Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/j1k8hoq729CwfylOCvh1h31_QzE.roa
File: j1k8hoq729CwfylOCvh1h31_QzE.roa (raw, json)
Hash identifier: opsqcV61EVq6ejsAA9k+XHmuBBRGQw0gF+NBsSTUCOs=
Subject key identifier: 8F:59:3C:86:8A:BB:DB:D0:B0:7F:29:4E:0A:F8:75:87:7D:7F:43:31
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018958E81C5AE78A4FA5553B664958D1D23E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/j1k8hoq729CwfylOCvh1h31_QzE.roa
Signing time: Sat 15 Jul 2023 09:35:53 +0000
ROA not before: Sat 15 Jul 2023 09:35:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 193.23.130.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:58:e8:1c:5a:e7:8a:4f:a5:55:3b:66:49:58:d1:d2:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 15 09:35:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f593c868abbdbd0b07f294e0af875877d7f4331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5e:e8:9e:c8:fc:dc:ed:f6:ea:88:31:21:73:
9a:9f:54:cd:ec:d3:df:c4:73:22:02:d7:a6:bf:03:
dc:f4:2e:4d:78:9b:8c:e2:ff:9d:d2:19:94:24:11:
0b:40:03:a4:a0:5e:d1:11:6a:89:37:f1:74:86:28:
d5:7e:4c:c4:c9:69:46:a8:26:ce:09:3b:d1:0c:65:
e8:6c:2c:c7:f4:bc:fa:03:73:90:c3:6c:74:01:2e:
46:1c:5c:39:2d:eb:50:7c:ed:14:5a:19:00:dd:8f:
16:9a:e1:fb:84:81:cb:6e:c8:c4:36:44:2e:31:e5:
87:f4:6c:bc:68:f5:23:60:4b:b2:9f:b4:db:b8:74:
ea:54:35:b3:ed:c3:bd:29:6a:35:9a:a8:7b:63:3e:
cb:1b:80:1b:20:f7:ed:e8:bf:97:60:8a:52:37:79:
fb:a6:29:00:e7:b7:2b:97:28:15:c7:c8:6b:b0:8a:
4f:85:7c:42:2d:35:35:d4:95:0b:39:03:72:28:b9:
fc:08:a5:c0:12:2d:53:e2:a9:86:4c:e5:c0:c4:96:
3e:12:00:2e:7d:26:ee:8b:b4:13:8a:05:ce:ff:6b:
23:2d:76:53:60:1a:85:e5:7c:94:74:17:6e:1e:a7:
07:c8:40:9b:2a:3a:5f:db:05:0d:d8:54:13:44:30:
6a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:59:3C:86:8A:BB:DB:D0:B0:7F:29:4E:0A:F8:75:87:7D:7F:43:31
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/j1k8hoq729CwfylOCvh1h31_QzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
70:28:5d:70:6e:7b:4d:a7:00:8f:81:20:0c:36:6d:56:55:be:
42:33:66:cc:f3:1a:7d:03:f6:3d:d8:cf:00:d8:34:16:2a:56:
49:bc:9c:5a:95:90:7b:0d:92:65:2a:19:ae:33:98:2d:3a:6b:
35:00:25:64:bf:b7:9c:d7:dd:2e:9f:bb:27:ff:73:d5:92:7f:
f5:93:26:b7:6c:31:93:b1:00:39:7a:e1:19:e7:78:ec:eb:d0:
93:c5:18:3b:ed:49:2d:ba:b5:09:40:94:9f:d6:dc:6a:04:50:
ec:34:6c:21:41:99:4e:f8:5c:3d:80:82:a8:b3:85:be:5c:9f:
20:92:0f:e6:bc:bc:a2:fe:09:e1:67:2e:63:1d:b9:29:5c:76:
dd:d8:a9:58:20:3e:6c:00:7e:64:ad:7e:d2:a5:05:de:d4:ba:
3e:5a:10:15:bb:25:c4:c6:db:4d:5a:4c:d3:28:9a:5e:26:9d:
70:01:f5:f3:97:ca:62:e9:02:03:6b:08:7f:ae:60:88:83:3d:
62:e3:83:b9:a3:e5:75:73:e8:97:a9:22:3b:9e:51:2e:49:52:
56:43:92:c8:28:07:cb:bc:64:91:57:33:00:61:27:2e:e0:92:
a0:f7:cd:5f:56:55:78:96:de:4d:d4:9d:69:4c:99:7f:be:2e:
87:48:47:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlY6Bxa54pPpVU7ZklY0dI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzE1MDkzNTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjU5M2M4NjhhYmJkYmQwYjA3ZjI5NGUwYWY4NzU4NzdkN2Y0MzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgF7onsj83O326ogxIXOan1TN7NPf
xHMiAtemvwPc9C5NeJuM4v+d0hmUJBELQAOkoF7REWqJN/F0hijVfkzEyWlGqCbO
CTvRDGXobCzH9Lz6A3OQw2x0AS5GHFw5LetQfO0UWhkA3Y8WmuH7hIHLbsjENkQu
MeWH9Gy8aPUjYEuyn7TbuHTqVDWz7cO9KWo1mqh7Yz7LG4AbIPft6L+XYIpSN3n7
pikA57crlygVx8hrsIpPhXxCLTU11JULOQNyKLn8CKXAEi1T4qmGTOXAxJY+EgAu
fSbui7QTigXO/2sjLXZTYBqF5XyUdBduHqcHyECbKjpf2wUN2FQTRDBqjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9ZPIaKu9vQsH8pTgr4dYd9f0MxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvajFrOGhvcTcyOUN3ZnlsT0N2aDFoMzFfUXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwReCMA0G
CSqGSIb3DQEBCwUAA4IBAQBwKF1wbntNpwCPgSAMNm1WVb5CM2bM8xp9A/Y92M8A
2DQWKlZJvJxalZB7DZJlKhmuM5gtOms1ACVkv7ec190un7sn/3PVkn/1kya3bDGT
sQA5euEZ53js69CTxRg77UkturUJQJSf1txqBFDsNGwhQZlO+Fw9gIKos4W+XJ8g
kg/mvLyi/gnhZy5jHbkpXHbd2KlYID5sAH5krX7SpQXe1Lo+WhAVuyXExttNWkzT
KJpeJp1wAfXzl8pi6QIDawh/rmCIgz1i44O5o+V1c+iXqSI7nlEuSVJWQ5LIKAfL
vGSRVzMAYScu4JKg981fVlV4lt5N1J1pTJl/vi6HSEcx
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org