Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/PrZ7ai76TA8C5hRpn-svpyeMLOs.roa
File: PrZ7ai76TA8C5hRpn-svpyeMLOs.roa (raw, json)
Hash identifier: jzHqLLbA+SXzYNHOPoQDxxFgeyidOmrt7XTHNLG3Ox8=
Subject key identifier: 3E:B6:7B:6A:2E:FA:4C:0F:02:E6:14:69:9F:EB:2F:A7:27:8C:2C:EB
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018C7D73BD8F844256894C67EE7C089E45D8
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/PrZ7ai76TA8C5hRpn-svpyeMLOs.roa
Signing time: Mon 18 Dec 2023 15:03:06 +0000
ROA not before: Mon 18 Dec 2023 15:03:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57169
IP address blocks: 192.71.233.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.71.247.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
192.121.170.0/24 maxlen: 24
192.36.56.0/24 maxlen: 24
192.36.61.0/24 maxlen: 24
192.121.16.0/24 maxlen: 24
192.121.17.0/24 maxlen: 24
193.235.147.0/24 maxlen: 24
194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
192.36.38.0/24 maxlen: 24
192.36.39.0/24 maxlen: 24
192.36.41.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:73:bd:8f:84:42:56:89:4c:67:ee:7c:08:9e:45:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 18 15:03:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eb67b6a2efa4c0f02e614699feb2fa7278c2ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:94:72:7a:e5:67:09:c4:96:32:d6:8c:68:53:
cb:2a:a8:3a:5d:62:ab:bb:9e:15:b7:1f:c3:fa:10:
f7:10:1c:fd:06:1e:26:89:76:ea:32:ed:f4:45:5f:
36:2a:62:ad:88:e0:c8:79:b7:f2:4b:13:5b:06:f3:
2c:bd:93:79:cb:99:29:e0:c9:61:52:7a:19:21:46:
ee:45:27:22:87:15:2c:41:79:8b:5c:57:bd:41:bd:
da:09:53:69:7c:e6:f5:c5:0a:32:ca:f4:d0:01:6c:
81:11:e8:2d:bc:f6:47:3e:0e:91:5a:f1:2a:41:1f:
01:c0:aa:9c:39:16:ca:2c:44:10:e6:ff:2e:4c:27:
20:b5:63:b7:ca:0e:5b:89:e3:39:89:f2:43:d2:64:
a0:1e:a5:09:ef:6c:d5:a2:61:bf:5f:ae:b8:7f:7c:
81:e5:5d:3b:42:bf:73:ea:32:6d:e3:fe:0c:63:c3:
be:44:b8:12:c7:8e:94:57:16:60:c8:ed:8b:13:78:
43:bb:f2:15:73:39:b9:38:54:59:98:ca:1a:17:83:
57:ed:e8:1b:78:3e:d6:b9:e8:69:d5:e4:ba:44:f8:
ce:e7:9c:34:9d:54:2f:dc:8d:10:b6:85:ff:45:98:
9c:43:a2:0e:7a:5d:46:34:5b:c2:d2:aa:60:98:b6:
91:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B6:7B:6A:2E:FA:4C:0F:02:E6:14:69:9F:EB:2F:A7:27:8C:2C:EB
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/PrZ7ai76TA8C5hRpn-svpyeMLOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.38.0/23
192.36.41.0/24
192.36.56.0/24
192.36.61.0/24
192.71.26.0/24
192.71.233.0/24
192.71.247.0/24
192.121.16.0/23
192.121.163.0/24
192.121.170.0/23
193.235.147.0/24
194.68.225.0/24
194.71.107.0/24
Signature Algorithm: sha256WithRSAEncryption
79:b1:18:07:15:4f:09:52:56:d7:fb:2e:cd:87:06:25:da:a3:
56:ef:c7:c8:a2:27:5b:0f:cb:64:83:00:81:4f:53:37:5a:9d:
5a:f2:c2:0c:00:b9:bd:17:d2:9c:b6:7e:c5:7a:17:f3:b2:92:
24:a7:63:90:fc:51:2a:9c:eb:94:97:92:11:a4:d6:1f:98:bd:
8d:7f:0f:49:25:83:7c:0b:d8:b6:6f:c3:cd:73:ea:d4:03:bd:
4f:e7:94:5a:c5:7a:98:91:50:df:a9:6f:41:c6:ac:f8:e4:1e:
b1:e6:d0:d3:50:b6:62:48:70:f7:c1:18:3b:a7:43:dd:50:8d:
69:ce:22:7c:79:62:14:24:a7:9e:63:89:26:55:49:c5:8f:d0:
6b:20:53:c9:f5:59:bf:38:da:1b:8d:d0:08:5d:60:bf:c7:41:
fc:7d:ff:0a:d6:d3:8b:12:6b:29:dd:23:06:56:08:d3:79:92:
6c:c6:79:47:2e:2c:40:02:d6:65:d0:a0:77:bb:b2:2b:13:c6:
95:11:df:81:b6:0b:33:3e:5c:e5:70:84:42:ea:80:98:5f:7a:
86:17:4d:9c:86:c9:42:5c:ab:e0:66:90:ef:44:69:a1:94:18:
96:44:5e:30:5d:f6:d7:5b:d0:bb:be:6f:54:b5:e8:b1:89:9a:
c1:e3:36:84
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYx9c72PhEJWiUxn7nwInkXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMxMjE4MTUwMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI2N2I2YTJlZmE0YzBmMDJlNjE0Njk5ZmViMmZhNzI3OGMyY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpRyeuVnCcSWMtaMaFPLKqg6XWKr
u54Vtx/D+hD3EBz9Bh4miXbqMu30RV82KmKtiODIebfySxNbBvMsvZN5y5kp4Mlh
UnoZIUbuRScihxUsQXmLXFe9Qb3aCVNpfOb1xQoyyvTQAWyBEegtvPZHPg6RWvEq
QR8BwKqcORbKLEQQ5v8uTCcgtWO3yg5bieM5ifJD0mSgHqUJ72zVomG/X664f3yB
5V07Qr9z6jJt4/4MY8O+RLgSx46UVxZgyO2LE3hDu/IVczm5OFRZmMoaF4NX7egb
eD7Wuehp1eS6RPjO55w0nVQv3I0QtoX/RZicQ6IOel1GNFvC0qpgmLaRgwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFD62e2ou+kwPAuYUaZ/rL6cnjCzrMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUHJaN2FpNzZUQThDNWhScG4tc3ZweWVNTE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBwCQmAwQA
wCQpAwQAwCQ4AwQAwCQ9AwQAwEcaAwQAwEfpAwQAwEf3AwQBwHkQAwQAwHmjAwQB
wHmqAwQAweuTAwQAwkThAwQAwkdrMA0GCSqGSIb3DQEBCwUAA4IBAQB5sRgHFU8J
UlbX+y7NhwYl2qNW78fIoidbD8tkgwCBT1M3Wp1a8sIMALm9F9Kctn7FehfzspIk
p2OQ/FEqnOuUl5IRpNYfmL2Nfw9JJYN8C9i2b8PNc+rUA71P55RaxXqYkVDfqW9B
xqz45B6x5tDTULZiSHD3wRg7p0PdUI1pziJ8eWIUJKeeY4kmVUnFj9BrIFPJ9Vm/
ONobjdAIXWC/x0H8ff8K1tOLEmsp3SMGVgjTeZJsxnlHLixAAtZl0KB3u7IrE8aV
Ed+BtgszPlzlcIRC6oCYX3qGF02chslCXKvgZpDvRGmhlBiWRF4wXfbXW9C7vm9U
teixiZrB4zaE
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:20 2024 by rpki-client on console-ams.rpki-client.org