Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/3Iq1K1U-FCCs7RtOtjAr0qwKaKg.roa
File: 3Iq1K1U-FCCs7RtOtjAr0qwKaKg.roa (raw, json)
Hash identifier: +neFHWwD6b8VvINC9/deg0nqVS1VUNlnAwUOE59dRSA=
Subject key identifier: DC:8A:B5:2B:55:3E:14:20:AC:ED:1B:4E:B6:30:2B:D2:AC:0A:68:A8
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018C96B7D2A6D8163A1B5D305D6BA06A61E7
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/3Iq1K1U-FCCs7RtOtjAr0qwKaKg.roa
Signing time: Sat 23 Dec 2023 12:47:58 +0000
ROA not before: Sat 23 Dec 2023 12:47:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 194.120.144.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:b7:d2:a6:d8:16:3a:1b:5d:30:5d:6b:a0:6a:61:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Dec 23 12:47:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc8ab52b553e1420aced1b4eb6302bd2ac0a68a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ff:65:ed:fb:0d:c5:b2:10:b3:62:32:e6:3e:
f7:83:2f:95:6f:65:c7:2a:08:b5:fe:f4:e5:96:ee:
f0:0f:2b:30:b0:a9:af:ae:b6:8d:d7:a1:46:e4:a3:
f6:bb:bd:24:ea:59:c9:3e:af:b5:93:11:c9:6a:18:
ca:79:a0:b1:a3:2b:ac:dd:dc:d0:37:79:0f:79:a3:
26:0c:85:4f:2b:df:c1:99:3d:ed:45:c3:39:19:71:
5a:95:8b:f7:54:00:9a:de:f1:3b:7b:dd:b4:2a:0c:
22:3a:aa:02:69:77:62:91:4c:b0:1c:fc:e1:da:e6:
d9:8d:a2:93:b7:fa:e7:59:d7:c0:95:b6:eb:33:4f:
13:72:b0:58:e2:aa:76:02:f5:c9:e9:94:d7:3a:ae:
35:13:4f:18:b3:30:60:7b:3e:20:f3:80:6c:6c:5e:
73:cf:1f:73:ac:87:d7:7a:30:f4:df:c9:e9:91:4a:
8c:0c:f5:04:08:08:9d:d5:80:39:70:42:63:e5:83:
1c:8f:de:11:b3:30:ae:a4:a4:7e:ce:6b:73:85:b5:
d4:c9:99:38:50:19:47:9c:32:0d:da:79:f2:23:9d:
ac:a2:18:0b:b8:75:c8:a8:c7:1d:b7:49:aa:00:6d:
c8:bd:df:0e:e4:1e:21:2e:66:81:76:a6:15:9e:95:
95:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8A:B5:2B:55:3E:14:20:AC:ED:1B:4E:B6:30:2B:D2:AC:0A:68:A8
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/3Iq1K1U-FCCs7RtOtjAr0qwKaKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.120.144.0/24
Signature Algorithm: sha256WithRSAEncryption
59:58:d4:ba:dc:01:1e:08:f6:c1:35:7a:fe:61:ad:68:81:d7:
d2:32:d5:4d:6a:b6:ed:23:d8:37:74:fd:5e:7c:64:45:1f:c9:
ac:46:18:15:04:e6:f5:b9:b0:14:6a:cf:78:27:e0:b6:3b:d1:
1a:35:5c:4a:5e:0a:d3:31:1a:3e:08:32:38:5c:2e:b8:40:3e:
76:4e:12:8a:a0:f0:8e:71:1b:2a:ff:c2:5e:b9:83:4d:c1:8b:
be:f7:2a:ba:4a:c0:7a:5f:9a:f5:44:d5:28:25:9b:c5:61:c8:
57:93:e4:e0:94:52:11:cd:3e:83:b9:9a:a7:fd:33:e1:95:b8:
69:79:dc:47:88:3c:51:41:b3:41:b9:7d:8a:30:3c:54:9a:62:
ca:40:f0:d3:91:1f:70:80:77:5b:53:ae:29:05:5d:47:f4:f3:
6b:89:1b:e7:56:0f:0e:d5:da:b0:a0:7f:b2:87:97:8f:e8:de:
79:20:34:b4:fb:82:f6:07:b8:30:ec:04:22:3f:ee:7b:6e:f3:
1a:1a:8c:1f:9f:24:e3:53:bc:b1:70:c3:db:51:fe:84:8f:96:
de:ca:ae:2a:ab:bf:00:7d:fa:8d:1e:6d:6d:01:bf:53:d5:4f:
d8:67:9b:66:40:cf:2d:cb:ef:30:c3:80:d4:10:fd:d6:ea:65:
5a:74:33:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyWt9Km2BY6G10wXWugamHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMxMjIzMTI0NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzhhYjUyYjU1M2UxNDIwYWNlZDFiNGViNjMwMmJkMmFjMGE2OGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv9l7fsNxbIQs2Iy5j73gy+Vb2XH
Kgi1/vTllu7wDyswsKmvrraN16FG5KP2u70k6lnJPq+1kxHJahjKeaCxoyus3dzQ
N3kPeaMmDIVPK9/BmT3tRcM5GXFalYv3VACa3vE7e920KgwiOqoCaXdikUywHPzh
2ubZjaKTt/rnWdfAlbbrM08TcrBY4qp2AvXJ6ZTXOq41E08YszBgez4g84BsbF5z
zx9zrIfXejD038npkUqMDPUECAid1YA5cEJj5YMcj94RszCupKR+zmtzhbXUyZk4
UBlHnDIN2nnyI52sohgLuHXIqMcdt0mqAG3Ivd8O5B4hLmaBdqYVnpWV1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyKtStVPhQgrO0bTrYwK9KsCmioMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvM0lxMUsxVS1GQ0NzN1J0T3RqQXIwcXdLYUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwniQMA0G
CSqGSIb3DQEBCwUAA4IBAQBZWNS63AEeCPbBNXr+Ya1ogdfSMtVNarbtI9g3dP1e
fGRFH8msRhgVBOb1ubAUas94J+C2O9EaNVxKXgrTMRo+CDI4XC64QD52ThKKoPCO
cRsq/8JeuYNNwYu+9yq6SsB6X5r1RNUoJZvFYchXk+TglFIRzT6DuZqn/TPhlbhp
edxHiDxRQbNBuX2KMDxUmmLKQPDTkR9wgHdbU64pBV1H9PNriRvnVg8O1dqwoH+y
h5eP6N55IDS0+4L2B7gw7AQiP+57bvMaGowfnyTjU7yxcMPbUf6Ej5beyq4qq78A
ffqNHm1tAb9T1U/YZ5tmQM8ty+8ww4DUEP3W6mVadDO0
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:13 2024 by rpki-client on console-ams.rpki-client.org