Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/329968-247c-4dea-99d2-60107b4ea4eb/1/kH08PNNA1mewdYZeqDtkprYilXw.roa
File: kH08PNNA1mewdYZeqDtkprYilXw.roa (raw, json)
Hash identifier: 7rtTTcmhX3UgmhN0KZgT7J8azEeXPz37Xp5350dk3p8=
Subject key identifier: 90:7D:3C:3C:D3:40:D6:67:B0:75:86:5E:A8:3B:64:A6:B6:22:95:7C
Certificate issuer: /CN=1a79a0ac3312c1653f300b04510d9bf2c9c2a55f
Certificate serial: 01857169A7BFFFD37584BC293498E759E95C
Authority key identifier: 1A:79:A0:AC:33:12:C1:65:3F:30:0B:04:51:0D:9B:F2:C9:C2:A5:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GnmgrDMSwWU_MAsEUQ2b8snCpV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/329968-247c-4dea-99d2-60107b4ea4eb/1/kH08PNNA1mewdYZeqDtkprYilXw.roa
Signing time: Mon 02 Jan 2023 07:37:07 +0000
ROA not before: Mon 02 Jan 2023 07:37:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 194.76.43.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:a7:bf:ff:d3:75:84:bc:29:34:98:e7:59:e9:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a79a0ac3312c1653f300b04510d9bf2c9c2a55f
Validity
Not Before: Jan 2 07:37:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=907d3c3cd340d667b075865ea83b64a6b622957c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7c:0d:e4:04:0d:c8:79:de:5c:bc:20:d2:3f:
6a:25:7d:b7:c2:da:98:02:fe:fc:a7:f3:8f:d7:25:
34:6a:1c:b9:d5:58:63:cd:77:5d:85:50:c5:15:ca:
96:e9:f8:85:98:b4:f5:89:fc:e0:ff:93:3c:46:7e:
57:31:b7:1d:56:2f:41:88:f0:7e:e8:16:d0:f7:18:
4d:b7:90:3d:50:c4:ec:10:d2:21:53:88:72:00:48:
42:0f:08:a1:82:a5:64:27:ad:23:4b:18:e0:19:35:
95:bd:2e:66:11:ea:ee:02:3c:20:a8:eb:fb:a2:91:
c1:be:f7:f8:3d:3d:d4:ee:e4:69:55:14:3a:62:30:
e2:dd:e0:3a:c6:e0:86:bc:5d:97:f6:e7:81:58:23:
b4:9a:c3:45:f3:5b:81:e4:12:b1:66:5f:23:be:c1:
7e:a4:43:d9:20:28:b5:cf:21:01:b4:2b:6d:10:63:
86:1c:e5:6d:ab:9c:cd:a0:8b:20:88:14:43:ed:ff:
5e:55:ed:7b:1d:64:48:f0:c2:9b:05:19:be:e3:a1:
32:44:07:58:f1:54:d2:6c:17:a1:f0:05:88:87:0b:
ae:8b:42:61:b5:d6:aa:de:86:bc:1c:d3:d3:ae:44:
63:68:1a:72:07:ad:62:96:b6:05:ce:54:66:62:77:
40:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7D:3C:3C:D3:40:D6:67:B0:75:86:5E:A8:3B:64:A6:B6:22:95:7C
X509v3 Authority Key Identifier:
keyid:1A:79:A0:AC:33:12:C1:65:3F:30:0B:04:51:0D:9B:F2:C9:C2:A5:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GnmgrDMSwWU_MAsEUQ2b8snCpV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/329968-247c-4dea-99d2-60107b4ea4eb/1/kH08PNNA1mewdYZeqDtkprYilXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/329968-247c-4dea-99d2-60107b4ea4eb/1/GnmgrDMSwWU_MAsEUQ2b8snCpV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.43.0/24
Signature Algorithm: sha256WithRSAEncryption
88:a5:03:a1:be:4e:fa:c7:f1:33:b9:03:c4:23:c6:7c:1e:b8:
ae:1b:97:9e:00:19:cd:d8:c0:fb:ac:2b:52:2f:a9:23:49:6c:
5d:71:4c:d8:50:09:22:11:e5:62:bd:53:bf:eb:45:8b:c1:7d:
3f:59:63:7d:6b:b3:eb:63:25:bf:37:3b:3f:c2:55:77:2d:fe:
bb:64:92:d1:8b:2b:73:33:04:52:14:c5:54:d9:81:c6:fe:5b:
bd:f2:f9:91:97:b9:33:1e:26:c5:ac:94:a5:00:d9:9b:53:de:
fc:bc:d4:00:24:27:38:f0:03:f2:6c:5a:b5:ea:b8:d5:ee:55:
1a:87:7a:b7:bf:08:92:3a:98:40:b1:ad:8c:35:a7:53:b7:83:
9a:5a:f8:61:f9:1a:b6:2e:a5:59:9c:70:51:a0:fd:5c:b2:14:
21:56:81:c6:2a:23:53:b0:37:01:31:c3:f5:95:db:63:fe:83:
99:ec:ed:5f:d2:3d:81:a9:58:46:b6:8e:59:fa:fd:b1:eb:e4:
ed:75:da:13:09:d8:fc:82:fe:61:1e:92:85:33:d7:54:30:4f:
fd:bb:b1:5e:79:75:d2:71:10:51:e5:b4:ae:e7:f7:b6:d8:c6:
ec:7d:d6:f4:f0:e1:3a:0a:ce:f9:d9:74:aa:e5:24:9e:d3:2e:
5b:a7:4e:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxaae//9N1hLwpNJjnWelcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNzlhMGFjMzMxMmMxNjUzZjMwMGIwNDUxMGQ5YmYyYzlj
MmE1NWYwHhcNMjMwMTAyMDczNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdkM2MzY2QzNDBkNjY3YjA3NTg2NWVhODNiNjRhNmI2MjI5NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXwN5AQNyHneXLwg0j9qJX23wtqY
Av78p/OP1yU0ahy51VhjzXddhVDFFcqW6fiFmLT1ifzg/5M8Rn5XMbcdVi9BiPB+
6BbQ9xhNt5A9UMTsENIhU4hyAEhCDwihgqVkJ60jSxjgGTWVvS5mEeruAjwgqOv7
opHBvvf4PT3U7uRpVRQ6YjDi3eA6xuCGvF2X9ueBWCO0msNF81uB5BKxZl8jvsF+
pEPZICi1zyEBtCttEGOGHOVtq5zNoIsgiBRD7f9eVe17HWRI8MKbBRm+46EyRAdY
8VTSbBeh8AWIhwuui0Jhtdaq3oa8HNPTrkRjaBpyB61ilrYFzlRmYndAKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJB9PDzTQNZnsHWGXqg7ZKa2IpV8MB8GA1UdIwQY
MBaAFBp5oKwzEsFlPzALBFENm/LJwqVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR25tZ3JETVN3V1VfTUFzRVVRMmI4c25DcFY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8zMjk5NjgtMjQ3Yy00ZGVhLTk5ZDIt
NjAxMDdiNGVhNGViLzEva0gwOFBOTkExbWV3ZFlaZXFEdGtwcllpbFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8zMjk5NjgtMjQ3Yy00ZGVhLTk5ZDItNjAxMDdiNGVhNGVi
LzEvR25tZ3JETVN3V1VfTUFzRVVRMmI4c25DcFY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkwrMA0G
CSqGSIb3DQEBCwUAA4IBAQCIpQOhvk76x/EzuQPEI8Z8HriuG5eeABnN2MD7rCtS
L6kjSWxdcUzYUAkiEeVivVO/60WLwX0/WWN9a7PrYyW/Nzs/wlV3Lf67ZJLRiytz
MwRSFMVU2YHG/lu98vmRl7kzHibFrJSlANmbU978vNQAJCc48APybFq16rjV7lUa
h3q3vwiSOphAsa2MNadTt4OaWvhh+Rq2LqVZnHBRoP1cshQhVoHGKiNTsDcBMcP1
ldtj/oOZ7O1f0j2BqVhGto5Z+v2x6+TtddoTCdj8gv5hHpKFM9dUME/9u7FeeXXS
cRBR5bSu5/e22Mbsfdb08OE6Cs752XSq5SSe0y5bp05w
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:35 2024 by rpki-client on console-fra.rpki-client.org