Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/IWcZEJ_112ifFNjwWjXpzQVQ1cU.roa
File: IWcZEJ_112ifFNjwWjXpzQVQ1cU.roa (raw, json)
Hash identifier: fwIcfrFFpihTTersCLeEQzXDmXUtJofIkPViKM2JKJI=
Subject key identifier: 21:67:19:10:9F:F5:D7:68:9F:14:D8:F0:5A:35:E9:CD:05:50:D5:C5
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB0024EB54874F38DE8F6A30A909F0
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/IWcZEJ_112ifFNjwWjXpzQVQ1cU.roa
Signing time: Sun 01 Jan 2023 10:05:21 +0000
ROA not before: Sun 01 Jan 2023 10:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199438
IP address blocks: 194.14.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:00:24:eb:54:87:4f:38:de:8f:6a:30:a9:09:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=216719109ff5d7689f14d8f05a35e9cd0550d5c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:68:80:2f:6e:c4:2b:8e:69:be:2a:aa:01:ed:
14:95:47:4f:49:5c:32:6e:38:4f:fb:10:a3:0e:ea:
b1:1c:91:99:7f:23:3f:35:ff:c0:f0:f6:b7:69:d6:
f4:7c:6a:ba:92:c4:41:3b:63:5b:7d:08:23:da:ff:
21:72:0c:27:1e:30:63:92:9d:7f:36:27:3a:d6:1e:
44:61:be:72:a8:c7:1e:f0:bc:8c:cb:b4:69:10:d8:
e8:ea:9a:45:e2:33:ea:50:d6:81:59:9d:8e:a4:96:
4d:0f:65:c9:19:e9:2f:11:9c:19:05:9e:76:bf:f7:
0f:75:49:51:77:b0:11:a1:66:7b:c4:45:7d:f9:bc:
6f:73:82:d4:d4:26:e8:d2:8b:a3:7f:07:c7:23:55:
64:70:14:43:79:b2:55:3f:02:4b:f0:eb:0c:07:af:
be:13:7b:b4:82:31:22:93:3d:16:50:fe:e4:2c:97:
91:16:28:d0:9c:96:15:b6:70:8e:0b:6a:c1:c0:96:
8e:80:3d:85:52:93:80:bf:d3:12:06:cb:f7:e8:69:
96:bf:52:ad:50:28:1d:6b:00:a5:37:f0:0a:c2:e5:
8b:60:82:e6:8d:bf:eb:a8:e1:cf:25:40:2f:0d:71:
0d:b9:9a:f4:b0:8a:19:39:0b:85:5e:e3:ec:ba:7f:
f3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:67:19:10:9F:F5:D7:68:9F:14:D8:F0:5A:35:E9:CD:05:50:D5:C5
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/IWcZEJ_112ifFNjwWjXpzQVQ1cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.14.219.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:cd:15:ca:8c:82:55:e7:20:4c:fe:c0:83:97:9b:8e:bc:3c:
79:38:6e:f7:f5:64:de:1c:af:c2:14:3c:59:56:de:43:64:f6:
c0:2f:47:94:7e:19:d4:83:d0:c7:4a:55:fc:09:8a:bc:bd:1b:
d0:71:67:bb:ff:9f:e5:43:65:56:10:19:35:c4:32:c7:cc:1d:
2b:39:5e:62:d4:5c:be:bc:4e:df:5d:b8:4f:c1:99:14:27:61:
57:d8:e4:73:e6:bf:af:ec:0e:20:8a:df:f0:b4:9f:27:d6:4b:
26:4b:8a:12:7b:f8:58:6c:04:0f:13:81:94:e1:de:7b:4c:75:
f3:8e:38:d2:6b:ce:ac:82:1f:83:65:6f:5a:21:ed:cf:bd:0f:
af:2b:1d:7e:53:d7:45:c2:e2:0f:fe:1f:1d:c3:40:27:c2:66:
91:21:60:44:a4:20:2d:81:f9:11:b9:b0:b6:0e:eb:7d:05:cf:
f4:16:60:43:4d:12:78:fa:71:a1:0c:a1:bf:17:16:48:ff:5c:
83:e2:ff:f9:a6:25:30:d7:c2:76:af:3d:20:6d:ba:20:d5:50:
6d:3f:4a:0b:36:df:43:a2:78:55:01:a2:9b:37:27:9d:d9:80:
8a:cd:76:db:46:bf:57:8f:1a:c3:0a:14:ff:99:9d:5e:33:ea:
e7:62:de:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsywAk61SHTzjej2owqQnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTY3MTkxMDlmZjVkNzY4OWYxNGQ4ZjA1YTM1ZTljZDA1NTBkNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7WiAL27EK45pviqqAe0UlUdPSVwy
bjhP+xCjDuqxHJGZfyM/Nf/A8Pa3adb0fGq6ksRBO2NbfQgj2v8hcgwnHjBjkp1/
Nic61h5EYb5yqMce8LyMy7RpENjo6ppF4jPqUNaBWZ2OpJZND2XJGekvEZwZBZ52
v/cPdUlRd7ARoWZ7xEV9+bxvc4LU1Cbo0oujfwfHI1VkcBRDebJVPwJL8OsMB6++
E3u0gjEikz0WUP7kLJeRFijQnJYVtnCOC2rBwJaOgD2FUpOAv9MSBsv36GmWv1Kt
UCgdawClN/AKwuWLYILmjb/rqOHPJUAvDXENuZr0sIoZOQuFXuPsun/z4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFnGRCf9ddonxTY8Fo16c0FUNXFMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSVdjWkVKXzExMmlmRk5qd1dqWHB6UVZRMWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg7bMA0G
CSqGSIb3DQEBCwUAA4IBAQAbzRXKjIJV5yBM/sCDl5uOvDx5OG739WTeHK/CFDxZ
Vt5DZPbAL0eUfhnUg9DHSlX8CYq8vRvQcWe7/5/lQ2VWEBk1xDLHzB0rOV5i1Fy+
vE7fXbhPwZkUJ2FX2ORz5r+v7A4git/wtJ8n1ksmS4oSe/hYbAQPE4GU4d57THXz
jjjSa86sgh+DZW9aIe3PvQ+vKx1+U9dFwuIP/h8dw0AnwmaRIWBEpCAtgfkRubC2
Dut9Bc/0FmBDTRJ4+nGhDKG/FxZI/1yD4v/5piUw18J2rz0gbbog1VBtP0oLNt9D
onhVAaKbNyed2YCKzXbbRr9XjxrDChT/mZ1eM+rnYt64
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:20 2024 by rpki-client on console-ams.rpki-client.org