Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/gSkD0JAvLbxItOZdOwvd89DwA4s.roa
File: gSkD0JAvLbxItOZdOwvd89DwA4s.roa (raw, json)
Hash identifier: u0rESYKieECtKYUDjufM4nmoAC2QR6eDpZhb5YC0mYw=
Subject key identifier: 81:29:03:D0:90:2F:2D:BC:48:B4:E6:5D:3B:0B:DD:F3:D0:F0:03:8B
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 01856C1CAE284CCAC1E2D34D5007A0E067AC
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/gSkD0JAvLbxItOZdOwvd89DwA4s.roa
Signing time: Sun 01 Jan 2023 06:54:57 +0000
ROA not before: Sun 01 Jan 2023 06:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43477
IP address blocks: 194.191.17.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:ae:28:4c:ca:c1:e2:d3:4d:50:07:a0:e0:67:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jan 1 06:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=812903d0902f2dbc48b4e65d3b0bddf3d0f0038b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a9:e1:3c:98:f6:41:4c:81:8e:3e:8c:15:29:
e8:25:e7:8e:19:81:e1:08:87:ac:29:cb:04:1f:17:
38:a4:5f:93:4b:3a:fe:cc:5e:c0:eb:75:66:25:9c:
d0:c1:24:4d:3b:b5:b7:2d:a3:ae:9f:26:0f:7e:00:
54:42:f6:44:f9:08:18:1d:83:89:96:32:cf:3c:09:
1c:5e:49:b7:41:4d:d6:d6:d5:9e:5e:26:78:99:5a:
a4:d3:f9:1b:68:cf:79:bd:af:32:4e:d8:b0:de:8e:
06:81:95:76:ad:e3:23:83:7c:18:9d:6c:81:0a:50:
2b:fe:06:98:97:54:bb:18:86:86:3f:3b:8d:b6:63:
52:a5:b9:fd:23:09:13:5c:b6:ea:22:c9:a5:4d:68:
67:2f:ad:4c:06:ca:1f:75:b1:3f:64:7e:01:79:0e:
55:18:f5:1d:2c:e8:43:cd:bf:0d:3d:f2:30:fd:24:
2a:d1:4b:3f:9c:c0:52:a1:36:89:3b:d7:bb:00:0c:
a1:80:c3:d7:ef:0b:18:08:69:23:2f:87:f5:37:ac:
59:a8:f1:ce:b8:1d:2b:c4:10:51:b7:b2:09:f3:20:
97:be:88:a3:c0:a7:da:d9:8a:21:47:9f:3f:47:0e:
a4:84:3c:c5:2e:12:8c:89:50:a0:58:8f:d4:9a:d3:
c3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:29:03:D0:90:2F:2D:BC:48:B4:E6:5D:3B:0B:DD:F3:D0:F0:03:8B
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/gSkD0JAvLbxItOZdOwvd89DwA4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.191.17.0/24
Signature Algorithm: sha256WithRSAEncryption
76:1a:9b:24:f7:ad:f4:a5:c2:78:cc:a6:16:f9:08:83:07:a0:
b7:98:df:9c:73:b5:12:f5:8e:27:58:21:b2:61:13:81:a2:90:
c5:2a:01:c6:a6:4c:f0:49:b9:7c:15:e2:b9:63:f3:5d:6a:5b:
34:0f:59:00:4e:94:3a:07:c2:c8:21:d7:88:96:73:51:e1:61:
ea:ec:5d:0c:29:b9:89:8b:63:98:1c:a2:fb:4a:35:ea:33:38:
71:d1:e6:51:15:c6:02:6c:8e:0a:c5:fd:15:9e:24:20:1c:98:
e8:b8:1e:bd:ab:b0:b8:4d:e1:7f:17:e3:42:87:b1:73:c3:63:
17:ca:57:cd:ce:42:b9:47:31:da:5d:a8:c6:6e:3a:82:06:b3:
06:41:8d:98:73:38:cd:4b:59:a0:fd:93:a5:b9:7d:e0:e2:31:
bd:f2:1a:76:dd:e2:1d:6c:09:c6:48:6c:48:a6:2f:8b:d5:5c:
9b:b4:87:d9:5e:63:4d:9e:b0:06:ae:33:7a:ed:94:73:6d:ec:
f4:25:55:b4:59:7c:c9:e7:d8:a4:ca:d9:45:41:90:5e:de:34:
e0:80:c2:ea:50:6d:a0:51:42:ed:fe:7c:81:0c:d4:5b:c5:77:
a5:3b:4c:c9:1d:20:86:da:0a:bb:6e:ca:a7:f3:fc:9d:c9:2d:
ec:23:03:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHK4oTMrB4tNNUAeg4GesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjMwMTAxMDY1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTI5MDNkMDkwMmYyZGJjNDhiNGU2NWQzYjBiZGRmM2QwZjAwMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6nhPJj2QUyBjj6MFSnoJeeOGYHh
CIesKcsEHxc4pF+TSzr+zF7A63VmJZzQwSRNO7W3LaOunyYPfgBUQvZE+QgYHYOJ
ljLPPAkcXkm3QU3W1tWeXiZ4mVqk0/kbaM95va8yTtiw3o4GgZV2reMjg3wYnWyB
ClAr/gaYl1S7GIaGPzuNtmNSpbn9IwkTXLbqIsmlTWhnL61MBsofdbE/ZH4BeQ5V
GPUdLOhDzb8NPfIw/SQq0Us/nMBSoTaJO9e7AAyhgMPX7wsYCGkjL4f1N6xZqPHO
uB0rxBBRt7IJ8yCXvoijwKfa2YohR58/Rw6khDzFLhKMiVCgWI/UmtPDXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEpA9CQLy28SLTmXTsL3fPQ8AOLMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvZ1NrRDBKQXZMYnhJdE9aZE93dmQ4OUR3QTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwr8RMA0G
CSqGSIb3DQEBCwUAA4IBAQB2Gpsk9630pcJ4zKYW+QiDB6C3mN+cc7US9Y4nWCGy
YROBopDFKgHGpkzwSbl8FeK5Y/Ndals0D1kATpQ6B8LIIdeIlnNR4WHq7F0MKbmJ
i2OYHKL7SjXqMzhx0eZRFcYCbI4Kxf0VniQgHJjouB69q7C4TeF/F+NCh7Fzw2MX
ylfNzkK5RzHaXajGbjqCBrMGQY2YczjNS1mg/ZOluX3g4jG98hp23eIdbAnGSGxI
pi+L1VybtIfZXmNNnrAGrjN67ZRzbez0JVW0WXzJ59ikytlFQZBe3jTggMLqUG2g
UULt/nyBDNRbxXelO0zJHSCG2gq7bsqn8/ydyS3sIwPG
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:04 2024 by rpki-client on console-ams.rpki-client.org