Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/CDH8JZJuiNH3l5F4ULmYOOwi29M.roa
File: CDH8JZJuiNH3l5F4ULmYOOwi29M.roa (raw, json)
Hash identifier: sdEUgkMfUdF/HxXttwOY5Iz8rDjWZQzCpqS+8Hu6pxw=
Subject key identifier: 08:31:FC:25:92:6E:88:D1:F7:97:91:78:50:B9:98:38:EC:22:DB:D3
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAE0062FAFB5D022DE38F881DBB2F2
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/CDH8JZJuiNH3l5F4ULmYOOwi29M.roa
Signing time: Sun 01 Jan 2023 10:05:13 +0000
ROA not before: Sun 01 Jan 2023 10:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29217
IP address blocks: 194.68.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e0:06:2f:af:b5:d0:22:de:38:f8:81:db:b2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0831fc25926e88d1f797917850b99838ec22dbd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:53:5e:7d:c4:80:82:7c:99:1f:37:41:0c:31:
a9:93:bc:27:1e:08:e7:a7:67:18:f7:23:be:49:ad:
ac:47:ba:a5:24:f8:23:59:78:ae:75:cc:fc:ca:bc:
50:a5:b3:41:3e:88:a4:e9:74:fa:4a:1f:05:f7:3f:
ca:f3:fb:82:d9:5e:0c:cf:9e:87:aa:21:2f:5b:3b:
d8:02:ec:f2:60:fe:cb:20:97:f0:d7:a0:68:a9:38:
d7:cc:55:98:de:4b:fc:69:4a:36:6a:72:04:93:a5:
4d:18:34:b1:4a:f4:55:5a:b1:d2:89:5a:73:0c:dc:
ab:db:45:08:1c:e9:97:05:7f:ad:36:15:40:70:de:
ea:a1:db:a8:c9:c8:ad:3a:66:df:0a:c1:8d:2e:12:
d1:40:de:ed:96:df:b6:1c:c0:1a:d2:21:8b:ba:77:
6a:27:99:bd:8b:98:71:0b:c8:9b:00:39:8b:ad:9d:
cf:81:f7:39:ea:9f:d7:a2:a7:63:a7:a6:0d:77:77:
43:55:c4:87:3c:26:52:f6:f1:8a:c1:7f:be:73:db:
b1:c2:05:b1:96:2b:dc:15:35:dd:b1:a4:61:96:d9:
32:e9:d9:6a:03:c6:b3:10:87:f9:5e:22:33:53:84:
0e:9b:cd:43:f6:2e:eb:6a:22:cf:31:83:41:6f:e9:
cd:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:31:FC:25:92:6E:88:D1:F7:97:91:78:50:B9:98:38:EC:22:DB:D3
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/CDH8JZJuiNH3l5F4ULmYOOwi29M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.68.78.0/24
Signature Algorithm: sha256WithRSAEncryption
33:73:f2:ba:15:0d:49:33:7d:b5:70:b5:bc:84:33:22:36:7e:
8b:68:8e:08:bf:41:0b:8e:19:df:7b:31:84:c1:0f:84:d7:04:
37:9a:56:74:d6:1d:ab:4f:fa:61:4b:15:e6:92:82:2d:04:f9:
55:8b:73:b8:54:0e:de:8e:03:7d:1d:b2:fa:4d:42:2d:3c:e1:
cf:e6:2b:fa:a1:97:0a:03:79:f0:ef:51:c4:28:ac:c0:42:91:
e4:af:b9:49:1c:73:0c:06:12:ff:39:2b:f7:60:50:f3:66:f9:
1e:32:98:07:93:da:ce:df:e8:3d:a2:45:a5:5a:f1:32:c5:8a:
e9:bd:75:87:00:10:a3:da:20:e6:ca:e9:c9:78:10:86:f9:41:
9e:a0:f4:46:45:e6:85:d6:67:aa:9f:cd:94:06:15:38:46:9e:
77:4d:19:29:22:9e:ff:06:a8:03:fe:20:44:ac:23:69:d3:fd:
53:9c:19:d6:cc:a3:9d:b4:93:88:b6:4d:3c:45:92:3b:eb:e9:
35:f8:6c:ea:92:00:5b:08:7b:fb:6c:3d:0e:14:fc:ff:4b:7f:
a5:7c:00:43:c0:1c:ec:d3:a3:96:55:05:76:b3:f6:6a:2f:81:
40:cd:ff:10:39:17:6d:47:8e:10:cb:0e:0b:c2:d1:5e:46:25:
0e:b0:fa:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyuAGL6+10CLeOPiB27LyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODMxZmMyNTkyNmU4OGQxZjc5NzkxNzg1MGI5OTgzOGVjMjJkYmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVNefcSAgnyZHzdBDDGpk7wnHgjn
p2cY9yO+Sa2sR7qlJPgjWXiudcz8yrxQpbNBPoik6XT6Sh8F9z/K8/uC2V4Mz56H
qiEvWzvYAuzyYP7LIJfw16BoqTjXzFWY3kv8aUo2anIEk6VNGDSxSvRVWrHSiVpz
DNyr20UIHOmXBX+tNhVAcN7qoduoycitOmbfCsGNLhLRQN7tlt+2HMAa0iGLundq
J5m9i5hxC8ibADmLrZ3Pgfc56p/Xoqdjp6YNd3dDVcSHPCZS9vGKwX++c9uxwgWx
livcFTXdsaRhltky6dlqA8azEIf5XiIzU4QOm81D9i7raiLPMYNBb+nNfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAgx/CWSbojR95eReFC5mDjsItvTMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQ0RIOEpaSnVpTkgzbDVGNFVMbVlPT3dpMjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkROMA0G
CSqGSIb3DQEBCwUAA4IBAQAzc/K6FQ1JM321cLW8hDMiNn6LaI4Iv0ELjhnfezGE
wQ+E1wQ3mlZ01h2rT/phSxXmkoItBPlVi3O4VA7ejgN9HbL6TUItPOHP5iv6oZcK
A3nw71HEKKzAQpHkr7lJHHMMBhL/OSv3YFDzZvkeMpgHk9rO3+g9okWlWvEyxYrp
vXWHABCj2iDmyunJeBCG+UGeoPRGReaF1meqn82UBhU4Rp53TRkpIp7/BqgD/iBE
rCNp0/1TnBnWzKOdtJOItk08RZI76+k1+GzqkgBbCHv7bD0OFPz/S3+lfABDwBzs
06OWVQV2s/ZqL4FAzf8QORdtR44Qyw4LwtFeRiUOsPra
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:20 2024 by rpki-client on console-ams.rpki-client.org