Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/V6iUNWwYLEinQmrNOl070Dbx3lM.roa
File: V6iUNWwYLEinQmrNOl070Dbx3lM.roa (raw, json)
Hash identifier: RWwiWD1fMGsQsUgWYjxV8D6zfNqV48l2xU20VnXn3IM=
Subject key identifier: 57:A8:94:35:6C:18:2C:48:A7:42:6A:CD:3A:5D:3B:D0:36:F1:DE:53
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 018CC9BB01414265E53A1EA7D5612A5EE9C9
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/V6iUNWwYLEinQmrNOl070Dbx3lM.roa
Signing time: Tue 02 Jan 2024 10:32:05 +0000
ROA not before: Tue 02 Jan 2024 10:32:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 192.109.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 07:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:01:41:42:65:e5:3a:1e:a7:d5:61:2a:5e:e9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 2 10:32:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57a894356c182c48a7426acd3a5d3bd036f1de53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bc:b5:7e:eb:d7:26:cd:64:7c:a0:a6:43:74:
01:27:a8:c3:3e:0c:3d:3d:6e:66:fe:2e:7d:0c:eb:
3c:13:c6:12:52:c3:25:f4:3a:ee:f6:da:45:70:73:
90:5f:39:09:e2:31:b6:a5:af:17:4a:9f:93:3a:91:
c8:25:01:dd:b7:74:32:c1:19:d4:72:91:bb:b1:cd:
54:bd:b5:d7:9c:1c:74:36:77:47:b2:0f:9b:26:35:
60:e0:27:dd:07:53:00:61:08:2c:fc:ef:c3:71:6a:
dc:75:09:9b:44:0a:a1:a1:54:d9:8e:b0:b3:9b:1a:
3b:84:96:be:91:16:f5:c1:49:d0:7b:0c:03:58:f3:
ae:ea:67:62:d6:6f:5d:2d:db:bc:63:ca:13:02:98:
3a:67:4f:27:79:19:b1:45:4b:6d:23:e1:cb:87:4e:
9e:29:c8:ce:46:a2:f4:0a:9e:51:dd:ab:01:d1:43:
97:d7:f1:a2:b5:55:fd:21:c7:3f:6b:24:45:64:0b:
79:21:53:d0:3f:60:fc:be:f1:85:d6:09:c5:2f:97:
64:58:81:77:8e:3d:5d:80:9c:a8:34:c7:7a:f7:ec:
d8:3b:72:e8:dc:21:1d:65:15:f2:24:96:7b:23:91:
5a:2b:63:e5:1c:ce:b7:88:e8:2e:cc:d2:93:00:7d:
b4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:A8:94:35:6C:18:2C:48:A7:42:6A:CD:3A:5D:3B:D0:36:F1:DE:53
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/V6iUNWwYLEinQmrNOl070Dbx3lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
45:69:44:dd:ba:56:f8:60:87:99:c2:7f:53:2d:50:52:be:04:
46:b6:45:17:0a:a8:9f:36:48:34:cb:dc:7c:f5:5c:46:9e:c1:
77:c1:97:48:40:f7:f8:49:51:c9:77:76:9d:0f:85:63:ae:20:
da:58:14:8f:86:41:65:61:55:77:d4:9b:02:a6:da:30:97:9b:
c4:05:d2:29:12:5f:0d:a3:db:74:00:62:36:3b:45:e2:77:ba:
fc:37:11:12:56:9b:f8:01:2e:a8:41:f8:0a:5d:2e:e1:b9:b8:
aa:fe:2b:e1:15:5d:30:c1:a3:5c:2f:ff:30:d1:c7:f2:af:96:
13:e8:c4:83:ff:6c:c0:fc:6a:b0:02:fc:3d:e6:2c:c5:c5:d8:
f3:22:6e:87:97:08:bd:ca:44:37:c0:ab:d0:11:8e:85:5c:94:
bd:63:18:ec:24:61:17:b2:e3:20:93:08:64:ae:78:dc:55:df:
7b:a0:f4:7a:bb:b0:71:36:68:c6:1a:49:0c:51:df:11:d9:f4:
8c:59:ad:cc:05:1c:a8:fe:d1:5f:dd:90:2b:1f:9d:b1:dc:1d:
35:79:7e:e1:73:e8:13:f6:b7:a9:75:a8:4c:cf:02:a5:61:a0:
4d:39:97:64:7a:ef:37:bd:e6:0c:ea:27:e0:24:5a:ff:7f:b5:
d0:07:95:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJuwFBQmXlOh6n1WEqXunJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjQwMTAyMTAzMjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2E4OTQzNTZjMTgyYzQ4YTc0MjZhY2QzYTVkM2JkMDM2ZjFkZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7y1fuvXJs1kfKCmQ3QBJ6jDPgw9
PW5m/i59DOs8E8YSUsMl9Dru9tpFcHOQXzkJ4jG2pa8XSp+TOpHIJQHdt3QywRnU
cpG7sc1UvbXXnBx0NndHsg+bJjVg4CfdB1MAYQgs/O/DcWrcdQmbRAqhoVTZjrCz
mxo7hJa+kRb1wUnQewwDWPOu6mdi1m9dLdu8Y8oTApg6Z08neRmxRUttI+HLh06e
KcjORqL0Cp5R3asB0UOX1/GitVX9Icc/ayRFZAt5IVPQP2D8vvGF1gnFL5dkWIF3
jj1dgJyoNMd69+zYO3Lo3CEdZRXyJJZ7I5FaK2PlHM63iOguzNKTAH20SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFeolDVsGCxIp0JqzTpdO9A28d5TMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvVjZpVU5Xd1lMRWluUW1yTk9sMDcwRGJ4M2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3IMA0G
CSqGSIb3DQEBCwUAA4IBAQBFaUTdulb4YIeZwn9TLVBSvgRGtkUXCqifNkg0y9x8
9VxGnsF3wZdIQPf4SVHJd3adD4VjriDaWBSPhkFlYVV31JsCptowl5vEBdIpEl8N
o9t0AGI2O0Xid7r8NxESVpv4AS6oQfgKXS7hubiq/ivhFV0wwaNcL/8w0cfyr5YT
6MSD/2zA/GqwAvw95izFxdjzIm6Hlwi9ykQ3wKvQEY6FXJS9YxjsJGEXsuMgkwhk
rnjcVd97oPR6u7BxNmjGGkkMUd8R2fSMWa3MBRyo/tFf3ZArH52x3B01eX7hc+gT
9repdahMzwKlYaBNOZdkeu83veYM6ifgJFr/f7XQB5Vs
-----END CERTIFICATE-----
Generated at Thu Oct 3 09:26:23 2024 by rpki-client on console-ams.rpki-client.org