Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/h-qJ9zMJ97NC-L_u2Isad_JcL7E.roa
File: h-qJ9zMJ97NC-L_u2Isad_JcL7E.roa (raw, json)
Hash identifier: Z3WvDk/FxcfYsdUz3S9pa73HERFSNhVWtmXAHBlxpQQ=
Subject key identifier: 87:EA:89:F7:33:09:F7:B3:42:F8:BF:EE:D8:8B:1A:77:F2:5C:2F:B1
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018FBDCA1F79FD77270F1660E03E4A87E49E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/h-qJ9zMJ97NC-L_u2Isad_JcL7E.roa
Signing time: Tue 28 May 2024 06:01:31 +0000
ROA not before: Tue 28 May 2024 06:01:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 159.255.32.0/21 maxlen: 24
188.253.12.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 15 Jun 2024 14:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bd:ca:1f:79:fd:77:27:0f:16:60:e0:3e:4a:87:e4:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 28 06:01:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87ea89f73309f7b342f8bfeed88b1a77f25c2fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e6:fb:c5:82:af:51:29:7a:b3:c0:7f:3a:a5:
02:6c:fc:d0:e3:99:e0:3e:fb:cc:9c:46:b4:30:70:
43:16:3c:df:9f:81:cf:f5:a7:e6:4c:e8:ad:9d:56:
7b:fd:2e:6c:78:c0:c0:c6:ef:bd:0b:7f:70:d2:28:
2f:ce:6e:3d:a7:8d:58:b8:5b:d6:0b:b4:19:e2:d1:
88:86:b6:3c:6b:a3:ad:f5:e0:01:1e:13:d5:27:15:
2c:61:4f:db:54:f5:df:9c:9e:02:06:b7:03:98:ba:
15:e2:57:3f:1c:54:a7:e4:ec:7e:07:25:a6:79:1e:
7f:c7:81:a0:48:38:52:a8:54:5f:32:a7:64:38:f5:
76:83:8b:1b:bf:21:66:c1:52:6c:bf:51:d2:e7:55:
8f:2c:94:c6:ed:58:fe:91:96:d5:68:3c:13:b0:a9:
23:df:d4:4e:dc:36:50:52:19:de:45:86:25:ea:e4:
a8:b4:81:05:53:c2:ba:5a:b2:14:7b:78:00:48:11:
b8:49:a1:ac:7c:fe:9a:ed:61:01:6b:6a:5b:62:8d:
ae:41:14:51:07:5f:fc:f2:8e:1b:30:3a:5a:fb:54:
ee:f4:a5:fe:72:4e:c2:d1:9d:7d:9d:72:87:88:51:
9e:2d:f9:c2:9d:ab:2e:e3:f2:6d:d3:ff:4d:aa:0e:
24:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EA:89:F7:33:09:F7:B3:42:F8:BF:EE:D8:8B:1A:77:F2:5C:2F:B1
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/h-qJ9zMJ97NC-L_u2Isad_JcL7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.32.0/21
188.253.12.0/22
Signature Algorithm: sha256WithRSAEncryption
09:3e:69:80:a0:21:d4:4a:8e:82:32:e8:ba:85:3b:7d:a9:f6:
7d:3d:7c:ab:aa:e5:bd:67:f9:ce:b9:aa:6e:5c:c9:72:85:b9:
07:41:ef:f4:a9:aa:b0:22:43:66:3e:7e:97:ac:4a:8a:42:74:
e3:e1:7a:38:1e:2b:85:b1:da:2e:e4:a4:de:0d:2f:92:8f:86:
54:13:b9:7e:e5:75:78:ef:f4:13:36:cc:c3:10:5c:8e:40:05:
00:06:9c:1a:45:ea:14:49:15:b1:93:ea:90:24:78:05:c6:7e:
40:55:d0:41:9a:7f:50:c4:61:23:26:74:1a:7e:e1:dc:96:85:
6f:cd:4d:d0:cf:14:91:9f:ab:50:e5:12:a4:d4:58:31:cd:68:
98:76:aa:cf:a7:5a:17:cb:8d:ae:15:2c:bd:30:3e:d2:fd:03:
ed:42:68:9d:17:10:50:8e:6a:35:84:45:68:ca:44:2f:75:b4:
a9:e7:04:5d:95:c8:05:48:00:85:f1:93:a6:e2:c4:83:21:77:
91:26:43:e8:c8:52:d5:b5:d1:d2:d9:ad:4b:95:a2:31:c4:16:
79:74:08:d1:38:a3:b8:78:f5:90:c1:d2:30:58:0b:bd:5a:6d:
fa:f3:f6:82:8f:de:ff:10:ba:6a:cd:5e:68:c8:ef:45:0f:35:
22:6c:42:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+9yh95/XcnDxZg4D5Kh+SeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNTI4MDYwMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2VhODlmNzMzMDlmN2IzNDJmOGJmZWVkODhiMWE3N2YyNWMyZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+b7xYKvUSl6s8B/OqUCbPzQ45ng
PvvMnEa0MHBDFjzfn4HP9afmTOitnVZ7/S5seMDAxu+9C39w0igvzm49p41YuFvW
C7QZ4tGIhrY8a6Ot9eABHhPVJxUsYU/bVPXfnJ4CBrcDmLoV4lc/HFSn5Ox+ByWm
eR5/x4GgSDhSqFRfMqdkOPV2g4sbvyFmwVJsv1HS51WPLJTG7Vj+kZbVaDwTsKkj
39RO3DZQUhneRYYl6uSotIEFU8K6WrIUe3gASBG4SaGsfP6a7WEBa2pbYo2uQRRR
B1/88o4bMDpa+1Tu9KX+ck7C0Z19nXKHiFGeLfnCnasu4/Jt0/9Nqg4kuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIfqifczCfezQvi/7tiLGnfyXC+xMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvaC1xSjl6TUo5N05DLUxfdTJJc2FkX0pjTDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDn/8gAwQC
vP0MMA0GCSqGSIb3DQEBCwUAA4IBAQAJPmmAoCHUSo6CMui6hTt9qfZ9PXyrquW9
Z/nOuapuXMlyhbkHQe/0qaqwIkNmPn6XrEqKQnTj4Xo4HiuFsdou5KTeDS+Sj4ZU
E7l+5XV47/QTNszDEFyOQAUABpwaReoUSRWxk+qQJHgFxn5AVdBBmn9QxGEjJnQa
fuHcloVvzU3QzxSRn6tQ5RKk1FgxzWiYdqrPp1oXy42uFSy9MD7S/QPtQmidFxBQ
jmo1hEVoykQvdbSp5wRdlcgFSACF8ZOm4sSDIXeRJkPoyFLVtdHS2a1LlaIxxBZ5
dAjROKO4ePWQwdIwWAu9Wm368/aCj97/ELpqzV5oyO9FDzUibEJD
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:38:09 2024 by rpki-client on console-fra.rpki-client.org