Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Afw0rgjXWVLdPVJZHBWWk-naY34.roa
File: Afw0rgjXWVLdPVJZHBWWk-naY34.roa (raw, json)
Hash identifier: PXtpPQEPjR3ONwX5m1M6WBNi+WPG5a4Rk2ftzD1hqcM=
Subject key identifier: 01:FC:34:AE:08:D7:59:52:DD:3D:52:59:1C:15:96:93:E9:DA:63:7E
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0186BB4AB3DFFDAB5069F85CC49E7FB08131
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Afw0rgjXWVLdPVJZHBWWk-naY34.roa
Signing time: Tue 07 Mar 2023 08:58:00 +0000
ROA not before: Tue 07 Mar 2023 08:58:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23686
IP address blocks: 163.171.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Mar 2023 02:40:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bb:4a:b3:df:fd:ab:50:69:f8:5c:c4:9e:7f:b0:81:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 7 08:58:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01fc34ae08d75952dd3d52591c159693e9da637e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:36:11:a3:af:cc:2b:e4:52:42:96:2f:2e:b1:
47:b5:ba:38:c0:ea:48:45:5a:22:68:11:9b:34:9c:
cd:6a:75:2d:de:db:b9:cf:84:4d:f3:31:fb:ec:20:
7c:ae:28:90:c2:97:d3:3d:cc:3d:88:a4:33:a3:5d:
98:9d:f6:e5:e3:f8:41:01:5d:32:a9:df:b7:2c:a5:
50:3c:a9:c8:35:82:49:51:5f:22:74:82:f0:1c:e2:
5c:34:ff:88:bd:ad:77:f0:4d:7c:ec:9c:c5:f0:bd:
97:1d:a8:ea:19:f0:75:b2:55:a7:7a:fd:24:6a:ef:
7f:a0:9f:9c:0e:0e:7c:c5:31:6c:3f:b9:25:5a:84:
44:3a:7e:f4:a4:0c:77:de:31:a0:35:64:7e:9c:7f:
ee:c3:6f:82:40:50:68:7b:bf:85:79:64:18:88:39:
96:5f:6f:f7:5d:1f:b1:d3:17:1a:00:a0:d2:cd:13:
18:eb:64:ad:34:6a:12:e7:9d:72:58:c7:a3:f8:40:
22:74:d1:5f:4e:2e:f8:89:45:c7:2b:a6:25:51:ec:
56:40:9b:6c:9f:b8:b7:92:a9:fd:40:74:3c:55:48:
45:0d:14:aa:2c:37:76:5c:12:e7:69:d7:fb:aa:3d:
a4:eb:36:c0:42:c0:d7:ff:68:08:14:1c:85:7b:26:
4c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FC:34:AE:08:D7:59:52:DD:3D:52:59:1C:15:96:93:E9:DA:63:7E
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Afw0rgjXWVLdPVJZHBWWk-naY34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.171.87.0/24
Signature Algorithm: sha256WithRSAEncryption
98:32:82:3c:69:c8:5a:98:89:45:c4:b9:5a:43:4c:3e:34:a3:
ee:ef:a4:d1:a3:a9:bb:f4:6a:af:ff:4e:b1:38:3f:41:fa:88:
96:79:8d:b6:65:b4:c3:23:fd:65:e1:94:18:63:06:cf:b5:f6:
06:54:99:72:06:17:a1:85:ce:52:ac:40:91:ce:3d:c0:79:d8:
39:b7:3b:c6:a7:f2:62:e3:13:36:28:dd:36:80:59:67:02:e7:
ad:71:df:b6:4c:b7:85:a3:0b:43:0e:e3:96:91:d9:42:36:6e:
8b:11:97:59:14:69:2d:06:4f:d3:7c:96:45:9f:33:f8:42:eb:
f1:51:6e:cb:2c:6c:1e:2b:42:ff:0a:4f:82:0a:b5:92:2e:fa:
45:6c:f7:08:ef:46:1f:a1:17:97:b0:41:29:ab:f5:53:eb:de:
c6:6c:69:b0:7c:d5:c9:f6:63:9e:02:d5:e9:54:7a:6f:f3:db:
bd:ad:2c:e2:df:ed:fa:c6:80:3b:c4:27:fd:49:c8:ce:b6:34:
3b:7c:a3:b2:dc:93:42:a0:98:f2:fe:38:c6:cf:f2:cb:c5:70:
69:5c:43:46:df:53:9d:c2:2c:6b:db:9b:1a:e3:30:20:c8:81:
47:f4:7c:ee:f2:20:e1:8f:3d:30:4b:d4:a1:5f:a2:8c:5d:6e:
4d:82:bf:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa7SrPf/atQafhcxJ5/sIExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwMzA3MDg1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWZjMzRhZTA4ZDc1OTUyZGQzZDUyNTkxYzE1OTY5M2U5ZGE2MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizYRo6/MK+RSQpYvLrFHtbo4wOpI
RVoiaBGbNJzNanUt3tu5z4RN8zH77CB8riiQwpfTPcw9iKQzo12Ynfbl4/hBAV0y
qd+3LKVQPKnINYJJUV8idILwHOJcNP+Iva138E187JzF8L2XHajqGfB1slWnev0k
au9/oJ+cDg58xTFsP7klWoREOn70pAx33jGgNWR+nH/uw2+CQFBoe7+FeWQYiDmW
X2/3XR+x0xcaAKDSzRMY62StNGoS551yWMej+EAidNFfTi74iUXHK6YlUexWQJts
n7i3kqn9QHQ8VUhFDRSqLDd2XBLnadf7qj2k6zbAQsDX/2gIFByFeyZMRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAH8NK4I11lS3T1SWRwVlpPp2mN+MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvQWZ3MHJnalhXVkxkUFZKWkhCV1drLW5hWTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAo6tXMA0G
CSqGSIb3DQEBCwUAA4IBAQCYMoI8achamIlFxLlaQ0w+NKPu76TRo6m79Gqv/06x
OD9B+oiWeY22ZbTDI/1l4ZQYYwbPtfYGVJlyBhehhc5SrECRzj3Aedg5tzvGp/Ji
4xM2KN02gFlnAuetcd+2TLeFowtDDuOWkdlCNm6LEZdZFGktBk/TfJZFnzP4Quvx
UW7LLGweK0L/Ck+CCrWSLvpFbPcI70YfoReXsEEpq/VT697GbGmwfNXJ9mOeAtXp
VHpv89u9rSzi3+36xoA7xCf9ScjOtjQ7fKOy3JNCoJjy/jjGz/LLxXBpXENG31Od
wixr25sa4zAgyIFH9Hzu8iDhjz0wS9ShX6KMXW5Ngr+6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org