Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/qTvrcC_LNVu_twYnnUlxHO8Uvc0.roa
File: qTvrcC_LNVu_twYnnUlxHO8Uvc0.roa (raw, json)
Hash identifier: T12W2OiGwobTd+IGXSZkP5tGYPKiiJ59yle/GDwQEMY=
Subject key identifier: A9:3B:EB:70:2F:CB:35:5B:BF:B7:06:27:9D:49:71:1C:EF:14:BD:CD
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01857082AEFBE763878F597A1126F78E9F08
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/qTvrcC_LNVu_twYnnUlxHO8Uvc0.roa
Signing time: Mon 02 Jan 2023 03:24:50 +0000
ROA not before: Mon 02 Jan 2023 03:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199611
IP address blocks: 194.140.135.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:ae:fb:e7:63:87:8f:59:7a:11:26:f7:8e:9f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 2 03:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a93beb702fcb355bbfb706279d49711cef14bdcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:75:54:37:87:eb:45:88:8a:38:49:3f:7f:81:
37:45:c7:47:37:6b:b9:fa:15:9f:59:78:4f:12:fa:
c9:b1:93:bd:a4:19:11:ba:b2:35:bb:13:af:f2:22:
40:2c:d1:67:20:03:aa:72:5a:48:59:18:b8:a5:53:
4a:98:b0:e0:2f:66:d3:75:7a:2f:73:44:f4:af:a0:
7b:14:9b:a3:0d:2e:c1:4b:97:46:19:7d:f0:46:b8:
74:89:c1:73:7c:1e:38:80:0f:23:16:db:55:21:e0:
32:ce:b6:c0:e5:14:f9:c1:14:a3:0e:28:95:be:20:
dd:06:5b:df:a7:5b:ca:6d:17:32:dd:41:50:9f:27:
c6:fc:19:2b:52:93:0e:d5:33:48:58:da:1e:f9:88:
6e:a9:02:b9:ef:6a:52:b1:6e:f2:5a:bf:0e:bc:e6:
a5:1d:a2:85:ba:0f:df:16:c2:e9:2d:e3:a7:7c:52:
3c:6a:75:a4:49:fe:2c:dc:88:1a:54:86:5d:42:fe:
e9:85:b1:06:bd:7d:b3:7c:7e:05:62:e4:bc:12:b9:
3c:46:cd:84:0c:3d:63:e0:bf:63:46:a5:04:01:35:
cc:fa:7e:e5:d4:4a:3f:4b:51:c6:bf:4c:14:be:0b:
d7:15:e4:56:4b:6f:38:4f:fc:bf:c3:28:31:64:6e:
0a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3B:EB:70:2F:CB:35:5B:BF:B7:06:27:9D:49:71:1C:EF:14:BD:CD
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/qTvrcC_LNVu_twYnnUlxHO8Uvc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.140.135.0/24
Signature Algorithm: sha256WithRSAEncryption
07:45:46:6c:3b:f1:0c:5b:be:83:89:86:b8:e6:e9:7c:9f:3d:
cc:be:ca:ba:14:5a:8f:8b:92:fa:81:02:ad:b4:ad:87:56:d1:
ff:9d:c6:b1:c4:ec:a9:1d:94:30:bf:06:9b:4e:3f:48:2d:d8:
fb:9a:2f:8e:eb:f8:be:14:9c:3a:da:ba:53:4c:33:6f:a2:a7:
65:72:52:61:74:55:34:e7:be:91:b7:ff:19:b6:72:0b:9b:d0:
bc:c3:30:58:30:3d:1b:c1:f8:37:95:c6:04:62:7e:6a:a4:39:
71:46:6d:02:ef:10:01:d4:e2:ad:42:32:1b:7e:b4:c3:d0:9d:
cf:7c:d5:7f:3d:d5:95:9d:cd:54:b5:7b:16:ba:d2:da:6f:2c:
20:02:27:a2:cc:5b:8b:f8:26:b7:d2:e3:d0:e3:7d:a6:94:bb:
e3:e8:55:a2:e2:21:25:f3:1b:76:61:14:cc:0e:fa:dc:4b:8f:
1e:5d:ad:fd:54:2f:dc:b2:f8:14:db:c4:9e:20:56:4a:e1:75:
eb:68:fb:40:5e:91:0b:9d:42:16:29:0a:c7:be:88:fb:71:5c:
64:0a:6a:6b:29:14:73:d7:83:09:bb:34:de:6c:12:38:21:6f:
77:38:ca:9d:ce:57:5f:7d:5b:e6:91:e5:55:17:ee:b2:3e:b6:
4d:ab:22:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgq7752OHj1l6ESb3jp8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwMTAyMDMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTNiZWI3MDJmY2IzNTViYmZiNzA2Mjc5ZDQ5NzExY2VmMTRiZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynVUN4frRYiKOEk/f4E3RcdHN2u5
+hWfWXhPEvrJsZO9pBkRurI1uxOv8iJALNFnIAOqclpIWRi4pVNKmLDgL2bTdXov
c0T0r6B7FJujDS7BS5dGGX3wRrh0icFzfB44gA8jFttVIeAyzrbA5RT5wRSjDiiV
viDdBlvfp1vKbRcy3UFQnyfG/BkrUpMO1TNIWNoe+YhuqQK572pSsW7yWr8OvOal
HaKFug/fFsLpLeOnfFI8anWkSf4s3IgaVIZdQv7phbEGvX2zfH4FYuS8Erk8Rs2E
DD1j4L9jRqUEATXM+n7l1Eo/S1HGv0wUvgvXFeRWS284T/y/wygxZG4KswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKk763AvyzVbv7cGJ51JcRzvFL3NMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvcVR2cmNDX0xOVnVfdHdZbm5VbHhITzhVdmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwoyHMA0G
CSqGSIb3DQEBCwUAA4IBAQAHRUZsO/EMW76DiYa45ul8nz3Mvsq6FFqPi5L6gQKt
tK2HVtH/ncaxxOypHZQwvwabTj9ILdj7mi+O6/i+FJw62rpTTDNvoqdlclJhdFU0
576Rt/8ZtnILm9C8wzBYMD0bwfg3lcYEYn5qpDlxRm0C7xAB1OKtQjIbfrTD0J3P
fNV/PdWVnc1UtXsWutLabywgAieizFuL+Ca30uPQ432mlLvj6FWi4iEl8xt2YRTM
DvrcS48eXa39VC/csvgU28SeIFZK4XXraPtAXpELnUIWKQrHvoj7cVxkCmprKRRz
14MJuzTebBI4IW93OMqdzldffVvmkeVVF+6yPrZNqyKS
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:15 2024 by rpki-client on console-ams.rpki-client.org