Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/1-Z7WcRw3hoa0KnsW73jLtS_JLtc.roa
File: 1-Z7WcRw3hoa0KnsW73jLtS_JLtc.roa (raw, json)
Hash identifier: YENM3IeeAJC0HmHMdo3JShrdOhUBuvHvokGhVvO2NRA=
Subject key identifier: F9:9E:D6:71:1C:37:86:86:B4:2A:7B:16:EF:78:CB:B5:2F:C9:2E:D7
Certificate issuer: /CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Certificate serial: 018F38AAEC12A7395CFD5CB446BF861021E3
Authority key identifier: 1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/1-Z7WcRw3hoa0KnsW73jLtS_JLtc.roa
Signing time: Thu 02 May 2024 09:37:56 +0000
ROA not before: Thu 02 May 2024 09:37:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7155
IP address blocks: 130.255.20.0/24 maxlen: 24
130.255.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 07:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:aa:ec:12:a7:39:5c:fd:5c:b4:46:bf:86:10:21:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Validity
Not Before: May 2 09:37:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f99ed6711c378686b42a7b16ef78cbb52fc92ed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:69:e8:c2:d4:fb:a3:1f:e0:12:6d:62:42:f1:
fc:5f:e4:8e:b3:c9:ad:c9:d7:d0:69:d6:e4:46:0e:
8d:30:64:0f:8e:0a:27:6d:43:67:5f:53:dc:c3:22:
aa:e7:d5:b0:75:d0:01:c3:7c:a5:00:e1:3a:8c:87:
02:df:20:ab:fa:76:39:c5:4c:1c:8b:7c:80:5f:77:
0e:c3:5e:17:35:75:99:03:5d:29:13:74:92:87:14:
a1:ff:c5:56:b6:69:e2:dd:63:aa:a3:29:f6:9a:86:
0d:ff:5c:a2:5d:c9:2c:4c:fe:28:12:cc:47:59:80:
e6:84:a4:34:80:73:eb:6b:fc:8b:9c:51:d3:44:97:
00:74:08:e8:4c:27:a1:b8:8a:9f:15:47:92:33:d9:
18:51:3d:75:d6:04:6b:8e:30:f7:fa:50:36:66:c7:
22:c8:46:e8:ec:e4:0d:0c:1b:f1:b4:79:a6:44:a6:
49:7d:4d:85:56:75:77:3e:5a:f7:3b:76:71:7d:15:
6b:96:fa:91:a1:6c:06:d4:a2:2e:f0:f3:54:28:be:
70:f5:36:18:49:c7:bc:39:3a:5b:4b:39:2e:ed:4c:
b6:0a:8b:bb:44:8f:f0:64:ee:21:25:c1:c0:43:7d:
ff:6a:87:8c:96:0d:66:df:79:c8:7d:d7:1a:49:b3:
09:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9E:D6:71:1C:37:86:86:B4:2A:7B:16:EF:78:CB:B5:2F:C9:2E:D7
X509v3 Authority Key Identifier:
keyid:1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/1-Z7WcRw3hoa0KnsW73jLtS_JLtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/G9Id-yT32M4jEbpAdndUdL1QvmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.20.0/24
130.255.27.0/24
Signature Algorithm: sha256WithRSAEncryption
91:be:c1:2d:04:a6:bb:57:c6:e8:59:b8:c4:e7:f1:68:05:09:
3f:3a:bb:9d:c3:fc:a6:5f:1b:53:8f:36:2f:c9:02:ce:f4:86:
ce:c0:f3:5d:17:22:f6:f4:72:59:46:dc:23:ff:25:2e:e2:5b:
bb:4c:b2:b8:18:cd:f0:81:b9:10:bb:47:c3:6f:88:d7:69:f1:
2c:8d:74:18:76:15:12:99:e3:00:7a:11:4e:64:70:24:63:b4:
32:f9:0b:0d:e6:eb:2c:e2:fc:11:fe:ea:33:50:7b:b0:c2:91:
4d:da:91:7d:86:71:23:73:0b:0f:a4:b8:b6:40:f6:d1:90:fd:
46:cf:88:5f:2a:fb:88:fe:22:6c:9f:5d:ea:56:fe:24:4f:9b:
04:a1:52:b3:1e:b0:d9:36:f9:6b:4a:2f:2d:c6:da:4e:42:db:
9c:0f:16:0d:ee:aa:40:45:48:2c:58:b1:bb:57:25:2f:2c:31:
c1:c3:f3:8b:7d:be:fd:f5:d4:83:8d:23:a5:c7:4b:8f:1b:13:
c5:3c:af:fb:c5:e2:cb:19:b8:6f:44:7c:f9:f4:d3:bd:1f:05:
41:87:b0:6f:06:43:08:25:68:a4:5d:34:09:e3:39:5d:90:5b:
82:9c:82:d8:e0:65:e0:aa:ba:68:04:f3:d2:83:21:d4:75:3f:
fd:fc:72:91
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAY84quwSpzlc/Vy0Rr+GECHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZDIxZGZiMjRmN2Q4Y2UyMzExYmE0MDc2Nzc1NDc0YmQ1
MGJlNjQwHhcNMjQwNTAyMDkzNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTllZDY3MTFjMzc4Njg2YjQyYTdiMTZlZjc4Y2JiNTJmYzkyZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmnowtT7ox/gEm1iQvH8X+SOs8mt
ydfQadbkRg6NMGQPjgonbUNnX1PcwyKq59WwddABw3ylAOE6jIcC3yCr+nY5xUwc
i3yAX3cOw14XNXWZA10pE3SShxSh/8VWtmni3WOqoyn2moYN/1yiXcksTP4oEsxH
WYDmhKQ0gHPra/yLnFHTRJcAdAjoTCehuIqfFUeSM9kYUT111gRrjjD3+lA2Zsci
yEbo7OQNDBvxtHmmRKZJfU2FVnV3Plr3O3ZxfRVrlvqRoWwG1KIu8PNUKL5w9TYY
Sce8OTpbSzku7Uy2Cou7RI/wZO4hJcHAQ33/aoeMlg1m33nIfdcaSbMJ0QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPme1nEcN4aGtCp7Fu94y7UvyS7XMB8GA1UdIwQY
MBaAFBvSHfsk99jOIxG6QHZ3VHS9UL5kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzlJZC15VDMyTTRqRWJwQWRuZFVkTDFRdm1RLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wOGUxNWItNGEyNC00Y2UwLTk0NTQt
Zjg3YTMyMmE3Nzc2LzEvMS1aN1djUnczaG9hMEtuc1c3M2pMdFNfSkx0Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTIvMDhlMTViLTRhMjQtNGNlMC05NDU0LWY4N2EzMjJhNzc3
Ni8xL0c5SWQteVQzMk00akVicEFkbmRVZEwxUXZtUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAIL/FAME
AIL/GzANBgkqhkiG9w0BAQsFAAOCAQEAkb7BLQSmu1fG6Fm4xOfxaAUJPzq7ncP8
pl8bU482L8kCzvSGzsDzXRci9vRyWUbcI/8lLuJbu0yyuBjN8IG5ELtHw2+I12nx
LI10GHYVEpnjAHoRTmRwJGO0MvkLDebrLOL8Ef7qM1B7sMKRTdqRfYZxI3MLD6S4
tkD20ZD9Rs+IXyr7iP4ibJ9d6lb+JE+bBKFSsx6w2Tb5a0ovLcbaTkLbnA8WDe6q
QEVILFixu1clLywxwcPzi32+/fXUg40jpcdLjxsTxTyv+8Xiyxm4b0R8+fTTvR8F
QYewbwZDCCVopF00CeM5XZBbgpyC2OBl4Kq6aATz0oMh1HU//fxykQ==
-----END CERTIFICATE-----
Generated at Tue Jun 11 10:55:57 2024 by rpki-client on console-fra.rpki-client.org