Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8b93a4-868d-4f30-b44f-fce3d590c6db/1/rpiyp5gq1kVMy9jrQKN_OOhlSKA.roa
File: rpiyp5gq1kVMy9jrQKN_OOhlSKA.roa (raw, json)
Hash identifier: Kt3h0c1DKsqCt528WLCS3m9lPEWEuC07puRDEtcT5xw=
Subject key identifier: AE:98:B2:A7:98:2A:D6:45:4C:CB:D8:EB:40:A3:7F:38:E8:65:48:A0
Certificate issuer: /CN=0ff8e93f3472ea6be58f3feb74495470095a177d
Certificate serial: 01856FE71A38AAD800CA5906E20318F7A871
Authority key identifier: 0F:F8:E9:3F:34:72:EA:6B:E5:8F:3F:EB:74:49:54:70:09:5A:17:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_jpPzRy6mvljz_rdElUcAlaF30.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/8b93a4-868d-4f30-b44f-fce3d590c6db/1/rpiyp5gq1kVMy9jrQKN_OOhlSKA.roa
Signing time: Mon 02 Jan 2023 00:34:54 +0000
ROA not before: Mon 02 Jan 2023 00:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212341
IP address blocks: 139.28.152.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:1a:38:aa:d8:00:ca:59:06:e2:03:18:f7:a8:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff8e93f3472ea6be58f3feb74495470095a177d
Validity
Not Before: Jan 2 00:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae98b2a7982ad6454ccbd8eb40a37f38e86548a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d1:a1:6f:60:26:20:1f:e7:4b:d0:a2:d1:e1:
26:90:69:af:80:44:88:73:8f:87:69:73:5c:ed:67:
1d:6c:42:82:30:d6:49:7b:3d:bb:de:6e:6d:3a:a0:
f9:d7:73:f6:80:8d:02:6b:08:b8:28:18:e4:0a:dd:
f0:8f:f2:da:66:e6:50:7c:31:cc:2d:0d:d5:03:8b:
f6:e9:a4:30:af:a8:f8:8c:e0:d9:94:08:dd:ea:9a:
a8:ad:21:65:e4:81:b5:c3:f2:58:bb:3b:4b:83:d8:
bd:bb:c3:05:bb:a4:93:0c:a0:2a:c4:74:99:9a:c3:
c4:ce:96:53:da:69:65:71:2b:07:22:e7:4f:19:70:
55:d3:05:62:e0:de:8d:58:73:9a:75:fa:47:d5:92:
59:7f:ca:6d:40:a9:8a:fa:ff:fe:6b:5f:1e:a4:b5:
26:7c:a2:3b:bb:e4:d3:bf:f9:2e:d6:8b:4c:82:f4:
89:45:04:b2:80:82:37:96:b5:81:3f:17:e7:88:03:
78:5e:a9:2d:33:60:ba:df:38:f4:ed:37:af:e5:02:
3c:35:2a:7c:4c:e1:0a:4e:3f:5d:c6:ce:f6:09:33:
c7:96:bc:df:7e:d7:a2:c8:39:ec:57:6f:ef:86:4e:
ca:b2:1f:07:34:18:d8:1d:19:f1:cd:1c:f9:c1:43:
0e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:98:B2:A7:98:2A:D6:45:4C:CB:D8:EB:40:A3:7F:38:E8:65:48:A0
X509v3 Authority Key Identifier:
keyid:0F:F8:E9:3F:34:72:EA:6B:E5:8F:3F:EB:74:49:54:70:09:5A:17:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_jpPzRy6mvljz_rdElUcAlaF30.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8b93a4-868d-4f30-b44f-fce3d590c6db/1/rpiyp5gq1kVMy9jrQKN_OOhlSKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8b93a4-868d-4f30-b44f-fce3d590c6db/1/D_jpPzRy6mvljz_rdElUcAlaF30.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.152.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:f3:3c:33:61:66:87:f3:6b:75:65:ce:e0:22:b2:aa:b1:da:
f7:a9:5f:ad:9c:20:02:76:a7:7d:24:3f:b8:97:50:1e:5c:08:
3a:4c:09:5c:bd:c1:c4:bf:ee:27:08:20:62:d8:5e:38:9b:0a:
14:bd:12:5f:e0:23:8c:81:7f:63:50:18:e1:a7:86:de:07:85:
f5:7e:3a:4d:bc:7c:e9:80:fa:b1:75:c7:89:82:df:cf:32:5a:
54:e0:d8:72:c1:a0:fd:d5:7d:dc:3f:f2:1d:8e:88:fc:32:ff:
18:81:d6:ff:9c:7e:51:e5:35:2f:b5:a3:1d:17:63:8f:10:1e:
12:0d:36:d2:01:2b:13:fd:44:6d:38:27:58:73:6b:1d:0c:4d:
34:fd:f4:e9:b9:aa:85:c0:b0:8c:f3:82:ac:db:7b:4f:78:82:
2b:26:2c:38:17:91:b4:97:de:14:f0:87:b6:20:de:39:0d:09:
75:44:2d:d3:6c:28:75:39:f0:96:e9:ad:18:ad:12:cf:d4:04:
42:12:ac:c7:c6:69:e2:d9:94:50:ad:38:6f:d3:15:91:85:19:
85:5b:64:6d:d3:86:ce:9f:c6:6e:19:80:e6:d5:c4:3d:fd:1d:
a0:da:d9:e1:7d:37:c4:33:85:30:69:4d:87:d0:0c:fc:f6:b8:
6d:f6:15:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5xo4qtgAylkG4gMY96hxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjhlOTNmMzQ3MmVhNmJlNThmM2ZlYjc0NDk1NDcwMDk1
YTE3N2QwHhcNMjMwMTAyMDAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTk4YjJhNzk4MmFkNjQ1NGNjYmQ4ZWI0MGEzN2YzOGU4NjU0OGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltGhb2AmIB/nS9Ci0eEmkGmvgESI
c4+HaXNc7WcdbEKCMNZJez273m5tOqD513P2gI0Cawi4KBjkCt3wj/LaZuZQfDHM
LQ3VA4v26aQwr6j4jODZlAjd6pqorSFl5IG1w/JYuztLg9i9u8MFu6STDKAqxHSZ
msPEzpZT2mllcSsHIudPGXBV0wVi4N6NWHOadfpH1ZJZf8ptQKmK+v/+a18epLUm
fKI7u+TTv/ku1otMgvSJRQSygII3lrWBPxfniAN4XqktM2C63zj07Tev5QI8NSp8
TOEKTj9dxs72CTPHlrzffteiyDnsV2/vhk7Ksh8HNBjYHRnxzRz5wUMO8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6YsqeYKtZFTMvY60CjfzjoZUigMB8GA1UdIwQY
MBaAFA/46T80cupr5Y8/63RJVHAJWhd9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9qcFB6Unk2bXZsanpfcmRFbFVjQWxhRjMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84YjkzYTQtODY4ZC00ZjMwLWI0NGYt
ZmNlM2Q1OTBjNmRiLzEvcnBpeXA1Z3Exa1ZNeTlqclFLTl9PT2hsU0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84YjkzYTQtODY4ZC00ZjMwLWI0NGYtZmNlM2Q1OTBjNmRi
LzEvRF9qcFB6Unk2bXZsanpfcmRFbFVjQWxhRjMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixyYMA0G
CSqGSIb3DQEBCwUAA4IBAQA78zwzYWaH82t1Zc7gIrKqsdr3qV+tnCACdqd9JD+4
l1AeXAg6TAlcvcHEv+4nCCBi2F44mwoUvRJf4COMgX9jUBjhp4beB4X1fjpNvHzp
gPqxdceJgt/PMlpU4NhywaD91X3cP/Idjoj8Mv8Ygdb/nH5R5TUvtaMdF2OPEB4S
DTbSASsT/URtOCdYc2sdDE00/fTpuaqFwLCM84Ks23tPeIIrJiw4F5G0l94U8Ie2
IN45DQl1RC3TbCh1OfCW6a0YrRLP1ARCEqzHxmni2ZRQrThv0xWRhRmFW2Rt04bO
n8ZuGYDm1cQ9/R2g2tnhfTfEM4UwaU2H0Az89rht9hWv
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:05 2024 by rpki-client on console-fra.rpki-client.org