Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/y3yJ0iip_QfdjEyhMsUIKfgNS68.roa
File: y3yJ0iip_QfdjEyhMsUIKfgNS68.roa (raw, json)
Hash identifier: h3Ysm/oWUWnboVZ8pHUTbMrkY2pP9FGRxn4cRX2WqEQ=
Subject key identifier: CB:7C:89:D2:28:A9:FD:07:DD:8C:4C:A1:32:C5:08:29:F8:0D:4B:AF
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAE7082BA16F1AE899882A021B9591
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/y3yJ0iip_QfdjEyhMsUIKfgNS68.roa
Signing time: Sun 01 Jan 2023 10:05:14 +0000
ROA not before: Sun 01 Jan 2023 10:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39871
IP address blocks: 192.36.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e7:08:2b:a1:6f:1a:e8:99:88:2a:02:1b:95:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb7c89d228a9fd07dd8c4ca132c50829f80d4baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6f:de:0c:7d:f3:bd:49:45:1b:27:bd:19:ed:
15:f1:e1:e0:3e:4d:c4:b7:c1:3d:61:fb:f2:94:81:
8f:ee:0c:0b:37:75:8b:88:99:42:cd:51:9d:51:98:
68:6f:54:06:4a:93:36:01:f1:df:3d:69:58:31:83:
33:12:f2:bb:e4:30:2d:a7:db:31:a2:d7:b5:42:10:
f6:62:4f:36:7f:51:06:bd:15:1a:5d:fd:e4:1d:2d:
0f:2c:db:3e:ce:58:e7:1a:26:e6:33:2c:1e:ff:cf:
a2:ba:78:c3:cf:57:b4:66:c4:79:c6:c4:5a:af:9b:
56:d0:3b:99:7f:56:d8:2a:a6:b8:8a:37:27:f2:2c:
b2:21:41:12:e2:e6:98:c6:36:7b:2d:8e:46:f3:79:
0c:b3:db:96:1e:3f:6e:99:1a:15:76:64:0d:b4:4e:
df:fe:81:f9:9e:43:7b:ff:6a:1e:72:0a:01:20:cc:
46:81:88:63:1e:a5:7e:27:08:bf:b4:f2:04:eb:3c:
d8:ed:77:2e:d7:f4:d8:51:a0:2d:07:e4:5e:69:4e:
1c:0b:a1:a1:ab:7a:8a:20:7e:ad:24:0d:e7:94:25:
0a:57:70:13:6c:0b:49:04:16:b8:2b:c6:04:f8:61:
b2:6a:10:35:92:ca:c4:1e:e4:83:f0:ff:c1:bf:9a:
0f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7C:89:D2:28:A9:FD:07:DD:8C:4C:A1:32:C5:08:29:F8:0D:4B:AF
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/y3yJ0iip_QfdjEyhMsUIKfgNS68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.133.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:5b:c6:21:96:87:86:f9:71:b3:9a:f5:64:6f:cc:c5:c5:d6:
c7:b8:55:a6:13:da:4d:6a:06:a3:38:6f:ae:16:9f:c8:8d:89:
c5:09:43:2f:13:51:60:83:87:9c:64:a8:e0:eb:65:e6:a9:fd:
27:ed:75:6b:86:65:00:c4:3a:56:6a:4d:b1:95:02:67:b8:b6:
02:db:5e:a7:cd:2e:b4:9f:74:9b:e4:94:43:4b:74:17:2e:fe:
43:b4:58:12:63:f2:fc:9d:ee:63:3d:3a:b3:4c:3d:34:4f:52:
68:03:cc:f8:f4:38:00:fc:51:66:c3:ed:ec:06:58:24:91:63:
54:04:8c:4d:60:e4:9b:71:34:c5:56:62:54:07:d7:47:ed:22:
59:99:21:ed:d3:f8:33:7c:36:39:92:fe:dd:04:db:01:21:ed:
73:ae:8c:2f:0d:88:01:96:fd:d1:7d:c2:6b:67:90:43:2d:4a:
72:35:7b:49:6c:8b:19:7a:97:4a:f1:df:90:91:22:25:c9:47:
9d:0a:58:d0:7d:b7:af:f4:40:ba:74:eb:c9:88:de:95:f4:16:
b5:45:d3:45:20:5a:ee:53:38:c8:4a:73:e0:2e:5d:64:c6:92:
1f:64:8b:25:35:24:a1:5f:3f:06:25:7f:64:21:a5:85:49:6f:
28:64:a6:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyucIK6FvGuiZiCoCG5WRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjdjODlkMjI4YTlmZDA3ZGQ4YzRjYTEzMmM1MDgyOWY4MGQ0YmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW/eDH3zvUlFGye9Ge0V8eHgPk3E
t8E9YfvylIGP7gwLN3WLiJlCzVGdUZhob1QGSpM2AfHfPWlYMYMzEvK75DAtp9sx
ote1QhD2Yk82f1EGvRUaXf3kHS0PLNs+zljnGibmMywe/8+iunjDz1e0ZsR5xsRa
r5tW0DuZf1bYKqa4ijcn8iyyIUES4uaYxjZ7LY5G83kMs9uWHj9umRoVdmQNtE7f
/oH5nkN7/2oecgoBIMxGgYhjHqV+Jwi/tPIE6zzY7Xcu1/TYUaAtB+ReaU4cC6Gh
q3qKIH6tJA3nlCUKV3ATbAtJBBa4K8YE+GGyahA1ksrEHuSD8P/Bv5oPbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMt8idIoqf0H3YxMoTLFCCn4DUuvMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEveTN5SjBpaXBfUWZkakV5aE1zVUlLZmdOUzY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCSFMA0G
CSqGSIb3DQEBCwUAA4IBAQC4W8YhloeG+XGzmvVkb8zFxdbHuFWmE9pNagajOG+u
Fp/IjYnFCUMvE1Fgg4ecZKjg62Xmqf0n7XVrhmUAxDpWak2xlQJnuLYC216nzS60
n3Sb5JRDS3QXLv5DtFgSY/L8ne5jPTqzTD00T1JoA8z49DgA/FFmw+3sBlgkkWNU
BIxNYOSbcTTFVmJUB9dH7SJZmSHt0/gzfDY5kv7dBNsBIe1zrowvDYgBlv3RfcJr
Z5BDLUpyNXtJbIsZepdK8d+QkSIlyUedCljQfbev9EC6dOvJiN6V9Ba1RdNFIFru
UzjISnPgLl1kxpIfZIslNSShXz8GJX9kIaWFSW8oZKaU
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:20 2024 by rpki-client on console-ams.rpki-client.org