Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/SSjf5CQM9lUpXiImmLMJAFqeHtU.roa
File: SSjf5CQM9lUpXiImmLMJAFqeHtU.roa (raw, json)
Hash identifier: rKWohTXFgrzLVSxAN4QZET9lLhQXrSmGOfxmpeCSCvY=
Subject key identifier: 49:28:DF:E4:24:0C:F6:55:29:5E:22:26:98:B3:09:00:5A:9E:1E:D5
Certificate issuer: /CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8
Certificate serial: 018CC34940FB93572ED157515A0B8637F18B
Authority key identifier: FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/SSjf5CQM9lUpXiImmLMJAFqeHtU.roa
Signing time: Mon 01 Jan 2024 04:30:07 +0000
ROA not before: Mon 01 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21155
IP address blocks: 87.239.8.0/21 maxlen: 21
Validation: Failed, certificate revoked on Sun 07 Jan 2024 11:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:40:fb:93:57:2e:d1:57:51:5a:0b:86:37:f1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8
Validity
Not Before: Jan 1 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4928dfe4240cf655295e222698b309005a9e1ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b3:51:dd:1a:93:35:56:68:82:a5:a8:4a:9e:
48:73:7f:8e:47:be:3f:bf:fe:55:f1:3f:b7:34:4d:
34:4b:0a:5f:fe:25:c6:02:7b:bd:e4:3c:d6:49:d0:
6d:e9:d6:a1:1c:82:22:ec:31:3c:12:a0:aa:16:88:
d6:4e:d3:f3:a8:05:bf:9c:e5:04:f4:d8:8e:98:60:
49:b9:25:e8:e8:67:34:0a:87:05:0d:90:de:75:78:
d1:9c:22:c0:0d:b4:62:69:76:f1:34:3d:27:6f:04:
e1:7a:e4:b3:c6:ff:d4:c2:aa:04:e4:e4:f0:f2:82:
df:ca:23:5c:a1:37:ae:88:ab:ba:e8:e4:f6:77:df:
41:19:9a:d7:dd:4d:91:dd:a4:67:f3:25:15:94:1e:
f3:8c:da:d1:61:f3:6b:ec:a8:a1:dd:74:97:fc:e4:
44:cd:ca:a7:08:d5:eb:fb:10:8f:b0:2e:ff:63:94:
8a:01:39:01:e6:1d:4b:1a:f0:35:96:be:ed:2f:c7:
c6:b1:81:b7:82:a4:d8:b3:35:a7:7c:4f:7f:4a:b3:
c4:57:ad:e8:68:9f:e6:e8:7b:54:49:88:89:91:dc:
b6:62:b8:bc:9d:d0:26:07:bd:56:a2:88:2c:84:c6:
c9:07:42:1c:1d:1d:e4:ca:ed:be:35:97:b8:4b:71:
eb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:28:DF:E4:24:0C:F6:55:29:5E:22:26:98:B3:09:00:5A:9E:1E:D5
X509v3 Authority Key Identifier:
keyid:FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/SSjf5CQM9lUpXiImmLMJAFqeHtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-hskeN_g8zonixP0LdMZYB1jeKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.8.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:38:6d:b1:07:d4:82:eb:5e:3a:7d:f5:c7:6c:4c:12:c5:65:
1d:f3:28:2c:45:e1:54:2f:47:f0:b3:2a:84:79:c8:01:6f:2e:
0f:33:48:14:80:94:5a:27:77:21:82:00:71:6e:f1:97:91:d1:
6d:0c:63:3b:3e:3a:2e:bf:18:20:af:b3:cd:9a:0e:8b:a8:ee:
f7:f7:e0:a4:0b:34:a0:24:e8:86:66:96:5c:e4:b9:d5:46:51:
b8:bb:72:f0:39:f8:66:a1:32:48:72:19:4f:01:03:3d:3c:8f:
88:f8:c9:28:13:e2:f7:1f:e5:96:d1:5d:9a:2b:4d:b4:f5:ab:
d3:01:19:b4:15:23:69:00:cf:24:76:da:c6:f3:2e:64:a6:5e:
1b:58:11:d4:8d:59:80:12:2d:e7:5b:1f:d8:07:14:11:da:49:
4e:1a:78:2a:ae:7b:79:a5:01:01:e1:f6:4d:dc:f1:89:22:5c:
cd:ff:70:78:45:fa:8b:2a:e7:f0:22:ae:44:c7:52:7e:b9:8d:
07:e2:56:6c:50:f7:9f:07:bd:0e:16:2c:de:75:8f:f4:cf:0c:
85:d4:b6:e3:18:3b:cf:fb:b7:04:96:40:03:84:a2:61:95:61:
42:23:13:de:fc:b1:d7:7b:87:f0:9d:63:7c:e9:22:fc:03:63:
a7:ee:4e:e0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzDSUD7k1cu0VdRWguGN/GLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMWIyNDc4ZGZlMGYzM2EyNzhiMTNmNDJkZDMxOTYwMWQ2
Mzc4YTgwHhcNMjQwMTAxMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTI4ZGZlNDI0MGNmNjU1Mjk1ZTIyMjY5OGIzMDkwMDVhOWUxZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrNR3RqTNVZogqWoSp5Ic3+OR74/
v/5V8T+3NE00Swpf/iXGAnu95DzWSdBt6dahHIIi7DE8EqCqFojWTtPzqAW/nOUE
9NiOmGBJuSXo6Gc0CocFDZDedXjRnCLADbRiaXbxND0nbwTheuSzxv/UwqoE5OTw
8oLfyiNcoTeuiKu66OT2d99BGZrX3U2R3aRn8yUVlB7zjNrRYfNr7Kih3XSX/ORE
zcqnCNXr+xCPsC7/Y5SKATkB5h1LGvA1lr7tL8fGsYG3gqTYszWnfE9/SrPEV63o
aJ/m6HtUSYiJkdy2Yri8ndAmB71WoogshMbJB0IcHR3kyu2+NZe4S3Hr1wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEko3+QkDPZVKV4iJpizCQBanh7VMB8GA1UdIwQY
MBaAFPobJHjf4PM6J4sT9C3TGWAdY3ioMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oc2tlTl9nOHpvbml4UDBMZE1aWUIxamVLZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgy
LTJhMWNjZTdkMmM2NS8xL1NTamY1Q1FNOWxVcFhpSW1tTE1KQUZxZUh0VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgyLTJhMWNjZTdkMmM2
NS8xLzEtaHNrZU5fZzh6b25peFAwTGRNWllCMWplS2cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANX7wgw
DQYJKoZIhvcNAQELBQADggEBAC84bbEH1ILrXjp99cdsTBLFZR3zKCxF4VQvR/Cz
KoR5yAFvLg8zSBSAlFondyGCAHFu8ZeR0W0MYzs+Oi6/GCCvs82aDouo7vf34KQL
NKAk6IZmllzkudVGUbi7cvA5+GahMkhyGU8BAz08j4j4ySgT4vcf5ZbRXZorTbT1
q9MBGbQVI2kAzyR22sbzLmSmXhtYEdSNWYASLedbH9gHFBHaSU4aeCque3mlAQHh
9k3c8YkiXM3/cHhF+osq5/AirkTHUn65jQfiVmxQ958HvQ4WLN51j/TPDIXUtuMY
O8/7twSWQAOEomGVYUIjE978sdd7h/CdY3zpIvwDY6fuTuA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:48 2024 by rpki-client on console-fra.rpki-client.org