Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/P-s7jsBVMlLegcnIyYQdsYxl3zs.roa
File: P-s7jsBVMlLegcnIyYQdsYxl3zs.roa (raw, json)
Hash identifier: ffRLYDsa/70KXGBpgKxtMsRbWW6++fNkaJ6eUBMagp4=
Subject key identifier: 3F:EB:3B:8E:C0:55:32:52:DE:81:C9:C8:C9:84:1D:B1:8C:65:DF:3B
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 018C1C97D4771376BC8F1F40F144D7C29712
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/P-s7jsBVMlLegcnIyYQdsYxl3zs.roa
Signing time: Wed 29 Nov 2023 19:39:21 +0000
ROA not before: Wed 29 Nov 2023 19:39:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203162
IP address blocks: 146.19.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1c:97:d4:77:13:76:bc:8f:1f:40:f1:44:d7:c2:97:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Nov 29 19:39:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3feb3b8ec0553252de81c9c8c9841db18c65df3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:14:76:2a:74:ef:77:d8:88:dd:f2:c5:d1:77:
99:bf:a8:f9:9b:e8:50:9b:5d:57:ef:a2:d3:5a:6f:
f0:8b:3f:3b:95:f0:1d:a9:56:c8:fd:54:6c:f5:59:
ba:6c:c3:dd:7e:be:3a:ac:41:8e:a7:df:22:7e:8b:
64:67:ab:d4:c8:44:08:8a:bf:08:5f:1b:35:84:00:
9f:b9:cf:34:eb:38:f3:5f:61:0a:70:ea:ee:f5:4b:
05:2a:9a:eb:51:d6:87:f8:39:32:08:ba:ae:1f:98:
99:fb:91:fe:53:f5:9a:c8:59:00:37:c0:07:e6:ee:
ee:7d:0d:51:2e:7d:49:c3:9f:62:b9:85:95:c2:b5:
9f:e6:b7:28:34:fc:59:d9:2e:2f:90:ab:4a:10:3c:
70:20:4b:c9:d0:4f:b7:9d:b0:b9:4e:0d:30:10:2a:
a4:54:65:a4:48:ae:d3:26:d7:22:0e:15:a3:75:4f:
f2:96:5d:a5:35:74:e7:c0:90:17:61:a3:e2:b8:d0:
bf:43:da:ed:45:ac:20:13:cd:f2:d1:39:2e:42:88:
77:7c:e7:42:b3:02:b1:76:f3:3c:ea:2a:78:93:1d:
cf:4a:d0:8d:4c:62:2b:94:ea:01:9d:14:ac:29:3e:
9f:20:16:2e:9f:81:62:40:b0:89:2d:b9:06:a2:6d:
c4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:EB:3B:8E:C0:55:32:52:DE:81:C9:C8:C9:84:1D:B1:8C:65:DF:3B
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/P-s7jsBVMlLegcnIyYQdsYxl3zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.104.0/24
Signature Algorithm: sha256WithRSAEncryption
27:43:3a:f0:e9:27:d4:5c:bb:dd:2a:94:8f:35:0a:e4:ff:eb:
f0:c8:f9:35:e4:c4:3a:52:a7:8a:cf:ff:9c:bd:d4:7a:b5:5b:
e5:24:89:dc:e0:53:30:f2:9f:f2:e2:3b:7b:b0:e9:bb:1c:c7:
be:d9:66:83:75:ae:b8:e8:35:15:fc:0f:4d:ab:f8:e8:0b:6b:
07:73:4d:8d:23:4e:e6:ac:84:a4:f9:46:f6:da:1b:df:09:43:
0e:9c:cd:7f:87:52:ce:bb:a1:9e:dd:43:04:f3:9c:d0:bf:57:
11:18:5c:d4:57:23:5a:d4:13:bb:cb:c6:ba:2b:56:c2:ee:bd:
05:b0:25:b4:ca:b3:8d:a8:ab:85:8f:ac:22:a8:52:fb:e1:da:
fe:f6:6f:f6:12:1a:65:1f:6a:8e:e3:1f:19:79:1b:76:d2:28:
8f:5a:f0:77:58:65:42:e1:19:70:5c:8a:5f:77:17:5e:21:51:
15:7b:ad:7f:9a:c4:05:7a:77:09:cf:c5:0f:94:c0:5f:e1:e7:
ca:a1:c0:26:82:9b:d1:97:18:35:38:51:49:b0:11:f4:48:bc:
32:6d:36:7c:5c:41:d1:5a:d0:f0:13:14:fb:b0:fb:23:6b:5b:
3b:a2:39:cd:07:43:ff:9a:f8:9a:50:f3:80:b6:18:0f:8f:54:
8b:4a:5a:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwcl9R3E3a8jx9A8UTXwpcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjMxMTI5MTkzOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmViM2I4ZWMwNTUzMjUyZGU4MWM5YzhjOTg0MWRiMThjNjVkZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhR2KnTvd9iI3fLF0XeZv6j5m+hQ
m11X76LTWm/wiz87lfAdqVbI/VRs9Vm6bMPdfr46rEGOp98ifotkZ6vUyEQIir8I
Xxs1hACfuc806zjzX2EKcOru9UsFKprrUdaH+DkyCLquH5iZ+5H+U/WayFkAN8AH
5u7ufQ1RLn1Jw59iuYWVwrWf5rcoNPxZ2S4vkKtKEDxwIEvJ0E+3nbC5Tg0wECqk
VGWkSK7TJtciDhWjdU/yll2lNXTnwJAXYaPiuNC/Q9rtRawgE83y0TkuQoh3fOdC
swKxdvM86ip4kx3PStCNTGIrlOoBnRSsKT6fIBYun4FiQLCJLbkGom3EBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/rO47AVTJS3oHJyMmEHbGMZd87MB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvUC1zN2pzQlZNbExlZ2NuSXlZUWRzWXhsM3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNoMA0G
CSqGSIb3DQEBCwUAA4IBAQAnQzrw6SfUXLvdKpSPNQrk/+vwyPk15MQ6UqeKz/+c
vdR6tVvlJInc4FMw8p/y4jt7sOm7HMe+2WaDda646DUV/A9Nq/joC2sHc02NI07m
rISk+Ub22hvfCUMOnM1/h1LOu6Ge3UME85zQv1cRGFzUVyNa1BO7y8a6K1bC7r0F
sCW0yrONqKuFj6wiqFL74dr+9m/2EhplH2qO4x8ZeRt20iiPWvB3WGVC4RlwXIpf
dxdeIVEVe61/msQFencJz8UPlMBf4efKocAmgpvRlxg1OFFJsBH0SLwybTZ8XEHR
WtDwExT7sPsja1s7ojnNB0P/mviaUPOAthgPj1SLSlry
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:35 2024 by rpki-client on console-ams.rpki-client.org