Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/9dO8EItT-kbdFKBszDA5rNeMGZI.roa
File: 9dO8EItT-kbdFKBszDA5rNeMGZI.roa (raw, json)
Hash identifier: wSXsm+/RVgd+kPOf3GfiM2t0ik7tdAv0sR2oGS6ySxs=
Subject key identifier: F5:D3:BC:10:8B:53:FA:46:DD:14:A0:6C:CC:30:39:AC:D7:8C:19:92
Certificate issuer: /CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Certificate serial: 01856E666CE90CB9DBF585BFC91B01B1EB52
Authority key identifier: 7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/9dO8EItT-kbdFKBszDA5rNeMGZI.roa
Signing time: Sun 01 Jan 2023 17:34:44 +0000
ROA not before: Sun 01 Jan 2023 17:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9255
IP address blocks: 146.255.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:66:6c:e9:0c:b9:db:f5:85:bf:c9:1b:01:b1:eb:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Validity
Not Before: Jan 1 17:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5d3bc108b53fa46dd14a06ccc3039acd78c1992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d8:28:ad:36:94:bf:42:45:a0:db:e3:29:cb:
c9:0a:d9:b1:8e:3d:ab:3e:54:24:c8:a9:3b:40:47:
b7:be:55:6f:92:09:a6:79:8b:1b:43:30:95:5c:c1:
20:1e:d1:62:63:c0:c7:c6:9d:23:be:65:17:f6:5a:
80:d5:9e:93:90:d2:00:d5:78:8e:d8:6f:22:8f:e2:
d0:64:98:b0:e6:c2:6f:f7:43:00:07:d7:2d:ba:be:
6e:d6:a1:50:a0:d3:46:cf:be:60:6f:ea:b4:94:64:
78:24:6b:75:ab:69:85:cd:b5:cf:bc:88:8e:ca:2f:
8a:48:26:53:7c:61:1c:15:d7:31:66:f1:fe:f4:b3:
ae:09:c2:92:13:2d:98:9d:e1:9b:40:e5:79:17:04:
84:2f:46:a8:8c:b5:46:11:32:9f:c1:7e:6e:2e:22:
8d:ea:84:18:7d:f5:90:51:72:bf:a3:7b:20:24:87:
8a:29:84:09:d8:3d:bd:1e:c5:1e:82:de:8d:8d:a1:
c8:48:93:09:22:ec:41:10:2c:7d:0c:b5:61:9a:f2:
7b:7b:a5:ee:01:83:28:78:6c:d1:f2:8b:de:e9:83:
8b:85:49:e6:50:6b:5b:ae:9a:55:80:e4:a1:ab:64:
19:0a:f7:49:bf:f5:15:37:69:56:29:fa:31:9b:45:
91:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D3:BC:10:8B:53:FA:46:DD:14:A0:6C:CC:30:39:AC:D7:8C:19:92
X509v3 Authority Key Identifier:
keyid:7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/9dO8EItT-kbdFKBszDA5rNeMGZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/fciRFoK8XKcc7OHv46wTW_21ndY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.124.0/22
Signature Algorithm: sha256WithRSAEncryption
99:a2:d9:56:f5:2d:74:4c:b5:cf:2e:93:c9:68:54:38:d0:3a:
42:84:cc:d7:ae:68:91:16:ea:53:66:be:2c:b3:48:71:5f:c1:
38:f1:40:99:85:39:fa:bf:6c:d1:ad:5f:84:8f:3d:1d:f4:12:
6b:bd:d4:ad:3e:ac:d0:2b:b1:12:7a:f5:f7:ff:b0:00:f9:90:
48:94:aa:97:66:9a:04:8c:e7:0a:d2:25:2d:6a:7d:28:fe:90:
f6:7b:79:e6:4c:a0:bb:30:1e:c6:76:da:2d:74:71:da:9c:3b:
95:89:36:46:8a:11:5f:92:1c:9b:4e:c8:85:13:ee:da:d5:de:
67:ed:15:8e:62:da:6d:3f:8b:01:a2:7e:12:6b:0a:2a:5a:14:
a9:40:33:77:ed:61:5c:e9:14:47:c4:b3:4b:a6:39:a8:ca:7a:
94:98:a6:c6:3c:c7:a3:3f:49:0a:3e:a8:6a:32:11:ef:47:75:
b6:b5:95:5f:74:83:a5:e3:61:1f:2a:19:de:f5:e9:64:2a:8e:
93:ae:f1:91:b3:45:be:0e:bb:70:85:c1:16:e1:d8:68:1f:d8:
b0:17:ae:79:ec:6c:d4:f6:42:13:25:72:84:5f:b7:01:25:ed:
1e:60:7d:e1:38:c5:65:b1:58:5f:af:2d:12:9a:5d:dc:67:72:
1c:0d:fc:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuZmzpDLnb9YW/yRsBsetSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzg5MTE2ODJiYzVjYTcxY2VjZTFlZmUzYWMxMzViZmRi
NTlkZDYwHhcNMjMwMTAxMTczNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQzYmMxMDhiNTNmYTQ2ZGQxNGEwNmNjYzMwMzlhY2Q3OGMxOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktgorTaUv0JFoNvjKcvJCtmxjj2r
PlQkyKk7QEe3vlVvkgmmeYsbQzCVXMEgHtFiY8DHxp0jvmUX9lqA1Z6TkNIA1XiO
2G8ij+LQZJiw5sJv90MAB9ctur5u1qFQoNNGz75gb+q0lGR4JGt1q2mFzbXPvIiO
yi+KSCZTfGEcFdcxZvH+9LOuCcKSEy2YneGbQOV5FwSEL0aojLVGETKfwX5uLiKN
6oQYffWQUXK/o3sgJIeKKYQJ2D29HsUegt6NjaHISJMJIuxBECx9DLVhmvJ7e6Xu
AYMoeGzR8ove6YOLhUnmUGtbrppVgOShq2QZCvdJv/UVN2lWKfoxm0WRYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXTvBCLU/pG3RSgbMwwOazXjBmSMB8GA1UdIwQY
MBaAFH3IkRaCvFynHOzh7+OsE1v9tZ3WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNpUkZvSzhYS2NjN09IdjQ2d1RXXzIxbmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wODMxYmYtMTE4Yy00ZWNlLTkzNGQt
NzUyOTUyNTFiMWU4LzEvOWRPOEVJdFQta2JkRktCc3pEQTVyTmVNR1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wODMxYmYtMTE4Yy00ZWNlLTkzNGQtNzUyOTUyNTFiMWU4
LzEvZmNpUkZvSzhYS2NjN09IdjQ2d1RXXzIxbmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkv98MA0G
CSqGSIb3DQEBCwUAA4IBAQCZotlW9S10TLXPLpPJaFQ40DpChMzXrmiRFupTZr4s
s0hxX8E48UCZhTn6v2zRrV+Ejz0d9BJrvdStPqzQK7ESevX3/7AA+ZBIlKqXZpoE
jOcK0iUtan0o/pD2e3nmTKC7MB7GdtotdHHanDuViTZGihFfkhybTsiFE+7a1d5n
7RWOYtptP4sBon4SawoqWhSpQDN37WFc6RRHxLNLpjmoynqUmKbGPMejP0kKPqhq
MhHvR3W2tZVfdIOl42EfKhne9elkKo6TrvGRs0W+DrtwhcEW4dhoH9iwF6557GzU
9kITJXKEX7cBJe0eYH3hOMVlsVhfry0Sml3cZ3IcDfzi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:45 2024 by rpki-client on console-fra.rpki-client.org