Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/TVjgWT7tBQx9pwRN6p0O8OapFcE.roa
File: TVjgWT7tBQx9pwRN6p0O8OapFcE.roa (raw, json)
Hash identifier: OlgSRNgCiD3MCReoIBbEM3QWxmRQuAySA6ivBs+/7Ok=
Subject key identifier: 4D:58:E0:59:3E:ED:05:0C:7D:A7:04:4D:EA:9D:0E:F0:E6:A9:15:C1
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018681F4446F679EB229A6EE45165E88AB17
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/TVjgWT7tBQx9pwRN6p0O8OapFcE.roa
Signing time: Fri 24 Feb 2023 05:45:14 +0000
ROA not before: Fri 24 Feb 2023 05:45:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199785
IP address blocks: 194.28.225.0/24 maxlen: 24
194.28.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Mar 2023 11:31:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:81:f4:44:6f:67:9e:b2:29:a6:ee:45:16:5e:88:ab:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 24 05:45:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d58e0593eed050c7da7044dea9d0ef0e6a915c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:f7:82:c1:ad:ea:53:fe:2b:39:d8:1a:83:
5e:5c:a2:99:75:13:ab:2f:a0:d7:20:3e:f6:ef:c6:
e7:cf:43:46:58:29:06:01:bf:78:51:ae:7b:01:08:
11:13:37:a5:7c:49:26:c1:ad:89:d4:0d:03:be:36:
ba:cf:cd:da:67:2d:dd:4f:37:c2:0e:ff:4d:bf:c4:
72:d5:40:bb:da:a7:f7:11:55:a2:5c:21:6b:74:7c:
03:0e:d4:e3:a0:33:1c:0e:35:92:4b:15:0a:6a:5b:
fd:77:ca:da:26:0d:97:75:c7:2f:de:d6:f8:b1:74:
d6:9a:3e:3d:c6:fd:49:41:11:3a:c4:06:13:61:bd:
7e:f2:cc:4e:13:4a:f6:57:23:7e:65:2c:26:2a:e3:
91:21:25:71:f8:33:7d:39:28:8e:c4:e8:57:05:27:
67:ca:f0:52:9b:bf:cf:36:df:77:37:c4:2e:80:e7:
12:43:8f:85:ea:e7:f7:71:40:d6:31:51:ac:c4:5b:
12:10:2a:a3:e6:4a:ea:02:6d:32:f6:9d:17:2b:5f:
62:34:01:00:41:c9:5b:69:01:52:db:bb:08:ba:6a:
7e:86:5d:13:24:1b:5f:b0:5c:4f:28:96:80:8a:ab:
eb:6d:fd:96:fc:7b:72:0c:0c:4e:97:3f:67:8d:1d:
df:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:58:E0:59:3E:ED:05:0C:7D:A7:04:4D:EA:9D:0E:F0:E6:A9:15:C1
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/TVjgWT7tBQx9pwRN6p0O8OapFcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.224.0/23
Signature Algorithm: sha256WithRSAEncryption
39:f5:48:74:98:b6:0e:cd:cb:ad:d4:f9:b1:2e:92:3d:34:80:
a5:ac:8c:6c:92:66:b4:27:29:29:c6:5c:11:66:95:25:60:7c:
71:07:07:ab:d9:62:44:25:1a:8f:b2:00:67:60:c2:cf:7f:04:
e3:f4:d5:6a:9c:fc:85:4e:64:cd:90:80:58:18:3a:93:f8:ec:
84:92:42:e9:71:e1:6d:bc:04:05:c8:80:bf:76:96:ca:bb:0d:
f5:5f:66:a6:b9:c7:3e:81:5f:65:ce:10:c7:ef:0c:ac:95:17:
c9:37:56:2f:1f:98:33:e6:70:b9:b6:47:bf:b2:49:84:df:f5:
e1:80:0f:fc:33:43:8f:69:f2:bc:36:4b:d2:44:bd:15:a0:fa:
ee:5c:3a:7a:37:43:ce:d6:bf:b9:fb:06:eb:9e:4b:22:59:2a:
63:d3:a0:50:89:34:8e:f6:1e:60:c5:4f:14:49:f9:78:23:35:
61:15:ef:ac:85:51:cf:5a:e6:f6:03:48:7d:1d:a4:b6:56:b3:
c5:bc:db:bd:ca:2e:f0:76:5e:e7:85:bb:36:8e:96:e4:c0:d0:
c4:05:d7:5e:8f:14:95:91:d2:f8:f4:41:71:b0:cb:8c:67:06:
f5:df:31:05:d2:04:a6:df:53:0f:0c:be:87:a9:8f:2e:4f:af:
3e:0d:10:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaB9ERvZ56yKabuRRZeiKsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMjI0MDU0NTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDU4ZTA1OTNlZWQwNTBjN2RhNzA0NGRlYTlkMGVmMGU2YTkxNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKf3gsGt6lP+KznYGoNeXKKZdROr
L6DXID7278bnz0NGWCkGAb94Ua57AQgREzelfEkmwa2J1A0Dvja6z83aZy3dTzfC
Dv9Nv8Ry1UC72qf3EVWiXCFrdHwDDtTjoDMcDjWSSxUKalv9d8raJg2Xdccv3tb4
sXTWmj49xv1JQRE6xAYTYb1+8sxOE0r2VyN+ZSwmKuORISVx+DN9OSiOxOhXBSdn
yvBSm7/PNt93N8QugOcSQ4+F6uf3cUDWMVGsxFsSECqj5krqAm0y9p0XK19iNAEA
QclbaQFS27sIump+hl0TJBtfsFxPKJaAiqvrbf2W/HtyDAxOlz9njR3faQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1Y4Fk+7QUMfacETeqdDvDmqRXBMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvVFZqZ1dUN3RCUXg5cHdSTjZwME84T2FwRmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwhzgMA0G
CSqGSIb3DQEBCwUAA4IBAQA59Uh0mLYOzcut1PmxLpI9NIClrIxskma0JykpxlwR
ZpUlYHxxBwer2WJEJRqPsgBnYMLPfwTj9NVqnPyFTmTNkIBYGDqT+OyEkkLpceFt
vAQFyIC/dpbKuw31X2amucc+gV9lzhDH7wyslRfJN1YvH5gz5nC5tke/skmE3/Xh
gA/8M0OPafK8NkvSRL0VoPruXDp6N0PO1r+5+wbrnksiWSpj06BQiTSO9h5gxU8U
Sfl4IzVhFe+shVHPWub2A0h9HaS2VrPFvNu9yi7wdl7nhbs2jpbkwNDEBddejxSV
kdL49EFxsMuMZwb13zEF0gSm31MPDL6HqY8uT68+DRC8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:01 2024 by rpki-client on console-fra.rpki-client.org