Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8f35e8-ac2e-4e15-a0b4-b2ec6117ce9e/1/hFDvq4webAQPiyfKSmXJw1X6GwY.roa
File: hFDvq4webAQPiyfKSmXJw1X6GwY.roa (raw, json)
Hash identifier: usLMMarM7YELITteE7kuDkiUXju12Ysi7XcvZQoxWfA=
Subject key identifier: 84:50:EF:AB:8C:1E:6C:04:0F:8B:27:CA:4A:65:C9:C3:55:FA:1B:06
Certificate issuer: /CN=74633239baa2103106a6260ddfd7e78b8094355c
Certificate serial: 01856E38BF864EC0E8CD58D81EACFFE1B700
Authority key identifier: 74:63:32:39:BA:A2:10:31:06:A6:26:0D:DF:D7:E7:8B:80:94:35:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGMyObqiEDEGpiYN39fni4CUNVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8f35e8-ac2e-4e15-a0b4-b2ec6117ce9e/1/hFDvq4webAQPiyfKSmXJw1X6GwY.roa
Signing time: Sun 01 Jan 2023 16:44:50 +0000
ROA not before: Sun 01 Jan 2023 16:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31074
IP address blocks: 194.146.125.0/24 maxlen: 24
195.242.159.0/24 maxlen: 24
195.242.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:bf:86:4e:c0:e8:cd:58:d8:1e:ac:ff:e1:b7:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74633239baa2103106a6260ddfd7e78b8094355c
Validity
Not Before: Jan 1 16:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8450efab8c1e6c040f8b27ca4a65c9c355fa1b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f0:bb:11:27:71:ed:a7:fa:02:f9:0c:3d:09:
f8:ae:ee:e2:bc:18:16:9c:71:c3:a0:a1:fe:c8:fd:
75:e9:9f:98:06:f4:c2:b3:bc:1d:40:d0:7d:0e:64:
1b:5c:31:2d:e8:21:66:61:e5:33:6f:0e:d5:10:b7:
62:ca:00:af:fd:93:17:9b:c5:47:9b:53:7c:47:61:
3b:96:8d:dc:f7:6a:a1:69:f6:e6:43:d7:2a:98:a6:
b3:2c:f6:08:84:3c:3a:bd:5c:1a:4d:d8:df:e8:30:
ea:ab:f9:8a:98:6d:20:06:25:62:07:51:04:f5:64:
76:0e:63:eb:01:7d:52:c6:5b:33:54:b3:fe:d9:ea:
07:1d:56:67:4f:10:14:5a:da:32:9a:b3:f3:8c:d7:
33:90:81:be:9a:0f:58:b7:40:3d:24:58:3f:cc:f7:
7d:f5:fa:f7:85:3d:99:63:fd:37:dd:1b:6b:75:f1:
84:25:39:4e:a7:0c:38:a9:9a:a5:60:c6:81:d4:56:
8d:c2:3c:e2:de:cf:40:a4:d9:32:cf:9e:bc:b2:3d:
de:31:8d:7a:5b:cf:1a:9f:c1:f4:e0:43:f6:33:1f:
de:1b:df:fb:fb:35:73:39:7c:a5:eb:32:d6:ab:89:
51:d8:c6:1c:b2:5b:4a:e7:94:ce:1a:bc:61:39:51:
58:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:50:EF:AB:8C:1E:6C:04:0F:8B:27:CA:4A:65:C9:C3:55:FA:1B:06
X509v3 Authority Key Identifier:
keyid:74:63:32:39:BA:A2:10:31:06:A6:26:0D:DF:D7:E7:8B:80:94:35:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGMyObqiEDEGpiYN39fni4CUNVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8f35e8-ac2e-4e15-a0b4-b2ec6117ce9e/1/hFDvq4webAQPiyfKSmXJw1X6GwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8f35e8-ac2e-4e15-a0b4-b2ec6117ce9e/1/dGMyObqiEDEGpiYN39fni4CUNVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.125.0/24
195.242.158.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:16:5b:17:4b:fc:0b:3f:a0:de:55:c7:09:d9:ba:ce:de:33:
e9:5d:60:dd:57:f1:96:68:f9:54:66:5e:94:5f:3f:56:19:5e:
43:01:81:4d:b1:b1:09:a2:74:b5:dd:ad:45:f8:bb:6e:41:9c:
98:66:22:a2:d9:2e:00:8a:6a:ce:ad:ea:3a:9c:2c:f1:6f:96:
dc:0a:42:cf:0a:fa:35:25:27:5b:e4:61:08:4d:36:7c:e1:f1:
6c:9c:fb:8f:e9:c4:b9:c7:8f:f3:d0:b3:04:fd:59:e0:a9:f4:
17:52:a0:3f:c3:4b:e8:32:ea:96:4f:2c:25:28:90:34:2a:f9:
9c:a8:36:5b:e6:e9:06:4b:da:fb:f4:5b:2f:16:7b:77:5e:c2:
25:a2:d4:89:1b:a4:b5:0e:02:1e:fe:6f:4d:32:3c:01:e4:70:
a0:dd:09:8a:86:d8:28:50:80:5f:ad:f3:4e:e0:4b:92:a6:4c:
1a:4d:c2:98:3d:ab:c7:0f:20:d5:36:6e:33:5a:03:8a:09:58:
e7:c7:23:53:bd:78:a4:16:30:c7:34:3d:10:df:b7:90:81:65:
5f:15:89:de:fe:3c:d4:24:52:83:21:f3:4e:e0:04:e8:44:11:
60:f4:7e:ee:93:07:08:1f:c1:4e:f9:2b:1b:2b:32:3f:f4:8a:
38:ca:5f:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuOL+GTsDozVjYHqz/4bcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjMzMjM5YmFhMjEwMzEwNmE2MjYwZGRmZDdlNzhiODA5
NDM1NWMwHhcNMjMwMTAxMTY0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDUwZWZhYjhjMWU2YzA0MGY4YjI3Y2E0YTY1YzljMzU1ZmExYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfC7ESdx7af6AvkMPQn4ru7ivBgW
nHHDoKH+yP116Z+YBvTCs7wdQNB9DmQbXDEt6CFmYeUzbw7VELdiygCv/ZMXm8VH
m1N8R2E7lo3c92qhafbmQ9cqmKazLPYIhDw6vVwaTdjf6DDqq/mKmG0gBiViB1EE
9WR2DmPrAX1SxlszVLP+2eoHHVZnTxAUWtoymrPzjNczkIG+mg9Yt0A9JFg/zPd9
9fr3hT2ZY/033RtrdfGEJTlOpww4qZqlYMaB1FaNwjzi3s9ApNkyz568sj3eMY16
W88an8H04EP2Mx/eG9/7+zVzOXyl6zLWq4lR2MYcsltK55TOGrxhOVFY8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIRQ76uMHmwED4snykplycNV+hsGMB8GA1UdIwQY
MBaAFHRjMjm6ohAxBqYmDd/X54uAlDVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdNeU9icWlFREVHcGlZTjM5Zm5pNENVTlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZjM1ZTgtYWMyZS00ZTE1LWEwYjQt
YjJlYzYxMTdjZTllLzEvaEZEdnE0d2ViQVFQaXlmS1NtWEp3MVg2R3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZjM1ZTgtYWMyZS00ZTE1LWEwYjQtYjJlYzYxMTdjZTll
LzEvZEdNeU9icWlFREVHcGlZTjM5Zm5pNENVTlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwpJ9AwQB
w/KeMA0GCSqGSIb3DQEBCwUAA4IBAQB8FlsXS/wLP6DeVccJ2brO3jPpXWDdV/GW
aPlUZl6UXz9WGV5DAYFNsbEJonS13a1F+LtuQZyYZiKi2S4AimrOreo6nCzxb5bc
CkLPCvo1JSdb5GEITTZ84fFsnPuP6cS5x4/z0LME/VngqfQXUqA/w0voMuqWTywl
KJA0KvmcqDZb5ukGS9r79FsvFnt3XsIlotSJG6S1DgIe/m9NMjwB5HCg3QmKhtgo
UIBfrfNO4EuSpkwaTcKYPavHDyDVNm4zWgOKCVjnxyNTvXikFjDHND0Q37eQgWVf
FYne/jzUJFKDIfNO4AToRBFg9H7ukwcIH8FO+SsbKzI/9Io4yl/f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:01 2024 by rpki-client on console-ams.rpki-client.org