Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/cVQp2AD8fIIV4o-MxbKJclFI3Z4.roa
File: cVQp2AD8fIIV4o-MxbKJclFI3Z4.roa (raw, json)
Hash identifier: m+K4eJSIkHnhYXthmsYNix4ld667QJlrtOinRphfaH8=
Subject key identifier: 71:54:29:D8:00:FC:7C:82:15:E2:8F:8C:C5:B2:89:72:51:48:DD:9E
Certificate issuer: /CN=925069a5d764da255954db2ee9d1243de16b9101
Certificate serial: 018CC348FEB5FCF03127BA433E773056C109
Authority key identifier: 92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/cVQp2AD8fIIV4o-MxbKJclFI3Z4.roa
Signing time: Mon 01 Jan 2024 04:29:50 +0000
ROA not before: Mon 01 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39622
IP address blocks: 194.5.248.0/24 maxlen: 24
193.168.140.0/24 maxlen: 24
193.168.143.0/24 maxlen: 24
193.168.142.0/24 maxlen: 24
193.168.141.0/24 maxlen: 24
2a0c:b0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 15 Feb 2024 09:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fe:b5:fc:f0:31:27:ba:43:3e:77:30:56:c1:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=925069a5d764da255954db2ee9d1243de16b9101
Validity
Not Before: Jan 1 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=715429d800fc7c8215e28f8cc5b289725148dd9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3a:f2:c0:9a:d7:89:fb:1f:02:b4:d5:ac:86:
71:37:ab:3a:2c:d7:b5:9b:75:6e:01:b2:54:74:55:
6e:a8:1c:fc:8e:f2:34:d3:44:8d:6f:3f:65:38:66:
06:20:84:ca:91:75:27:ef:81:1e:91:ef:85:f8:c3:
78:8a:75:d7:f5:35:51:51:af:eb:17:be:4a:8e:18:
4a:13:1f:92:a7:40:4f:d1:b8:1a:90:76:af:5c:44:
8a:b0:b8:07:6b:4f:77:0f:2c:be:b5:af:d7:39:8d:
ce:fe:aa:76:b4:95:b1:ca:57:81:a0:c3:01:8c:49:
33:ea:85:9c:6f:6e:0b:9c:f8:b5:03:22:14:90:a2:
97:bd:58:43:44:dd:92:89:8d:02:75:27:6c:1e:bc:
35:2d:58:d8:a0:bf:f8:8e:53:8b:a8:c2:e9:9d:ea:
0b:22:37:e5:38:aa:82:6a:d7:5f:52:f3:8f:eb:31:
7a:15:53:68:8e:68:ed:62:a2:5a:40:4b:9a:e3:c8:
16:30:20:bc:5e:99:58:9f:19:78:b3:d1:02:3f:16:
dd:0c:59:f0:7a:28:25:80:f4:13:a4:34:1f:de:09:
89:90:93:06:43:63:e0:a7:b6:a9:fa:15:21:25:9e:
62:c0:b3:f7:65:c9:39:fa:ee:fe:dc:44:15:4f:e1:
fb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:54:29:D8:00:FC:7C:82:15:E2:8F:8C:C5:B2:89:72:51:48:DD:9E
X509v3 Authority Key Identifier:
keyid:92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/cVQp2AD8fIIV4o-MxbKJclFI3Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/klBppddk2iVZVNsu6dEkPeFrkQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.140.0/22
194.5.248.0/24
IPv6:
2a0c:b0c0::/29
Signature Algorithm: sha256WithRSAEncryption
82:4c:3a:13:9c:ad:66:fa:14:5d:19:64:2a:2e:cf:61:43:c4:
ff:68:cd:0c:78:fd:4c:53:62:c9:85:6e:6f:fc:22:52:1c:16:
fb:08:11:db:0e:d6:ff:b6:ea:e8:1d:b2:aa:6a:61:41:55:27:
6f:90:67:d1:80:93:14:3c:08:d9:90:cc:a9:f2:06:39:88:c8:
65:d5:0b:7f:df:4a:a1:23:8c:e3:2b:ef:0b:b7:d8:71:7b:f3:
bc:bb:74:1a:b2:ce:6f:72:d6:22:86:02:9e:2f:52:70:36:72:
a1:96:d0:1e:4b:ab:b6:8f:16:4f:7d:c7:73:0b:5e:92:d0:52:
74:02:31:0c:8f:d5:bc:92:a1:26:2c:dc:4d:5f:e8:4d:8c:fc:
45:4d:18:9b:53:09:d7:3d:04:99:1c:02:5b:ae:1d:da:f7:b8:
38:07:9c:ef:15:b7:48:d4:8e:21:05:fe:74:b7:ef:44:2e:ca:
0b:c5:c8:3f:6a:30:23:df:be:1f:08:9c:f3:a8:91:f5:d7:19:
83:09:2f:55:4c:d3:da:27:86:e9:7b:fa:20:5e:98:18:7a:c5:
30:be:02:bd:d1:27:bf:4b:d9:94:cf:b6:fa:ee:2c:ad:96:2d:
07:32:48:f1:77:b7:20:74:cd:52:48:76:ec:e7:fc:1e:bb:b2:
17:59:83:f0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSP61/PAxJ7pDPncwVsEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTA2OWE1ZDc2NGRhMjU1OTU0ZGIyZWU5ZDEyNDNkZTE2
YjkxMDEwHhcNMjQwMTAxMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTU0MjlkODAwZmM3YzgyMTVlMjhmOGNjNWIyODk3MjUxNDhkZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTrywJrXifsfArTVrIZxN6s6LNe1
m3VuAbJUdFVuqBz8jvI000SNbz9lOGYGIITKkXUn74Eeke+F+MN4inXX9TVRUa/r
F75KjhhKEx+Sp0BP0bgakHavXESKsLgHa093Dyy+ta/XOY3O/qp2tJWxyleBoMMB
jEkz6oWcb24LnPi1AyIUkKKXvVhDRN2SiY0CdSdsHrw1LVjYoL/4jlOLqMLpneoL
IjflOKqCatdfUvOP6zF6FVNojmjtYqJaQEua48gWMCC8XplYnxl4s9ECPxbdDFnw
eiglgPQTpDQf3gmJkJMGQ2Pgp7ap+hUhJZ5iwLP3Zck5+u7+3EQVT+H7dwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHFUKdgA/HyCFeKPjMWyiXJRSN2eMB8GA1UdIwQY
MBaAFJJQaaXXZNolWVTbLunRJD3ha5EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTkt
YTliOGRlNjExYTk2LzEvY1ZRcDJBRDhmSUlWNG8tTXhiS0pjbEZJM1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTktYTliOGRlNjExYTk2
LzEva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwaiMAwQA
wgX4MA0EAgACMAcDBQMqDLDAMA0GCSqGSIb3DQEBCwUAA4IBAQCCTDoTnK1m+hRd
GWQqLs9hQ8T/aM0MeP1MU2LJhW5v/CJSHBb7CBHbDtb/turoHbKqamFBVSdvkGfR
gJMUPAjZkMyp8gY5iMhl1Qt/30qhI4zjK+8Lt9hxe/O8u3Qass5vctYihgKeL1Jw
NnKhltAeS6u2jxZPfcdzC16S0FJ0AjEMj9W8kqEmLNxNX+hNjPxFTRibUwnXPQSZ
HAJbrh3a97g4B5zvFbdI1I4hBf50t+9ELsoLxcg/ajAj374fCJzzqJH11xmDCS9V
TNPaJ4bpe/ogXpgYesUwvgK90Se/S9mUz7b67iytli0HMkjxd7cgdM1SSHbs5/we
u7IXWYPw
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:01:12 2024 by rpki-client on console.sobornost.net