Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/8uM1-tfOJPmpmfk4ZW0UQodlgoo.roa
File: 8uM1-tfOJPmpmfk4ZW0UQodlgoo.roa (raw, json)
Hash identifier: 44W+Ndbip0cAeNyemxLvBLHk3Prp9ZT6OPdTnSzMqlc=
Subject key identifier: F2:E3:35:FA:D7:CE:24:F9:A9:99:F9:38:65:6D:14:42:87:65:82:8A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAF5CC1963F9E283796378B71EFE30
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/8uM1-tfOJPmpmfk4ZW0UQodlgoo.roa
Signing time: Sun 01 Jan 2023 10:05:18 +0000
ROA not before: Sun 01 Jan 2023 10:05:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51452
IP address blocks: 192.71.254.0/23 maxlen: 23
192.71.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:f5:cc:19:63:f9:e2:83:79:63:78:b7:1e:fe:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2e335fad7ce24f9a999f938656d14428765828a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9d:52:23:c4:27:d4:ef:48:45:99:60:9a:0f:
07:1c:6a:62:1f:fc:fd:45:83:cf:97:cd:04:11:0f:
df:a4:44:f9:dd:31:e7:38:f7:f7:c5:0d:eb:aa:d8:
03:dc:a5:ff:24:41:0f:6e:2a:bf:f8:68:f5:f4:5a:
30:21:70:7c:d2:4a:4f:02:75:c9:ce:24:e9:11:e2:
d5:67:8c:44:5d:d3:e7:b2:cd:5f:77:36:56:fd:40:
c4:67:a0:09:09:7c:df:14:67:e3:fe:fe:7f:88:f4:
9f:91:8b:49:b5:d8:92:17:22:eb:b9:5a:e2:d2:15:
14:9f:02:71:06:09:ef:29:a9:e3:1f:5a:19:1e:f8:
18:c0:53:f0:78:f8:d9:c2:64:41:79:69:36:20:35:
d4:b3:70:5f:cd:7d:87:be:ba:c5:fd:ed:93:10:19:
80:d4:98:5c:e7:dc:53:7f:07:b4:21:1a:cb:ef:62:
de:b4:ea:ac:f2:ff:a3:f3:ec:6d:81:e8:c2:98:f0:
35:23:db:39:cb:89:b6:24:f4:22:e7:24:b9:bb:45:
b8:5d:9a:e5:08:f5:af:c0:a2:20:36:af:eb:06:f7:
21:53:e9:03:1c:8e:52:81:7f:7c:aa:d0:04:8a:e8:
6d:d5:23:69:c0:28:68:e6:8c:25:cc:ac:65:a6:32:
69:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E3:35:FA:D7:CE:24:F9:A9:99:F9:38:65:6D:14:42:87:65:82:8A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/8uM1-tfOJPmpmfk4ZW0UQodlgoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.254.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:e7:af:04:3a:85:7b:f2:cb:5f:36:d8:38:62:db:19:e7:1a:
bb:6a:88:01:13:d3:36:1f:a6:6c:59:6e:a3:d6:a7:dd:11:6f:
87:8f:52:a4:c6:0d:01:33:2b:43:f7:e2:f0:72:c0:9e:64:5e:
c7:a6:91:7a:9d:91:6a:b1:21:74:04:07:6b:a3:84:d0:2c:8e:
a6:78:f4:af:fb:58:cb:72:01:07:a5:88:36:40:b6:b4:53:3f:
1a:18:be:88:27:6f:c6:a1:f3:a3:c1:f5:35:ac:3f:8e:7f:24:
b3:21:93:ce:2f:b5:66:fb:2c:c2:3e:b3:e3:b3:a3:a2:5e:6c:
50:45:22:92:31:25:b2:62:a6:07:03:f9:19:61:73:a1:8b:62:
14:07:9c:f0:63:d0:8e:72:53:9e:1f:f0:a0:ca:05:2f:58:71:
b6:c1:f7:68:aa:5e:7b:05:fc:4f:74:01:6e:3b:ac:66:9b:13:
d1:ef:1a:54:2d:17:f4:df:ce:22:e9:76:af:5d:80:46:68:d9:
15:0f:90:7f:16:42:33:89:71:13:45:39:b2:55:27:e5:ea:60:
19:fa:3f:f6:bd:b8:5b:c4:24:c0:43:4f:1b:74:6b:54:39:c9:
4f:96:d2:87:a7:5f:20:f5:37:03:87:22:f0:a0:3c:77:a2:38:
09:42:9d:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyvXMGWP54oN5Y3i3Hv4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmUzMzVmYWQ3Y2UyNGY5YTk5OWY5Mzg2NTZkMTQ0Mjg3NjU4MjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl51SI8Qn1O9IRZlgmg8HHGpiH/z9
RYPPl80EEQ/fpET53THnOPf3xQ3rqtgD3KX/JEEPbiq/+Gj19FowIXB80kpPAnXJ
ziTpEeLVZ4xEXdPnss1fdzZW/UDEZ6AJCXzfFGfj/v5/iPSfkYtJtdiSFyLruVri
0hUUnwJxBgnvKanjH1oZHvgYwFPwePjZwmRBeWk2IDXUs3BfzX2HvrrF/e2TEBmA
1Jhc59xTfwe0IRrL72LetOqs8v+j8+xtgejCmPA1I9s5y4m2JPQi5yS5u0W4XZrl
CPWvwKIgNq/rBvchU+kDHI5SgX98qtAEiuht1SNpwCho5owlzKxlpjJpawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPLjNfrXziT5qZn5OGVtFEKHZYKKMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvOHVNMS10Zk9KUG1wbWZrNFpXMFVRb2RsZ29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwEf+MA0G
CSqGSIb3DQEBCwUAA4IBAQA7568EOoV78stfNtg4YtsZ5xq7aogBE9M2H6ZsWW6j
1qfdEW+Hj1Kkxg0BMytD9+LwcsCeZF7HppF6nZFqsSF0BAdro4TQLI6mePSv+1jL
cgEHpYg2QLa0Uz8aGL6IJ2/GofOjwfU1rD+OfySzIZPOL7Vm+yzCPrPjs6OiXmxQ
RSKSMSWyYqYHA/kZYXOhi2IUB5zwY9COclOeH/CgygUvWHG2wfdoql57BfxPdAFu
O6xmmxPR7xpULRf0384i6XavXYBGaNkVD5B/FkIziXETRTmyVSfl6mAZ+j/2vbhb
xCTAQ08bdGtUOclPltKHp18g9TcDhyLwoDx3ojgJQp0y
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:20 2024 by rpki-client on console-ams.rpki-client.org