Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/cHTZJ1ThOSEWK3e5Wnn6uRfsTbk.roa
File: cHTZJ1ThOSEWK3e5Wnn6uRfsTbk.roa (raw, json)
Hash identifier: lwT9NJqYv9nPuZJuPWswdFHOqJHaqlJa369fsrNkV/k=
Subject key identifier: 70:74:D9:27:54:E1:39:21:16:2B:77:B9:5A:79:FA:B9:17:EC:4D:B9
Certificate issuer: /CN=e0d1a8366c21159f079478a9030843fbf60631b9
Certificate serial: 01856BCA4A37EB2554B877E3320B40FA9B4D
Authority key identifier: E0:D1:A8:36:6C:21:15:9F:07:94:78:A9:03:08:43:FB:F6:06:31:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4NGoNmwhFZ8HlHipAwhD-_YGMbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/cHTZJ1ThOSEWK3e5Wnn6uRfsTbk.roa
Signing time: Sun 01 Jan 2023 05:24:57 +0000
ROA not before: Sun 01 Jan 2023 05:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 194.76.31.0/24 maxlen: 24
194.76.30.0/23 maxlen: 23
194.76.30.0/24 maxlen: 24
194.127.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:4a:37:eb:25:54:b8:77:e3:32:0b:40:fa:9b:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0d1a8366c21159f079478a9030843fbf60631b9
Validity
Not Before: Jan 1 05:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7074d92754e13921162b77b95a79fab917ec4db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b7:04:9c:92:32:75:6e:03:d9:84:ab:50:13:
9a:e2:05:48:3d:34:73:9d:f1:c5:83:66:cb:57:70:
6f:61:8a:85:f5:81:48:68:78:9f:9a:20:e9:f8:81:
6a:b5:4e:7d:dd:73:cd:2a:5f:74:4d:14:d1:b6:ab:
f5:04:16:72:dc:d4:0f:74:80:67:39:a7:c2:5a:7c:
7d:ad:14:c1:c1:8b:4f:df:ff:01:2f:69:5a:d6:09:
4f:52:b1:93:7e:82:74:9b:d2:83:9c:af:64:1e:45:
c2:b3:09:49:07:ed:4b:45:1a:e0:8e:2a:37:ae:bf:
c8:59:03:a0:74:9f:50:44:a0:a9:eb:b6:ae:c8:e3:
d9:b9:13:b3:26:af:8b:bc:f2:51:f1:3d:e8:b7:7a:
4a:90:4d:5c:01:02:13:71:ea:cf:6a:9b:61:6a:e7:
77:bf:b2:b1:4e:d1:00:42:df:51:88:16:1c:ed:cb:
4f:4c:73:54:4e:e5:8d:93:f1:6f:b5:4c:46:ca:c5:
ae:53:cb:ba:36:6c:b5:50:88:13:fa:25:0d:56:60:
6e:6b:fb:1c:d5:1a:f0:01:b8:75:d6:7b:dc:2a:51:
7b:a9:b7:5b:da:8b:4f:95:58:99:6b:a9:ab:00:94:
c9:42:05:4e:54:fb:35:d7:b8:1a:cd:4c:71:48:eb:
ed:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:74:D9:27:54:E1:39:21:16:2B:77:B9:5A:79:FA:B9:17:EC:4D:B9
X509v3 Authority Key Identifier:
keyid:E0:D1:A8:36:6C:21:15:9F:07:94:78:A9:03:08:43:FB:F6:06:31:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4NGoNmwhFZ8HlHipAwhD-_YGMbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/cHTZJ1ThOSEWK3e5Wnn6uRfsTbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/4NGoNmwhFZ8HlHipAwhD-_YGMbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.30.0/23
194.127.134.0/24
Signature Algorithm: sha256WithRSAEncryption
11:86:f9:35:a7:3d:fe:c9:bc:89:f3:54:c5:1b:22:ee:15:00:
5e:f9:f1:23:3b:79:96:72:a1:7b:f7:f6:50:5e:cb:ab:ff:8f:
7f:5b:98:9c:14:53:65:d0:b6:67:60:30:19:b5:eb:e9:12:7a:
1f:ef:91:75:ce:f2:be:3e:9a:d4:25:3b:93:cd:7a:8e:67:ac:
52:8f:19:e0:e5:e5:18:c3:d8:b7:1f:fa:67:e9:30:1a:8a:2d:
8f:aa:62:fd:40:49:5c:63:17:63:80:a0:23:79:3e:bb:7a:32:
4d:18:52:1d:d0:cb:22:88:0f:07:fe:35:5d:30:4b:e0:40:32:
0a:96:c3:4c:2b:49:70:5a:c0:40:91:cc:fb:b9:65:db:b8:cd:
c8:63:68:a1:38:20:06:b4:f1:9d:6e:4b:45:7b:d8:5c:ee:8b:
81:0b:2e:49:6b:09:b1:4e:b8:46:39:ba:65:79:85:8e:1c:cd:
d8:26:89:d4:78:0b:26:bb:88:ff:34:eb:ef:7b:c8:a6:b3:2d:
0e:26:e3:ca:a7:ff:fc:bc:c6:ad:21:ea:31:bd:50:fd:ef:bc:
01:09:f6:c7:ad:73:10:7f:c3:e9:39:c8:32:77:e0:c9:05:43:
8b:3f:eb:72:4c:8e:54:38:55:8f:07:84:2d:1b:1f:04:be:d6:
18:0a:f2:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVryko36yVUuHfjMgtA+ptNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZDFhODM2NmMyMTE1OWYwNzk0NzhhOTAzMDg0M2ZiZjYw
NjMxYjkwHhcNMjMwMTAxMDUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc0ZDkyNzU0ZTEzOTIxMTYyYjc3Yjk1YTc5ZmFiOTE3ZWM0ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7cEnJIydW4D2YSrUBOa4gVIPTRz
nfHFg2bLV3BvYYqF9YFIaHifmiDp+IFqtU593XPNKl90TRTRtqv1BBZy3NQPdIBn
OafCWnx9rRTBwYtP3/8BL2la1glPUrGTfoJ0m9KDnK9kHkXCswlJB+1LRRrgjio3
rr/IWQOgdJ9QRKCp67auyOPZuROzJq+LvPJR8T3ot3pKkE1cAQITcerPapthaud3
v7KxTtEAQt9RiBYc7ctPTHNUTuWNk/FvtUxGysWuU8u6Nmy1UIgT+iUNVmBua/sc
1RrwAbh11nvcKlF7qbdb2otPlViZa6mrAJTJQgVOVPs117gazUxxSOvt/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHB02SdU4TkhFit3uVp5+rkX7E25MB8GA1UdIwQY
MBaAFODRqDZsIRWfB5R4qQMIQ/v2BjG5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE5Hb05td2hGWjhIbEhpcEF3aEQtX1lHTWJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8yZGUzMjQtODZjNy00M2Q2LTlkZjIt
ZjhhZTBkYmM1ZGYyLzEvY0hUWkoxVGhPU0VXSzNlNVdubjZ1UmZzVGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8yZGUzMjQtODZjNy00M2Q2LTlkZjItZjhhZTBkYmM1ZGYy
LzEvNE5Hb05td2hGWjhIbEhpcEF3aEQtX1lHTWJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwkweAwQA
wn+GMA0GCSqGSIb3DQEBCwUAA4IBAQARhvk1pz3+ybyJ81TFGyLuFQBe+fEjO3mW
cqF79/ZQXsur/49/W5icFFNl0LZnYDAZtevpEnof75F1zvK+PprUJTuTzXqOZ6xS
jxng5eUYw9i3H/pn6TAaii2PqmL9QElcYxdjgKAjeT67ejJNGFId0MsiiA8H/jVd
MEvgQDIKlsNMK0lwWsBAkcz7uWXbuM3IY2ihOCAGtPGdbktFe9hc7ouBCy5Jawmx
TrhGObpleYWOHM3YJonUeAsmu4j/NOvve8imsy0OJuPKp//8vMatIeoxvVD977wB
CfbHrXMQf8PpOcgyd+DJBUOLP+tyTI5UOFWPB4QtGx8EvtYYCvJa
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:19 2024 by rpki-client on console-ams.rpki-client.org