Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/5d561c-063c-4fbb-903b-2f21e9dd5708/1/RJDOsIahZw2wFVAs3Kw8oL1296k.roa
File: RJDOsIahZw2wFVAs3Kw8oL1296k.roa (raw, json)
Hash identifier: ELhirYwfTkvB6h7ue4Puo/KmIqbBPwgUSqNSFzOwBO4=
Subject key identifier: 44:90:CE:B0:86:A1:67:0D:B0:15:50:2C:DC:AC:3C:A0:BD:76:F7:A9
Certificate issuer: /CN=86f17c3e27e9a2b8fe69dd75f489bf720af7d2aa
Certificate serial: 01856C1CAC19F7712E8C86626F5ADAEE9260
Authority key identifier: 86:F1:7C:3E:27:E9:A2:B8:FE:69:DD:75:F4:89:BF:72:0A:F7:D2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hvF8Pifporj-ad119Im_cgr30qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/5d561c-063c-4fbb-903b-2f21e9dd5708/1/RJDOsIahZw2wFVAs3Kw8oL1296k.roa
Signing time: Sun 01 Jan 2023 06:54:56 +0000
ROA not before: Sun 01 Jan 2023 06:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203329
IP address blocks: 194.121.56.0/24 maxlen: 24
2001:678:f44::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:ac:19:f7:71:2e:8c:86:62:6f:5a:da:ee:92:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86f17c3e27e9a2b8fe69dd75f489bf720af7d2aa
Validity
Not Before: Jan 1 06:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4490ceb086a1670db015502cdcac3ca0bd76f7a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a8:f1:ad:31:63:ec:f7:f5:8e:da:e2:b9:11:
53:ee:06:17:ca:1b:d3:3b:2f:39:6f:bf:0e:ed:f5:
42:5d:7a:b1:b1:ee:5d:c1:b5:39:da:2e:58:eb:3a:
bd:03:79:3c:a3:2d:a1:fc:ec:f2:42:ba:1f:de:aa:
d9:fc:6b:90:fd:77:0a:ce:e2:fd:af:bf:41:53:32:
db:53:cd:2d:32:47:4c:3f:80:14:16:6b:c5:c1:2f:
43:d9:49:db:26:50:51:23:9e:b9:62:e4:b9:61:1b:
b5:70:79:8a:9d:64:ad:74:ee:fe:1a:7e:ac:8e:68:
f3:4c:e5:29:62:be:d1:a6:21:4b:3f:52:77:2c:d4:
d6:4f:9c:c3:b0:c1:e4:93:20:26:65:52:51:3b:28:
5e:6c:00:8a:7c:6b:a1:15:ab:7c:66:aa:4f:3b:d1:
06:2a:18:68:34:3e:70:61:9c:18:9c:4c:15:3c:a6:
db:53:f8:a5:90:5c:77:20:1c:50:f8:24:d8:a4:7c:
6a:36:c3:72:1b:55:3f:4c:f0:9e:cd:00:7c:b9:77:
fa:03:d2:bc:f2:11:15:eb:bb:75:35:92:76:50:23:
48:d1:b0:18:44:45:15:ac:14:7a:ed:b3:9b:d0:5e:
03:e7:6a:6f:aa:f6:d2:fb:d2:7a:73:13:58:0e:01:
dd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:90:CE:B0:86:A1:67:0D:B0:15:50:2C:DC:AC:3C:A0:BD:76:F7:A9
X509v3 Authority Key Identifier:
keyid:86:F1:7C:3E:27:E9:A2:B8:FE:69:DD:75:F4:89:BF:72:0A:F7:D2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hvF8Pifporj-ad119Im_cgr30qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5d561c-063c-4fbb-903b-2f21e9dd5708/1/RJDOsIahZw2wFVAs3Kw8oL1296k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5d561c-063c-4fbb-903b-2f21e9dd5708/1/hvF8Pifporj-ad119Im_cgr30qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.121.56.0/24
IPv6:
2001:678:f44::/48
Signature Algorithm: sha256WithRSAEncryption
8e:ce:97:a2:f5:e7:70:9d:cd:0c:2f:5c:92:2e:f2:99:4d:e0:
26:f4:f9:64:24:7b:4f:f3:6f:86:ff:f2:a4:ea:63:79:97:d3:
67:ff:1f:c3:d6:2b:19:fa:ca:b2:5a:aa:ac:75:04:cc:fa:38:
d6:87:97:4e:3d:44:81:78:d0:56:c2:1c:8d:0b:d5:b4:07:bf:
a5:08:6e:14:cf:ed:95:eb:bd:63:41:5a:1f:fe:f5:67:f3:2b:
82:a5:72:8e:a5:60:ba:9c:c5:42:67:6a:40:84:ba:81:96:b9:
91:c4:96:12:bb:1a:a3:de:46:e4:e9:c0:d8:5b:c3:44:36:98:
ec:0f:d0:ee:a4:ef:e6:02:ee:70:23:ed:52:bd:89:86:aa:ff:
6b:7f:ef:c9:d0:60:4d:a0:d5:ff:23:55:87:8c:12:cb:ff:a3:
cc:fd:f1:d9:2d:3f:a3:6f:91:42:5f:5f:98:37:88:95:c2:93:
43:6f:fc:2e:e4:37:56:3e:94:55:73:ef:5c:4f:fa:de:d0:d1:
ff:fd:7f:49:0f:1f:60:10:1a:b1:14:b2:dd:7b:27:aa:a5:cf:
76:bf:c0:ad:59:98:c7:9d:87:ef:98:7b:67:f6:85:19:3f:6b:
2a:43:a5:1d:eb:84:c7:e4:eb:1e:3d:75:46:cf:80:79:53:2a:
05:27:20:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsHKwZ93EujIZib1ra7pJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZjE3YzNlMjdlOWEyYjhmZTY5ZGQ3NWY0ODliZjcyMGFm
N2QyYWEwHhcNMjMwMTAxMDY1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDkwY2ViMDg2YTE2NzBkYjAxNTUwMmNkY2FjM2NhMGJkNzZmN2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhajxrTFj7Pf1jtriuRFT7gYXyhvT
Oy85b78O7fVCXXqxse5dwbU52i5Y6zq9A3k8oy2h/OzyQrof3qrZ/GuQ/XcKzuL9
r79BUzLbU80tMkdMP4AUFmvFwS9D2UnbJlBRI565YuS5YRu1cHmKnWStdO7+Gn6s
jmjzTOUpYr7RpiFLP1J3LNTWT5zDsMHkkyAmZVJROyhebACKfGuhFat8ZqpPO9EG
KhhoND5wYZwYnEwVPKbbU/ilkFx3IBxQ+CTYpHxqNsNyG1U/TPCezQB8uXf6A9K8
8hEV67t1NZJ2UCNI0bAYREUVrBR67bOb0F4D52pvqvbS+9J6cxNYDgHdOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFESQzrCGoWcNsBVQLNysPKC9dvepMB8GA1UdIwQY
MBaAFIbxfD4n6aK4/mnddfSJv3IK99KqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHZGOFBpZnBvcmotYWQxMTlJbV9jZ3IzMHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy81ZDU2MWMtMDYzYy00ZmJiLTkwM2It
MmYyMWU5ZGQ1NzA4LzEvUkpET3NJYWhadzJ3RlZBczNLdzhvTDEyOTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy81ZDU2MWMtMDYzYy00ZmJiLTkwM2ItMmYyMWU5ZGQ1NzA4
LzEvaHZGOFBpZnBvcmotYWQxMTlJbV9jZ3IzMHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwnk4MA8E
AgACMAkDBwAgAQZ4D0QwDQYJKoZIhvcNAQELBQADggEBAI7Ol6L153CdzQwvXJIu
8plN4Cb0+WQke0/zb4b/8qTqY3mX02f/H8PWKxn6yrJaqqx1BMz6ONaHl049RIF4
0FbCHI0L1bQHv6UIbhTP7ZXrvWNBWh/+9WfzK4Klco6lYLqcxUJnakCEuoGWuZHE
lhK7GqPeRuTpwNhbw0Q2mOwP0O6k7+YC7nAj7VK9iYaq/2t/78nQYE2g1f8jVYeM
Esv/o8z98dktP6NvkUJfX5g3iJXCk0Nv/C7kN1Y+lFVz71xP+t7Q0f/9f0kPH2AQ
GrEUst17J6qlz3a/wK1ZmMedh++Ye2f2hRk/aypDpR3rhMfk6x49dUbPgHlTKgUn
IHE=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:55 2024 by rpki-client on console-ams.rpki-client.org