Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/0157c9-3488-4fb8-9b4f-9909ee2f33b2/1/CaCAOdnSVgIDSaXASr2AAc8UFe0.roa
File: CaCAOdnSVgIDSaXASr2AAc8UFe0.roa (raw, json)
Hash identifier: xPSm5Umu2zn7QBojOWkGB4UuQ1x6fmbn10YFuK6okYE=
Subject key identifier: 09:A0:80:39:D9:D2:56:02:03:49:A5:C0:4A:BD:80:01:CF:14:15:ED
Certificate issuer: /CN=85860273eb271922b9f7ec8f4a591016356d732b
Certificate serial: 018AF530D0EDBE7A03DC8C14AD0EACB23571
Authority key identifier: 85:86:02:73:EB:27:19:22:B9:F7:EC:8F:4A:59:10:16:35:6D:73:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hYYCc-snGSK59-yPSlkQFjVtcys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/0157c9-3488-4fb8-9b4f-9909ee2f33b2/1/CaCAOdnSVgIDSaXASr2AAc8UFe0.roa
Signing time: Tue 03 Oct 2023 10:58:51 +0000
ROA not before: Tue 03 Oct 2023 10:58:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207989
IP address blocks: 84.38.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:30:d0:ed:be:7a:03:dc:8c:14:ad:0e:ac:b2:35:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85860273eb271922b9f7ec8f4a591016356d732b
Validity
Not Before: Oct 3 10:58:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09a08039d9d256020349a5c04abd8001cf1415ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:04:4c:0e:5a:ab:79:92:b8:ad:65:41:a4:63:
a1:ff:e0:18:14:ff:d7:57:0e:fc:d7:90:5b:9f:81:
9b:c0:0e:43:c6:64:4e:84:bf:4a:0d:b7:35:07:85:
4b:c3:19:d5:6a:c4:39:77:de:6e:2b:12:b7:71:95:
be:00:ef:c7:29:67:14:20:80:a0:57:7a:08:37:77:
af:bc:9b:93:19:39:e9:44:03:a6:78:bb:a8:c6:ae:
fd:4b:71:15:e1:0f:73:7e:26:ba:2a:8d:11:30:01:
05:5e:83:60:32:31:e5:72:72:73:2a:1f:f2:7a:a4:
9f:85:6e:7c:b5:1d:7d:77:a8:c2:2d:07:ed:7b:16:
2a:19:04:1f:52:89:d7:ea:cf:8e:66:f8:23:d5:7e:
72:e0:90:7c:dc:cb:f7:04:1f:1d:38:4b:43:0b:b0:
22:59:d4:66:85:b2:a3:b0:48:21:2b:4a:38:8e:55:
e4:75:24:67:37:82:29:b5:1d:15:c4:88:f0:3a:67:
62:d6:b5:a7:02:b1:53:2a:0b:53:a8:8e:78:d6:2f:
10:5a:b7:79:d1:9d:e5:72:66:32:85:80:2f:82:60:
ca:29:d9:de:e9:d2:40:54:77:10:0d:de:ed:34:90:
c5:4a:76:0b:24:e2:c6:b0:ea:be:a1:15:d1:5b:75:
de:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A0:80:39:D9:D2:56:02:03:49:A5:C0:4A:BD:80:01:CF:14:15:ED
X509v3 Authority Key Identifier:
keyid:85:86:02:73:EB:27:19:22:B9:F7:EC:8F:4A:59:10:16:35:6D:73:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hYYCc-snGSK59-yPSlkQFjVtcys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/0157c9-3488-4fb8-9b4f-9909ee2f33b2/1/CaCAOdnSVgIDSaXASr2AAc8UFe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/0157c9-3488-4fb8-9b4f-9909ee2f33b2/1/hYYCc-snGSK59-yPSlkQFjVtcys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.251.0/24
Signature Algorithm: sha256WithRSAEncryption
85:72:44:ac:bb:ec:71:b8:c2:c5:4a:b8:11:2f:ef:a7:e5:92:
bb:0e:46:01:26:1e:06:1c:c8:bc:0a:d4:97:9e:1b:34:cf:7f:
70:a7:54:52:85:66:5d:a0:48:a7:df:92:26:b1:6d:3f:14:86:
99:e9:f7:de:e9:ab:64:7b:fa:e0:48:bd:b9:44:70:b1:26:04:
59:07:57:07:84:35:99:e5:b1:cb:4f:67:13:8f:49:dd:a6:bb:
63:13:47:e4:67:44:0e:7a:2d:8d:53:bb:df:20:0a:bd:31:5d:
9d:b0:7b:29:f5:a5:88:7a:5c:be:ec:a6:d3:01:3f:dc:1b:a9:
6b:03:99:21:47:6d:65:e5:88:ca:54:51:bb:08:9b:e5:32:67:
2b:c5:4e:0c:89:c5:8a:81:05:14:38:00:db:3a:79:36:65:f7:
6b:3e:88:b8:87:51:f4:9d:c1:12:a5:c9:b3:1f:f0:45:f8:e9:
c0:7d:1b:c5:99:c7:50:10:d7:65:60:3b:c5:e5:42:b3:c8:3b:
1e:3b:7d:7d:1a:8f:fe:e2:98:4c:0a:6a:12:fa:33:f9:c1:49:
47:0b:77:9b:a5:04:44:47:98:27:b0:5d:83:10:78:ca:f1:a2:
f7:b2:b8:46:be:ce:a7:a3:12:a4:8b:a9:56:2f:da:e0:b0:c4:
80:64:d4:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr1MNDtvnoD3IwUrQ6ssjVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ODYwMjczZWIyNzE5MjJiOWY3ZWM4ZjRhNTkxMDE2MzU2
ZDczMmIwHhcNMjMxMDAzMTA1ODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWEwODAzOWQ5ZDI1NjAyMDM0OWE1YzA0YWJkODAwMWNmMTQxNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgRMDlqreZK4rWVBpGOh/+AYFP/X
Vw7815Bbn4GbwA5DxmROhL9KDbc1B4VLwxnVasQ5d95uKxK3cZW+AO/HKWcUIICg
V3oIN3evvJuTGTnpRAOmeLuoxq79S3EV4Q9zfia6Ko0RMAEFXoNgMjHlcnJzKh/y
eqSfhW58tR19d6jCLQftexYqGQQfUonX6s+OZvgj1X5y4JB83Mv3BB8dOEtDC7Ai
WdRmhbKjsEghK0o4jlXkdSRnN4IptR0VxIjwOmdi1rWnArFTKgtTqI541i8QWrd5
0Z3lcmYyhYAvgmDKKdne6dJAVHcQDd7tNJDFSnYLJOLGsOq+oRXRW3Xe/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmggDnZ0lYCA0mlwEq9gAHPFBXtMB8GA1UdIwQY
MBaAFIWGAnPrJxkiuffsj0pZEBY1bXMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFlZQ2Mtc25HU0s1OS15UFNsa1FGalZ0Y3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wMTU3YzktMzQ4OC00ZmI4LTliNGYt
OTkwOWVlMmYzM2IyLzEvQ2FDQU9kblNWZ0lEU2FYQVNyMkFBYzhVRmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wMTU3YzktMzQ4OC00ZmI4LTliNGYtOTkwOWVlMmYzM2Iy
LzEvaFlZQ2Mtc25HU0s1OS15UFNsa1FGalZ0Y3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCb7MA0G
CSqGSIb3DQEBCwUAA4IBAQCFckSsu+xxuMLFSrgRL++n5ZK7DkYBJh4GHMi8CtSX
nhs0z39wp1RShWZdoEin35ImsW0/FIaZ6ffe6atke/rgSL25RHCxJgRZB1cHhDWZ
5bHLT2cTj0ndprtjE0fkZ0QOei2NU7vfIAq9MV2dsHsp9aWIely+7KbTAT/cG6lr
A5khR21l5YjKVFG7CJvlMmcrxU4MicWKgQUUOADbOnk2ZfdrPoi4h1H0ncESpcmz
H/BF+OnAfRvFmcdQENdlYDvF5UKzyDseO319Go/+4phMCmoS+jP5wUlHC3ebpQRE
R5gnsF2DEHjK8aL3srhGvs6noxKki6lWL9rgsMSAZNQ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:12 2024 by rpki-client on console-ams.rpki-client.org