Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/CR7jT7yzlEFf5w0SPDx4keb2yLM.roa
File: CR7jT7yzlEFf5w0SPDx4keb2yLM.roa (raw, json)
Hash identifier: VaFotyO2x7CDKIwsiwjraVyMkQWlBIJOj+bUya0QK8c=
Subject key identifier: 09:1E:E3:4F:BC:B3:94:41:5F:E7:0D:12:3C:3C:78:91:E6:F6:C8:B3
Certificate issuer: /CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Certificate serial: 0189200167B5F7AF61F34E7EE99B6B71E04F
Authority key identifier: CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/CR7jT7yzlEFf5w0SPDx4keb2yLM.roa
Signing time: Tue 04 Jul 2023 08:25:10 +0000
ROA not before: Tue 04 Jul 2023 08:25:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 442444
IP address blocks: 2.144.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Nov 2023 07:27:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:01:67:b5:f7:af:61:f3:4e:7e:e9:9b:6b:71:e0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Validity
Not Before: Jul 4 08:25:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=091ee34fbcb394415fe70d123c3c7891e6f6c8b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c6:5c:a6:4e:c4:a7:3d:bb:26:87:6a:06:e3:
c1:61:17:22:8f:60:78:43:8a:40:fd:99:b2:e1:57:
b0:2a:45:2f:2f:18:1d:60:4b:f4:5c:28:7e:f1:7c:
f8:80:1d:d6:bd:ca:88:ab:69:84:3d:50:d7:b6:65:
6a:a6:8f:94:34:b4:fa:8e:09:8f:62:83:49:b8:fc:
cb:d6:fe:55:bd:4e:ae:06:67:12:b3:72:9f:ae:93:
47:9d:bd:67:51:f6:44:b5:38:81:f1:1f:14:5a:bf:
b6:fc:35:58:e3:8b:6d:d2:e7:95:bb:a6:01:a4:45:
05:c6:bc:ca:1d:c2:33:48:8b:0e:65:30:3d:c7:3c:
d8:aa:81:3d:29:cf:c8:f0:0e:f8:a7:6b:2a:de:4f:
1f:b6:c4:42:28:9f:46:d5:bf:17:2c:2e:91:42:7b:
b6:22:cb:6f:e2:5e:86:d4:f7:9d:4e:8c:14:85:8b:
0f:77:83:9a:61:26:34:21:08:40:85:af:2f:39:88:
dc:27:33:75:cc:db:a7:d3:c3:10:8c:9e:27:47:44:
ae:0f:ea:5c:49:00:3c:7f:50:fb:0c:c6:54:c8:31:
f8:5a:6b:af:13:f6:62:45:28:d2:d2:6f:fe:35:c2:
4c:db:83:f6:66:45:29:ed:0c:6e:f5:31:95:b6:6e:
8a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1E:E3:4F:BC:B3:94:41:5F:E7:0D:12:3C:3C:78:91:E6:F6:C8:B3
X509v3 Authority Key Identifier:
keyid:CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/CR7jT7yzlEFf5w0SPDx4keb2yLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.144.13.0/24
Signature Algorithm: sha256WithRSAEncryption
19:49:47:a4:a0:90:01:b9:4f:13:e1:74:89:f3:e5:2e:42:98:
f1:e0:3e:a4:7f:70:b4:62:a1:18:78:df:94:3f:04:17:60:36:
9d:58:97:e4:42:6b:6f:ca:9c:07:1e:c6:26:31:6c:cd:72:91:
b0:06:76:0b:bb:57:7e:a3:7c:69:fe:98:eb:ce:cb:65:37:a1:
81:63:5f:bb:96:71:39:8b:a6:b0:2e:4d:08:f1:8d:a4:4d:30:
dc:61:72:9c:4a:ac:d0:ad:76:ad:40:2d:6a:6c:0a:74:c0:87:
52:4a:2d:31:b8:e8:43:45:59:ec:f1:01:24:61:42:0d:bb:75:
1c:8a:91:f0:32:54:0e:ca:e1:b0:54:6b:09:e9:3a:7c:16:5e:
69:41:91:03:26:9b:32:01:74:e6:f5:f2:97:d7:87:14:df:16:
f1:6d:30:e1:af:8c:de:aa:9c:56:5b:31:54:a3:36:ca:bb:3b:
cb:de:f5:21:2b:d9:9a:96:f1:2a:43:27:aa:4d:f8:b4:85:b2:
7d:57:83:78:81:65:3b:d4:cc:2e:e7:21:a4:de:00:48:e7:e1:
70:7d:c6:4d:d7:b2:b1:6c:03:36:3f:a9:7f:1f:d1:e1:fd:3e:
8d:c4:20:7b:3d:7a:67:09:98:17:5a:1c:f8:13:9a:eb:16:09:
f3:25:18:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkgAWe1969h805+6ZtrceBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNTU2NzEyMmE4OGNhOTg4OWExNzk4YjZjOTQyZGNjMGNi
Yzc1M2IwHhcNMjMwNzA0MDgyNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTFlZTM0ZmJjYjM5NDQxNWZlNzBkMTIzYzNjNzg5MWU2ZjZjOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8Zcpk7Epz27JodqBuPBYRcij2B4
Q4pA/Zmy4VewKkUvLxgdYEv0XCh+8Xz4gB3WvcqIq2mEPVDXtmVqpo+UNLT6jgmP
YoNJuPzL1v5VvU6uBmcSs3KfrpNHnb1nUfZEtTiB8R8UWr+2/DVY44tt0ueVu6YB
pEUFxrzKHcIzSIsOZTA9xzzYqoE9Kc/I8A74p2sq3k8ftsRCKJ9G1b8XLC6RQnu2
Istv4l6G1PedTowUhYsPd4OaYSY0IQhAha8vOYjcJzN1zNun08MQjJ4nR0SuD+pc
SQA8f1D7DMZUyDH4WmuvE/ZiRSjS0m/+NcJM24P2ZkUp7Qxu9TGVtm6K2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAke40+8s5RBX+cNEjw8eJHm9sizMB8GA1UdIwQY
MBaAFM9VZxIqiMqYiaF5i2yULcwMvHU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAt
OGQ3MTVhYzIxN2UyLzEvQ1I3alQ3eXpsRUZmNXcwU1BEeDRrZWIyeUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAtOGQ3MTVhYzIxN2Uy
LzEvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAApANMA0G
CSqGSIb3DQEBCwUAA4IBAQAZSUekoJABuU8T4XSJ8+UuQpjx4D6kf3C0YqEYeN+U
PwQXYDadWJfkQmtvypwHHsYmMWzNcpGwBnYLu1d+o3xp/pjrzstlN6GBY1+7lnE5
i6awLk0I8Y2kTTDcYXKcSqzQrXatQC1qbAp0wIdSSi0xuOhDRVns8QEkYUINu3Uc
ipHwMlQOyuGwVGsJ6Tp8Fl5pQZEDJpsyAXTm9fKX14cU3xbxbTDhr4zeqpxWWzFU
ozbKuzvL3vUhK9malvEqQyeqTfi0hbJ9V4N4gWU71Mwu5yGk3gBI5+FwfcZN17Kx
bAM2P6l/H9Hh/T6NxCB7PXpnCZgXWhz4E5rrFgnzJRiU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:17 2024 by rpki-client on console-fra.rpki-client.org