Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/9a4ef5-42fa-435f-a8fe-b1f4fc7522a0/1/Bq0qIGv022Y0eiqloUvxRwfrFyA.roa
File: Bq0qIGv022Y0eiqloUvxRwfrFyA.roa (raw, json)
Hash identifier: +emezERaNNKGE74MYhCL7p/fgRky3R4l3tbrCa2jk2w=
Subject key identifier: 06:AD:2A:20:6B:F4:DB:66:34:7A:2A:A5:A1:4B:F1:47:07:EB:17:20
Certificate issuer: /CN=dce6e13e413baf381b625131e924e947843436f5
Certificate serial: 018CC6B9401C904E3C7A85C3457DF91D65C3
Authority key identifier: DC:E6:E1:3E:41:3B:AF:38:1B:62:51:31:E9:24:E9:47:84:34:36:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ObhPkE7rzgbYlEx6STpR4Q0NvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/9a4ef5-42fa-435f-a8fe-b1f4fc7522a0/1/Bq0qIGv022Y0eiqloUvxRwfrFyA.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 194.1.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 12:39:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:40:1c:90:4e:3c:7a:85:c3:45:7d:f9:1d:65:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dce6e13e413baf381b625131e924e947843436f5
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06ad2a206bf4db66347a2aa5a14bf14707eb1720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a5:d1:82:a8:a2:ff:fc:3d:21:8d:8f:cf:0a:
05:49:dd:a9:4b:90:3a:37:bb:09:29:9e:13:0b:57:
67:c1:d1:d2:6b:b2:60:c5:9d:a9:9a:56:ef:d7:4f:
92:9e:a7:5f:81:a6:de:13:4c:5f:25:47:92:af:a2:
63:1d:38:fc:c9:f9:2b:85:44:d6:4c:5d:2e:a7:e7:
e6:a1:90:47:cc:5b:93:82:33:a5:fa:1f:80:9b:3e:
c6:c8:6a:20:8d:e1:9f:a2:a1:63:a7:32:86:1c:06:
49:d2:bc:13:30:c9:22:08:2a:b4:f2:63:e6:2f:ed:
86:4a:a9:a0:41:b0:87:a5:78:ec:85:75:22:35:75:
f5:16:49:37:a5:04:6d:71:58:0b:51:4b:59:c9:77:
8d:ca:5a:56:46:70:51:61:a1:30:35:14:0a:b4:43:
77:cc:ec:01:39:bd:ac:01:bb:0a:7d:03:dd:37:12:
ec:14:45:2c:2e:6c:46:a4:9a:5b:86:9e:26:49:88:
29:46:bf:d9:ae:c5:6f:11:a9:2a:86:c0:52:7a:67:
f0:19:57:73:85:e3:43:47:c7:49:1d:f0:1d:41:18:
40:37:0d:2c:7b:b3:22:f9:d5:b7:52:95:62:e0:9b:
ad:00:32:00:68:81:f6:37:5a:67:5b:c2:ba:26:ce:
b3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:AD:2A:20:6B:F4:DB:66:34:7A:2A:A5:A1:4B:F1:47:07:EB:17:20
X509v3 Authority Key Identifier:
keyid:DC:E6:E1:3E:41:3B:AF:38:1B:62:51:31:E9:24:E9:47:84:34:36:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ObhPkE7rzgbYlEx6STpR4Q0NvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/9a4ef5-42fa-435f-a8fe-b1f4fc7522a0/1/Bq0qIGv022Y0eiqloUvxRwfrFyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/9a4ef5-42fa-435f-a8fe-b1f4fc7522a0/1/3ObhPkE7rzgbYlEx6STpR4Q0NvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.245.0/24
Signature Algorithm: sha256WithRSAEncryption
44:0b:82:95:61:c6:96:9c:55:68:7b:50:43:25:63:13:e2:f2:
bd:84:5b:9d:ed:1c:8f:e3:24:4f:f1:c8:a5:59:70:f5:23:9f:
20:eb:5e:f2:f3:f5:91:a7:48:8d:c8:33:d8:e1:48:a9:00:e8:
7b:51:08:83:08:68:ca:98:e4:d6:e7:3a:15:5d:0a:11:dd:8d:
1e:bb:a5:30:15:ff:8d:4e:c1:15:ec:6c:ac:22:6c:e5:98:90:
89:67:6b:6b:ee:b9:89:d1:8c:75:31:da:4d:d3:26:50:8f:cd:
78:65:7b:41:9e:6e:18:21:5f:2d:76:f7:10:ba:e4:13:16:6f:
33:23:69:2a:df:5c:cb:83:c7:4b:c6:c7:55:01:08:0f:a1:21:
7f:9b:bd:b3:fe:ba:8f:38:96:ac:17:45:03:d6:70:8a:16:ae:
fd:09:f8:08:82:72:1b:55:49:d4:1a:c6:81:ff:d8:55:c2:f3:
07:ae:e2:d9:37:d7:c6:fd:17:d2:2f:91:f2:2b:b7:58:8f:32:
6d:7e:2e:cd:51:f1:47:98:2a:2c:43:11:6b:41:0b:db:13:79:
be:da:76:69:2f:c2:c0:69:04:c3:3f:2e:a0:ab:6c:50:f9:98:
c0:9a:70:90:b8:f3:7f:d4:2c:f6:4a:4e:19:1c:73:20:e8:ba:
14:7c:6c:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuUAckE48eoXDRX35HWXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZTZlMTNlNDEzYmFmMzgxYjYyNTEzMWU5MjRlOTQ3ODQz
NDM2ZjUwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmFkMmEyMDZiZjRkYjY2MzQ3YTJhYTVhMTRiZjE0NzA3ZWIxNzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6XRgqii//w9IY2PzwoFSd2pS5A6
N7sJKZ4TC1dnwdHSa7JgxZ2pmlbv10+SnqdfgabeE0xfJUeSr6JjHTj8yfkrhUTW
TF0up+fmoZBHzFuTgjOl+h+Amz7GyGogjeGfoqFjpzKGHAZJ0rwTMMkiCCq08mPm
L+2GSqmgQbCHpXjshXUiNXX1Fkk3pQRtcVgLUUtZyXeNylpWRnBRYaEwNRQKtEN3
zOwBOb2sAbsKfQPdNxLsFEUsLmxGpJpbhp4mSYgpRr/ZrsVvEakqhsBSemfwGVdz
heNDR8dJHfAdQRhANw0se7Mi+dW3UpVi4JutADIAaIH2N1pnW8K6Js6zBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAatKiBr9NtmNHoqpaFL8UcH6xcgMB8GA1UdIwQY
MBaAFNzm4T5BO684G2JRMekk6UeENDb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM09iaFBrRTdyemdiWWxFeDZTVHBSNFEwTnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi85YTRlZjUtNDJmYS00MzVmLWE4ZmUt
YjFmNGZjNzUyMmEwLzEvQnEwcUlHdjAyMlkwZWlxbG9VdnhSd2ZyRnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi85YTRlZjUtNDJmYS00MzVmLWE4ZmUtYjFmNGZjNzUyMmEw
LzEvM09iaFBrRTdyemdiWWxFeDZTVHBSNFEwTnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgH1MA0G
CSqGSIb3DQEBCwUAA4IBAQBEC4KVYcaWnFVoe1BDJWMT4vK9hFud7RyP4yRP8cil
WXD1I58g617y8/WRp0iNyDPY4UipAOh7UQiDCGjKmOTW5zoVXQoR3Y0eu6UwFf+N
TsEV7GysImzlmJCJZ2tr7rmJ0Yx1MdpN0yZQj814ZXtBnm4YIV8tdvcQuuQTFm8z
I2kq31zLg8dLxsdVAQgPoSF/m72z/rqPOJasF0UD1nCKFq79CfgIgnIbVUnUGsaB
/9hVwvMHruLZN9fG/RfSL5HyK7dYjzJtfi7NUfFHmCosQxFrQQvbE3m+2nZpL8LA
aQTDPy6gq2xQ+ZjAmnCQuPN/1Cz2Sk4ZHHMg6LoUfGzq
-----END CERTIFICATE-----
Generated at Wed Feb 7 17:55:35 2024 by rpki-client on console-ams.rpki-client.org