Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/xS2aKGn-r0USuWqb-fCSVjkyQIY.roa
File: xS2aKGn-r0USuWqb-fCSVjkyQIY.roa (raw, json)
Hash identifier: STtA2328IJV2AAnkXS8ikI4t9dctLLs/aBZ5iCkRBoY=
Subject key identifier: C5:2D:9A:28:69:FE:AF:45:12:B9:6A:9B:F9:F0:92:56:39:32:40:86
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 018A5978F52078C999CE67B339E4E0DEEB68
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/xS2aKGn-r0USuWqb-fCSVjkyQIY.roa
Signing time: Sun 03 Sep 2023 05:16:53 +0000
ROA not before: Sun 03 Sep 2023 05:16:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 194.32.144.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:59:78:f5:20:78:c9:99:ce:67:b3:39:e4:e0:de:eb:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Sep 3 05:16:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c52d9a2869feaf4512b96a9bf9f0925639324086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bd:90:a1:d6:64:0e:7c:f4:e2:61:56:74:68:
0f:ed:83:00:2f:ef:90:13:a9:6f:9d:76:12:6b:f9:
52:c7:d2:26:4e:32:b4:6e:17:d8:ff:9a:6e:86:83:
52:26:0c:e7:ed:00:59:d0:48:19:ee:e0:b7:97:03:
b2:43:3b:95:03:6d:cb:8e:31:bb:bf:c4:46:d5:a8:
6f:c1:76:5e:4e:fa:14:ee:78:e0:44:da:74:e2:41:
35:d1:09:73:b7:34:1a:6e:0c:86:ae:ed:82:12:e1:
82:de:9e:2c:92:56:41:52:67:e0:20:c6:b4:b8:8d:
39:1b:ea:c1:d1:a4:af:6e:13:87:ff:83:f2:f0:8c:
51:f6:c7:43:54:5d:0b:01:38:a4:9a:e4:80:d0:c6:
67:93:d9:b9:03:ed:34:e1:57:df:3e:84:62:50:fe:
b3:40:38:16:8b:f1:8d:eb:62:0e:08:ef:1e:05:8f:
f3:f7:4e:54:89:23:b4:e4:45:2b:dd:f1:d1:06:22:
5e:02:c6:62:4a:fb:65:19:38:67:41:b1:c0:c9:7f:
70:ac:c1:35:f6:a3:8b:7c:02:a4:ee:87:31:04:5d:
63:7e:86:bf:01:68:25:f7:74:20:18:86:cf:16:0e:
30:c6:92:63:ab:95:5d:ac:57:2e:58:1b:54:55:7a:
dd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:2D:9A:28:69:FE:AF:45:12:B9:6A:9B:F9:F0:92:56:39:32:40:86
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/xS2aKGn-r0USuWqb-fCSVjkyQIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.144.0/23
Signature Algorithm: sha256WithRSAEncryption
55:12:8d:21:2a:fb:8a:bf:0d:7f:7d:b1:03:60:be:93:b7:64:
a1:75:86:ba:26:84:21:a5:1d:70:70:2a:9e:fc:25:96:2b:63:
d7:db:ab:68:c1:1d:56:40:7f:6b:65:c6:f6:cf:d3:6b:e9:06:
ac:8f:e8:98:d9:70:ae:51:45:b7:2b:5d:38:d3:d8:5c:c6:92:
ec:5e:97:e3:cb:56:d3:88:4e:6f:a0:a1:58:1c:5c:39:3d:8a:
ee:d6:bd:df:1d:e8:41:a8:60:02:53:a4:f0:9e:76:a8:83:98:
68:18:2a:95:7a:9c:c2:b2:89:0c:aa:55:b4:e4:c0:3c:c0:6a:
ca:fb:c9:19:9c:51:42:67:56:e4:c2:ae:bb:ad:89:34:46:f2:
5f:37:78:11:c9:8f:91:89:09:39:68:25:a4:aa:20:55:7d:67:
8f:18:51:95:4b:6b:b5:3c:42:f9:20:04:14:b7:04:64:4f:61:
2d:fd:89:98:8c:88:f8:5e:ac:f7:16:5e:9e:7f:44:d8:bb:56:
99:79:25:ee:1b:d2:68:8e:f9:36:88:43:3b:5a:9b:c7:41:d9:
1a:9d:ff:2e:03:fe:82:0b:85:91:5e:54:f4:18:a4:01:0e:7e:
05:73:e8:e7:2a:fd:98:ba:ea:12:5c:21:52:85:21:e2:79:71:
9b:de:2c:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpZePUgeMmZzmezOeTg3utoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwOTAzMDUxNjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTJkOWEyODY5ZmVhZjQ1MTJiOTZhOWJmOWYwOTI1NjM5MzI0MDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq72QodZkDnz04mFWdGgP7YMAL++Q
E6lvnXYSa/lSx9ImTjK0bhfY/5puhoNSJgzn7QBZ0EgZ7uC3lwOyQzuVA23LjjG7
v8RG1ahvwXZeTvoU7njgRNp04kE10QlztzQabgyGru2CEuGC3p4sklZBUmfgIMa0
uI05G+rB0aSvbhOH/4Py8IxR9sdDVF0LATikmuSA0MZnk9m5A+004VffPoRiUP6z
QDgWi/GN62IOCO8eBY/z905UiSO05EUr3fHRBiJeAsZiSvtlGThnQbHAyX9wrME1
9qOLfAKk7ocxBF1jfoa/AWgl93QgGIbPFg4wxpJjq5VdrFcuWBtUVXrdSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMUtmihp/q9FErlqm/nwklY5MkCGMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEveFMyYUtHbi1yMFVTdVdxYi1mQ1NWamt5UUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiCQMA0G
CSqGSIb3DQEBCwUAA4IBAQBVEo0hKvuKvw1/fbEDYL6Tt2ShdYa6JoQhpR1wcCqe
/CWWK2PX26towR1WQH9rZcb2z9Nr6Qasj+iY2XCuUUW3K10409hcxpLsXpfjy1bT
iE5voKFYHFw5PYru1r3fHehBqGACU6Twnnaog5hoGCqVepzCsokMqlW05MA8wGrK
+8kZnFFCZ1bkwq67rYk0RvJfN3gRyY+RiQk5aCWkqiBVfWePGFGVS2u1PEL5IAQU
twRkT2Et/YmYjIj4Xqz3Fl6ef0TYu1aZeSXuG9Jojvk2iEM7WpvHQdkanf8uA/6C
C4WRXlT0GKQBDn4Fc+jnKv2YuuoSXCFShSHieXGb3iw7
-----END CERTIFICATE-----
Generated at Fri Sep 8 06:42:37 2023 by rpki-client on console-ams.rpki-client.org