Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/d9WSwAValY7y1Hw6_amkAkcx36o.roa
File: d9WSwAValY7y1Hw6_amkAkcx36o.roa (raw, json)
Hash identifier: +p+Ar+iXgghOiLXEziweL1yWq/R2yfG5SDftClsNkPw=
Subject key identifier: 77:D5:92:C0:05:5A:95:8E:F2:D4:7C:3A:FD:A9:A4:02:47:31:DF:AA
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018D1682E93BEFF7EDFF561DC11C1C4692F1
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/d9WSwAValY7y1Hw6_amkAkcx36o.roa
Signing time: Wed 17 Jan 2024 08:21:34 +0000
ROA not before: Wed 17 Jan 2024 08:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12552
IP address blocks: 192.71.200.0/24 maxlen: 24
193.181.71.0/24 maxlen: 24
193.182.6.0/24 maxlen: 24
193.182.156.0/24 maxlen: 24
194.103.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 12:09:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:16:82:e9:3b:ef:f7:ed:ff:56:1d:c1:1c:1c:46:92:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 17 08:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77d592c0055a958ef2d47c3afda9a4024731dfaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a9:79:c3:1b:d9:fe:b3:5f:4e:ad:5f:60:15:
6b:8a:a4:60:9f:01:de:17:48:7d:4d:dd:61:b6:5a:
d8:c4:58:6d:d6:15:74:cd:5e:46:27:0c:01:9c:e2:
c2:0a:73:a7:e0:56:d8:11:32:0c:3e:96:b0:ef:bf:
dc:c5:3d:6b:6d:16:ce:d9:87:f1:b4:b6:b6:ca:d5:
c1:52:b2:07:ac:be:50:42:3e:9c:3a:58:e0:42:bb:
2e:29:4f:a1:1f:d4:a1:a3:bd:2a:85:a6:35:58:f8:
49:97:46:82:5b:71:6d:53:93:92:b1:6d:9b:ec:f6:
32:b0:0d:64:22:84:37:5c:54:31:a7:ac:be:7c:ae:
88:58:06:de:00:5f:58:40:4a:cc:e9:42:a6:6d:3c:
bd:15:bd:97:99:23:33:b5:df:2c:3d:9a:93:56:d9:
85:5d:3e:e4:14:0d:ba:bb:e1:bc:20:26:73:2b:05:
34:68:0a:56:41:83:d4:fb:fe:ea:a9:a5:75:1c:28:
9e:be:6c:93:c6:ca:1f:b0:fa:2c:8e:cd:07:a0:5a:
00:bf:16:20:f0:20:7d:59:dd:81:fd:c2:42:e5:8f:
d9:e4:e7:14:cc:92:6f:86:66:05:a0:53:cf:a3:7b:
cb:d5:3c:e3:60:34:96:ef:ff:f7:2f:da:5f:78:2b:
c5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D5:92:C0:05:5A:95:8E:F2:D4:7C:3A:FD:A9:A4:02:47:31:DF:AA
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/d9WSwAValY7y1Hw6_amkAkcx36o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.200.0/24
193.181.71.0/24
193.182.6.0/24
193.182.156.0/24
194.103.248.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:be:05:8e:ea:8e:24:12:2c:c5:37:70:02:02:10:37:9f:bf:
7d:5a:12:51:96:08:65:9c:c0:e0:2b:14:2b:96:d2:0e:a7:ed:
0a:35:26:7e:ac:7b:32:9a:cf:77:3b:e7:dc:3c:b3:b4:c0:ec:
08:8b:48:e7:d5:95:35:78:90:1a:b2:d0:11:c0:b5:12:ba:ce:
53:79:b7:5d:fb:17:d6:0c:91:3b:04:27:e6:ef:f1:9a:83:d3:
59:57:bc:8e:12:34:6c:46:c8:22:7e:29:e7:3f:2f:4a:b6:c8:
a0:07:82:aa:2b:0f:de:96:1d:f7:12:3d:ed:53:a4:af:05:2a:
c0:45:43:da:c1:bf:0f:0a:a6:1f:f4:b9:24:5b:df:26:f4:45:
48:b7:89:ec:7c:48:c4:93:05:61:41:f2:4c:84:71:58:4a:6a:
da:4a:36:46:cf:79:70:45:32:82:2e:ac:4d:a2:51:a6:21:6d:
aa:15:d8:2c:cd:6a:1a:ad:25:3a:04:9c:d9:c4:2b:cb:ba:5a:
ce:b9:08:04:54:dc:b8:8a:65:3b:f2:14:d5:2b:ad:16:a5:d1:
3d:a3:2b:e8:78:8c:df:36:da:e9:67:f5:02:3b:ad:43:8f:a3:
47:3b:28:28:65:ed:19:a5:15:24:fe:29:d7:0a:97:c3:a5:c2:
ae:84:8e:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0Wguk77/ft/1YdwRwcRpLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTE3MDgyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Q1OTJjMDA1NWE5NThlZjJkNDdjM2FmZGE5YTQwMjQ3MzFkZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKl5wxvZ/rNfTq1fYBVriqRgnwHe
F0h9Td1htlrYxFht1hV0zV5GJwwBnOLCCnOn4FbYETIMPpaw77/cxT1rbRbO2Yfx
tLa2ytXBUrIHrL5QQj6cOljgQrsuKU+hH9Sho70qhaY1WPhJl0aCW3FtU5OSsW2b
7PYysA1kIoQ3XFQxp6y+fK6IWAbeAF9YQErM6UKmbTy9Fb2XmSMztd8sPZqTVtmF
XT7kFA26u+G8ICZzKwU0aApWQYPU+/7qqaV1HCievmyTxsofsPosjs0HoFoAvxYg
8CB9Wd2B/cJC5Y/Z5OcUzJJvhmYFoFPPo3vL1TzjYDSW7//3L9pfeCvFCQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHfVksAFWpWO8tR8Ov2ppAJHMd+qMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZDlXU3dBVmFsWTd5MUh3Nl9hbWtBa2N4MzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwEfIAwQA
wbVHAwQAwbYGAwQAwbacAwQAwmf4MA0GCSqGSIb3DQEBCwUAA4IBAQB6vgWO6o4k
EizFN3ACAhA3n799WhJRlghlnMDgKxQrltIOp+0KNSZ+rHsyms93O+fcPLO0wOwI
i0jn1ZU1eJAastARwLUSus5Tebdd+xfWDJE7BCfm7/Gag9NZV7yOEjRsRsgifinn
Py9KtsigB4KqKw/elh33Ej3tU6SvBSrARUPawb8PCqYf9LkkW98m9EVIt4nsfEjE
kwVhQfJMhHFYSmraSjZGz3lwRTKCLqxNolGmIW2qFdgszWoarSU6BJzZxCvLulrO
uQgEVNy4imU78hTVK60WpdE9oyvoeIzfNtrpZ/UCO61Dj6NHOygoZe0ZpRUk/inX
CpfDpcKuhI6U
-----END CERTIFICATE-----
Generated at Thu Mar 14 17:54:46 2024 by rpki-client on console-ams.rpki-client.org