Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3KsPbJaxCDlhLM_PfYUY7f85ewM.roa
File: 3KsPbJaxCDlhLM_PfYUY7f85ewM.roa (raw, json)
Hash identifier: D9T8dTme7GqD7sUrODq4yzKQZWxqGqH0xFlaIiA2Cus=
Subject key identifier: DC:AB:0F:6C:96:B1:08:39:61:2C:CF:CF:7D:85:18:ED:FF:39:7B:03
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAC54D4A72A6BF591C6C0973396377
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3KsPbJaxCDlhLM_PfYUY7f85ewM.roa
Signing time: Sun 01 Jan 2023 10:05:06 +0000
ROA not before: Sun 01 Jan 2023 10:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 194.68.123.0/24 maxlen: 24
194.68.128.0/24 maxlen: 24
194.68.130.0/23 maxlen: 23
194.68.133.0/24 maxlen: 24
194.68.135.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:c5:4d:4a:72:a6:bf:59:1c:6c:09:73:39:63:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcab0f6c96b10839612ccfcf7d8518edff397b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:73:12:40:9b:35:2d:c3:b9:e0:b0:dd:90:cc:
99:0a:6e:e5:44:db:0a:27:39:88:55:ab:bc:26:57:
32:37:ae:25:58:78:82:f4:58:10:9e:8c:5e:62:fe:
67:8e:cc:bc:c7:76:2e:08:46:24:5c:9b:82:b2:8f:
23:1c:7a:58:4e:4b:59:d3:e0:6d:5d:18:96:47:d6:
c5:13:53:8d:71:83:ac:2a:c9:0b:a5:e9:4a:9d:6b:
c0:f4:64:3d:6b:a8:3b:0e:78:2c:3f:07:e7:8e:0e:
cf:34:64:35:97:91:79:df:60:cc:43:9a:7e:30:db:
9f:d4:d1:4a:2e:4a:74:a4:c0:70:2d:e9:da:8b:c3:
9d:0d:01:2a:a1:24:6f:15:0d:10:83:fb:c2:81:5f:
c8:93:5b:3f:ef:98:e8:c2:6f:e6:ac:6f:ea:76:eb:
70:c8:2e:fa:c4:fc:35:26:0d:23:18:c9:2f:bf:ae:
5e:c2:4c:76:23:e9:0a:6f:a2:2b:d9:c9:46:58:18:
d3:5e:b4:63:77:d0:ee:2c:c2:e1:30:58:19:2d:92:
b3:29:39:74:fe:90:08:ef:45:c9:9b:4f:32:6f:fe:
d0:c9:2d:cb:ae:6d:cd:d0:6e:e5:c9:b6:5b:ee:cf:
78:23:36:9b:34:b5:c7:3b:81:17:67:22:30:67:23:
23:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AB:0F:6C:96:B1:08:39:61:2C:CF:CF:7D:85:18:ED:FF:39:7B:03
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3KsPbJaxCDlhLM_PfYUY7f85ewM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.68.123.0/24
194.68.128.0/24
194.68.130.0/23
194.68.133.0/24
194.68.135.0/24
Signature Algorithm: sha256WithRSAEncryption
83:93:6e:d3:63:ef:66:d4:bc:1a:b1:6d:59:2f:af:c1:38:93:
ab:43:07:51:0e:4e:bf:15:7e:dc:51:4c:75:6b:88:e6:c1:06:
e6:06:25:be:ba:26:c9:23:88:d3:5b:4e:60:69:a9:f2:b4:2a:
0d:74:f5:e9:81:50:29:6b:09:92:a9:87:05:3c:ed:e6:08:2d:
1f:93:71:a3:4d:0c:2e:a3:d2:86:37:38:5e:c3:63:10:63:c3:
a4:4c:8b:a0:3a:1a:8c:b1:84:c2:3d:7f:ac:f6:59:57:fe:8c:
63:61:5d:92:a2:7c:59:14:01:10:f6:fa:68:f8:1b:37:26:f8:
c7:67:c1:51:d3:15:04:02:d7:59:e2:0d:83:82:9e:ce:80:8b:
fb:f7:57:a9:9c:94:04:64:7e:9e:56:6e:f2:44:a2:80:d9:b2:
e8:0f:9e:24:57:bc:c3:80:d6:16:96:1b:d3:f2:76:d2:9a:32:
36:b0:73:ef:57:45:58:fb:19:41:f6:4c:8d:16:2a:6b:f2:9f:
0f:12:48:46:c8:87:02:e8:23:09:54:d7:ec:a4:d9:5c:5c:a7:
c1:32:76:39:94:bc:21:15:72:06:40:d3:82:53:68:2e:13:14:
c3:ff:56:8d:ab:de:78:a7:9b:14:84:cb:5a:4f:15:7e:f9:a0:
0a:dd:da:2b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsysVNSnKmv1kcbAlzOWN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FiMGY2Yzk2YjEwODM5NjEyY2NmY2Y3ZDg1MThlZGZmMzk3YjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXMSQJs1LcO54LDdkMyZCm7lRNsK
JzmIVau8JlcyN64lWHiC9FgQnoxeYv5njsy8x3YuCEYkXJuCso8jHHpYTktZ0+Bt
XRiWR9bFE1ONcYOsKskLpelKnWvA9GQ9a6g7DngsPwfnjg7PNGQ1l5F532DMQ5p+
MNuf1NFKLkp0pMBwLenai8OdDQEqoSRvFQ0Qg/vCgV/Ik1s/75jowm/mrG/qdutw
yC76xPw1Jg0jGMkvv65ewkx2I+kKb6Ir2clGWBjTXrRjd9DuLMLhMFgZLZKzKTl0
/pAI70XJm08yb/7QyS3Lrm3N0G7lybZb7s94IzabNLXHO4EXZyIwZyMjtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNyrD2yWsQg5YSzPz32FGO3/OXsDMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvM0tzUGJKYXhDRGxoTE1fUGZZVVk3Zjg1ZXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwkR7AwQA
wkSAAwQBwkSCAwQAwkSFAwQAwkSHMA0GCSqGSIb3DQEBCwUAA4IBAQCDk27TY+9m
1LwasW1ZL6/BOJOrQwdRDk6/FX7cUUx1a4jmwQbmBiW+uibJI4jTW05gaanytCoN
dPXpgVApawmSqYcFPO3mCC0fk3GjTQwuo9KGNzhew2MQY8OkTIugOhqMsYTCPX+s
9llX/oxjYV2SonxZFAEQ9vpo+Bs3JvjHZ8FR0xUEAtdZ4g2Dgp7OgIv791epnJQE
ZH6eVm7yRKKA2bLoD54kV7zDgNYWlhvT8nbSmjI2sHPvV0VY+xlB9kyNFipr8p8P
EkhGyIcC6CMJVNfspNlcXKfBMnY5lLwhFXIGQNOCU2guExTD/1aNq954p5sUhMta
TxV++aAK3dor
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:20 2024 by rpki-client on console-ams.rpki-client.org