Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/f0372a-c332-485f-b293-a6d2684a9425/1/R_lxWfgQTOLmhTSvcEavifsZnd0.roa
File: R_lxWfgQTOLmhTSvcEavifsZnd0.roa (raw, json)
Hash identifier: JhR5lpzoYrz6jyEiitnDCnTpbPn2Intn2GYtmPLIzlY=
Subject key identifier: 47:F9:71:59:F8:10:4C:E2:E6:85:34:AF:70:46:AF:89:FB:19:9D:DD
Certificate issuer: /CN=1f2cb35b874780cb93dc44210b9d79d6ed94fe5e
Certificate serial: 01856D01C506045B3E6EEE9D0F00AB4CF5AE
Authority key identifier: 1F:2C:B3:5B:87:47:80:CB:93:DC:44:21:0B:9D:79:D6:ED:94:FE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HyyzW4dHgMuT3EQhC5151u2U_l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/f0372a-c332-485f-b293-a6d2684a9425/1/R_lxWfgQTOLmhTSvcEavifsZnd0.roa
Signing time: Sun 01 Jan 2023 11:05:10 +0000
ROA not before: Sun 01 Jan 2023 11:05:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197745
IP address blocks: 217.196.184.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:c5:06:04:5b:3e:6e:ee:9d:0f:00:ab:4c:f5:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f2cb35b874780cb93dc44210b9d79d6ed94fe5e
Validity
Not Before: Jan 1 11:05:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47f97159f8104ce2e68534af7046af89fb199ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8f:a7:da:b0:22:c1:f6:59:cc:46:d1:0b:d0:
59:a2:56:b7:30:39:aa:2e:aa:9a:90:aa:64:46:a9:
cc:d5:02:14:1c:cd:a0:45:66:69:30:fd:a5:de:e6:
80:86:61:94:93:85:27:52:c1:aa:a9:cf:a5:1d:67:
ae:7e:0f:c3:5b:da:5e:7c:e1:8b:ba:a1:c4:0f:a7:
c4:ba:e0:1d:fc:65:b6:e7:45:5d:95:b5:6b:7a:f5:
81:90:cb:c4:a8:92:76:b4:9e:d2:4b:25:bc:34:37:
aa:81:ae:26:26:65:ca:36:96:21:3a:ac:c3:17:d2:
b4:d8:c4:8f:9e:82:b6:9e:cc:e6:fa:3a:bb:47:6f:
f6:4b:9b:4d:9f:4d:d5:89:0f:67:c6:a8:11:f8:c4:
d3:fc:b1:8a:01:a4:d1:f2:05:08:d8:d7:68:30:93:
28:04:49:c1:90:07:84:7f:eb:40:10:ef:fc:c9:e7:
62:bd:1f:c1:26:24:31:e6:38:64:7f:dc:13:ac:d8:
a1:cb:af:d4:9c:e8:8a:1b:a5:2f:99:f3:a8:b6:d6:
af:42:42:95:d5:5c:77:ec:34:16:01:2c:dc:ca:e7:
38:b0:b7:c5:ee:42:a2:a5:4e:ea:57:dd:d1:2b:82:
88:6c:28:1a:8c:09:f0:02:1e:bf:cd:ea:c9:07:51:
c0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F9:71:59:F8:10:4C:E2:E6:85:34:AF:70:46:AF:89:FB:19:9D:DD
X509v3 Authority Key Identifier:
keyid:1F:2C:B3:5B:87:47:80:CB:93:DC:44:21:0B:9D:79:D6:ED:94:FE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyyzW4dHgMuT3EQhC5151u2U_l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/f0372a-c332-485f-b293-a6d2684a9425/1/R_lxWfgQTOLmhTSvcEavifsZnd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/f0372a-c332-485f-b293-a6d2684a9425/1/HyyzW4dHgMuT3EQhC5151u2U_l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.184.0/21
Signature Algorithm: sha256WithRSAEncryption
95:ab:d7:95:85:a1:0e:fc:df:6e:92:45:7a:5a:8b:a2:2c:33:
1d:df:cf:00:72:a0:6c:85:c8:71:1c:82:6a:22:76:c8:a5:07:
44:fd:67:32:82:8b:1a:c5:45:62:b2:63:71:6f:c0:26:79:61:
3f:f7:8b:2b:c5:72:4f:9c:14:31:53:70:9e:d8:9c:7e:be:9a:
45:67:59:7d:51:35:16:89:a2:90:b9:da:5c:16:14:8e:b0:a4:
07:0d:b2:d1:98:c5:2e:52:15:44:6a:d3:e2:6b:7a:dd:78:bd:
17:f4:49:fd:09:ae:11:ef:9a:ac:2a:0c:77:b1:94:62:a1:05:
95:63:fb:67:4f:31:cd:93:fe:84:cd:ac:4a:0e:d3:82:05:fa:
b4:43:50:78:3d:e7:8c:0e:f6:af:52:62:45:72:a5:1f:c9:1e:
34:61:51:b7:f3:92:b5:53:dc:63:51:16:c8:ba:f0:0f:58:3c:
59:87:d2:4f:32:16:95:08:e1:ce:36:cc:6e:05:50:13:09:8e:
b2:14:30:0e:bd:65:e0:cf:46:29:33:59:a9:57:9e:42:14:5d:
03:8b:57:16:64:c2:78:b8:4f:1f:e3:01:d8:29:53:c6:da:d9:
cf:22:1a:4e:db:10:65:92:11:cc:1d:4d:96:49:cf:5e:6c:48:
2e:ac:4f:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAcUGBFs+bu6dDwCrTPWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMmNiMzViODc0NzgwY2I5M2RjNDQyMTBiOWQ3OWQ2ZWQ5
NGZlNWUwHhcNMjMwMTAxMTEwNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2Y5NzE1OWY4MTA0Y2UyZTY4NTM0YWY3MDQ2YWY4OWZiMTk5ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI+n2rAiwfZZzEbRC9BZola3MDmq
LqqakKpkRqnM1QIUHM2gRWZpMP2l3uaAhmGUk4UnUsGqqc+lHWeufg/DW9pefOGL
uqHED6fEuuAd/GW250VdlbVrevWBkMvEqJJ2tJ7SSyW8NDeqga4mJmXKNpYhOqzD
F9K02MSPnoK2nszm+jq7R2/2S5tNn03ViQ9nxqgR+MTT/LGKAaTR8gUI2NdoMJMo
BEnBkAeEf+tAEO/8yedivR/BJiQx5jhkf9wTrNihy6/UnOiKG6UvmfOottavQkKV
1Vx37DQWASzcyuc4sLfF7kKipU7qV93RK4KIbCgajAnwAh6/zerJB1HArwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEf5cVn4EEzi5oU0r3BGr4n7GZ3dMB8GA1UdIwQY
MBaAFB8ss1uHR4DLk9xEIQudedbtlP5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHl5elc0ZEhnTXVUM0VRaEM1MTUxdTJVX2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9mMDM3MmEtYzMzMi00ODVmLWIyOTMt
YTZkMjY4NGE5NDI1LzEvUl9seFdmZ1FUT0xtaFRTdmNFYXZpZnNabmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9mMDM3MmEtYzMzMi00ODVmLWIyOTMtYTZkMjY4NGE5NDI1
LzEvSHl5elc0ZEhnTXVUM0VRaEM1MTUxdTJVX2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2cS4MA0G
CSqGSIb3DQEBCwUAA4IBAQCVq9eVhaEO/N9ukkV6WouiLDMd388AcqBshchxHIJq
InbIpQdE/WcygosaxUVismNxb8AmeWE/94srxXJPnBQxU3Ce2Jx+vppFZ1l9UTUW
iaKQudpcFhSOsKQHDbLRmMUuUhVEatPia3rdeL0X9En9Ca4R75qsKgx3sZRioQWV
Y/tnTzHNk/6EzaxKDtOCBfq0Q1B4PeeMDvavUmJFcqUfyR40YVG385K1U9xjURbI
uvAPWDxZh9JPMhaVCOHONsxuBVATCY6yFDAOvWXgz0YpM1mpV55CFF0Di1cWZMJ4
uE8f4wHYKVPG2tnPIhpO2xBlkhHMHU2WSc9ebEgurE8b
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:44 2024 by rpki-client on console-ams.rpki-client.org