Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/dIWpcU7hhgj939h_H1W5p3EUstQ.roa
File: dIWpcU7hhgj939h_H1W5p3EUstQ.roa (raw, json)
Hash identifier: eKpquPc+xNNiirgRVDk0Upi1AWwet78mBJ3zlyzh7S8=
Subject key identifier: 74:85:A9:71:4E:E1:86:08:FD:DF:D8:7F:1F:55:B9:A7:71:14:B2:D4
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 01867E08E4770585F4329B3C8390E9E7B8D8
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/dIWpcU7hhgj939h_H1W5p3EUstQ.roa
Signing time: Thu 23 Feb 2023 11:29:17 +0000
ROA not before: Thu 23 Feb 2023 11:29:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1921
IP address blocks: 194.0.24.0/24 maxlen: 24
194.0.26.0/24 maxlen: 24
2001:678:20::/48 maxlen: 48
2a02:850:ffe5::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:67c:1bc::/48 maxlen: 48
2001:678:24::/48 maxlen: 48
2a02:850:ffe4::/48 maxlen: 48
2a02:850:ffe2::/48 maxlen: 48
2a02:850:ffe3::/48 maxlen: 48
2a02:850:ffe6::/48 maxlen: 48
2a02:850:ffe1::/48 maxlen: 48
2a02:850:ffe7::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:08:e4:77:05:85:f4:32:9b:3c:83:90:e9:e7:b8:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Feb 23 11:29:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7485a9714ee18608fddfd87f1f55b9a77114b2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c4:c8:4e:48:d4:bd:b9:1a:e9:55:d7:05:7b:
a5:3b:c6:5d:2e:aa:c7:18:6d:2b:cd:07:82:72:15:
41:50:c4:61:64:ae:6a:2f:4b:dc:a4:24:c0:36:d5:
07:be:db:06:54:dc:6a:60:17:21:38:7b:13:23:8f:
f1:bc:fd:ea:3a:2b:9a:91:34:ef:49:b0:3f:6a:0f:
e1:ad:06:43:d1:4c:74:59:6e:6e:53:12:2a:3a:c1:
24:ca:20:0d:5c:a4:4a:83:f8:b0:74:74:57:ec:c1:
09:f7:cb:d3:9b:38:1b:85:eb:5b:4d:95:cf:5f:58:
3b:77:62:ed:cf:46:a9:c8:f6:ce:d0:da:bb:d3:a5:
56:00:6c:97:a4:92:bc:c0:cb:91:70:75:b7:93:0e:
27:f3:80:7d:6c:23:68:70:bd:10:8a:3e:2b:bd:73:
77:22:7e:c0:8a:10:0f:d0:1e:71:8c:e4:37:21:6b:
72:2a:2b:a9:aa:a7:b8:e9:a4:5e:c3:31:73:00:2c:
73:cf:aa:86:07:f2:c4:c2:92:fa:60:b7:c3:c1:13:
ae:71:ed:02:bd:41:4a:ad:73:52:a6:c7:c0:72:d0:
1c:1f:74:9d:3b:f3:7e:e6:9a:fb:30:65:13:42:c4:
ad:02:19:ca:2b:da:b1:06:d3:e1:4a:bc:25:e8:c9:
60:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:85:A9:71:4E:E1:86:08:FD:DF:D8:7F:1F:55:B9:A7:71:14:B2:D4
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/dIWpcU7hhgj939h_H1W5p3EUstQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.24.0/24
194.0.26.0/24
IPv6:
2001:678:20::/48
2001:678:24::/48
2001:67c:1bc::/48
2a02:850:ffe0::/45
Signature Algorithm: sha256WithRSAEncryption
4c:48:b5:11:06:6f:8f:b1:f9:0c:cb:37:4b:e3:bc:69:40:3c:
2e:7c:60:7f:52:3e:11:a7:95:78:b9:22:fa:20:59:45:a5:16:
7f:5b:21:d9:64:3d:c8:22:63:3b:2e:5b:52:98:8c:6d:ec:37:
63:6a:5b:d8:ec:88:ea:86:aa:d1:75:32:8e:4a:e8:c1:b5:3c:
5c:2e:5a:de:5d:91:55:15:cc:19:b4:e9:69:cf:7b:24:9d:07:
d3:38:6a:57:f5:0e:f1:d1:94:56:08:40:e1:d0:8f:ac:76:3c:
31:2c:05:7b:5f:76:d7:96:30:ca:a0:01:be:3e:04:ff:a2:69:
3a:09:bb:be:ea:29:10:fc:6f:07:4d:81:c2:17:65:26:47:0c:
dd:21:a3:43:fe:75:bb:27:f9:b9:3d:7d:e9:23:b7:e2:a5:e1:
2c:21:2e:6e:fe:25:8f:98:fa:96:f8:33:d8:5d:ee:d6:d4:81:
d2:29:e3:b4:75:20:ad:2c:8a:c0:4d:86:6e:6b:ed:7a:45:1b:
99:bc:49:fb:46:fb:de:1c:6c:33:79:f7:69:1f:99:5a:97:ae:
07:75:0d:08:02:6d:f2:77:6e:bf:00:e7:36:da:1e:34:27:7b:
8d:f2:a3:dc:5a:f9:24:cd:11:3b:cd:db:47:f0:1c:77:2b:65:
7c:fb:9a:54
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYZ+COR3BYX0Mps8g5Dp57jYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwMjIzMTEyOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDg1YTk3MTRlZTE4NjA4ZmRkZmQ4N2YxZjU1YjlhNzcxMTRiMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcTITkjUvbka6VXXBXulO8ZdLqrH
GG0rzQeCchVBUMRhZK5qL0vcpCTANtUHvtsGVNxqYBchOHsTI4/xvP3qOiuakTTv
SbA/ag/hrQZD0Ux0WW5uUxIqOsEkyiANXKRKg/iwdHRX7MEJ98vTmzgbhetbTZXP
X1g7d2Ltz0apyPbO0Nq706VWAGyXpJK8wMuRcHW3kw4n84B9bCNocL0Qij4rvXN3
In7AihAP0B5xjOQ3IWtyKiupqqe46aRewzFzACxzz6qGB/LEwpL6YLfDwROuce0C
vUFKrXNSpsfActAcH3SdO/N+5pr7MGUTQsStAhnKK9qxBtPhSrwl6MlgzQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHSFqXFO4YYI/d/Yfx9VuadxFLLUMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvZElXcGNVN2hoZ2o5MzloX0gxVzVwM0VVc3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQAwgAYAwQA
wgAaMCoEAgACMCQDBwAgAQZ4ACADBwAgAQZ4ACQDBwAgAQZ8AbwDBwMqAghQ/+Aw
DQYJKoZIhvcNAQELBQADggEBAExItREGb4+x+QzLN0vjvGlAPC58YH9SPhGnlXi5
IvogWUWlFn9bIdlkPcgiYzsuW1KYjG3sN2NqW9jsiOqGqtF1Mo5K6MG1PFwuWt5d
kVUVzBm06WnPeySdB9M4alf1DvHRlFYIQOHQj6x2PDEsBXtfdteWMMqgAb4+BP+i
aToJu77qKRD8bwdNgcIXZSZHDN0ho0P+dbsn+bk9fekjt+Kl4SwhLm7+JY+Y+pb4
M9hd7tbUgdIp47R1IK0sisBNhm5r7XpFG5m8SftG+94cbDN592kfmVqXrgd1DQgC
bfJ3br8A5zbaHjQne43yo9xa+STNETvN20fwHHcrZXz7mlQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:27 2023 by rpki-client on console-fra.rpki-client.org