Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/q3YjknVtr37Fu6LDip7n-DlHwG8.roa
File: q3YjknVtr37Fu6LDip7n-DlHwG8.roa (raw, json)
Hash identifier: N2McR2YfcjqfVl+Z8xjIXNabjp9GgwsksO2vW6G6+AE=
Subject key identifier: AB:76:23:92:75:6D:AF:7E:C5:BB:A2:C3:8A:9E:E7:F8:39:47:C0:6F
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018572280CEE9E27197C0B55F99BF9A13AEB
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/q3YjknVtr37Fu6LDip7n-DlHwG8.roa
Signing time: Mon 02 Jan 2023 11:05:05 +0000
ROA not before: Mon 02 Jan 2023 11:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35423
IP address blocks: 82.194.231.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:0c:ee:9e:27:19:7c:0b:55:f9:9b:f9:a1:3a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 11:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab762392756daf7ec5bba2c38a9ee7f83947c06f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c3:81:30:b4:97:2f:44:24:1a:f5:d8:a1:7f:
b3:0c:6f:42:c9:9b:56:16:77:20:0d:6d:c5:7b:10:
03:c2:eb:d3:94:9e:4b:1b:a8:a9:48:f4:95:05:86:
15:71:35:e9:92:ad:4f:42:cd:15:f0:50:53:42:4f:
1b:97:52:9d:c7:1b:fb:15:48:43:91:1f:83:df:c1:
8b:7e:b7:2e:f2:4c:66:7f:0b:ed:dc:19:5e:d9:c6:
89:73:aa:8b:4e:b1:03:6c:8c:23:2c:17:7d:c1:65:
05:1b:77:03:46:b0:5e:64:5e:6c:0f:e8:98:ec:db:
aa:4f:fe:da:7c:f5:f1:21:95:67:52:c8:72:76:3f:
99:74:23:46:b4:fa:ab:82:d9:f5:51:83:c5:7a:64:
04:bf:7a:8e:ee:54:44:7e:0c:08:c8:9f:66:e1:c4:
39:0f:85:7b:08:c4:3e:09:e5:d3:a8:50:67:60:83:
79:d6:f6:1b:9b:71:96:72:a5:e1:18:fe:ed:4d:54:
be:dc:94:9f:ac:9c:bf:68:0b:05:7e:e6:e5:ef:ae:
72:36:8e:4c:99:9a:17:87:fb:59:48:98:34:ad:61:
1e:60:59:87:4e:d5:a2:5b:8e:61:df:21:c2:c3:66:
b5:34:53:9d:c5:3d:5d:6f:6d:3a:c8:a1:ca:91:9d:
73:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:76:23:92:75:6D:AF:7E:C5:BB:A2:C3:8A:9E:E7:F8:39:47:C0:6F
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/q3YjknVtr37Fu6LDip7n-DlHwG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.194.231.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:73:3e:47:49:40:07:48:a7:bc:06:b7:ea:d3:d5:ff:f9:4d:
15:19:42:e0:c5:96:38:8c:55:fa:7e:1e:0b:c4:7c:74:18:5b:
9f:29:f1:96:cb:49:22:ab:72:84:79:99:da:ea:c4:08:00:be:
38:f8:21:43:9a:0b:ba:4f:96:8a:06:1b:94:7b:c7:38:24:4d:
dd:bc:85:18:3d:e5:06:ce:2f:fc:40:18:cf:cd:8d:77:2b:91:
8b:8a:2f:7f:56:25:9f:97:6d:c6:67:52:82:a0:a1:b6:f5:9c:
88:3f:54:37:c4:38:a6:bd:ca:f7:eb:91:a9:8b:b5:a5:1f:15:
f0:bd:cb:53:01:2b:93:db:54:52:c1:cd:3e:e8:c3:c1:93:91:
99:35:2e:5e:9d:b2:5d:86:b3:2d:82:ae:6d:c4:11:1c:0e:35:
40:04:e0:f0:32:1d:e3:06:42:44:3f:a0:72:16:64:6e:f5:3c:
65:80:92:5d:59:fb:fe:f8:ad:b0:08:1b:a1:89:e7:1d:05:74:
72:e9:ea:3c:f1:4b:5a:ba:b0:d8:79:40:67:d2:7e:3e:67:8d:
99:0b:ad:15:3b:c4:37:f4:04:e9:42:f4:8e:7f:1c:2e:e6:7d:
61:e3:75:c6:80:fb:85:44:ab:8b:8b:ba:47:3f:b7:b4:2c:2c:
4f:62:96:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyKAzunicZfAtV+Zv5oTrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjMwMTAyMTEwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjc2MjM5Mjc1NmRhZjdlYzViYmEyYzM4YTllZTdmODM5NDdjMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8OBMLSXL0QkGvXYoX+zDG9CyZtW
FncgDW3FexADwuvTlJ5LG6ipSPSVBYYVcTXpkq1PQs0V8FBTQk8bl1Kdxxv7FUhD
kR+D38GLfrcu8kxmfwvt3Ble2caJc6qLTrEDbIwjLBd9wWUFG3cDRrBeZF5sD+iY
7NuqT/7afPXxIZVnUshydj+ZdCNGtPqrgtn1UYPFemQEv3qO7lREfgwIyJ9m4cQ5
D4V7CMQ+CeXTqFBnYIN51vYbm3GWcqXhGP7tTVS+3JSfrJy/aAsFfubl765yNo5M
mZoXh/tZSJg0rWEeYFmHTtWiW45h3yHCw2a1NFOdxT1db206yKHKkZ1zzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKt2I5J1ba9+xbuiw4qe5/g5R8BvMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvcTNZamtuVnRyMzdGdTZMRGlwN24tRGxId0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUsLnMA0G
CSqGSIb3DQEBCwUAA4IBAQCNcz5HSUAHSKe8Brfq09X/+U0VGULgxZY4jFX6fh4L
xHx0GFufKfGWy0kiq3KEeZna6sQIAL44+CFDmgu6T5aKBhuUe8c4JE3dvIUYPeUG
zi/8QBjPzY13K5GLii9/ViWfl23GZ1KCoKG29ZyIP1Q3xDimvcr365Gpi7WlHxXw
vctTASuT21RSwc0+6MPBk5GZNS5enbJdhrMtgq5txBEcDjVABODwMh3jBkJEP6By
FmRu9TxlgJJdWfv++K2wCBuhiecdBXRy6eo88UtaurDYeUBn0n4+Z42ZC60VO8Q3
9ATpQvSOfxwu5n1h43XGgPuFRKuLi7pHP7e0LCxPYpbU
-----END CERTIFICATE-----
Generated at Tue Dec 26 06:33:24 2023 by rpki-client on console-ams.rpki-client.org