Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1DgxAScmdY6zBtxU2yuXvjD2i48.roa
File: 1DgxAScmdY6zBtxU2yuXvjD2i48.roa (raw, json)
Hash identifier: WZMrmDxtCxblTVmsZI1VQW9+Ksx3zZGr4eEbHEZlil0=
Subject key identifier: D4:38:31:01:27:26:75:8E:B3:06:DC:54:DB:2B:97:BE:30:F6:8B:8F
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 018CC64B3D9FD0C62785766193D7A5B9AEDC
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1DgxAScmdY6zBtxU2yuXvjD2i48.roa
Signing time: Mon 01 Jan 2024 18:31:08 +0000
ROA not before: Mon 01 Jan 2024 18:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9116
IP address blocks: 82.102.161.0/24 maxlen: 24
81.5.16.0/21 maxlen: 21
Validation: Failed, certificate revoked on Sun 10 Mar 2024 11:59:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:3d:9f:d0:c6:27:85:76:61:93:d7:a5:b9:ae:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Jan 1 18:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d43831012726758eb306dc54db2b97be30f68b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9d:81:b7:0a:b0:60:8c:6f:53:37:e1:d2:0f:
45:88:14:c3:e9:42:e7:98:8c:1f:cb:4a:f8:12:4c:
95:6e:23:b4:0c:3d:1f:f0:53:60:df:30:b3:12:6f:
74:6a:84:d1:69:ff:16:36:9d:6a:eb:3a:7b:02:8d:
30:00:59:34:84:c9:a4:d1:42:c2:b2:08:a0:fb:d0:
e2:bf:3f:c9:53:b9:dc:97:df:8f:9f:be:52:30:01:
7b:e3:0f:92:71:da:36:1a:07:44:00:4d:61:2d:f3:
9d:bc:8b:dc:25:d5:b0:5d:80:27:18:cb:36:1f:00:
0f:55:46:91:87:10:e5:25:b2:12:90:85:54:d4:fd:
ce:e6:56:2d:d4:68:d7:3f:8f:66:82:ac:6a:e5:2f:
ba:b8:6c:f2:7a:5f:80:08:ab:5f:02:02:2a:8a:69:
23:19:e8:c5:7b:33:65:b9:9b:71:eb:b9:7e:5b:7b:
7e:c3:b9:a1:3d:c4:29:c0:50:ec:f4:70:61:e1:84:
28:76:a9:17:9e:ca:33:34:f6:2e:81:32:9a:db:d2:
03:8a:bf:e4:3e:31:45:a1:b8:59:b9:37:da:28:60:
6c:54:5b:c7:22:00:4e:d7:fe:ca:ff:8e:e2:a6:bd:
8c:b2:9b:a6:df:fc:1b:2c:09:79:4d:28:d9:66:85:
7b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:38:31:01:27:26:75:8E:B3:06:DC:54:DB:2B:97:BE:30:F6:8B:8F
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1DgxAScmdY6zBtxU2yuXvjD2i48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.16.0/21
82.102.161.0/24
Signature Algorithm: sha256WithRSAEncryption
60:04:ca:ce:cb:3d:5a:93:f0:28:aa:91:96:82:d2:f8:0c:1b:
39:5f:55:07:0a:f0:14:58:16:52:7e:e8:53:3b:27:d9:1d:4f:
9c:3f:fc:86:30:40:35:b2:00:c5:05:60:f6:f4:c8:f4:54:90:
5d:d2:05:b2:5a:bb:31:22:c8:02:b9:be:3d:3d:43:86:a2:69:
30:88:18:0f:22:e8:9a:de:5c:28:ad:ad:7e:f6:d3:c4:cd:c2:
f3:f3:0d:31:24:ff:21:e9:d9:b9:dd:7d:77:9b:f3:9b:c3:c3:
9e:f3:16:64:a0:24:5a:a3:6e:3d:ff:1e:e3:94:d1:da:21:18:
65:08:75:f8:9f:fb:bf:3c:b8:1a:c5:a9:e1:4e:10:cc:b8:80:
56:6a:52:1b:e4:b6:8b:ca:44:de:4f:31:35:0e:38:44:fc:e8:
50:dd:f2:d9:2d:3d:15:28:9e:d2:55:bd:d4:e4:e3:bf:9d:d3:
9b:45:c8:52:ef:99:c5:75:aa:2b:e6:3e:dc:a2:e6:be:86:ec:
63:0e:1e:c4:76:6d:e8:a5:e0:c1:b9:1b:86:c4:0c:f6:33:9e:
bc:24:95:24:df:ed:cb:6f:0b:a6:2b:3a:00:42:93:c5:38:de:
97:51:97:97:ff:8f:84:24:64:77:05:bc:95:0d:4d:ed:21:ac:
65:13:8a:52
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGSz2f0MYnhXZhk9elua7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjQwMTAxMTgzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDM4MzEwMTI3MjY3NThlYjMwNmRjNTRkYjJiOTdiZTMwZjY4YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ2BtwqwYIxvUzfh0g9FiBTD6ULn
mIwfy0r4EkyVbiO0DD0f8FNg3zCzEm90aoTRaf8WNp1q6zp7Ao0wAFk0hMmk0ULC
sgig+9Divz/JU7ncl9+Pn75SMAF74w+Scdo2GgdEAE1hLfOdvIvcJdWwXYAnGMs2
HwAPVUaRhxDlJbISkIVU1P3O5lYt1GjXP49mgqxq5S+6uGzyel+ACKtfAgIqimkj
GejFezNluZtx67l+W3t+w7mhPcQpwFDs9HBh4YQodqkXnsozNPYugTKa29IDir/k
PjFFobhZuTfaKGBsVFvHIgBO1/7K/47ipr2Mspum3/wbLAl5TSjZZoV7/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNQ4MQEnJnWOswbcVNsrl74w9ouPMB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xLzFEZ3hBU2NtZFk2ekJ0eFUyeXVYdmpEMmk0OC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBANRBRAD
BABSZqEwDQYJKoZIhvcNAQELBQADggEBAGAEys7LPVqT8CiqkZaC0vgMGzlfVQcK
8BRYFlJ+6FM7J9kdT5w//IYwQDWyAMUFYPb0yPRUkF3SBbJauzEiyAK5vj09Q4ai
aTCIGA8i6JreXCitrX7208TNwvPzDTEk/yHp2bndfXeb85vDw57zFmSgJFqjbj3/
HuOU0dohGGUIdfif+788uBrFqeFOEMy4gFZqUhvktovKRN5PMTUOOET86FDd8tkt
PRUontJVvdTk47+d05tFyFLvmcV1qivmPtyi5r6G7GMOHsR2beil4MG5G4bEDPYz
nrwklSTf7ctvC6YrOgBCk8U43pdRl5f/j4QkZHcFvJUNTe0hrGUTilI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:12 2024 by rpki-client on console-ams.rpki-client.org