Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/I8M16CatcON4EHf4YPlaVVA-vQo.roa
File: I8M16CatcON4EHf4YPlaVVA-vQo.roa (raw, json)
Hash identifier: DI7+HKSAIg7CAcjv0zrfUVxUDZUt1XBl2PF0H7V7Vh4=
Subject key identifier: 23:C3:35:E8:26:AD:70:E3:78:10:77:F8:60:F9:5A:55:50:3E:BD:0A
Certificate issuer: /CN=47cf2714f29db80352e9f309ea2e8c528c946bd9
Certificate serial: 018570FB99C080256B174EBF63C383D77227
Authority key identifier: 47:CF:27:14:F2:9D:B8:03:52:E9:F3:09:EA:2E:8C:52:8C:94:6B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R88nFPKduANS6fMJ6i6MUoyUa9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/I8M16CatcON4EHf4YPlaVVA-vQo.roa
Signing time: Mon 02 Jan 2023 05:36:55 +0000
ROA not before: Mon 02 Jan 2023 05:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212186
IP address blocks: 194.169.190.0/24 maxlen: 24
194.169.196.0/24 maxlen: 24
194.169.193.0/24 maxlen: 24
194.169.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:99:c0:80:25:6b:17:4e:bf:63:c3:83:d7:72:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47cf2714f29db80352e9f309ea2e8c528c946bd9
Validity
Not Before: Jan 2 05:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23c335e826ad70e3781077f860f95a55503ebd0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:03:3e:b3:2e:61:50:8a:f1:44:02:42:3d:09:
b7:52:3b:51:52:7f:d4:86:21:18:fe:ac:63:a3:90:
37:5a:60:f4:e8:4f:0c:c7:70:70:0e:d6:07:be:af:
b4:cb:a8:b0:80:f5:08:74:82:c6:4e:df:42:53:a6:
f6:7a:55:dd:a9:d2:91:5e:63:44:cb:e4:88:70:dc:
5d:8a:67:c1:26:53:e8:30:cc:b9:5e:30:86:82:9c:
70:6a:bf:39:c4:89:1e:bd:32:73:98:0b:0e:d4:85:
b0:78:e7:5e:b2:6f:c2:c3:34:4a:36:a2:17:d5:0d:
f2:a8:f9:ff:a0:af:53:33:13:e6:8f:a2:db:44:70:
15:a1:d0:7b:3e:82:8e:f2:ac:c9:e2:19:29:c4:19:
db:5e:d7:27:94:94:f5:50:63:83:1e:8d:1d:58:60:
52:6b:dc:fc:7f:1e:a5:4a:16:0e:50:aa:b1:bb:25:
2b:00:3b:69:b4:a0:23:5b:d0:a9:7f:2d:3c:2a:a1:
45:cf:ea:f8:01:60:d9:fc:29:9d:ae:7d:7d:16:47:
d6:cf:9f:55:a9:b3:29:d7:87:d1:9f:fa:d3:ef:d7:
1e:cb:f4:cc:e3:36:62:fc:35:e6:e1:f5:5e:df:96:
ce:a1:21:c8:a0:bf:0c:b4:e3:e1:a8:75:b3:2f:b4:
22:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C3:35:E8:26:AD:70:E3:78:10:77:F8:60:F9:5A:55:50:3E:BD:0A
X509v3 Authority Key Identifier:
keyid:47:CF:27:14:F2:9D:B8:03:52:E9:F3:09:EA:2E:8C:52:8C:94:6B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R88nFPKduANS6fMJ6i6MUoyUa9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/I8M16CatcON4EHf4YPlaVVA-vQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/R88nFPKduANS6fMJ6i6MUoyUa9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.190.0/24
194.169.193.0/24
194.169.196.0/24
194.169.213.0/24
Signature Algorithm: sha256WithRSAEncryption
61:22:e8:87:2e:89:05:5c:77:75:03:11:b7:be:8f:19:45:01:
01:f7:59:d5:73:4f:23:45:84:2d:df:8e:19:8c:53:ab:09:90:
b6:b7:82:d2:3e:78:f6:69:c3:16:d6:b0:11:d5:30:9d:56:a0:
5c:bf:2b:1c:c7:e7:eb:17:af:67:8b:2c:f2:a4:5c:1c:b5:a9:
fd:e3:f2:99:a2:f6:21:23:f3:bd:be:15:17:9d:60:ed:a6:65:
62:74:09:ea:97:5e:2c:e2:4e:54:02:9c:cf:47:cd:aa:4a:70:
aa:f2:96:25:fc:f1:40:44:3a:ea:e5:2b:3a:6e:c9:fe:74:7f:
54:0f:bd:94:95:26:61:68:f1:92:b3:eb:f0:3f:6c:49:4a:19:
e9:84:6b:08:ba:ff:6c:2c:a9:e6:92:7e:0d:de:4c:0a:13:bd:
3e:c5:7d:39:df:f6:14:d8:98:1d:cc:6c:0b:37:76:5d:71:eb:
80:92:55:c5:73:21:b2:48:71:aa:7f:d8:a0:35:a1:2e:3e:4a:
e4:b3:a0:3c:f0:20:9a:21:62:d0:f0:a5:77:a7:7b:8d:0d:26:
9b:cd:de:a3:5f:26:d5:cc:57:7f:05:82:33:bf:10:fc:07:19:
6c:84:3d:5f:f9:ed:37:29:c9:d4:90:9c:d4:57:eb:c0:bc:7d:
70:42:b1:20
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVw+5nAgCVrF06/Y8OD13InMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3Y2YyNzE0ZjI5ZGI4MDM1MmU5ZjMwOWVhMmU4YzUyOGM5
NDZiZDkwHhcNMjMwMTAyMDUzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2MzMzVlODI2YWQ3MGUzNzgxMDc3Zjg2MGY5NWE1NTUwM2ViZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggM+sy5hUIrxRAJCPQm3UjtRUn/U
hiEY/qxjo5A3WmD06E8Mx3BwDtYHvq+0y6iwgPUIdILGTt9CU6b2elXdqdKRXmNE
y+SIcNxdimfBJlPoMMy5XjCGgpxwar85xIkevTJzmAsO1IWweOdesm/CwzRKNqIX
1Q3yqPn/oK9TMxPmj6LbRHAVodB7PoKO8qzJ4hkpxBnbXtcnlJT1UGODHo0dWGBS
a9z8fx6lShYOUKqxuyUrADtptKAjW9Cpfy08KqFFz+r4AWDZ/Cmdrn19FkfWz59V
qbMp14fRn/rT79cey/TM4zZi/DXm4fVe35bOoSHIoL8MtOPhqHWzL7Qi2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCPDNegmrXDjeBB3+GD5WlVQPr0KMB8GA1UdIwQY
MBaAFEfPJxTynbgDUunzCeoujFKMlGvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjg4bkZQS2R1QU5TNmZNSjZpNk1Vb3lVYTlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yYjE5MmYtNmNlZS00N2ZhLTgzOTUt
NThhZGY3OGQ4Mjc4LzEvSThNMTZDYXRjT040RUhmNFlQbGFWVkEtdlFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yYjE5MmYtNmNlZS00N2ZhLTgzOTUtNThhZGY3OGQ4Mjc4
LzEvUjg4bkZQS2R1QU5TNmZNSjZpNk1Vb3lVYTlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwqm+AwQA
wqnBAwQAwqnEAwQAwqnVMA0GCSqGSIb3DQEBCwUAA4IBAQBhIuiHLokFXHd1AxG3
vo8ZRQEB91nVc08jRYQt344ZjFOrCZC2t4LSPnj2acMW1rAR1TCdVqBcvyscx+fr
F69niyzypFwctan94/KZovYhI/O9vhUXnWDtpmVidAnql14s4k5UApzPR82qSnCq
8pYl/PFARDrq5Ss6bsn+dH9UD72UlSZhaPGSs+vwP2xJShnphGsIuv9sLKnmkn4N
3kwKE70+xX053/YU2JgdzGwLN3ZdceuAklXFcyGySHGqf9igNaEuPkrks6A88CCa
IWLQ8KV3p3uNDSabzd6jXybVzFd/BYIzvxD8BxlshD1f+e03KcnUkJzUV+vAvH1w
QrEg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:05 2024 by rpki-client on console-ams.rpki-client.org