Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/5f83c4-640d-4ff3-9cf4-60627e115269/1/1otrDAwT989bOfv5waX1z8Qe63g.roa
File: 1otrDAwT989bOfv5waX1z8Qe63g.roa (raw, json)
Hash identifier: MfPXkKGGzstiDcQiIUUt+2CBk7afuSIW1P4Z0BzzxHs=
Subject key identifier: D6:8B:6B:0C:0C:13:F7:CF:5B:39:FB:F9:C1:A5:F5:CF:C4:1E:EB:78
Certificate issuer: /CN=08018478914871aab0e1c0036d3626ebad6e20cc
Certificate serial: 0185708C907E25C86C44E517F1D3538B0AAA
Authority key identifier: 08:01:84:78:91:48:71:AA:B0:E1:C0:03:6D:36:26:EB:AD:6E:20:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAGEeJFIcaqw4cADbTYm661uIMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/5f83c4-640d-4ff3-9cf4-60627e115269/1/1otrDAwT989bOfv5waX1z8Qe63g.roa
Signing time: Mon 02 Jan 2023 03:35:38 +0000
ROA not before: Mon 02 Jan 2023 03:35:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44334
IP address blocks: 92.61.160.0/20 maxlen: 21
2a03:4600::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:90:7e:25:c8:6c:44:e5:17:f1:d3:53:8b:0a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08018478914871aab0e1c0036d3626ebad6e20cc
Validity
Not Before: Jan 2 03:35:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d68b6b0c0c13f7cf5b39fbf9c1a5f5cfc41eeb78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7d:78:c5:3c:8b:22:07:20:18:4b:32:d7:68:
50:56:b1:98:a2:38:72:b4:8b:81:be:4a:e3:46:9d:
f5:4b:93:07:78:3c:52:d7:5f:41:25:0b:b8:53:c8:
7b:7f:69:c7:e6:f4:12:a3:05:c7:08:eb:e9:11:e7:
47:67:08:e9:bf:16:91:00:9f:ca:56:74:52:19:2d:
0b:c7:4a:8b:22:7f:50:9b:c4:61:45:ba:f0:ad:34:
21:90:ee:a0:13:00:c4:7b:70:b8:d3:b5:56:e8:79:
00:1c:28:e7:42:06:f1:0f:50:16:f8:3d:c3:8d:57:
73:af:44:0a:45:68:35:f5:c4:8c:2a:16:8a:9b:0b:
1d:a4:41:a7:12:01:d4:1e:f2:04:9f:74:ea:f3:28:
b6:1f:2c:c8:49:80:f1:89:b8:7a:54:e6:3d:9e:0c:
83:65:5f:df:77:58:ad:c4:9a:b1:81:8c:90:b0:e2:
2b:3d:97:d8:a9:97:37:62:3a:1b:50:ae:92:47:9f:
40:4f:77:f6:d7:61:11:0c:14:c0:a6:8c:6e:11:d4:
ac:75:9d:db:40:33:df:b7:01:b0:46:85:55:a5:68:
a8:27:9c:53:44:c6:5d:c6:88:3c:aa:2d:7d:a4:6b:
fa:c0:e6:f9:f6:db:20:75:bc:f4:50:d1:04:21:f0:
5e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:8B:6B:0C:0C:13:F7:CF:5B:39:FB:F9:C1:A5:F5:CF:C4:1E:EB:78
X509v3 Authority Key Identifier:
keyid:08:01:84:78:91:48:71:AA:B0:E1:C0:03:6D:36:26:EB:AD:6E:20:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAGEeJFIcaqw4cADbTYm661uIMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/5f83c4-640d-4ff3-9cf4-60627e115269/1/1otrDAwT989bOfv5waX1z8Qe63g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/5f83c4-640d-4ff3-9cf4-60627e115269/1/CAGEeJFIcaqw4cADbTYm661uIMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.160.0/20
IPv6:
2a03:4600::/32
Signature Algorithm: sha256WithRSAEncryption
82:a1:bc:5d:b6:ac:c1:3b:c8:10:76:45:d0:0e:1c:04:ed:cd:
85:0f:8c:96:91:84:42:69:6f:99:67:13:a7:d9:f7:10:46:46:
f6:80:f3:16:64:ec:9e:82:98:8b:5b:92:95:1a:fa:ef:62:00:
fd:7d:bb:71:2a:44:86:36:90:d6:ea:9e:19:9c:8e:ca:ec:f5:
9c:64:a9:46:e5:73:8d:39:10:dc:ef:98:89:bf:91:02:34:0b:
a0:75:79:0a:0c:ed:2e:60:84:28:af:bc:1f:cb:13:f1:6e:b2:
ad:b8:8f:f8:18:ff:6d:12:fa:99:de:65:8e:ae:0a:8f:db:a9:
d4:a5:73:69:03:75:31:c6:e9:3b:ae:47:97:96:dc:bc:07:0f:
84:c1:50:79:3a:2f:2e:03:2b:95:8b:08:c7:ea:34:6f:13:61:
37:f4:9d:0e:5c:39:80:e2:f6:7d:dd:94:ab:78:88:0e:c0:23:
d1:fa:f1:83:45:c8:a2:6f:c2:75:e3:36:d4:45:87:3d:a9:8a:
44:c5:1c:ed:52:10:c3:4d:3a:65:69:fa:f3:40:0d:11:4d:f2:
64:a3:b4:3c:57:32:46:d2:d1:c8:db:6a:84:a2:de:d2:ca:1a:
91:dd:b4:7a:44:9a:06:2c:aa:94:6e:c6:47:62:2c:2d:f4:9f:
11:3f:f1:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjJB+JchsROUX8dNTiwqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDE4NDc4OTE0ODcxYWFiMGUxYzAwMzZkMzYyNmViYWQ2
ZTIwY2MwHhcNMjMwMTAyMDMzNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjhiNmIwYzBjMTNmN2NmNWIzOWZiZjljMWE1ZjVjZmM0MWVlYjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAln14xTyLIgcgGEsy12hQVrGYojhy
tIuBvkrjRp31S5MHeDxS119BJQu4U8h7f2nH5vQSowXHCOvpEedHZwjpvxaRAJ/K
VnRSGS0Lx0qLIn9Qm8RhRbrwrTQhkO6gEwDEe3C407VW6HkAHCjnQgbxD1AW+D3D
jVdzr0QKRWg19cSMKhaKmwsdpEGnEgHUHvIEn3Tq8yi2HyzISYDxibh6VOY9ngyD
ZV/fd1itxJqxgYyQsOIrPZfYqZc3YjobUK6SR59AT3f212ERDBTApoxuEdSsdZ3b
QDPftwGwRoVVpWioJ5xTRMZdxog8qi19pGv6wOb59tsgdbz0UNEEIfBeuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNaLawwME/fPWzn7+cGl9c/EHut4MB8GA1UdIwQY
MBaAFAgBhHiRSHGqsOHAA202JuutbiDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FHRWVKRkljYXF3NGNBRGJUWW02NjF1SU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC81ZjgzYzQtNjQwZC00ZmYzLTljZjQt
NjA2MjdlMTE1MjY5LzEvMW90ckRBd1Q5ODliT2Z2NXdhWDF6OFFlNjNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC81ZjgzYzQtNjQwZC00ZmYzLTljZjQtNjA2MjdlMTE1MjY5
LzEvQ0FHRWVKRkljYXF3NGNBRGJUWW02NjF1SU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEXD2gMA0E
AgACMAcDBQAqA0YAMA0GCSqGSIb3DQEBCwUAA4IBAQCCobxdtqzBO8gQdkXQDhwE
7c2FD4yWkYRCaW+ZZxOn2fcQRkb2gPMWZOyegpiLW5KVGvrvYgD9fbtxKkSGNpDW
6p4ZnI7K7PWcZKlG5XONORDc75iJv5ECNAugdXkKDO0uYIQor7wfyxPxbrKtuI/4
GP9tEvqZ3mWOrgqP26nUpXNpA3Uxxuk7rkeXlty8Bw+EwVB5Oi8uAyuViwjH6jRv
E2E39J0OXDmA4vZ93ZSreIgOwCPR+vGDRciib8J14zbURYc9qYpExRztUhDDTTpl
afrzQA0RTfJko7Q8VzJG0tHI22qEot7SyhqR3bR6RJoGLKqUbsZHYiwt9J8RP/E1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:37 2024 by rpki-client on console-ams.rpki-client.org