Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hmGzL2QY_w2Lp-1NjUM8DMn0T2w.roa
File: hmGzL2QY_w2Lp-1NjUM8DMn0T2w.roa (raw, json)
Hash identifier: 9voGHzVTGjgFzPV6diydjsSzCbUnhL9ogHciXzgT0dI=
Subject key identifier: 86:61:B3:2F:64:18:FF:0D:8B:A7:ED:4D:8D:43:3C:0C:C9:F4:4F:6C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCADF826EE09F2F9519D72270E6D158
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hmGzL2QY_w2Lp-1NjUM8DMn0T2w.roa
Signing time: Sun 01 Jan 2023 10:05:12 +0000
ROA not before: Sun 01 Jan 2023 10:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29216
IP address blocks: 192.36.148.0/23 maxlen: 23
192.36.148.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:df:82:6e:e0:9f:2f:95:19:d7:22:70:e6:d1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8661b32f6418ff0d8ba7ed4d8d433c0cc9f44f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a3:57:ac:e5:3f:02:82:98:d1:45:df:4b:1a:
0d:8e:3c:1e:5a:5a:d2:c8:97:69:62:47:11:17:5c:
ba:09:b6:29:99:92:bb:1f:92:0c:0e:18:4a:f2:80:
bd:9e:cc:f6:71:8f:c3:fd:ef:6c:bb:5b:3d:63:73:
60:3b:55:1d:53:c0:0d:e6:f4:c1:95:26:3e:42:b0:
3d:4b:59:bd:aa:a6:e7:b4:81:36:b3:1e:71:0e:01:
20:a0:31:49:69:0c:cd:1a:ff:17:82:93:a8:22:16:
e6:42:a4:0d:74:0a:ed:12:25:ec:5a:c2:96:3d:92:
8c:21:b9:31:52:a0:e4:3f:4f:c7:45:8d:53:04:11:
94:f2:b4:9a:44:ba:8b:fe:21:83:1d:71:5f:97:23:
f5:95:ac:a7:d7:52:f4:52:1b:ee:f3:5a:b4:6c:3d:
d6:16:f7:fe:fa:b2:8c:6f:dd:22:81:19:dc:ba:67:
ff:ef:69:0f:67:62:6e:34:ea:e5:ad:d6:4b:3a:4a:
1c:51:7f:7a:3b:53:05:fa:3d:69:43:63:e4:39:42:
d8:eb:9c:af:31:1d:58:bf:98:9a:d4:b8:63:7f:f4:
d6:ce:31:50:48:95:6c:ba:80:98:2c:00:36:e3:5e:
21:05:64:21:f0:db:90:c8:5b:8b:9c:68:e6:9d:d2:
61:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:61:B3:2F:64:18:FF:0D:8B:A7:ED:4D:8D:43:3C:0C:C9:F4:4F:6C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hmGzL2QY_w2Lp-1NjUM8DMn0T2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.148.0/23
Signature Algorithm: sha256WithRSAEncryption
58:d4:cb:41:c7:02:56:e7:6b:fb:ab:45:cd:d3:5b:6f:07:f5:
30:02:a6:41:a7:c1:77:b1:68:57:c6:a0:cd:ae:65:56:2d:df:
84:49:a5:f1:90:38:01:51:32:26:b5:3c:ec:e2:29:9f:c7:98:
7a:43:ba:07:95:d5:25:bf:1b:b1:9d:5c:0a:e7:fa:b2:af:be:
5e:76:d7:ce:da:27:d3:e7:63:b9:a6:c7:53:78:9c:07:64:62:
48:91:c1:cd:a6:a6:65:10:35:cb:ad:72:ab:b9:77:e8:78:25:
68:b2:50:18:f8:14:f8:1c:f9:ff:92:5d:2b:a4:b5:68:83:2a:
1d:85:e5:f9:2d:db:cc:5f:7f:97:d1:8b:da:50:c8:6c:dd:4b:
3c:99:3b:67:b8:ce:c0:63:18:db:d8:60:5c:c2:d2:9a:a5:37:
b3:45:df:90:0f:42:f7:4a:93:50:c4:aa:c2:a0:e3:5f:ee:bb:
68:6c:d2:04:03:2f:45:34:43:fb:77:06:18:62:b8:66:ed:f5:
5c:a9:78:66:7a:d4:9f:fd:0c:32:95:ba:d3:72:7b:ab:82:91:
70:07:14:b2:77:a5:68:55:47:47:d0:b6:43:b8:d0:52:7f:02:
d6:67:fb:bd:fb:69:d4:9e:a2:48:cd:1e:01:7d:f1:45:82:60:
f4:11:8d:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyt+CbuCfL5UZ1yJw5tFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYxYjMyZjY0MThmZjBkOGJhN2VkNGQ4ZDQzM2MwY2M5ZjQ0ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqNXrOU/AoKY0UXfSxoNjjweWlrS
yJdpYkcRF1y6CbYpmZK7H5IMDhhK8oC9nsz2cY/D/e9su1s9Y3NgO1UdU8AN5vTB
lSY+QrA9S1m9qqbntIE2sx5xDgEgoDFJaQzNGv8XgpOoIhbmQqQNdArtEiXsWsKW
PZKMIbkxUqDkP0/HRY1TBBGU8rSaRLqL/iGDHXFflyP1layn11L0Uhvu81q0bD3W
Fvf++rKMb90igRncumf/72kPZ2JuNOrlrdZLOkocUX96O1MF+j1pQ2PkOULY65yv
MR1Yv5ia1Lhjf/TWzjFQSJVsuoCYLAA2414hBWQh8NuQyFuLnGjmndJhEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZhsy9kGP8Ni6ftTY1DPAzJ9E9sMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaG1HekwyUVlfdzJMcC0xTmpVTThETW4wVDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwCSUMA0G
CSqGSIb3DQEBCwUAA4IBAQBY1MtBxwJW52v7q0XN01tvB/UwAqZBp8F3sWhXxqDN
rmVWLd+ESaXxkDgBUTImtTzs4imfx5h6Q7oHldUlvxuxnVwK5/qyr75edtfO2ifT
52O5psdTeJwHZGJIkcHNpqZlEDXLrXKruXfoeCVoslAY+BT4HPn/kl0rpLVogyod
heX5LdvMX3+X0YvaUMhs3Us8mTtnuM7AYxjb2GBcwtKapTezRd+QD0L3SpNQxKrC
oONf7rtobNIEAy9FNEP7dwYYYrhm7fVcqXhmetSf/QwylbrTcnurgpFwBxSyd6Vo
VUdH0LZDuNBSfwLWZ/u9+2nUnqJIzR4BffFFgmD0EY2g
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:53 2024 by rpki-client on console-fra.rpki-client.org