Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/834407-163d-410c-b949-786cb1296e58/1/pdjgqQzlVyIw546pm2P4mGhbOxE.roa
File: pdjgqQzlVyIw546pm2P4mGhbOxE.roa (raw, json)
Hash identifier: urYrx05oCR+5889vb/T6+OZ3CmfVyU5fJi2jr4HZBPk=
Subject key identifier: A5:D8:E0:A9:0C:E5:57:22:30:E7:8E:A9:9B:63:F8:98:68:5B:3B:11
Certificate issuer: /CN=a37a126d7854ecd565ae82970c693f3359f85f37
Certificate serial: 01856F54B24EA951939FB9C230EE61757B21
Authority key identifier: A3:7A:12:6D:78:54:EC:D5:65:AE:82:97:0C:69:3F:33:59:F8:5F:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3oSbXhU7NVlroKXDGk_M1n4Xzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/834407-163d-410c-b949-786cb1296e58/1/pdjgqQzlVyIw546pm2P4mGhbOxE.roa
Signing time: Sun 01 Jan 2023 21:54:59 +0000
ROA not before: Sun 01 Jan 2023 21:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41332
IP address blocks: 194.127.234.0/23 maxlen: 24
194.127.236.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:b2:4e:a9:51:93:9f:b9:c2:30:ee:61:75:7b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a37a126d7854ecd565ae82970c693f3359f85f37
Validity
Not Before: Jan 1 21:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5d8e0a90ce5572230e78ea99b63f898685b3b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b6:f6:28:a0:69:72:a3:19:57:af:ff:49:d1:
b6:25:76:eb:fb:b5:f7:76:a9:dc:cf:ab:93:59:cb:
67:e9:54:a9:1e:1c:68:29:bf:9f:1e:d6:91:ec:72:
3e:96:07:74:98:16:ce:41:e3:00:cd:5e:6a:4b:1f:
e2:db:61:09:dd:e8:06:1b:ec:b5:e6:91:a7:cc:1f:
96:24:e6:cf:ae:8f:a8:a9:b4:b7:62:c6:1d:eb:90:
db:d7:8e:35:42:f1:3f:e9:25:03:22:6f:a1:86:13:
87:a1:02:ff:13:d6:45:b7:27:bf:f2:92:21:4c:2d:
29:1c:b0:84:f9:77:76:9f:c2:fb:89:4a:c5:02:99:
e0:8d:75:88:fb:38:4e:42:13:30:9b:07:08:10:49:
cd:7b:f8:b6:b9:e1:40:c0:63:ce:74:71:c4:db:18:
ff:60:5c:a8:1b:de:5e:71:b5:90:31:66:2a:3d:54:
60:6e:8e:38:5a:b2:7f:85:bc:3d:4e:98:85:e8:51:
9c:b5:08:81:0d:68:19:e5:db:95:c6:a2:58:b9:1e:
d1:0b:88:31:18:65:58:78:77:64:1a:cc:94:da:80:
4c:42:d1:09:05:09:f1:e3:dc:a7:45:ff:2d:bb:29:
e1:08:ff:59:c8:6c:9f:e6:73:a8:46:ea:0b:44:db:
ac:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D8:E0:A9:0C:E5:57:22:30:E7:8E:A9:9B:63:F8:98:68:5B:3B:11
X509v3 Authority Key Identifier:
keyid:A3:7A:12:6D:78:54:EC:D5:65:AE:82:97:0C:69:3F:33:59:F8:5F:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3oSbXhU7NVlroKXDGk_M1n4Xzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/834407-163d-410c-b949-786cb1296e58/1/pdjgqQzlVyIw546pm2P4mGhbOxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/834407-163d-410c-b949-786cb1296e58/1/o3oSbXhU7NVlroKXDGk_M1n4Xzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.234.0-194.127.237.255
Signature Algorithm: sha256WithRSAEncryption
3c:ec:dd:2d:8a:2e:30:7e:cb:53:b8:2c:3b:68:c2:5f:69:3f:
af:6f:ac:0b:46:7d:29:4d:dc:7b:d8:e8:30:d1:6b:ef:01:51:
b7:d5:99:cf:9e:fa:4d:25:1a:74:44:d9:da:5d:46:72:90:13:
f8:0e:ad:85:ed:eb:1e:36:06:45:1f:c9:69:54:74:c3:11:03:
94:c7:84:41:16:0f:53:dd:48:de:e7:58:28:7c:67:77:95:ef:
7a:75:b3:7f:f4:a3:49:80:18:58:b7:69:9a:06:8c:96:8c:55:
5b:6a:47:7c:f5:0a:c3:f1:42:5e:18:17:18:82:9d:76:d7:6f:
76:99:9b:df:c2:bf:2b:12:9a:bc:c5:7c:69:c7:82:18:64:1e:
be:e6:09:42:9c:b4:7f:66:74:af:ad:59:9f:5d:e8:6b:51:3e:
bf:0e:8b:f5:c0:ac:75:79:ed:3f:50:43:c9:b0:f9:16:ed:4a:
4e:f6:69:33:cf:0f:15:37:30:7c:f6:de:52:5d:b6:24:f5:24:
06:53:af:0a:88:cb:3b:b4:17:f2:49:99:3a:1f:e8:59:a4:8b:
aa:15:92:70:ff:ef:5f:41:31:82:7f:72:3b:35:8c:74:e8:1d:
0b:57:a6:85:95:c5:23:9c:7e:3e:f9:96:3b:40:de:12:ae:7c:
0a:1f:96:20
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvVLJOqVGTn7nCMO5hdXshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzN2ExMjZkNzg1NGVjZDU2NWFlODI5NzBjNjkzZjMzNTlm
ODVmMzcwHhcNMjMwMTAxMjE1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWQ4ZTBhOTBjZTU1NzIyMzBlNzhlYTk5YjYzZjg5ODY4NWIzYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbb2KKBpcqMZV6//SdG2JXbr+7X3
dqncz6uTWctn6VSpHhxoKb+fHtaR7HI+lgd0mBbOQeMAzV5qSx/i22EJ3egGG+y1
5pGnzB+WJObPro+oqbS3YsYd65Db1441QvE/6SUDIm+hhhOHoQL/E9ZFtye/8pIh
TC0pHLCE+Xd2n8L7iUrFApngjXWI+zhOQhMwmwcIEEnNe/i2ueFAwGPOdHHE2xj/
YFyoG95ecbWQMWYqPVRgbo44WrJ/hbw9TpiF6FGctQiBDWgZ5duVxqJYuR7RC4gx
GGVYeHdkGsyU2oBMQtEJBQnx49ynRf8tuynhCP9ZyGyf5nOoRuoLRNus1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKXY4KkM5VciMOeOqZtj+JhoWzsRMB8GA1UdIwQY
MBaAFKN6Em14VOzVZa6ClwxpPzNZ+F83MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNvU2JYaFU3TlZscm9LWERHa19NMW40WHpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MzQ0MDctMTYzZC00MTBjLWI5NDkt
Nzg2Y2IxMjk2ZTU4LzEvcGRqZ3FRemxWeUl3NTQ2cG0yUDRtR2hiT3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MzQ0MDctMTYzZC00MTBjLWI5NDktNzg2Y2IxMjk2ZTU4
LzEvbzNvU2JYaFU3TlZscm9LWERHa19NMW40WHpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHCf+oD
BAHCf+wwDQYJKoZIhvcNAQELBQADggEBADzs3S2KLjB+y1O4LDtowl9pP69vrAtG
fSlN3HvY6DDRa+8BUbfVmc+e+k0lGnRE2dpdRnKQE/gOrYXt6x42BkUfyWlUdMMR
A5THhEEWD1PdSN7nWCh8Z3eV73p1s3/0o0mAGFi3aZoGjJaMVVtqR3z1CsPxQl4Y
FxiCnXbXb3aZm9/CvysSmrzFfGnHghhkHr7mCUKctH9mdK+tWZ9d6GtRPr8Oi/XA
rHV57T9QQ8mw+RbtSk72aTPPDxU3MHz23lJdtiT1JAZTrwqIyzu0F/JJmTof6Fmk
i6oVknD/719BMYJ/cjs1jHToHQtXpoWVxSOcfj75ljtA3hKufAofliA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:42 2024 by rpki-client on console-ams.rpki-client.org