Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/GaOXIGCNrlbYuFALhVRF_Xn5J4c.roa
File: GaOXIGCNrlbYuFALhVRF_Xn5J4c.roa (raw, json)
Hash identifier: 2hvKnl8OSSxMYwft3fdaUZqLz3+wX5e2/U8RyCXaXqw=
Subject key identifier: 19:A3:97:20:60:8D:AE:56:D8:B8:50:0B:85:54:45:FD:79:F9:27:87
Certificate issuer: /CN=d45a8d91fe44f1a9639aed561c1bcafcbf10b25d
Certificate serial: 018573283BFEC142A98D9EFFD457B28F2A87
Authority key identifier: D4:5A:8D:91:FE:44:F1:A9:63:9A:ED:56:1C:1B:CA:FC:BF:10:B2:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FqNkf5E8aljmu1WHBvK_L8Qsl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/GaOXIGCNrlbYuFALhVRF_Xn5J4c.roa
Signing time: Mon 02 Jan 2023 15:44:54 +0000
ROA not before: Mon 02 Jan 2023 15:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24956
IP address blocks: 194.120.234.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:3b:fe:c1:42:a9:8d:9e:ff:d4:57:b2:8f:2a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45a8d91fe44f1a9639aed561c1bcafcbf10b25d
Validity
Not Before: Jan 2 15:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19a39720608dae56d8b8500b855445fd79f92787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5d:03:aa:91:9d:4d:e5:24:ed:ae:37:27:d0:
97:11:0b:07:d3:e4:01:43:88:80:7c:c8:f1:17:d0:
1e:c8:f8:4d:c2:e3:23:ca:0e:17:e8:60:3d:33:21:
dd:06:e3:b4:ce:01:ae:54:c7:ff:df:5c:63:4c:e9:
42:24:50:2a:f8:d3:e6:b0:c4:01:af:79:f2:fa:7b:
80:91:8c:10:47:a9:8c:27:22:5b:8c:42:1b:27:66:
57:98:d2:21:ab:89:52:e4:a9:29:2c:4a:7b:d8:67:
6c:65:ed:a9:8e:ee:52:c0:4a:3f:96:47:4a:a9:d3:
9f:80:82:76:cd:2b:dc:17:01:81:7b:d1:44:8f:d8:
39:80:1c:64:6c:95:f0:71:f7:02:68:3f:4e:6c:3b:
ce:40:4a:e1:98:b7:45:53:3c:97:ba:7d:31:cf:76:
65:b9:54:4d:6e:55:db:01:6f:a0:7a:d2:ec:45:2d:
6a:e7:1d:01:7e:67:f7:0f:50:5f:88:36:2a:d1:fa:
8e:6b:8a:0b:07:26:8b:4e:d3:34:f3:89:18:91:01:
93:ea:49:2c:ab:1e:9f:e6:f5:3c:b4:90:e1:f6:38:
4e:3a:32:f7:ea:c2:65:e7:c9:6b:4b:20:2f:29:ba:
a9:a1:5e:05:25:e2:7e:57:a3:d6:14:5b:df:b0:b2:
da:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A3:97:20:60:8D:AE:56:D8:B8:50:0B:85:54:45:FD:79:F9:27:87
X509v3 Authority Key Identifier:
keyid:D4:5A:8D:91:FE:44:F1:A9:63:9A:ED:56:1C:1B:CA:FC:BF:10:B2:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FqNkf5E8aljmu1WHBvK_L8Qsl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/GaOXIGCNrlbYuFALhVRF_Xn5J4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/1FqNkf5E8aljmu1WHBvK_L8Qsl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.120.234.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:31:0b:47:07:df:e2:fb:c5:e5:34:4a:77:b3:ed:54:a8:d7:
aa:46:ec:db:70:e4:91:7f:63:3c:df:ef:b4:80:25:f0:aa:2b:
75:e4:b7:30:91:46:2c:35:f7:cf:6f:a0:f4:04:15:83:bd:07:
01:b7:42:0e:51:ea:02:bd:fb:46:fc:82:35:ef:7c:c2:24:df:
f9:dd:4f:cd:ce:40:46:3d:47:ea:a3:4c:0a:47:07:d9:b3:c8:
25:59:0c:43:23:a1:23:59:5d:3e:98:fa:e3:2a:29:ea:57:a7:
e3:85:c3:97:a5:0c:98:8a:d2:57:c4:71:37:18:09:53:4f:ec:
df:dd:6a:8f:49:fd:df:72:85:53:ea:cb:42:0d:71:0b:a4:6f:
06:f5:e6:a3:78:ae:00:b4:71:9b:f5:3d:6b:02:d7:a0:a1:5a:
a8:ed:9e:b0:32:74:fb:b3:ca:43:4f:91:5e:12:d4:9c:7d:a9:
07:01:48:f5:33:e1:88:52:d8:4a:6a:9a:19:c1:51:8a:3a:9f:
a3:98:06:b7:6b:d0:28:08:90:a6:31:d2:3d:0e:5f:e5:db:c7:
dd:8c:a9:40:d5:36:49:23:b0:fd:0c:64:08:e3:42:d8:19:e1:
d6:db:24:d8:90:28:5e:ba:b7:a2:1f:45:13:8a:7f:5a:b9:9e:
7f:b1:5a:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzKDv+wUKpjZ7/1FeyjyqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWE4ZDkxZmU0NGYxYTk2MzlhZWQ1NjFjMWJjYWZjYmYx
MGIyNWQwHhcNMjMwMTAyMTU0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWEzOTcyMDYwOGRhZTU2ZDhiODUwMGI4NTU0NDVmZDc5ZjkyNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil0DqpGdTeUk7a43J9CXEQsH0+QB
Q4iAfMjxF9AeyPhNwuMjyg4X6GA9MyHdBuO0zgGuVMf/31xjTOlCJFAq+NPmsMQB
r3ny+nuAkYwQR6mMJyJbjEIbJ2ZXmNIhq4lS5KkpLEp72GdsZe2pju5SwEo/lkdK
qdOfgIJ2zSvcFwGBe9FEj9g5gBxkbJXwcfcCaD9ObDvOQErhmLdFUzyXun0xz3Zl
uVRNblXbAW+getLsRS1q5x0Bfmf3D1BfiDYq0fqOa4oLByaLTtM084kYkQGT6kks
qx6f5vU8tJDh9jhOOjL36sJl58lrSyAvKbqpoV4FJeJ+V6PWFFvfsLLaKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBmjlyBgja5W2LhQC4VURf15+SeHMB8GA1UdIwQY
MBaAFNRajZH+RPGpY5rtVhwbyvy/ELJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZxTmtmNUU4YWxqbXUxV0hCdktfTDhRc2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mYWM0MDYtMWQ5Yi00NjFkLTg1NWIt
NTg4NjVkMWUxNGUwLzEvR2FPWElHQ05ybGJZdUZBTGhWUkZfWG41SjRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mYWM0MDYtMWQ5Yi00NjFkLTg1NWItNTg4NjVkMWUxNGUw
LzEvMUZxTmtmNUU4YWxqbXUxV0hCdktfTDhRc2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnjqMA0G
CSqGSIb3DQEBCwUAA4IBAQC5MQtHB9/i+8XlNEp3s+1UqNeqRuzbcOSRf2M83++0
gCXwqit15LcwkUYsNffPb6D0BBWDvQcBt0IOUeoCvftG/II173zCJN/53U/NzkBG
PUfqo0wKRwfZs8glWQxDI6EjWV0+mPrjKinqV6fjhcOXpQyYitJXxHE3GAlTT+zf
3WqPSf3fcoVT6stCDXELpG8G9eajeK4AtHGb9T1rAtegoVqo7Z6wMnT7s8pDT5Fe
EtScfakHAUj1M+GIUthKapoZwVGKOp+jmAa3a9AoCJCmMdI9Dl/l28fdjKlA1TZJ
I7D9DGQI40LYGeHW2yTYkCheureiH0UTin9auZ5/sVoJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:42 2024 by rpki-client on console-ams.rpki-client.org