtDWo6etbCUk7b+mYyWyquCeMNmzceXkoee+IwekzfKydUqSOPR
PIPgWbZ4DL9jcL4ZQFijYsjCMq1JrOROfC0lzc2oybRY1YvQ5boRbM2yihU4zniG
nwFcRNh1ngWbZ7B0JQbPKntEbmcrDIm+NAJIxqSwHkYO1Q3VYl1YP1i2ZSMZtnnA
B9cHcPAbrDv+O4KVXH15VDRFu7Hd1a+llV4ONip+fwE8LCuJ0Xgfv+7iVf6sQrE3
RJqm0nia6sM1h5+hgJbJfBjRVp4RrNqayMrvtynscPN1hQKHz2jhNkCdNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAhEaDSc9JDJNWvnLlSv+2wtm//FMB8GA1UdIwQY
MBaAFEfPJxTynbgDUunzCeoujFKMlGvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjg4bkZQS2R1QU5TNmZNSjZpNk1Vb3lVYTlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yYjE5MmYtNmNlZS00N2ZhLTgzOTUt
NThhZGY3OGQ4Mjc4LzEvQ0VSb05KejBrTWsxYS1jdVZLXzdiQzJiXzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yYjE5MmYtNmNlZS00N2ZhLTgzOTUtNThhZGY3OGQ4Mjc4
LzEvUjg4bkZQS2R1QU5TNmZNSjZpNk1Vb3lVYTlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwqm+AwQA
wqnBAwQAwqnEAwQAwqnVMA0GCSqGSIb3DQEBCwUAA4IBAQA8VGd/DN3zIM7GpgJk
XPcD77haQoOv7Yg9kEYp/Xau5IXpJosugQ1m+EUcumzXul/rAPuVMISOhpNdjAJB
8bIzuDr4ASQvo6L76DMWCAP6amtca0+JxXPokaVmGR+RTOSShLR+v/QPRVk8XRvT
uCfuURT88PGxui7un1U39T2JUPTkPGnFJe44/hE9jPp1UQ8OYUlAIsRaOld/LxCc
Zmg73u3Mk9NnwoSsVAu+d/IrQme7eBDgSeTos0wslZGbJY9vykqj0t7ywC+qqK/P
EUY9ZBHAGTN7Fg3tR2dpLmoXxga43LDXpGRMb0V3AKPL1VH9OEntUaWxzVKiYKdi
kjyk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:15 2024 by rpki-client on console-fra.rpki-client.org