Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/I3k1gBSbIR4FylC3daqV41ODf4k.roa
File: I3k1gBSbIR4FylC3daqV41ODf4k.roa (raw, json)
Hash identifier: 3Fhb5fu7OS8TDm+gwxdKBDdxKkwNDayaOuNGGBhFbww=
Subject key identifier: 23:79:35:80:14:9B:21:1E:05:CA:50:B7:75:AA:95:E3:53:83:7F:89
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018C87A73B35C57E0BD7940A940FFBE76955
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/I3k1gBSbIR4FylC3daqV41ODf4k.roa
Signing time: Wed 20 Dec 2023 14:35:32 +0000
ROA not before: Wed 20 Dec 2023 14:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 158.120.53.0/24 maxlen: 24
158.120.57.0/24 maxlen: 24
158.120.55.0/24 maxlen: 24
158.120.61.0/24 maxlen: 24
158.120.59.0/24 maxlen: 24
158.120.63.0/24 maxlen: 24
192.46.184.0/22 maxlen: 22
192.46.184.0/21 maxlen: 21
192.46.188.0/24 maxlen: 24
192.46.200.0/22 maxlen: 22
158.120.51.0/24 maxlen: 24
158.120.49.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:a7:3b:35:c5:7e:0b:d7:94:0a:94:0f:fb:e7:69:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Dec 20 14:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23793580149b211e05ca50b775aa95e353837f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a4:80:24:af:7a:54:3b:a9:85:6b:d1:85:0f:
b9:13:e6:8a:ff:6c:24:07:29:f7:39:9d:3d:4a:d4:
40:85:55:2c:c3:93:f0:90:55:df:7d:0a:43:e7:4e:
42:a9:28:bd:b1:9e:fd:54:56:05:a6:a5:c6:ac:ee:
05:a1:7d:df:b4:87:c3:4a:f2:73:ad:54:80:65:cf:
69:1a:e4:70:9e:fb:75:31:c8:8b:3d:44:72:e3:40:
fc:d3:7d:75:99:d2:5b:89:cf:e8:8e:43:4c:43:a3:
ed:1b:8d:06:7d:56:cf:04:e6:46:44:2f:b4:0b:d1:
a2:4a:c3:85:10:d9:ae:bd:e4:69:20:77:ff:54:f5:
79:94:d9:f3:dc:6b:49:56:00:ae:f2:03:b6:1a:4f:
80:c1:ec:c4:bb:75:3c:90:64:65:13:5b:db:c5:06:
43:6e:48:e1:5d:14:e0:9c:2b:f1:80:88:ac:8f:31:
08:52:05:3e:71:4e:c3:cf:0d:8e:30:b5:02:63:b0:
1d:f1:2c:cf:cc:b0:27:63:cf:af:e5:4b:c6:80:83:
10:ad:73:4e:57:83:35:80:3e:0b:f2:bd:7c:6d:0e:
18:0c:4b:e0:7f:43:18:61:f3:8f:4d:cc:58:a5:7c:
04:bc:0e:ae:8f:6e:1e:9d:16:9e:0d:90:c2:04:c9:
b5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:79:35:80:14:9B:21:1E:05:CA:50:B7:75:AA:95:E3:53:83:7F:89
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/I3k1gBSbIR4FylC3daqV41ODf4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.120.49.0/24
158.120.51.0/24
158.120.53.0/24
158.120.55.0/24
158.120.57.0/24
158.120.59.0/24
158.120.61.0/24
158.120.63.0/24
192.46.184.0/21
192.46.200.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:42:eb:f8:94:56:95:48:b8:a2:35:c3:23:16:89:c8:97:06:
28:12:42:76:91:7f:11:65:67:7c:fe:44:77:e3:09:9c:1b:7a:
59:1c:e7:b5:75:74:84:ec:87:76:a9:00:e7:4b:ba:36:cf:6d:
5a:d5:bc:a6:95:9a:17:58:0d:d7:a1:cb:23:25:05:c5:2e:e2:
47:37:dc:7b:1b:fd:58:be:44:cb:34:fa:a6:55:ef:d8:67:d3:
a0:0d:78:7e:d7:74:68:67:d9:32:58:2b:ac:66:13:cc:88:10:
98:70:c2:90:e5:b7:62:44:c8:0f:40:2e:fd:8b:77:c0:c0:4e:
af:94:13:79:98:a4:50:af:c0:11:95:98:c2:74:1d:bb:43:6f:
bc:90:b4:ee:90:fa:b5:66:38:86:50:7f:45:81:d6:e4:b6:2e:
77:27:31:1c:74:be:a5:dd:df:77:5d:83:c9:5d:77:c7:a2:7b:
c2:e6:0b:06:63:13:68:2c:28:91:15:5f:7d:5e:e8:29:8f:fd:
80:cc:1e:99:67:25:19:65:e6:e6:d6:69:a9:51:b5:2f:70:fb:
14:11:83:b4:9d:dc:ec:7a:ea:fb:38:fb:b5:86:82:ee:d2:5b:
38:7d:09:bc:3f:96:02:3e:7f:e6:60:b1:74:6e:5b:93:29:e9:
69:66:21:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYyHpzs1xX4L15QKlA/752lVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMxMjIwMTQzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzc5MzU4MDE0OWIyMTFlMDVjYTUwYjc3NWFhOTVlMzUzODM3Zjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqSAJK96VDuphWvRhQ+5E+aK/2wk
Byn3OZ09StRAhVUsw5PwkFXffQpD505CqSi9sZ79VFYFpqXGrO4FoX3ftIfDSvJz
rVSAZc9pGuRwnvt1MciLPURy40D80311mdJbic/ojkNMQ6PtG40GfVbPBOZGRC+0
C9GiSsOFENmuveRpIHf/VPV5lNnz3GtJVgCu8gO2Gk+AwezEu3U8kGRlE1vbxQZD
bkjhXRTgnCvxgIisjzEIUgU+cU7Dzw2OMLUCY7Ad8SzPzLAnY8+v5UvGgIMQrXNO
V4M1gD4L8r18bQ4YDEvgf0MYYfOPTcxYpXwEvA6uj24enRaeDZDCBMm1SQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCN5NYAUmyEeBcpQt3WqleNTg3+JMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvSTNrMWdCU2JJUjRGeWxDM2RhcVY0MU9EZjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAnngxAwQA
nngzAwQAnng1AwQAnng3AwQAnng5AwQAnng7AwQAnng9AwQAnng/AwQDwC64AwQC
wC7IMA0GCSqGSIb3DQEBCwUAA4IBAQB9Quv4lFaVSLiiNcMjFonIlwYoEkJ2kX8R
ZWd8/kR34wmcG3pZHOe1dXSE7Id2qQDnS7o2z21a1bymlZoXWA3XocsjJQXFLuJH
N9x7G/1YvkTLNPqmVe/YZ9OgDXh+13RoZ9kyWCusZhPMiBCYcMKQ5bdiRMgPQC79
i3fAwE6vlBN5mKRQr8ARlZjCdB27Q2+8kLTukPq1ZjiGUH9Fgdbkti53JzEcdL6l
3d93XYPJXXfHonvC5gsGYxNoLCiRFV99Xugpj/2AzB6ZZyUZZebm1mmpUbUvcPsU
EYO0ndzseur7OPu1hoLu0ls4fQm8P5YCPn/mYLF0bluTKelpZiEi
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:34 2024 by rpki-client on console-ams.rpki-client.org