Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/gT_dJtGNWsH8HQc-b_QKXrbcplY.roa
File: gT_dJtGNWsH8HQc-b_QKXrbcplY.roa (raw, json)
Hash identifier: GvC+MoLCnAzVsu2DwlaPSh7Etmqf34+sHtu5634DYv0=
Subject key identifier: 81:3F:DD:26:D1:8D:5A:C1:FC:1D:07:3E:6F:F4:0A:5E:B6:DC:A6:56
Certificate issuer: /CN=1534838bb317b8186699f0a4485db6d9da1908d2
Certificate serial: 01856F5DB010F4AE4E08A41F564EE519B2E2
Authority key identifier: 15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/gT_dJtGNWsH8HQc-b_QKXrbcplY.roa
Signing time: Sun 01 Jan 2023 22:04:48 +0000
ROA not before: Sun 01 Jan 2023 22:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42
IP address blocks: 194.0.42.0/24 maxlen: 24
2001:678:60::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:b0:10:f4:ae:4e:08:a4:1f:56:4e:e5:19:b2:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1534838bb317b8186699f0a4485db6d9da1908d2
Validity
Not Before: Jan 1 22:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=813fdd26d18d5ac1fc1d073e6ff40a5eb6dca656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d6:69:7d:95:58:e9:48:0d:2c:da:d8:4d:1f:
ad:93:30:9f:83:98:c5:16:a3:f8:df:8f:07:6e:43:
d2:a5:84:91:c9:c3:19:6b:fb:59:46:ff:6e:92:ae:
75:f3:6c:bf:f8:23:93:4b:19:34:b9:ce:f1:7b:ba:
d3:7f:89:8d:11:98:a9:be:e3:e5:ce:78:dd:65:ed:
2d:56:c7:ad:c4:e2:7a:98:0d:2d:81:22:bc:95:d3:
09:db:ed:72:d9:43:4a:00:16:a1:83:2b:a3:c0:12:
b4:69:26:ee:ea:21:f7:b7:99:d4:cd:c0:45:72:b1:
68:b1:9c:d8:26:b3:e7:84:4d:02:63:ba:1e:7d:d0:
fd:ea:2c:6a:d4:46:27:bb:e1:31:d1:43:34:46:04:
90:45:c4:76:b5:bc:59:57:56:3f:96:1f:50:57:ac:
d1:15:33:89:4f:89:b0:a1:b2:a9:c1:62:a1:e7:a5:
b8:01:27:b3:86:7e:46:ab:06:6c:22:7d:c3:37:f1:
1a:68:15:f6:61:6f:46:b1:39:22:69:0c:9b:7c:8b:
67:71:9e:93:8c:95:09:be:70:5c:a4:89:0d:8d:74:
15:5a:2f:89:79:3b:17:a1:37:96:69:2b:6d:73:a4:
5a:bd:5c:23:5f:11:ff:92:6b:39:2b:2c:90:4d:12:
5d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:3F:DD:26:D1:8D:5A:C1:FC:1D:07:3E:6F:F4:0A:5E:B6:DC:A6:56
X509v3 Authority Key Identifier:
keyid:15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/gT_dJtGNWsH8HQc-b_QKXrbcplY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/FTSDi7MXuBhmmfCkSF222doZCNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.42.0/24
IPv6:
2001:678:60::/48
Signature Algorithm: sha256WithRSAEncryption
17:61:77:c6:ad:1d:1b:db:4a:c6:e3:60:8d:f6:b2:6f:2a:c8:
11:bb:ec:9c:c3:1b:b9:15:44:a7:13:87:46:73:f7:fa:4a:d8:
04:57:03:31:5a:ab:ad:c8:c5:a5:d9:3f:b3:30:b8:38:07:02:
f1:cd:e5:e1:dd:49:56:be:62:b6:c5:87:96:80:c5:61:fe:90:
ce:2a:48:a0:3d:43:ea:5c:17:33:b0:11:0b:1b:fb:6e:23:6b:
94:59:84:3d:61:c3:1d:de:11:16:4c:84:1f:54:c9:e3:ae:6f:
14:35:b8:0c:fe:86:be:fb:07:6e:be:9f:9f:48:72:22:06:de:
5c:1d:e9:1d:40:a9:1b:29:78:5f:a1:6d:24:f5:4f:b5:34:f0:
b6:42:23:dc:be:fc:c2:6d:f3:f9:fd:e3:0e:8c:7a:9d:2c:df:
9e:b7:4e:7f:e4:d0:21:d9:29:70:a9:22:e9:3b:f7:7a:7a:99:
55:d5:75:a2:2d:7b:a9:30:a3:bc:a6:c4:d2:65:1c:8c:b8:c0:
a7:cc:41:67:52:c8:9e:97:f3:f8:2d:1c:b9:70:ac:bd:ea:80:
e6:53:b4:4a:d1:39:41:f9:09:48:ca:df:8c:33:ef:fc:96:4e:
62:6d:0b:aa:ce:55:00:5c:d8:66:32:98:83:ca:1b:af:b2:7b:
98:c4:32:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvXbAQ9K5OCKQfVk7lGbLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MzQ4MzhiYjMxN2I4MTg2Njk5ZjBhNDQ4NWRiNmQ5ZGEx
OTA4ZDIwHhcNMjMwMTAxMjIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTNmZGQyNmQxOGQ1YWMxZmMxZDA3M2U2ZmY0MGE1ZWI2ZGNhNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNZpfZVY6UgNLNrYTR+tkzCfg5jF
FqP4348HbkPSpYSRycMZa/tZRv9ukq5182y/+COTSxk0uc7xe7rTf4mNEZipvuPl
znjdZe0tVsetxOJ6mA0tgSK8ldMJ2+1y2UNKABahgyujwBK0aSbu6iH3t5nUzcBF
crFosZzYJrPnhE0CY7oefdD96ixq1EYnu+Ex0UM0RgSQRcR2tbxZV1Y/lh9QV6zR
FTOJT4mwobKpwWKh56W4ASezhn5GqwZsIn3DN/EaaBX2YW9GsTkiaQybfItncZ6T
jJUJvnBcpIkNjXQVWi+JeTsXoTeWaSttc6RavVwjXxH/kms5KyyQTRJdjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIE/3SbRjVrB/B0HPm/0Cl623KZWMB8GA1UdIwQY
MBaAFBU0g4uzF7gYZpnwpEhdttnaGQjSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlRTRGk3TVh1QmhtbWZDa1NGMjIyZG9aQ05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8xNGMxY2EtMTg3NC00N2FjLWExOGUt
M2ExNDRjNzBlMGIwLzEvZ1RfZEp0R05Xc0g4SFFjLWJfUUtYcmJjcGxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8xNGMxY2EtMTg3NC00N2FjLWExOGUtM2ExNDRjNzBlMGIw
LzEvRlRTRGk3TVh1QmhtbWZDa1NGMjIyZG9aQ05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAqMA8E
AgACMAkDBwAgAQZ4AGAwDQYJKoZIhvcNAQELBQADggEBABdhd8atHRvbSsbjYI32
sm8qyBG77JzDG7kVRKcTh0Zz9/pK2ARXAzFaq63IxaXZP7MwuDgHAvHN5eHdSVa+
YrbFh5aAxWH+kM4qSKA9Q+pcFzOwEQsb+24ja5RZhD1hwx3eERZMhB9UyeOubxQ1
uAz+hr77B26+n59IciIG3lwd6R1AqRspeF+hbST1T7U08LZCI9y+/MJt8/n94w6M
ep0s3563Tn/k0CHZKXCpIuk793p6mVXVdaIte6kwo7ymxNJlHIy4wKfMQWdSyJ6X
8/gtHLlwrL3qgOZTtErROUH5CUjK34wz7/yWTmJtC6rOVQBc2GYymIPKG6+ye5jE
MsE=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:57:11 2024 by rpki-client on console-fra.rpki-client.org