Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/VJ2o9fueNIbuqF-JCuOMayQuGy0.roa
File: VJ2o9fueNIbuqF-JCuOMayQuGy0.roa (raw, json)
Hash identifier: Q86ZPbg9ilandfZbn9tjagXpz5/8kQK1mK0KaBEYdyA=
Subject key identifier: 54:9D:A8:F5:FB:9E:34:86:EE:A8:5F:89:0A:E3:8C:6B:24:2E:1B:2D
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 018CC6B8F93172FF2EC84F8227F352292DD7
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/VJ2o9fueNIbuqF-JCuOMayQuGy0.roa
Signing time: Mon 01 Jan 2024 20:31:00 +0000
ROA not before: Mon 01 Jan 2024 20:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41637
IP address blocks: 194.50.113.0/24 maxlen: 24
2001:4d8f::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 19 Jan 2024 10:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f9:31:72:ff:2e:c8:4f:82:27:f3:52:29:2d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 1 20:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=549da8f5fb9e3486eea85f890ae38c6b242e1b2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5d:82:95:93:db:64:52:08:88:70:6f:41:1c:
9d:70:74:2e:86:03:0a:5c:c4:74:d9:46:fd:bf:5a:
a0:14:8e:de:f4:6c:a5:f2:ee:50:60:3f:2a:8d:32:
ba:3c:da:70:3f:7c:15:bb:8b:4b:ea:e9:ec:d8:d3:
8e:a4:62:f5:3e:33:f0:fe:cd:d7:6a:78:e7:54:ad:
ca:6a:2d:2c:ac:3d:0f:c5:08:7e:39:1e:e2:44:59:
95:95:1a:e0:56:d5:00:c1:f2:53:26:34:ce:1d:36:
e7:38:d9:f4:76:e4:60:fe:1b:47:f5:30:b0:6d:80:
bd:11:15:11:39:b9:7b:22:a5:20:6b:27:f4:ea:7c:
41:6f:8d:35:5c:e5:4b:50:f9:ae:73:df:44:0a:56:
c6:6a:b6:de:fe:71:50:61:56:fb:a2:82:4b:a1:4c:
dd:53:14:7a:ca:12:02:79:cd:33:3b:9c:6f:22:9f:
e9:bb:f4:a3:3a:55:0e:1a:90:05:53:b1:6b:0e:11:
c3:d5:1a:d1:c4:27:88:1e:bc:d5:62:ad:6f:4d:8f:
35:1a:d4:d6:0e:97:3e:67:64:cc:f6:d2:b2:3f:3b:
aa:99:ef:a0:62:bc:40:21:c9:6e:d5:cf:a9:e7:77:
0e:5f:2c:c7:88:23:96:01:16:78:bd:86:b0:45:d9:
f1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9D:A8:F5:FB:9E:34:86:EE:A8:5F:89:0A:E3:8C:6B:24:2E:1B:2D
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/VJ2o9fueNIbuqF-JCuOMayQuGy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.113.0/24
IPv6:
2001:4d8f::/32
Signature Algorithm: sha256WithRSAEncryption
7d:39:6f:b7:46:b8:f1:cc:e0:d8:65:fe:90:0e:6d:27:77:5a:
15:8f:9d:a5:f1:d0:84:0b:0c:49:c5:38:84:01:6f:a8:14:3b:
58:23:3b:f8:15:11:b8:66:ce:08:2e:47:49:bd:ce:8f:df:1e:
b0:96:cd:b1:12:62:60:e3:55:da:48:b7:fc:0b:5d:12:11:b0:
4a:1e:66:fa:e5:ca:88:74:18:e3:7e:f9:a6:e8:f7:6e:29:14:
e4:51:8e:eb:5d:48:0a:f0:67:9d:65:7f:96:91:ed:1b:bf:2c:
89:1e:19:6e:7a:5e:a3:17:f5:57:96:a1:2e:f6:36:47:c8:a9:
2f:a1:46:e7:cf:2f:ec:f5:ae:1b:ab:ab:05:84:e2:bb:57:90:
21:e5:07:f0:9a:b5:a2:dd:1f:12:9b:85:2c:93:bc:27:5a:4b:
98:73:63:f2:61:19:c1:3e:bc:7c:2d:0b:b1:86:97:79:3a:d3:
49:fa:5c:a0:e5:9f:5f:78:30:b8:c6:6d:25:d1:72:26:59:30:
aa:35:5e:40:e6:a2:28:4d:29:30:f2:d2:43:08:81:bf:d3:7b:
f7:68:27:41:5a:82:9a:90:d0:43:68:51:92:89:71:17:d8:bb:
dd:46:27:f4:8d:92:48:dc:8c:70:7d:1b:1b:91:06:f8:45:fe:
2f:51:03:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuPkxcv8uyE+CJ/NSKS3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjQwMTAxMjAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDlkYThmNWZiOWUzNDg2ZWVhODVmODkwYWUzOGM2YjI0MmUxYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF2ClZPbZFIIiHBvQRydcHQuhgMK
XMR02Ub9v1qgFI7e9Gyl8u5QYD8qjTK6PNpwP3wVu4tL6uns2NOOpGL1PjPw/s3X
anjnVK3Kai0srD0PxQh+OR7iRFmVlRrgVtUAwfJTJjTOHTbnONn0duRg/htH9TCw
bYC9ERURObl7IqUgayf06nxBb401XOVLUPmuc99EClbGarbe/nFQYVb7ooJLoUzd
UxR6yhICec0zO5xvIp/pu/SjOlUOGpAFU7FrDhHD1RrRxCeIHrzVYq1vTY81GtTW
Dpc+Z2TM9tKyPzuqme+gYrxAIclu1c+p53cOXyzHiCOWARZ4vYawRdnxNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFSdqPX7njSG7qhfiQrjjGskLhstMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvVkoybzlmdWVOSWJ1cUYtSkN1T01heVF1R3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwjJxMA0E
AgACMAcDBQAgAU2PMA0GCSqGSIb3DQEBCwUAA4IBAQB9OW+3RrjxzODYZf6QDm0n
d1oVj52l8dCECwxJxTiEAW+oFDtYIzv4FRG4Zs4ILkdJvc6P3x6wls2xEmJg41Xa
SLf8C10SEbBKHmb65cqIdBjjfvmm6PduKRTkUY7rXUgK8GedZX+Wke0bvyyJHhlu
el6jF/VXlqEu9jZHyKkvoUbnzy/s9a4bq6sFhOK7V5Ah5QfwmrWi3R8Sm4Usk7wn
WkuYc2PyYRnBPrx8LQuxhpd5OtNJ+lyg5Z9feDC4xm0l0XImWTCqNV5A5qIoTSkw
8tJDCIG/03v3aCdBWoKakNBDaFGSiXEX2LvdRif0jZJI3IxwfRsbkQb4Rf4vUQP+
-----END CERTIFICATE-----
Generated at Fri Jan 19 15:23:01 2024 by rpki-client on console-fra.rpki-client.org