Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/kQ3G0u7bWU3aYRjpXpAV7Z7ZakA.roa
File: kQ3G0u7bWU3aYRjpXpAV7Z7ZakA.roa (raw, json)
Hash identifier: kKp+s7rY/LQsNk+1Cvros7MFnSbH1GcPUx9OBmN0u4s=
Subject key identifier: 91:0D:C6:D2:EE:DB:59:4D:DA:61:18:E9:5E:90:15:ED:9E:D9:6A:40
Certificate issuer: /CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43
Certificate serial: 0185701EDC6062746404B21FE711ACE1BBA1
Authority key identifier: DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/kQ3G0u7bWU3aYRjpXpAV7Z7ZakA.roa
Signing time: Mon 02 Jan 2023 01:35:48 +0000
ROA not before: Mon 02 Jan 2023 01:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204197
IP address blocks: 178.23.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Feb 2023 11:41:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:dc:60:62:74:64:04:b2:1f:e7:11:ac:e1:bb:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43
Validity
Not Before: Jan 2 01:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=910dc6d2eedb594dda6118e95e9015ed9ed96a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:80:65:bc:6f:87:65:c4:1f:67:c7:df:f8:08:
fb:12:a3:c3:ad:bf:14:b3:02:8a:91:9a:ca:cc:6d:
d3:ec:0c:57:77:ce:a1:0a:ee:8c:1f:68:a0:ed:62:
d9:2d:bf:7c:b0:08:38:23:ee:87:15:27:f0:d3:77:
46:52:3b:32:0a:9d:85:79:9d:a5:8a:35:e6:2b:69:
c6:4d:46:1f:2d:5a:e6:58:6c:ad:93:4e:e7:09:18:
f5:97:c9:83:b9:6d:fe:75:e3:9e:ee:7d:84:c1:8a:
2f:52:5b:38:84:fc:82:3f:ce:b6:f4:84:36:a1:87:
d0:59:4a:d3:4d:33:ec:a5:f0:6a:3b:22:32:50:16:
ce:a9:9c:85:fc:9b:bf:a5:2b:bf:bb:2a:f2:ec:87:
58:be:f9:ee:6d:20:b2:30:cd:d4:68:38:8f:e7:06:
14:fd:c4:4f:48:09:80:a6:b7:ee:34:26:a2:d8:10:
ff:72:44:67:82:5f:4e:46:28:cd:b6:36:fe:f2:5b:
bd:c3:c7:e8:1c:9a:0a:87:3f:2b:44:75:21:d4:95:
b7:cf:da:1e:cf:de:d5:07:6a:20:e3:14:4b:88:05:
73:03:ad:36:b4:6c:a8:31:d6:2c:0c:f5:7f:59:3f:
32:63:1a:3c:9e:d1:90:cd:6e:78:06:4c:e4:2a:21:
cc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0D:C6:D2:EE:DB:59:4D:DA:61:18:E9:5E:90:15:ED:9E:D9:6A:40
X509v3 Authority Key Identifier:
keyid:DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/kQ3G0u7bWU3aYRjpXpAV7Z7ZakA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.189.0/24
Signature Algorithm: sha256WithRSAEncryption
34:86:68:ad:3d:2c:f1:f1:d8:2a:a6:3d:d3:4f:c6:f5:43:48:
ba:6a:6e:3c:ca:05:91:7a:e7:a5:db:9d:b3:50:44:6c:5e:9e:
a7:e9:25:34:02:87:6c:58:8e:84:50:4e:59:58:2c:2c:7d:b0:
6b:46:df:89:0b:60:57:63:ce:cd:fb:15:60:80:51:bc:98:47:
7b:01:25:c7:c9:17:55:8e:fd:6b:a1:7a:ba:de:96:5c:dd:64:
41:fd:6b:6b:3c:87:39:18:a9:4a:fa:bf:32:fd:ba:b5:ea:4a:
97:32:df:97:15:c6:ce:6e:1f:d2:c1:a5:e2:24:f0:12:c6:85:
55:c5:b8:c8:07:f6:32:75:34:00:6a:b1:b2:d2:9c:ad:7d:e5:
59:47:71:77:47:30:4e:78:20:45:08:4e:db:71:7e:db:da:72:
b8:f3:be:94:5a:ae:f1:7a:d4:a0:d9:63:d2:18:42:00:ff:c8:
6b:9c:fe:d6:2d:e9:66:36:18:06:77:9a:a0:f6:78:f0:e7:27:
c8:20:90:56:c4:92:e6:7c:bd:d4:e9:4c:69:fd:74:77:df:49:
6b:d0:f8:0c:b8:88:ae:ca:02:6b:09:4e:fa:c8:eb:08:06:01:
54:24:32:3a:6d:63:60:05:5a:6b:5d:c0:12:25:19:2f:7d:14:
69:a3:e3:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwHtxgYnRkBLIf5xGs4buhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjFmNmUwMDE1M2E0OTE4NjExYjE0YjZiMDNmNjgxMmVk
ODhhNDMwHhcNMjMwMTAyMDEzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTBkYzZkMmVlZGI1OTRkZGE2MTE4ZTk1ZTkwMTVlZDllZDk2YTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYBlvG+HZcQfZ8ff+Aj7EqPDrb8U
swKKkZrKzG3T7AxXd86hCu6MH2ig7WLZLb98sAg4I+6HFSfw03dGUjsyCp2FeZ2l
ijXmK2nGTUYfLVrmWGytk07nCRj1l8mDuW3+deOe7n2EwYovUls4hPyCP8629IQ2
oYfQWUrTTTPspfBqOyIyUBbOqZyF/Ju/pSu/uyry7IdYvvnubSCyMM3UaDiP5wYU
/cRPSAmAprfuNCai2BD/ckRngl9ORijNtjb+8lu9w8foHJoKhz8rRHUh1JW3z9oe
z97VB2og4xRLiAVzA602tGyoMdYsDPV/WT8yYxo8ntGQzW54BkzkKiHM+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJENxtLu21lN2mEY6V6QFe2e2WpAMB8GA1UdIwQY
MBaAFN+x9uABU6SRhhGxS2sD9oEu2IpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEt
ODEwNjI3ZmIyNjcxLzEva1EzRzB1N2JXVTNhWVJqcFhwQVY3WjdaYWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEtODEwNjI3ZmIyNjcx
LzEvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshe9MA0G
CSqGSIb3DQEBCwUAA4IBAQA0hmitPSzx8dgqpj3TT8b1Q0i6am48ygWReuel252z
UERsXp6n6SU0AodsWI6EUE5ZWCwsfbBrRt+JC2BXY87N+xVggFG8mEd7ASXHyRdV
jv1roXq63pZc3WRB/WtrPIc5GKlK+r8y/bq16kqXMt+XFcbObh/SwaXiJPASxoVV
xbjIB/YydTQAarGy0pytfeVZR3F3RzBOeCBFCE7bcX7b2nK4876UWq7xetSg2WPS
GEIA/8hrnP7WLelmNhgGd5qg9njw5yfIIJBWxJLmfL3U6Uxp/XR330lr0PgMuIiu
ygJrCU76yOsIBgFUJDI6bWNgBVprXcASJRkvfRRpo+Mv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:01 2024 by rpki-client on console-ams.rpki-client.org