Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/q9JvGcITlpW99ms8DjNCzduTY2o.roa
File: q9JvGcITlpW99ms8DjNCzduTY2o.roa (raw, json)
Hash identifier: Tixp69RYmP8gEOP1kkhwupwd7F9hzlKPNoj6u30zbr8=
Subject key identifier: AB:D2:6F:19:C2:13:96:95:BD:F6:6B:3C:0E:33:42:CD:DB:93:63:6A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB12858C9B41AC8C3343749D988D75
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/q9JvGcITlpW99ms8DjNCzduTY2o.roa
Signing time: Sun 01 Jan 2023 10:05:25 +0000
ROA not before: Sun 01 Jan 2023 10:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210422
IP address blocks: 194.68.41.0/24 maxlen: 24
194.68.63.0/24 maxlen: 24
192.121.210.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:12:85:8c:9b:41:ac:8c:33:43:74:9d:98:8d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abd26f19c2139695bdf66b3c0e3342cddb93636a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:20:2d:54:84:ec:bc:90:db:90:3c:95:ba:28:
41:dd:e7:32:8a:6c:07:b2:89:88:1a:50:6d:89:87:
dd:01:4f:9e:f2:96:27:6f:17:d8:94:a1:ee:52:32:
0e:c1:14:0a:24:af:18:44:40:b5:b6:4c:af:fb:af:
89:21:1e:8d:93:8b:9b:56:0e:90:15:90:7e:7f:ac:
ce:52:03:bb:37:4d:9b:0c:a2:3a:50:50:6d:88:f8:
32:a2:24:08:da:c2:28:85:64:66:40:cb:4e:64:f1:
e4:0c:d2:19:62:69:1c:34:96:d5:ad:7b:d8:e9:c5:
a6:56:24:b3:d1:82:91:eb:6d:cf:96:22:8f:1b:0a:
6c:15:62:23:67:48:10:41:a9:32:71:30:04:50:e3:
2b:75:f3:54:af:ad:c7:c7:00:65:00:6d:8d:e2:e8:
31:07:ca:4e:8b:76:fb:a2:80:ce:a5:26:41:98:cf:
d9:70:a8:cc:4c:b4:60:0c:54:a0:69:68:6a:fa:22:
46:d7:5d:0f:77:a9:1f:ad:39:51:a8:de:4a:48:aa:
cc:0b:f5:f5:0a:85:c1:27:dc:c5:7c:55:6a:f3:63:
85:c8:54:aa:5e:60:c6:96:81:9a:ca:8b:e5:ba:83:
c8:76:dd:26:b8:1c:96:71:b9:4e:f6:64:75:be:63:
2b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D2:6F:19:C2:13:96:95:BD:F6:6B:3C:0E:33:42:CD:DB:93:63:6A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/q9JvGcITlpW99ms8DjNCzduTY2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.210.0/24
194.68.41.0/24
194.68.63.0/24
Signature Algorithm: sha256WithRSAEncryption
41:69:3e:59:56:2f:68:61:46:36:ce:7f:a6:8a:ca:61:85:96:
8f:f7:42:33:35:47:54:6e:cf:9b:86:01:d2:cd:33:ac:69:bc:
c9:2d:20:85:60:5b:63:b6:d2:10:76:8c:0f:49:60:4b:81:17:
72:68:e7:5e:64:78:f1:cf:f6:7f:28:ac:f7:c9:15:5a:04:21:
9c:0e:d6:a9:3e:e4:9c:18:ca:95:1d:81:34:65:dd:b5:da:a7:
2a:a8:f8:ae:c1:d7:ab:66:2f:34:29:eb:4f:e6:bb:9f:30:ea:
06:67:fb:37:75:57:42:8e:7b:01:fa:d8:10:1b:66:05:5a:5b:
64:87:6c:a7:50:96:0e:48:4f:04:7e:90:d1:85:ad:d1:09:29:
85:c0:dc:36:e9:94:ad:48:e5:84:20:f8:51:22:cc:e4:e7:37:
42:7e:3b:91:08:00:1c:f5:13:56:0b:08:b2:bd:f2:31:00:44:
a1:35:cc:e4:91:a9:64:87:46:e2:fe:cd:0f:1e:5a:fb:50:a0:
90:5e:4d:56:a4:68:08:f5:4b:0a:f4:95:81:56:3a:68:b3:4e:
89:43:8a:b0:82:26:f7:1a:99:fc:08:4d:ff:0c:20:b1:64:13:
53:95:b4:6d:01:37:b2:b4:64:c8:94:15:11:56:b6:8c:13:f3:
8b:5a:e1:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsyxKFjJtBrIwzQ3SdmI11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmQyNmYxOWMyMTM5Njk1YmRmNjZiM2MwZTMzNDJjZGRiOTM2MzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSAtVITsvJDbkDyVuihB3ecyimwH
somIGlBtiYfdAU+e8pYnbxfYlKHuUjIOwRQKJK8YREC1tkyv+6+JIR6Nk4ubVg6Q
FZB+f6zOUgO7N02bDKI6UFBtiPgyoiQI2sIohWRmQMtOZPHkDNIZYmkcNJbVrXvY
6cWmViSz0YKR623PliKPGwpsFWIjZ0gQQakycTAEUOMrdfNUr63HxwBlAG2N4ugx
B8pOi3b7ooDOpSZBmM/ZcKjMTLRgDFSgaWhq+iJG110Pd6kfrTlRqN5KSKrMC/X1
CoXBJ9zFfFVq82OFyFSqXmDGloGayovluoPIdt0muByWcblO9mR1vmMrbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKvSbxnCE5aVvfZrPA4zQs3bk2NqMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvcTlKdkdjSVRscFc5OW1zOERqTkN6ZHVUWTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHnSAwQA
wkQpAwQAwkQ/MA0GCSqGSIb3DQEBCwUAA4IBAQBBaT5ZVi9oYUY2zn+misphhZaP
90IzNUdUbs+bhgHSzTOsabzJLSCFYFtjttIQdowPSWBLgRdyaOdeZHjxz/Z/KKz3
yRVaBCGcDtapPuScGMqVHYE0Zd212qcqqPiuwderZi80KetP5rufMOoGZ/s3dVdC
jnsB+tgQG2YFWltkh2ynUJYOSE8EfpDRha3RCSmFwNw26ZStSOWEIPhRIszk5zdC
fjuRCAAc9RNWCwiyvfIxAEShNczkkalkh0bi/s0PHlr7UKCQXk1WpGgI9UsK9JWB
Vjpos06JQ4qwgib3Gpn8CE3/DCCxZBNTlbRtATeytGTIlBURVraME/OLWuEX
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:20 2024 by rpki-client on console-ams.rpki-client.org