Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1FQ6TTL5GEXd3cuWs4sIlS0bCXg.roa
File: 1FQ6TTL5GEXd3cuWs4sIlS0bCXg.roa (raw, json)
Hash identifier: i+wUw9OFHEbRpDv7MF++vNIR+YPsOFKELay6Cju5S4A=
Subject key identifier: D4:54:3A:4D:32:F9:18:45:DD:DD:CB:96:B3:8B:08:95:2D:1B:09:78
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCACCC862BBC8BB8793F2E7B7D48F39
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1FQ6TTL5GEXd3cuWs4sIlS0bCXg.roa
Signing time: Sun 01 Jan 2023 10:05:08 +0000
ROA not before: Sun 01 Jan 2023 10:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 194.132.24.0/24 maxlen: 24
194.132.25.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:cc:c8:62:bb:c8:bb:87:93:f2:e7:b7:d4:8f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4543a4d32f91845ddddcb96b38b08952d1b0978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:48:e5:a0:27:75:99:49:a5:32:06:c8:7c:2e:
d6:25:b0:5e:ab:98:d5:5e:6b:97:41:1b:9a:ca:ef:
a5:1e:76:a9:91:d0:a5:15:c6:35:2a:ac:e0:b5:09:
72:80:55:59:99:9f:d7:19:70:b4:a4:69:6e:21:e3:
55:ba:ef:49:c5:65:a6:2d:8c:01:ab:b9:5a:de:4b:
c9:d6:1f:ce:e9:95:4f:a3:3f:e5:3b:60:5e:d2:e8:
84:70:91:5b:af:71:fb:40:76:59:1a:2f:04:75:2f:
79:f4:1f:fd:4d:85:12:93:a5:a4:9f:3c:68:2f:49:
0b:fa:dc:cd:3b:2a:4e:40:4b:98:aa:ad:c1:22:f1:
5f:70:fa:aa:72:1d:5f:2d:6a:31:19:c3:4d:e2:82:
7b:4d:06:8b:41:a1:96:41:f6:ea:c9:cb:c6:a7:04:
7c:15:9c:b3:c4:3c:65:4c:d8:f5:56:6b:e5:4c:54:
5f:e3:39:5f:72:bc:0f:7a:ca:88:57:66:7e:3b:da:
eb:8d:f4:0e:87:a0:66:d0:d9:21:f2:a9:16:5c:ce:
cc:ac:00:c2:56:64:58:6f:63:8a:be:fa:43:c8:7d:
fb:8c:3f:ea:6a:ed:64:51:3b:f4:ae:05:cd:46:0c:
df:c2:c8:e8:cc:fb:c9:83:ab:a4:67:87:09:9e:60:
9a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:54:3A:4D:32:F9:18:45:DD:DD:CB:96:B3:8B:08:95:2D:1B:09:78
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1FQ6TTL5GEXd3cuWs4sIlS0bCXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.132.24.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:00:a1:41:1a:16:63:27:c4:30:95:4e:53:cf:b7:b1:a4:47:
fd:30:2c:c2:9c:95:cc:59:6c:ca:0f:6b:86:be:86:00:dc:7d:
46:8f:4b:aa:12:88:a4:37:6b:a0:e4:f5:26:70:da:79:84:1b:
93:3b:f6:5a:55:ca:4b:bc:03:5c:0f:53:88:25:34:79:a1:87:
68:3f:f1:ff:83:2e:e1:38:64:93:da:7a:fc:d4:e4:bc:13:0f:
80:7f:5c:b3:8f:f9:61:5f:29:97:ca:72:fc:90:3c:a2:60:0e:
39:b4:48:99:5c:12:29:d5:35:62:85:6d:be:54:b1:75:f2:3a:
df:37:b9:7a:c1:cb:ab:db:f4:81:52:fb:bd:5c:1f:59:e9:69:
f8:06:17:be:7f:0c:cf:76:07:b6:6b:6a:99:7c:1c:13:55:93:
15:d5:15:ba:a5:8f:16:96:1c:49:58:1d:dc:c1:7d:e0:6d:da:
7e:34:87:b6:93:8a:79:aa:9d:57:42:c3:2b:f7:e9:1a:39:95:
86:b3:c5:44:bc:14:f6:51:e1:6a:04:2b:46:6d:7d:90:c0:11:
5d:d7:c8:87:63:f7:bd:da:00:ff:c9:cf:0f:32:86:83:e0:e1:
3f:70:dc:b5:63:a4:a2:19:f4:32:13:31:66:f6:23:be:db:93:
5f:90:35:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyszIYrvIu4eT8ue31I85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDU0M2E0ZDMyZjkxODQ1ZGRkZGNiOTZiMzhiMDg5NTJkMWIwOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskjloCd1mUmlMgbIfC7WJbBeq5jV
XmuXQRuayu+lHnapkdClFcY1KqzgtQlygFVZmZ/XGXC0pGluIeNVuu9JxWWmLYwB
q7la3kvJ1h/O6ZVPoz/lO2Be0uiEcJFbr3H7QHZZGi8EdS959B/9TYUSk6Wknzxo
L0kL+tzNOypOQEuYqq3BIvFfcPqqch1fLWoxGcNN4oJ7TQaLQaGWQfbqycvGpwR8
FZyzxDxlTNj1VmvlTFRf4zlfcrwPesqIV2Z+O9rrjfQOh6Bm0Nkh8qkWXM7MrADC
VmRYb2OKvvpDyH37jD/qau1kUTv0rgXNRgzfwsjozPvJg6ukZ4cJnmCacQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRUOk0y+RhF3d3LlrOLCJUtGwl4MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMUZRNlRUTDVHRVhkM2N1V3M0c0lsUzBiQ1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwoQYMA0G
CSqGSIb3DQEBCwUAA4IBAQCqAKFBGhZjJ8QwlU5Tz7expEf9MCzCnJXMWWzKD2uG
voYA3H1Gj0uqEoikN2ug5PUmcNp5hBuTO/ZaVcpLvANcD1OIJTR5oYdoP/H/gy7h
OGST2nr81OS8Ew+Af1yzj/lhXymXynL8kDyiYA45tEiZXBIp1TVihW2+VLF18jrf
N7l6wcur2/SBUvu9XB9Z6Wn4Bhe+fwzPdge2a2qZfBwTVZMV1RW6pY8WlhxJWB3c
wX3gbdp+NIe2k4p5qp1XQsMr9+kaOZWGs8VEvBT2UeFqBCtGbX2QwBFd18iHY/e9
2gD/yc8PMoaD4OE/cNy1Y6SiGfQyEzFm9iO+25NfkDX7
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:20 2024 by rpki-client on console-ams.rpki-client.org