Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/jBAhAA9I1CPOZAzpxa65_utL4xY.roa
File: jBAhAA9I1CPOZAzpxa65_utL4xY.roa (raw, json)
Hash identifier: 5V2w86IoQqSyFNoZjMy13LWqqDynBKe3aB8BH/FV7SY=
Subject key identifier: 8C:10:21:00:0F:48:D4:23:CE:64:0C:E9:C5:AE:B9:FE:EB:4B:E3:16
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0186B6BC52A58B605D87EAC8942535FFC6C0
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/jBAhAA9I1CPOZAzpxa65_utL4xY.roa
Signing time: Mon 06 Mar 2023 11:44:00 +0000
ROA not before: Mon 06 Mar 2023 11:44:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.89.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Mar 2023 02:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:bc:52:a5:8b:60:5d:87:ea:c8:94:25:35:ff:c6:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 6 11:44:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c1021000f48d423ce640ce9c5aeb9feeb4be316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c3:50:09:30:c9:4f:e6:b8:01:f6:51:64:b6:
65:a2:e5:7c:9b:f7:63:85:20:3b:09:b4:31:ca:dd:
95:1a:9e:4c:81:96:32:69:2e:93:db:56:87:58:99:
52:07:5a:57:93:2c:1d:6f:e3:bb:de:a6:89:98:8a:
21:dc:69:5a:e9:1c:be:d0:0e:a5:5f:79:d6:ea:c0:
e9:c8:f6:e9:c2:93:d3:d0:57:f7:e7:98:83:97:67:
b4:65:f3:03:65:4c:38:c3:55:60:ab:5f:7e:97:23:
10:36:18:55:83:c7:77:ad:5b:e6:16:9e:17:2f:7f:
2b:78:aa:45:ef:80:f6:b9:84:50:4b:96:1b:5e:32:
ff:1a:5e:b4:aa:81:63:1b:5f:55:51:5e:00:1c:be:
30:d4:a0:b5:eb:67:41:fa:bd:83:90:6c:ee:8d:d8:
b7:9f:33:7e:92:81:43:47:32:2d:e2:cd:6f:bc:b1:
16:5e:7e:87:e7:1c:c6:6a:2f:b9:c9:4c:fd:d4:ac:
b3:c8:bc:ee:e5:e9:7f:db:5a:ce:b6:a0:d7:6a:7d:
81:b7:18:b7:b6:db:28:90:6b:88:0b:5f:92:a6:43:
1d:d1:44:d0:87:83:e9:8e:f0:4d:39:93:9a:a5:14:
80:56:15:8f:d9:16:58:d3:56:81:33:7d:60:9d:18:
07:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:10:21:00:0F:48:D4:23:CE:64:0C:E9:C5:AE:B9:FE:EB:4B:E3:16
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/jBAhAA9I1CPOZAzpxa65_utL4xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.171.89.0/24
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:2c:12:da:2a:90:b5:77:24:02:b6:03:9c:f6:9f:94:f7:1b:
2e:4e:80:99:fd:53:0a:57:69:28:d9:eb:66:81:a9:ba:14:7f:
79:42:3d:23:fa:e1:82:a4:bf:ef:37:8c:c6:b1:08:64:94:44:
3e:b8:b5:f3:d5:49:be:87:fe:b7:ec:e5:dc:df:e3:a3:ff:34:
e7:b8:3c:77:dc:95:ba:79:e1:bd:1c:dc:47:5e:8e:9d:93:d8:
0d:a6:e4:b0:aa:1f:92:1e:31:24:f6:51:56:e7:b3:b7:02:c6:
6a:89:8e:ed:36:a0:09:1d:b0:73:e4:97:9b:08:b4:20:7d:5e:
c2:4c:77:98:5b:84:a0:e3:cf:7b:a8:1c:be:b0:6c:24:e3:78:
ee:d7:8a:79:42:d8:cc:90:22:be:4d:16:20:9d:1c:17:e1:79:
41:5c:06:3f:10:e4:b9:01:c9:79:ba:1e:e4:f2:94:fd:90:fb:
e6:c9:65:3a:f1:1b:24:cd:07:92:e4:35:7b:e4:a1:6f:22:95:
9e:3f:7e:38:a9:ba:b5:ea:03:e3:9a:8f:a4:bc:0d:2d:8b:98:
f4:06:57:be:f9:50:5f:6d:11:f3:88:14:43:19:9e:ec:7d:c3:
82:f1:8b:d9:09:88:2b:a1:aa:81:3c:83:6e:8b:42:52:20:35:
58:2d:a1:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYa2vFKli2Bdh+rIlCU1/8bAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwMzA2MTE0NDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzEwMjEwMDBmNDhkNDIzY2U2NDBjZTljNWFlYjlmZWViNGJlMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8NQCTDJT+a4AfZRZLZlouV8m/dj
hSA7CbQxyt2VGp5MgZYyaS6T21aHWJlSB1pXkywdb+O73qaJmIoh3Gla6Ry+0A6l
X3nW6sDpyPbpwpPT0Ff355iDl2e0ZfMDZUw4w1Vgq19+lyMQNhhVg8d3rVvmFp4X
L38reKpF74D2uYRQS5YbXjL/Gl60qoFjG19VUV4AHL4w1KC162dB+r2DkGzujdi3
nzN+koFDRzIt4s1vvLEWXn6H5xzGai+5yUz91KyzyLzu5el/21rOtqDXan2Btxi3
ttsokGuIC1+SpkMd0UTQh4PpjvBNOZOapRSAVhWP2RZY01aBM31gnRgHxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIwQIQAPSNQjzmQM6cWuuf7rS+MWMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvakJBaEFBOUkxQ1BPWkF6cHhhNjVfdXRMNHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAo6tZAwQA
uRvkMA0GCSqGSIb3DQEBCwUAA4IBAQC/LBLaKpC1dyQCtgOc9p+U9xsuToCZ/VMK
V2ko2etmgam6FH95Qj0j+uGCpL/vN4zGsQhklEQ+uLXz1Um+h/637OXc3+Oj/zTn
uDx33JW6eeG9HNxHXo6dk9gNpuSwqh+SHjEk9lFW57O3AsZqiY7tNqAJHbBz5Jeb
CLQgfV7CTHeYW4Sg4897qBy+sGwk43ju14p5QtjMkCK+TRYgnRwX4XlBXAY/EOS5
Acl5uh7k8pT9kPvmyWU68RskzQeS5DV75KFvIpWeP344qbq16gPjmo+kvA0ti5j0
Ble++VBfbRHziBRDGZ7sfcOC8YvZCYgroaqBPINui0JSIDVYLaE1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org