Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/34c2e4-4e9b-4847-a8ef-0838f78c0259/1/21D4ROBgLLs8EULjeaBYiJJLkIE.roa
File: 21D4ROBgLLs8EULjeaBYiJJLkIE.roa (raw, json)
Hash identifier: xbjBMiE4+RMU7wtrh0L3pcWffCdWj9KFcV+95w674RE=
Subject key identifier: DB:50:F8:44:E0:60:2C:BB:3C:11:42:E3:79:A0:58:88:92:4B:90:81
Certificate issuer: /CN=f5fde72bf5a00bdec4d1efdd7d02029ee79e4720
Certificate serial: 01898DB834B1E3A816E1410A813B9274D74D
Authority key identifier: F5:FD:E7:2B:F5:A0:0B:DE:C4:D1:EF:DD:7D:02:02:9E:E7:9E:47:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9f3nK_WgC97E0e_dfQICnueeRyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/34c2e4-4e9b-4847-a8ef-0838f78c0259/1/21D4ROBgLLs8EULjeaBYiJJLkIE.roa
Signing time: Tue 25 Jul 2023 15:43:26 +0000
ROA not before: Tue 25 Jul 2023 15:43:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56753
IP address blocks: 195.254.170.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8d:b8:34:b1:e3:a8:16:e1:41:0a:81:3b:92:74:d7:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fde72bf5a00bdec4d1efdd7d02029ee79e4720
Validity
Not Before: Jul 25 15:43:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db50f844e0602cbb3c1142e379a05888924b9081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:17:d7:f9:61:a2:94:ea:00:e5:bc:6c:73:b4:
e1:98:83:0b:55:c5:a1:ab:68:93:ed:32:6c:d3:d5:
46:a8:b3:85:e9:8f:cd:29:8c:7c:23:ee:5b:60:f0:
bd:f0:76:df:d2:d1:12:da:9f:a5:7f:20:50:53:d6:
6f:64:7f:7f:8b:11:65:cd:0a:b4:57:5b:72:98:8a:
62:53:27:0b:b4:80:1f:df:71:59:98:98:06:e2:86:
84:55:eb:51:c5:90:d4:ad:5e:63:7a:ce:26:28:a2:
83:f8:52:86:fe:35:1d:fa:53:1b:ce:c8:10:3e:e0:
b0:46:9e:1b:2b:8f:73:2e:25:b3:23:ef:c0:0d:3b:
96:cd:f3:12:56:aa:82:23:5b:e0:45:be:2a:bc:b1:
a5:65:4a:1c:46:03:95:da:a8:76:02:52:0a:d4:8d:
92:f6:d2:04:ce:77:dc:d2:b2:91:7f:d2:4b:84:94:
1d:60:e0:94:b7:f4:e1:69:16:8f:7e:f1:9f:b1:7d:
ff:f5:56:95:d8:03:9b:1c:70:06:fb:49:5f:30:66:
bd:75:7c:19:66:91:35:e4:44:57:aa:07:4a:02:64:
06:49:31:e4:11:c6:21:05:23:fb:34:bd:05:da:54:
46:a9:b3:5f:5b:67:63:af:e5:ba:23:99:00:e6:a7:
f0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:50:F8:44:E0:60:2C:BB:3C:11:42:E3:79:A0:58:88:92:4B:90:81
X509v3 Authority Key Identifier:
keyid:F5:FD:E7:2B:F5:A0:0B:DE:C4:D1:EF:DD:7D:02:02:9E:E7:9E:47:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f3nK_WgC97E0e_dfQICnueeRyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/34c2e4-4e9b-4847-a8ef-0838f78c0259/1/21D4ROBgLLs8EULjeaBYiJJLkIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/34c2e4-4e9b-4847-a8ef-0838f78c0259/1/9f3nK_WgC97E0e_dfQICnueeRyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.170.0/23
Signature Algorithm: sha256WithRSAEncryption
23:63:49:00:21:af:fa:c2:01:9e:ec:7e:1a:6a:80:fc:3f:88:
b4:d0:53:8b:5d:ac:c2:e4:33:3c:a6:72:5f:40:5c:01:15:85:
99:1c:fb:64:6a:0d:6f:01:92:24:f7:0d:08:5f:ae:71:b0:c7:
21:14:08:e1:65:f6:f5:31:31:3b:b9:7b:b8:eb:5a:e8:f4:f4:
40:73:29:52:66:fb:df:ea:84:39:9b:66:82:00:36:fb:77:ff:
29:55:00:b3:25:cc:f2:89:32:13:de:b5:ff:6d:79:ea:d9:19:
99:c1:9d:3e:4e:d0:c1:76:85:04:5d:c8:83:30:21:3a:29:a4:
bb:ab:41:7c:d2:82:eb:e9:7a:83:04:e8:f7:25:5c:47:2d:d0:
32:a1:10:f0:5f:3b:86:6c:2d:ad:14:f6:d4:07:f8:ad:2c:ec:
48:8a:5e:ed:ca:77:3b:09:0c:98:1d:3a:c5:cb:39:3f:19:ec:
c0:cb:9a:f4:9d:64:c6:e3:38:78:91:aa:40:6d:82:98:e6:17:
b3:02:05:4d:36:ab:10:8b:dc:0d:5d:8d:28:5e:92:43:ee:03:
5b:e4:d3:e0:74:6b:12:30:6b:e3:41:76:4d:24:de:16:bd:38:
f9:47:67:6a:89:02:73:15:7b:60:85:33:fe:87:2a:fb:4c:0a:
7d:ee:c2:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmNuDSx46gW4UEKgTuSdNdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmRlNzJiZjVhMDBiZGVjNGQxZWZkZDdkMDIwMjllZTc5
ZTQ3MjAwHhcNMjMwNzI1MTU0MzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjUwZjg0NGUwNjAyY2JiM2MxMTQyZTM3OWEwNTg4ODkyNGI5MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxfX+WGilOoA5bxsc7ThmIMLVcWh
q2iT7TJs09VGqLOF6Y/NKYx8I+5bYPC98Hbf0tES2p+lfyBQU9ZvZH9/ixFlzQq0
V1tymIpiUycLtIAf33FZmJgG4oaEVetRxZDUrV5jes4mKKKD+FKG/jUd+lMbzsgQ
PuCwRp4bK49zLiWzI+/ADTuWzfMSVqqCI1vgRb4qvLGlZUocRgOV2qh2AlIK1I2S
9tIEznfc0rKRf9JLhJQdYOCUt/ThaRaPfvGfsX3/9VaV2AObHHAG+0lfMGa9dXwZ
ZpE15ERXqgdKAmQGSTHkEcYhBSP7NL0F2lRGqbNfW2djr+W6I5kA5qfwNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtQ+ETgYCy7PBFC43mgWIiSS5CBMB8GA1UdIwQY
MBaAFPX95yv1oAvexNHv3X0CAp7nnkcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWYzbktfV2dDOTdFMGVfZGZRSUNudWVlUnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zNGMyZTQtNGU5Yi00ODQ3LWE4ZWYt
MDgzOGY3OGMwMjU5LzEvMjFENFJPQmdMTHM4RVVMamVhQllpSkpMa0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zNGMyZTQtNGU5Yi00ODQ3LWE4ZWYtMDgzOGY3OGMwMjU5
LzEvOWYzbktfV2dDOTdFMGVfZGZRSUNudWVlUnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/6qMA0G
CSqGSIb3DQEBCwUAA4IBAQAjY0kAIa/6wgGe7H4aaoD8P4i00FOLXazC5DM8pnJf
QFwBFYWZHPtkag1vAZIk9w0IX65xsMchFAjhZfb1MTE7uXu461ro9PRAcylSZvvf
6oQ5m2aCADb7d/8pVQCzJczyiTIT3rX/bXnq2RmZwZ0+TtDBdoUEXciDMCE6KaS7
q0F80oLr6XqDBOj3JVxHLdAyoRDwXzuGbC2tFPbUB/itLOxIil7tync7CQyYHTrF
yzk/GezAy5r0nWTG4zh4kapAbYKY5hezAgVNNqsQi9wNXY0oXpJD7gNb5NPgdGsS
MGvjQXZNJN4WvTj5R2dqiQJzFXtghTP+hyr7TAp97sL3
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:09 2024 by rpki-client on console-ams.rpki-client.org