Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/EOYel9RV-yaq4MtGVrvzn5czQoI.roa
File: EOYel9RV-yaq4MtGVrvzn5czQoI.roa (raw, json)
Hash identifier: 01w3tJEBEZEYQ2jTg7lwG7BostOnisNLqzDuA5xfU/8=
Subject key identifier: 10:E6:1E:97:D4:55:FB:26:AA:E0:CB:46:56:BB:F3:9F:97:33:42:82
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CCF6C44AA70FAFF91A889C87D523A09BA
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/EOYel9RV-yaq4MtGVrvzn5czQoI.roa
Signing time: Wed 03 Jan 2024 13:03:48 +0000
ROA not before: Wed 03 Jan 2024 13:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 147.45.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 11 Jan 2024 10:27:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:6c:44:aa:70:fa:ff:91:a8:89:c8:7d:52:3a:09:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 3 13:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10e61e97d455fb26aae0cb4656bbf39f97334282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:af:7d:73:6e:dd:af:be:ef:79:ae:25:cf:c0:
53:4e:f4:0f:27:68:53:70:a5:61:04:04:13:37:87:
dd:54:c0:bc:9d:49:25:a9:9b:31:37:dd:57:d0:a0:
0c:f5:fe:44:f7:79:b4:f7:1e:06:4d:f2:2b:1d:33:
80:09:a9:04:9e:66:13:5f:4f:b8:ae:9f:ba:34:3c:
db:40:2c:13:00:4b:1f:8d:3f:61:89:b2:44:31:24:
0e:10:68:7b:c3:3b:a5:98:81:af:6a:af:24:01:93:
56:08:b8:f6:3f:5f:88:a6:97:0d:cb:28:28:8b:d2:
d6:e4:ed:70:97:95:67:7e:79:bc:79:0f:0a:9f:dc:
1a:33:61:f5:73:d9:d0:34:52:64:b2:13:ff:79:a9:
1a:c5:e9:95:5d:8f:fd:a5:2d:d3:16:7a:ac:0c:f7:
4f:0a:ca:0c:30:ae:2e:07:67:ba:c0:e3:1c:1a:b2:
8c:8a:36:63:e5:7a:d9:26:eb:ff:72:01:64:2a:50:
cb:ba:f2:8f:59:39:71:cb:7d:03:69:5b:46:bd:cf:
06:41:4b:97:f6:a6:e1:8f:8c:49:2f:e4:b3:d2:d5:
56:0b:c6:13:3e:23:0f:b7:1c:53:4a:7e:2c:a0:4e:
78:ea:8b:21:78:ad:49:0b:42:45:27:d5:02:85:88:
35:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:E6:1E:97:D4:55:FB:26:AA:E0:CB:46:56:BB:F3:9F:97:33:42:82
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/EOYel9RV-yaq4MtGVrvzn5czQoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.120.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:06:42:06:75:b3:01:24:e5:71:08:bf:d7:7b:52:db:dd:7e:
4a:bc:4d:39:0a:65:b7:e2:b4:ab:b5:33:14:e1:58:66:cd:7c:
d1:b5:4d:36:ac:95:69:26:db:c4:f8:4d:5d:f7:7d:b5:96:5a:
b7:25:14:3f:22:7a:24:9f:f5:ca:87:20:74:33:49:dc:f7:09:
ab:09:b5:eb:37:e4:7d:70:19:0c:92:2b:f6:6b:1c:89:0e:09:
17:8a:c4:49:91:de:1e:92:93:55:0f:7d:ea:6d:e7:c2:27:74:
02:43:09:c7:f7:40:c6:5c:b8:1a:a8:fa:92:51:9a:17:8d:37:
11:1a:b5:9d:e9:3f:8c:12:f6:3d:0f:12:fa:54:dd:9f:a1:fd:
41:8d:79:14:1c:85:fe:39:0a:cc:aa:1a:ab:49:f4:80:d2:60:
6a:53:34:13:79:aa:3d:df:97:67:7c:1a:3b:b4:df:2c:5c:39:
94:e3:c3:d2:4a:bf:eb:ee:04:a0:44:0d:75:c4:ab:0b:ec:a6:
b7:2b:e2:ea:b6:af:dd:1e:1f:e2:fc:d8:27:f0:b9:9d:c7:7d:
56:ed:4b:c3:f8:f1:9f:8d:e4:1d:9e:80:71:2a:4e:25:1e:a8:
40:1a:ea:7e:08:7a:4c:26:f4:43:30:59:54:6c:18:5a:65:16:
c7:cc:b4:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzPbESqcPr/kaiJyH1SOgm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAzMTMwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGU2MWU5N2Q0NTVmYjI2YWFlMGNiNDY1NmJiZjM5Zjk3MzM0MjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl699c27dr77vea4lz8BTTvQPJ2hT
cKVhBAQTN4fdVMC8nUklqZsxN91X0KAM9f5E93m09x4GTfIrHTOACakEnmYTX0+4
rp+6NDzbQCwTAEsfjT9hibJEMSQOEGh7wzulmIGvaq8kAZNWCLj2P1+IppcNyygo
i9LW5O1wl5Vnfnm8eQ8Kn9waM2H1c9nQNFJkshP/eakaxemVXY/9pS3TFnqsDPdP
CsoMMK4uB2e6wOMcGrKMijZj5XrZJuv/cgFkKlDLuvKPWTlxy30DaVtGvc8GQUuX
9qbhj4xJL+Sz0tVWC8YTPiMPtxxTSn4soE546osheK1JC0JFJ9UChYg1NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBDmHpfUVfsmquDLRla785+XM0KCMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvRU9ZZWw5UlYteWFxNE10R1ZydnpuNWN6UW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCky14MA0G
CSqGSIb3DQEBCwUAA4IBAQCdBkIGdbMBJOVxCL/Xe1Lb3X5KvE05CmW34rSrtTMU
4VhmzXzRtU02rJVpJtvE+E1d9321llq3JRQ/Inokn/XKhyB0M0nc9wmrCbXrN+R9
cBkMkiv2axyJDgkXisRJkd4ekpNVD33qbefCJ3QCQwnH90DGXLgaqPqSUZoXjTcR
GrWd6T+MEvY9DxL6VN2fof1BjXkUHIX+OQrMqhqrSfSA0mBqUzQTeao935dnfBo7
tN8sXDmU48PSSr/r7gSgRA11xKsL7Ka3K+Lqtq/dHh/i/Ngn8Lmdx31W7UvD+PGf
jeQdnoBxKk4lHqhAGup+CHpMJvRDMFlUbBhaZRbHzLTA
-----END CERTIFICATE-----
Generated at Thu Jan 11 15:19:10 2024 by rpki-client on console-ams.rpki-client.org