Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/_9pfrXC0ixrgjRJ1f4NHbilysDs.roa
File: _9pfrXC0ixrgjRJ1f4NHbilysDs.roa (raw, json)
Hash identifier: W4wlZHjs0/oc+sPPVaEqyJk4V3DKhzV2YIFm1WiP1Rk=
Subject key identifier: FF:DA:5F:AD:70:B4:8B:1A:E0:8D:12:75:7F:83:47:6E:29:72:B0:3B
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018DCFA27C35EA000563F1F574FE1DEA51DB
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/_9pfrXC0ixrgjRJ1f4NHbilysDs.roa
Signing time: Thu 22 Feb 2024 07:05:48 +0000
ROA not before: Thu 22 Feb 2024 07:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57604
IP address blocks: 139.28.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 09:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cf:a2:7c:35:ea:00:05:63:f1:f5:74:fe:1d:ea:51:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Feb 22 07:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffda5fad70b48b1ae08d12757f83476e2972b03b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:09:09:b4:06:af:8d:11:54:fe:bd:7a:fc:66:
b4:ae:91:05:9c:8b:fd:88:55:db:01:be:07:b1:e4:
46:81:f7:10:17:3c:ea:f0:69:00:91:8b:3f:62:4f:
0a:b0:5d:88:da:f6:5a:63:78:4d:2e:35:c5:e3:ee:
65:1e:7d:d9:12:e6:3f:9f:0f:15:1d:ec:05:48:bf:
92:c3:07:76:18:ed:78:69:e3:6e:11:cb:85:71:d7:
00:05:30:c2:c0:b7:81:cd:a9:eb:f8:a7:c8:a0:84:
07:57:d6:6b:56:67:6c:da:72:74:e1:e1:bb:4f:fb:
1b:20:e2:be:a2:a9:f9:fc:46:64:c0:02:f9:66:5d:
30:9a:6f:98:14:1a:e8:98:9f:82:74:fb:55:b0:fb:
16:78:fa:de:f7:71:ef:04:3f:ed:86:b4:ca:c5:d7:
ac:08:d0:55:b7:36:f1:ad:7f:bc:9e:7c:e7:9c:1f:
b4:39:a8:b7:09:31:2e:fe:3c:72:71:65:45:a0:6f:
3c:ec:45:ac:f3:89:a8:7e:3a:59:a2:73:fa:53:9e:
59:89:a5:f0:0a:46:2f:a6:3e:8e:f3:c5:e3:98:1e:
a2:b9:06:6c:95:3d:63:3c:24:6e:43:9e:32:56:13:
c8:16:ed:2a:24:19:7b:b7:c4:da:87:30:39:f7:28:
fc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DA:5F:AD:70:B4:8B:1A:E0:8D:12:75:7F:83:47:6E:29:72:B0:3B
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/_9pfrXC0ixrgjRJ1f4NHbilysDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.72.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:fc:1e:60:7d:e9:1f:77:f3:a8:cd:bf:3c:29:e5:5d:ff:56:
86:a6:e9:d4:4c:08:7c:b7:6c:c0:63:54:b1:3a:82:00:1f:cb:
7d:b6:02:a9:ec:77:7c:8c:78:d9:9f:c5:74:34:cb:e2:bd:82:
28:72:13:6f:92:d6:23:18:67:3d:dc:98:41:70:af:ed:13:01:
d3:96:f5:25:a7:0d:4e:a0:af:8b:73:34:14:e4:a4:c6:34:cd:
3e:d4:5d:a0:49:51:22:e5:71:93:58:b6:8d:1c:f0:03:41:18:
06:dd:ac:68:06:56:40:8f:a5:5a:08:80:f4:41:61:1c:3b:1f:
53:28:26:2f:4f:eb:d8:35:40:8d:a5:30:4c:24:ac:7f:33:2d:
d2:54:c8:90:32:af:03:2c:ae:2a:11:f0:e4:e9:28:c5:f4:68:
59:9c:b0:e4:b3:e6:da:52:13:2b:77:60:e1:1f:16:17:02:73:
58:be:d7:e7:af:af:30:ca:8f:b2:a5:0f:90:70:44:52:69:5a:
0a:f3:da:a4:bf:a0:95:42:b1:f2:40:28:1b:82:cf:b6:48:99:
58:ef:78:ad:0f:77:62:8a:00:18:5c:f6:a2:11:71:09:19:83:
4c:0d:4c:07:7b:24:3c:ab:54:df:1e:9b:e2:11:9d:ef:aa:bb:
8a:fa:e1:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3Ponw16gAFY/H1dP4d6lHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQwMjIyMDcwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRhNWZhZDcwYjQ4YjFhZTA4ZDEyNzU3ZjgzNDc2ZTI5NzJiMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAkJtAavjRFU/r16/Ga0rpEFnIv9
iFXbAb4HseRGgfcQFzzq8GkAkYs/Yk8KsF2I2vZaY3hNLjXF4+5lHn3ZEuY/nw8V
HewFSL+Swwd2GO14aeNuEcuFcdcABTDCwLeBzanr+KfIoIQHV9ZrVmds2nJ04eG7
T/sbIOK+oqn5/EZkwAL5Zl0wmm+YFBromJ+CdPtVsPsWePre93HvBD/thrTKxdes
CNBVtzbxrX+8nnznnB+0Oai3CTEu/jxycWVFoG887EWs84mofjpZonP6U55ZiaXw
CkYvpj6O88XjmB6iuQZslT1jPCRuQ54yVhPIFu0qJBl7t8TahzA59yj8VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/aX61wtIsa4I0SdX+DR24pcrA7MB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvXzlwZnJYQzBpeHJnalJKMWY0TkhiaWx5c0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixxIMA0G
CSqGSIb3DQEBCwUAA4IBAQA8/B5gfekfd/Oozb88KeVd/1aGpunUTAh8t2zAY1Sx
OoIAH8t9tgKp7Hd8jHjZn8V0NMvivYIochNvktYjGGc93JhBcK/tEwHTlvUlpw1O
oK+LczQU5KTGNM0+1F2gSVEi5XGTWLaNHPADQRgG3axoBlZAj6VaCID0QWEcOx9T
KCYvT+vYNUCNpTBMJKx/My3SVMiQMq8DLK4qEfDk6SjF9GhZnLDks+baUhMrd2Dh
HxYXAnNYvtfnr68wyo+ypQ+QcERSaVoK89qkv6CVQrHyQCgbgs+2SJlY73itD3di
igAYXPaiEXEJGYNMDUwHeyQ8q1TfHpviEZ3vqruK+uGB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org