Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fCT-vYxuEijbdqdVGcnaYNrTPoU.roa
File: fCT-vYxuEijbdqdVGcnaYNrTPoU.roa (raw, json)
Hash identifier: bOXcvoj4n9UtWlvX+1yCiG1ofsiE+Y4v97SfnqC1KbU=
Subject key identifier: 7C:24:FE:BD:8C:6E:12:28:DB:76:A7:55:19:C9:DA:60:DA:D3:3E:85
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAE984D35C3AABDD8159E43DD5EFF1
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fCT-vYxuEijbdqdVGcnaYNrTPoU.roa
Signing time: Sun 01 Jan 2023 10:05:15 +0000
ROA not before: Sun 01 Jan 2023 10:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42708
IP address blocks: 192.165.76.0/24 maxlen: 24
194.68.37.0/24 maxlen: 24
192.121.153.0/24 maxlen: 24
194.68.38.0/24 maxlen: 24
194.14.177.0/24 maxlen: 24
193.180.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e9:84:d3:5c:3a:ab:dd:81:59:e4:3d:d5:ef:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c24febd8c6e1228db76a75519c9da60dad33e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:4b:4e:64:87:dc:23:56:c5:8a:28:cb:fe:10:
f8:c6:75:e8:f7:f6:61:1e:d6:93:0d:2c:e9:6d:1b:
dc:34:ff:3d:0f:57:6f:ba:11:f0:bd:3d:ef:f5:15:
f0:a7:ec:0a:da:9d:c6:f2:0b:76:99:3c:63:16:8c:
8a:aa:15:ac:fc:1c:89:28:48:36:96:6a:9c:85:4d:
ff:e5:f9:09:fe:cb:17:18:a4:45:bb:0b:50:9c:73:
34:f2:59:f8:fe:b0:62:b6:b7:a5:04:f8:60:23:74:
b6:77:6b:44:21:97:dd:d4:a3:5c:ae:ff:04:95:82:
cf:f0:32:ad:5e:c5:59:1a:ad:26:7c:ae:9e:26:bb:
60:23:6a:2d:64:59:8b:06:03:4a:84:3f:c5:92:55:
80:43:24:3c:31:fa:c4:4e:8d:7b:18:16:9e:c8:0a:
50:61:d6:8a:fc:77:78:2d:84:06:2c:af:77:dc:c2:
fc:13:6f:01:9d:eb:68:45:72:e4:10:0d:69:4e:9d:
42:a5:d3:87:a3:f6:19:a9:f4:42:24:22:00:b7:22:
a8:93:6f:9d:dc:93:be:91:4b:c1:f2:85:56:88:6d:
f4:c6:51:ed:21:87:47:07:9c:3e:a1:6d:cd:67:70:
d7:67:eb:1c:cf:cd:bd:3b:f0:b0:94:53:20:1f:cf:
1c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:24:FE:BD:8C:6E:12:28:DB:76:A7:55:19:C9:DA:60:DA:D3:3E:85
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fCT-vYxuEijbdqdVGcnaYNrTPoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.153.0/24
192.165.76.0/24
193.180.200.0/24
194.14.177.0/24
194.68.37.0-194.68.38.255
Signature Algorithm: sha256WithRSAEncryption
07:d3:94:93:02:2c:f5:68:f3:23:89:90:e8:42:33:fb:ad:78:
48:47:ff:d9:25:b4:0b:62:d1:ca:de:2f:49:23:66:87:1d:85:
61:2f:4b:eb:4e:40:55:12:15:0b:97:65:8c:be:0a:b8:ae:b1:
64:b1:22:3e:8f:03:5e:4d:a8:a7:08:b2:15:a2:a9:2e:51:5b:
44:f6:13:73:ae:85:07:89:33:cb:a7:c0:92:ad:5b:ac:b9:fd:
bf:47:e8:78:29:fd:0b:60:37:f0:b8:e4:4c:a7:22:f8:c5:f1:
2a:f0:6c:bf:e8:43:99:56:6a:88:35:0e:1e:75:56:12:e2:47:
70:5c:eb:1a:20:ec:66:69:b1:c5:fb:e2:9b:0e:c6:0f:68:ac:
b0:41:fb:f6:cb:8b:8e:e3:d5:63:8c:64:f1:88:5a:89:aa:d3:
f9:3a:fc:e3:ed:85:b0:bf:fc:4b:14:a6:cb:f8:3f:c8:19:5f:
16:34:fd:4c:49:42:d6:5e:59:e4:76:05:1d:00:55:be:c1:2b:
09:7f:67:ca:44:26:88:0a:0a:b5:44:79:4d:b5:d3:d7:67:5e:
4c:b4:6e:4d:05:66:2a:2e:af:ae:41:6f:33:67:a8:a1:bf:ed:
f7:ef:ea:14:9b:ac:9b:43:c2:81:10:89:3e:f0:32:9b:83:07:
3b:b3:2e:89
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVsyumE01w6q92BWeQ91e/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzI0ZmViZDhjNmUxMjI4ZGI3NmE3NTUxOWM5ZGE2MGRhZDMzZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70tOZIfcI1bFiijL/hD4xnXo9/Zh
HtaTDSzpbRvcNP89D1dvuhHwvT3v9RXwp+wK2p3G8gt2mTxjFoyKqhWs/ByJKEg2
lmqchU3/5fkJ/ssXGKRFuwtQnHM08ln4/rBitrelBPhgI3S2d2tEIZfd1KNcrv8E
lYLP8DKtXsVZGq0mfK6eJrtgI2otZFmLBgNKhD/FklWAQyQ8MfrETo17GBaeyApQ
YdaK/Hd4LYQGLK933ML8E28BnetoRXLkEA1pTp1CpdOHo/YZqfRCJCIAtyKok2+d
3JO+kUvB8oVWiG30xlHtIYdHB5w+oW3NZ3DXZ+scz829O/CwlFMgH88c6QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHwk/r2MbhIo23anVRnJ2mDa0z6FMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZkNULXZZeHVFaWpiZHFkVkdjbmFZTnJUUG9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAwHmZAwQA
wKVMAwQAwbTIAwQAwg6xMAwDBADCRCUDBADCRCYwDQYJKoZIhvcNAQELBQADggEB
AAfTlJMCLPVo8yOJkOhCM/uteEhH/9kltAti0creL0kjZocdhWEvS+tOQFUSFQuX
ZYy+CriusWSxIj6PA15NqKcIshWiqS5RW0T2E3OuhQeJM8unwJKtW6y5/b9H6Hgp
/QtgN/C45EynIvjF8SrwbL/oQ5lWaog1Dh51VhLiR3Bc6xog7GZpscX74psOxg9o
rLBB+/bLi47j1WOMZPGIWomq0/k6/OPthbC//EsUpsv4P8gZXxY0/UxJQtZeWeR2
BR0AVb7BKwl/Z8pEJogKCrVEeU2109dnXky0bk0FZiour65BbzNnqKG/7ffv6hSb
rJtDwoEQiT7wMpuDBzuzLok=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:53 2024 by rpki-client on console-fra.rpki-client.org