Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Gm9pNKSHwBmOBKwXD1UQnbXAtX8.roa
File: Gm9pNKSHwBmOBKwXD1UQnbXAtX8.roa (raw, json)
Hash identifier: 5EPbTdrrRIeQOsIAuK/CSY0PEWIJrZwLYHFzCPdR9JM=
Subject key identifier: 1A:6F:69:34:A4:87:C0:19:8E:04:AC:17:0F:55:10:9D:B5:C0:B5:7F
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB14CE81C6D581CA0FC7FB12F82FCA
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Gm9pNKSHwBmOBKwXD1UQnbXAtX8.roa
Signing time: Sun 01 Jan 2023 10:05:26 +0000
ROA not before: Sun 01 Jan 2023 10:05:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211551
IP address blocks: 194.71.139.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:14:ce:81:c6:d5:81:ca:0f:c7:fb:12:f8:2f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a6f6934a487c0198e04ac170f55109db5c0b57f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ed:74:d4:d9:c2:39:8c:54:f6:55:dd:c9:d7:
4d:94:3b:ad:01:ad:8f:16:de:80:a5:a5:1a:ed:a4:
0e:c3:0e:35:ab:85:9d:9e:1e:ff:dc:98:2e:ea:f1:
e1:06:b0:0d:aa:89:f7:94:d5:23:05:c4:e2:58:07:
77:51:10:05:f0:32:e3:48:ec:44:c4:71:90:17:b7:
ff:77:cf:a1:7b:23:d1:59:d5:3e:e4:32:fb:2f:07:
1a:60:db:bd:74:cd:c6:f4:5c:ae:2e:74:eb:9c:51:
bd:5d:80:28:ac:61:92:53:c6:fa:c0:34:f6:08:ee:
8b:5f:d1:c6:b9:7c:dc:92:59:56:48:10:bf:ba:02:
63:21:1c:f4:88:ca:c9:fb:bb:15:dd:3c:6c:c1:13:
88:fc:c6:84:6b:ba:0e:a6:93:d3:2c:ca:5d:ef:c8:
c6:f3:a9:c0:15:05:16:55:f3:b9:2e:73:0d:04:d0:
90:fb:ed:f9:cb:aa:43:f4:17:86:a7:1a:d1:85:34:
67:ee:d2:6a:9c:73:17:c1:65:29:82:e2:23:31:69:
86:2a:d2:62:0c:79:be:34:bc:86:c8:06:e0:39:f1:
fc:59:42:4b:c8:22:27:3c:a2:b2:d7:57:37:fa:df:
b7:97:ec:b7:a8:ad:b7:64:86:19:c4:cb:c5:3d:a4:
b6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:6F:69:34:A4:87:C0:19:8E:04:AC:17:0F:55:10:9D:B5:C0:B5:7F
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Gm9pNKSHwBmOBKwXD1UQnbXAtX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.71.139.0/24
Signature Algorithm: sha256WithRSAEncryption
be:42:74:29:cf:d2:c4:be:d0:ef:e2:06:95:e0:1d:1d:00:53:
04:e4:8e:2f:00:4b:73:cb:3a:79:85:34:31:24:ea:96:be:8d:
8c:27:95:27:be:4d:3f:ef:3f:52:d6:8e:d3:ce:02:7f:a3:76:
80:0e:7d:2e:54:8a:7c:ae:59:d9:13:96:49:49:ba:1b:d6:ca:
58:a7:6e:40:e8:2d:88:9e:8c:58:b5:bd:b5:14:52:d6:dc:97:
61:3b:26:2a:d1:af:a8:f3:84:0c:18:2d:8c:ff:c4:4a:49:11:
bf:bd:ae:12:c9:38:4e:0c:4d:21:70:7f:f1:b9:60:89:38:09:
8c:4e:ff:f7:31:2a:f1:a0:fa:55:df:42:36:97:4b:6b:0b:54:
98:51:a5:5f:69:9f:d4:e2:ad:90:a6:56:8e:eb:a0:26:d6:32:
57:72:6b:ca:75:93:2d:03:41:d2:5c:a2:d6:07:e2:54:eb:34:
6d:18:6e:c1:6d:40:28:8a:77:38:90:5a:75:28:5e:f5:c2:0e:
6e:ce:2b:dc:d5:0b:59:49:a4:80:19:27:f2:56:9b:24:8e:e4:
3e:36:89:09:c8:92:99:db:8e:a8:c9:7c:48:eb:15:10:26:8c:
33:64:ea:36:e3:03:3c:c0:82:e8:e0:d1:2c:24:87:ac:ba:0f:
38:ba:c5:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyxTOgcbVgcoPx/sS+C/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTZmNjkzNGE0ODdjMDE5OGUwNGFjMTcwZjU1MTA5ZGI1YzBiNTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru101NnCOYxU9lXdyddNlDutAa2P
Ft6ApaUa7aQOww41q4Wdnh7/3Jgu6vHhBrANqon3lNUjBcTiWAd3URAF8DLjSOxE
xHGQF7f/d8+heyPRWdU+5DL7LwcaYNu9dM3G9FyuLnTrnFG9XYAorGGSU8b6wDT2
CO6LX9HGuXzckllWSBC/ugJjIRz0iMrJ+7sV3TxswROI/MaEa7oOppPTLMpd78jG
86nAFQUWVfO5LnMNBNCQ++35y6pD9BeGpxrRhTRn7tJqnHMXwWUpguIjMWmGKtJi
DHm+NLyGyAbgOfH8WUJLyCInPKKy11c3+t+3l+y3qK23ZIYZxMvFPaS2EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBpvaTSkh8AZjgSsFw9VEJ21wLV/MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvR205cE5LU0h3Qm1PQkt3WEQxVVFuYlhBdFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkeLMA0G
CSqGSIb3DQEBCwUAA4IBAQC+QnQpz9LEvtDv4gaV4B0dAFME5I4vAEtzyzp5hTQx
JOqWvo2MJ5Unvk0/7z9S1o7TzgJ/o3aADn0uVIp8rlnZE5ZJSbob1spYp25A6C2I
noxYtb21FFLW3JdhOyYq0a+o84QMGC2M/8RKSRG/va4SyThODE0hcH/xuWCJOAmM
Tv/3MSrxoPpV30I2l0trC1SYUaVfaZ/U4q2QplaO66Am1jJXcmvKdZMtA0HSXKLW
B+JU6zRtGG7BbUAoinc4kFp1KF71wg5uzivc1QtZSaSAGSfyVpskjuQ+NokJyJKZ
246oyXxI6xUQJowzZOo24wM8wILo4NEsJIesug84usVb
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:53 2024 by rpki-client on console-fra.rpki-client.org