Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b63517-3f1e-451e-8850-8db0efb5620a/1/bo5AVrtMbf6OGcjUqZaw9p-N_mI.roa
File: bo5AVrtMbf6OGcjUqZaw9p-N_mI.roa (raw, json)
Hash identifier: R5ClnpKd0Ayy9wXDPJwkW0EDdq6nB6ctkJC7KrxHfFY=
Subject key identifier: 6E:8E:40:56:BB:4C:6D:FE:8E:19:C8:D4:A9:96:B0:F6:9F:8D:FE:62
Certificate issuer: /CN=a800ba639e65dbdcc690f58a5a740641b4ff88d4
Certificate serial: 0185CFA381CE3386881FA2C4A756B70A5D18
Authority key identifier: A8:00:BA:63:9E:65:DB:DC:C6:90:F5:8A:5A:74:06:41:B4:FF:88:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qAC6Y55l29zGkPWKWnQGQbT_iNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b63517-3f1e-451e-8850-8db0efb5620a/1/bo5AVrtMbf6OGcjUqZaw9p-N_mI.roa
Signing time: Fri 20 Jan 2023 14:44:37 +0000
ROA not before: Fri 20 Jan 2023 14:44:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207794
IP address blocks: 194.113.139.0/24 maxlen: 24
194.113.140.0/24 maxlen: 24
194.113.142.0/24 maxlen: 24
194.113.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:a3:81:ce:33:86:88:1f:a2:c4:a7:56:b7:0a:5d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a800ba639e65dbdcc690f58a5a740641b4ff88d4
Validity
Not Before: Jan 20 14:44:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e8e4056bb4c6dfe8e19c8d4a996b0f69f8dfe62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:07:2e:0e:d6:cb:9c:09:c2:8d:81:f3:5a:29:
d4:ec:dc:78:d6:73:c7:b9:73:3c:72:34:dc:74:e5:
0e:9d:d0:13:1d:3d:7a:e2:cd:5c:b0:1d:3e:b5:b6:
b3:86:29:55:b9:e0:2b:f4:bd:9d:8c:75:cb:fe:94:
e4:be:73:4a:c7:a9:0a:d0:0e:b2:32:73:6f:80:25:
24:80:08:ae:38:72:70:f8:99:02:c9:70:e8:16:49:
25:bd:4c:26:5e:da:9e:05:85:d3:f2:69:cb:cb:79:
5d:5b:d7:7f:ca:75:87:68:fe:c2:b7:a9:7f:77:67:
31:0f:31:40:38:5b:9e:36:17:c8:e8:65:d8:c3:10:
26:59:8f:d3:d7:20:10:61:c3:67:57:02:4e:b4:cb:
1e:75:48:85:9c:87:7c:24:23:2b:9d:2f:be:c3:c4:
a2:fc:c9:ee:94:26:48:11:18:91:25:04:04:30:df:
30:91:98:e5:3e:c0:0b:0c:97:f6:c5:97:f0:4b:97:
7b:1a:68:f8:d9:87:e1:1b:c8:94:d4:9b:4b:dc:f8:
61:f5:10:53:85:09:2b:c4:12:e6:20:69:4f:81:f7:
ed:03:34:9c:9d:cc:73:5f:ad:b0:1b:b6:a2:42:26:
6e:ff:d1:f9:06:c0:7c:da:1f:fb:17:04:6b:8d:8f:
c3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8E:40:56:BB:4C:6D:FE:8E:19:C8:D4:A9:96:B0:F6:9F:8D:FE:62
X509v3 Authority Key Identifier:
keyid:A8:00:BA:63:9E:65:DB:DC:C6:90:F5:8A:5A:74:06:41:B4:FF:88:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qAC6Y55l29zGkPWKWnQGQbT_iNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b63517-3f1e-451e-8850-8db0efb5620a/1/bo5AVrtMbf6OGcjUqZaw9p-N_mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b63517-3f1e-451e-8850-8db0efb5620a/1/qAC6Y55l29zGkPWKWnQGQbT_iNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.139.0-194.113.140.255
194.113.142.0/24
194.113.155.0/24
Signature Algorithm: sha256WithRSAEncryption
21:be:71:c1:05:04:ef:8f:62:4e:a1:ec:8f:ff:ff:52:98:a5:
44:0f:46:96:37:4c:07:82:41:60:d8:52:f6:ff:45:7e:6b:66:
40:49:54:e2:1c:c0:60:b1:6e:a2:7a:ef:72:e8:f3:64:dd:d0:
7f:f2:28:17:0f:7f:bb:c5:2b:2c:4e:a3:71:cd:a4:a0:fa:d0:
94:53:9d:af:98:f1:d2:23:57:80:a3:40:66:55:cd:63:c4:3a:
fb:e9:6c:97:ee:ad:bf:9b:80:9d:8f:79:cd:a9:20:58:cd:27:
3e:94:5c:82:2d:0e:45:e3:12:3d:4f:e4:09:20:9a:db:36:e7:
70:e3:97:80:29:2c:e4:df:43:5d:1e:a3:ad:73:3a:59:31:8a:
2c:8f:c5:7e:3d:ff:d0:47:8f:98:c3:12:91:4c:e3:ce:1b:d1:
55:61:7b:9e:e5:0a:be:ee:a5:e4:a7:ad:90:21:65:db:75:b1:
96:d0:b2:00:cb:63:84:75:62:dc:b8:97:12:65:27:11:72:dc:
2b:f6:c6:cb:27:96:c2:63:40:91:2c:95:74:65:01:da:5c:5a:
17:66:41:a0:9b:87:c1:0d:c9:78:6a:b6:9f:c3:44:a7:5b:79:
4c:0c:11:ba:0a:10:a4:49:45:ee:c3:e4:3a:3e:38:e3:02:d1:
e9:43:3b:ec
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYXPo4HOM4aIH6LEp1a3Cl0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MDBiYTYzOWU2NWRiZGNjNjkwZjU4YTVhNzQwNjQxYjRm
Zjg4ZDQwHhcNMjMwMTIwMTQ0NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZThlNDA1NmJiNGM2ZGZlOGUxOWM4ZDRhOTk2YjBmNjlmOGRmZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQcuDtbLnAnCjYHzWinU7Nx41nPH
uXM8cjTcdOUOndATHT164s1csB0+tbazhilVueAr9L2djHXL/pTkvnNKx6kK0A6y
MnNvgCUkgAiuOHJw+JkCyXDoFkklvUwmXtqeBYXT8mnLy3ldW9d/ynWHaP7Ct6l/
d2cxDzFAOFueNhfI6GXYwxAmWY/T1yAQYcNnVwJOtMsedUiFnId8JCMrnS++w8Si
/MnulCZIERiRJQQEMN8wkZjlPsALDJf2xZfwS5d7Gmj42YfhG8iU1JtL3Phh9RBT
hQkrxBLmIGlPgfftAzScncxzX62wG7aiQiZu/9H5BsB82h/7FwRrjY/DcwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG6OQFa7TG3+jhnI1KmWsPafjf5iMB8GA1UdIwQY
MBaAFKgAumOeZdvcxpD1ilp0BkG0/4jUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUFDNlk1NWwyOXpHa1BXS1duUUdRYlRfaU5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9iNjM1MTctM2YxZS00NTFlLTg4NTAt
OGRiMGVmYjU2MjBhLzEvYm81QVZydE1iZjZPR2NqVXFaYXc5cC1OX21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9iNjM1MTctM2YxZS00NTFlLTg4NTAtOGRiMGVmYjU2MjBh
LzEvcUFDNlk1NWwyOXpHa1BXS1duUUdRYlRfaU5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADCcYsD
BADCcYwDBADCcY4DBADCcZswDQYJKoZIhvcNAQELBQADggEBACG+ccEFBO+PYk6h
7I///1KYpUQPRpY3TAeCQWDYUvb/RX5rZkBJVOIcwGCxbqJ673Lo82Td0H/yKBcP
f7vFKyxOo3HNpKD60JRTna+Y8dIjV4CjQGZVzWPEOvvpbJfurb+bgJ2Pec2pIFjN
Jz6UXIItDkXjEj1P5Akgmts253Djl4ApLOTfQ10eo61zOlkxiiyPxX49/9BHj5jD
EpFM484b0VVhe57lCr7upeSnrZAhZdt1sZbQsgDLY4R1Yty4lxJlJxFy3Cv2xssn
lsJjQJEslXRlAdpcWhdmQaCbh8ENyXhqtp/DRKdbeUwMEboKEKRJRe7D5Do+OOMC
0elDO+w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:18 2024 by rpki-client on console-fra.rpki-client.org