Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/92aa15-eb62-4f4a-b0d7-24e22482aee6/1/iH3GVunLbfk7rhyfw3qNg6PyWMk.roa
File: iH3GVunLbfk7rhyfw3qNg6PyWMk.roa (raw, json)
Hash identifier: FscOORpTfqN3VU6xgXaefACwzhDhkiN/VK4mcbqn87s=
Subject key identifier: 88:7D:C6:56:E9:CB:6D:F9:3B:AE:1C:9F:C3:7A:8D:83:A3:F2:58:C9
Certificate issuer: /CN=214826963868b2651cf0bd944538514a1200f285
Certificate serial: 01856D016F4BF6E3FA809B1836E3323F9319
Authority key identifier: 21:48:26:96:38:68:B2:65:1C:F0:BD:94:45:38:51:4A:12:00:F2:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IUgmljhosmUc8L2URThRShIA8oU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/92aa15-eb62-4f4a-b0d7-24e22482aee6/1/iH3GVunLbfk7rhyfw3qNg6PyWMk.roa
Signing time: Sun 01 Jan 2023 11:04:48 +0000
ROA not before: Sun 01 Jan 2023 11:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204561
IP address blocks: 178.211.131.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:6f:4b:f6:e3:fa:80:9b:18:36:e3:32:3f:93:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=214826963868b2651cf0bd944538514a1200f285
Validity
Not Before: Jan 1 11:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=887dc656e9cb6df93bae1c9fc37a8d83a3f258c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0c:16:1c:3e:1c:f8:f7:c7:6d:69:3c:83:44:
c0:21:44:89:84:7c:1d:bb:70:ba:89:4b:66:06:12:
99:da:1f:bb:9b:68:db:50:1a:db:c9:de:44:6b:21:
84:e7:5f:c4:89:a7:26:e8:f0:c0:2a:f4:a8:7a:99:
72:07:51:74:c7:7d:bc:ec:72:a5:ab:13:3c:91:a2:
b1:0e:19:92:0d:c4:81:e5:31:08:b5:ac:48:2f:2b:
07:05:d5:0d:22:01:e6:8a:25:b4:81:40:3e:1f:f3:
22:64:b6:73:b2:fc:86:d0:09:15:79:d4:79:23:bc:
5a:f4:a0:10:fd:0a:ca:d7:28:49:94:0b:00:bf:72:
93:73:f3:69:9f:c7:2a:c4:61:ba:57:f3:fd:e3:8a:
bb:95:a8:67:ea:78:ab:f7:be:0b:42:f4:b7:8c:14:
4c:de:b9:bb:fc:3d:a0:e5:1f:ff:43:7d:cb:e9:4f:
db:20:89:a0:7b:c7:a5:d2:2c:f3:d6:5f:91:a8:e0:
4d:ab:27:b8:13:a4:82:b0:8b:95:53:05:34:e8:ad:
67:85:47:b3:be:a5:43:17:08:8f:35:47:4e:1e:ca:
f6:fb:1a:30:fe:5a:3e:5d:7e:81:4b:56:30:fc:f0:
a5:6a:04:bf:77:d3:ed:96:e5:1d:0f:f0:40:97:53:
bd:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7D:C6:56:E9:CB:6D:F9:3B:AE:1C:9F:C3:7A:8D:83:A3:F2:58:C9
X509v3 Authority Key Identifier:
keyid:21:48:26:96:38:68:B2:65:1C:F0:BD:94:45:38:51:4A:12:00:F2:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IUgmljhosmUc8L2URThRShIA8oU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/92aa15-eb62-4f4a-b0d7-24e22482aee6/1/iH3GVunLbfk7rhyfw3qNg6PyWMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/92aa15-eb62-4f4a-b0d7-24e22482aee6/1/IUgmljhosmUc8L2URThRShIA8oU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.131.0/24
Signature Algorithm: sha256WithRSAEncryption
37:dd:56:a2:37:e1:ef:63:0b:e9:18:75:90:05:9e:9a:5c:95:
67:33:db:26:be:28:37:50:4e:23:54:02:7d:f7:db:87:5c:39:
93:8a:39:88:d6:03:4d:79:2f:9d:97:ce:35:40:43:57:62:05:
e8:67:b6:2b:d9:a2:21:a0:df:68:a2:4d:97:d4:07:96:90:c5:
3b:19:9e:5d:80:87:df:0e:ef:d7:21:92:17:0f:18:6f:cd:06:
cb:0a:5f:4b:6e:a1:05:c1:73:a9:45:df:bf:0f:5b:20:d4:be:
df:f3:83:cd:9e:c7:33:9c:48:08:fb:fd:9a:3b:6d:72:6d:46:
cd:24:a8:1d:75:02:e0:e7:0d:3f:e4:95:58:4f:1d:d1:ee:2e:
91:46:8d:de:1f:44:0f:57:d5:75:d6:bb:f3:a2:cf:12:e1:cd:
ea:57:b8:49:70:a2:8b:83:8a:f0:92:06:37:d2:d5:f5:11:a2:
49:e8:01:03:ee:5f:b9:60:f5:25:4d:77:9e:33:52:30:1f:ec:
6c:f2:8b:01:69:d0:11:97:ef:30:f6:24:6a:7e:42:4b:06:19:
2b:5f:7a:87:77:7a:34:4f:9d:f2:3e:0a:28:ae:cc:ec:0a:b2:
eb:bc:53:12:de:2d:81:7a:fd:dd:d8:08:c6:0a:f5:f1:d3:c2:
46:ab:49:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAW9L9uP6gJsYNuMyP5MZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNDgyNjk2Mzg2OGIyNjUxY2YwYmQ5NDQ1Mzg1MTRhMTIw
MGYyODUwHhcNMjMwMTAxMTEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODdkYzY1NmU5Y2I2ZGY5M2JhZTFjOWZjMzdhOGQ4M2EzZjI1OGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAwWHD4c+PfHbWk8g0TAIUSJhHwd
u3C6iUtmBhKZ2h+7m2jbUBrbyd5EayGE51/Eiacm6PDAKvSoeplyB1F0x3287HKl
qxM8kaKxDhmSDcSB5TEItaxILysHBdUNIgHmiiW0gUA+H/MiZLZzsvyG0AkVedR5
I7xa9KAQ/QrK1yhJlAsAv3KTc/Npn8cqxGG6V/P944q7lahn6nir974LQvS3jBRM
3rm7/D2g5R//Q33L6U/bIImge8el0izz1l+RqOBNqye4E6SCsIuVUwU06K1nhUez
vqVDFwiPNUdOHsr2+xow/lo+XX6BS1Yw/PClagS/d9PtluUdD/BAl1O97wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIh9xlbpy235O64cn8N6jYOj8ljJMB8GA1UdIwQY
MBaAFCFIJpY4aLJlHPC9lEU4UUoSAPKFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVVnbWxqaG9zbVVjOEwyVVJUaFJTaElBOG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC85MmFhMTUtZWI2Mi00ZjRhLWIwZDct
MjRlMjI0ODJhZWU2LzEvaUgzR1Z1bkxiZms3cmh5ZnczcU5nNlB5V01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC85MmFhMTUtZWI2Mi00ZjRhLWIwZDctMjRlMjI0ODJhZWU2
LzEvSVVnbWxqaG9zbVVjOEwyVVJUaFJTaElBOG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstODMA0G
CSqGSIb3DQEBCwUAA4IBAQA33VaiN+HvYwvpGHWQBZ6aXJVnM9smvig3UE4jVAJ9
99uHXDmTijmI1gNNeS+dl841QENXYgXoZ7Yr2aIhoN9ook2X1AeWkMU7GZ5dgIff
Du/XIZIXDxhvzQbLCl9LbqEFwXOpRd+/D1sg1L7f84PNnscznEgI+/2aO21ybUbN
JKgddQLg5w0/5JVYTx3R7i6RRo3eH0QPV9V11rvzos8S4c3qV7hJcKKLg4rwkgY3
0tX1EaJJ6AED7l+5YPUlTXeeM1IwH+xs8osBadARl+8w9iRqfkJLBhkrX3qHd3o0
T53yPgoorszsCrLrvFMS3i2Bev3d2AjGCvXx08JGq0l7
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:39:58 2024 by rpki-client on console-ams.rpki-client.org