Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/kR9NeYv88TK3ASxplTI6M39MQkY.roa
File: kR9NeYv88TK3ASxplTI6M39MQkY.roa (raw, json)
Hash identifier: qhV4THyUZZKxzVrxkHGcshqp3/qkaQ8OUtybMzPhh/Q=
Subject key identifier: 91:1F:4D:79:8B:FC:F1:32:B7:01:2C:69:95:32:3A:33:7F:4C:42:46
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 0186EFC0FD2231B833FAE802FAC0AA3039D7
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/kR9NeYv88TK3ASxplTI6M39MQkY.roa
Signing time: Fri 17 Mar 2023 13:27:27 +0000
ROA not before: Fri 17 Mar 2023 13:27:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51468
IP address blocks: 141.138.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 27 Mar 2023 09:23:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:c0:fd:22:31:b8:33:fa:e8:02:fa:c0:aa:30:39:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Mar 17 13:27:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=911f4d798bfcf132b7012c6995323a337f4c4246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:10:c8:93:3e:e6:fb:fa:62:84:28:91:86:8c:
7a:fd:6e:8c:e1:e6:11:76:2d:d9:90:e5:c5:bc:80:
95:b0:6a:2c:6b:ae:b8:ca:fc:ed:0e:89:7a:b4:d6:
40:c4:fc:ab:61:b0:6c:a0:02:36:e6:1d:ae:60:4d:
5d:cb:38:0d:5f:c5:98:db:9f:20:07:28:3a:fc:59:
12:34:e6:57:c6:03:f0:d9:b3:64:c5:56:28:c8:2a:
67:08:7b:21:9c:6a:69:47:03:18:5c:e9:18:fa:a8:
68:02:7a:ab:95:e3:e5:23:69:7a:54:f0:a5:b4:4e:
85:86:42:e5:5e:25:48:d9:00:4c:10:60:86:98:f0:
6a:6f:4a:ff:5c:a9:c2:82:94:62:66:17:95:62:28:
5d:60:e8:e9:c0:cd:53:22:a2:25:b2:ad:62:09:58:
e5:35:4d:7c:aa:b1:66:ee:4f:b2:10:10:2c:d2:05:
6c:fc:63:dd:11:76:55:d9:b5:4a:82:d3:66:72:11:
56:5c:6e:5a:39:08:d1:77:6d:db:48:3a:56:d9:1e:
e6:ed:65:a6:24:60:74:f9:26:83:33:0a:d5:b8:d5:
ed:47:24:75:f3:9e:b4:f3:cc:c7:67:68:cb:9c:ed:
10:58:fd:54:f3:1f:0a:24:e3:eb:67:5b:1d:79:19:
08:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1F:4D:79:8B:FC:F1:32:B7:01:2C:69:95:32:3A:33:7F:4C:42:46
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/kR9NeYv88TK3ASxplTI6M39MQkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.172.0/22
Signature Algorithm: sha256WithRSAEncryption
00:14:84:aa:41:21:8f:a0:3f:a5:63:64:4d:0f:2f:b7:5c:83:
04:dd:d3:13:75:63:49:30:64:20:34:e5:f9:16:ed:85:9a:a0:
45:be:1f:a8:05:4e:7f:94:7b:71:f6:bc:f0:84:db:84:3a:86:
a3:93:05:77:19:d2:0c:5d:0d:0f:33:0e:cf:7e:d3:e9:ea:8e:
e8:ae:25:97:9a:7f:6a:75:1c:a7:4b:cd:2f:9b:97:1a:7a:7e:
f3:f2:79:6e:5b:a6:fb:ee:8b:5b:67:b0:f0:6d:46:23:73:c6:
36:87:30:9b:ff:2b:2a:25:01:21:b3:f7:bd:8b:0f:54:c7:a1:
55:05:36:63:28:e3:9f:83:8b:4d:91:cb:da:73:fc:64:f5:95:
7f:9b:57:42:b0:80:74:e4:58:93:72:5b:eb:45:51:8d:2c:93:
5c:a5:28:1f:f4:70:6e:d7:fa:47:92:bc:1f:09:1b:b6:62:61:
d9:d2:fb:a1:16:56:41:3c:20:90:96:8b:c0:5b:80:71:47:d3:
6d:4b:c6:6c:05:6e:1d:86:95:ec:c1:6f:cb:c9:a7:e5:d2:48:
62:ac:02:81:c2:15:98:63:b9:1e:42:2d:b2:a7:35:dd:a8:8e:
41:bd:ee:4e:41:69:aa:15:f3:9e:04:cf:76:52:1c:a6:a7:6a:
b8:31:63:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbvwP0iMbgz+ugC+sCqMDnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjMwMzE3MTMyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFmNGQ3OThiZmNmMTMyYjcwMTJjNjk5NTMyM2EzMzdmNGM0MjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxDIkz7m+/pihCiRhox6/W6M4eYR
di3ZkOXFvICVsGosa664yvztDol6tNZAxPyrYbBsoAI25h2uYE1dyzgNX8WY258g
Byg6/FkSNOZXxgPw2bNkxVYoyCpnCHshnGppRwMYXOkY+qhoAnqrlePlI2l6VPCl
tE6FhkLlXiVI2QBMEGCGmPBqb0r/XKnCgpRiZheVYihdYOjpwM1TIqIlsq1iCVjl
NU18qrFm7k+yEBAs0gVs/GPdEXZV2bVKgtNmchFWXG5aOQjRd23bSDpW2R7m7WWm
JGB0+SaDMwrVuNXtRyR1856088zHZ2jLnO0QWP1U8x8KJOPrZ1sdeRkI2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEfTXmL/PEytwEsaZUyOjN/TEJGMB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEva1I5TmVZdjg4VEszQVN4cGxUSTZNMzlNUWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjYqsMA0G
CSqGSIb3DQEBCwUAA4IBAQAAFISqQSGPoD+lY2RNDy+3XIME3dMTdWNJMGQgNOX5
Fu2FmqBFvh+oBU5/lHtx9rzwhNuEOoajkwV3GdIMXQ0PMw7PftPp6o7oriWXmn9q
dRynS80vm5caen7z8nluW6b77otbZ7DwbUYjc8Y2hzCb/ysqJQEhs/e9iw9Ux6FV
BTZjKOOfg4tNkcvac/xk9ZV/m1dCsIB05FiTclvrRVGNLJNcpSgf9HBu1/pHkrwf
CRu2YmHZ0vuhFlZBPCCQlovAW4BxR9NtS8ZsBW4dhpXswW/Lyafl0khirAKBwhWY
Y7keQi2ypzXdqI5Bve5OQWmqFfOeBM92Uhymp2q4MWOm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:57 2024 by rpki-client on console-fra.rpki-client.org