Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/K0_mHzaapwI1n9be5-dvWmg97kE.roa
File: K0_mHzaapwI1n9be5-dvWmg97kE.roa (raw, json)
Hash identifier: kcI32FAPBfaideGcxIuo6GHN4/QTMGDSRVN3Lf9NyDg=
Subject key identifier: 2B:4F:E6:1F:36:9A:A7:02:35:9F:D6:DE:E7:E7:6F:5A:68:3D:EE:41
Certificate issuer: /CN=8fd26ad6f91ba4472814bae484a8df1f634c3341
Certificate serial: 0185714C4556AF6F99B5D568012EF34C3053
Authority key identifier: 8F:D2:6A:D6:F9:1B:A4:47:28:14:BA:E4:84:A8:DF:1F:63:4C:33:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/K0_mHzaapwI1n9be5-dvWmg97kE.roa
Signing time: Mon 02 Jan 2023 07:05:01 +0000
ROA not before: Mon 02 Jan 2023 07:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200019
IP address blocks: 176.123.0.0/21 maxlen: 21
176.123.1.0/24 maxlen: 24
176.123.2.0/24 maxlen: 24
176.123.3.0/24 maxlen: 24
176.123.4.0/24 maxlen: 24
176.123.0.0/24 maxlen: 24
176.123.8.0/24 maxlen: 24
176.123.8.0/22 maxlen: 22
176.123.9.0/24 maxlen: 24
176.123.10.0/24 maxlen: 24
176.123.11.0/24 maxlen: 24
176.123.5.0/24 maxlen: 24
176.123.6.0/24 maxlen: 24
176.123.7.0/24 maxlen: 24
2001:678:6d4::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Mar 2023 12:33:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:45:56:af:6f:99:b5:d5:68:01:2e:f3:4c:30:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fd26ad6f91ba4472814bae484a8df1f634c3341
Validity
Not Before: Jan 2 07:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b4fe61f369aa702359fd6dee7e76f5a683dee41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8b:2e:da:fb:2c:15:c3:77:fc:88:a8:a3:7c:
e5:a3:b7:ab:3b:f9:ef:9c:9f:bc:0a:34:d6:95:10:
89:58:0f:21:d4:09:92:76:f3:a0:d0:e5:ca:1c:e2:
80:5b:fa:85:67:fa:09:ef:24:76:ad:96:8b:8e:5d:
43:d6:c6:ec:68:73:2d:67:6c:cb:7e:df:9e:71:bb:
7c:1d:76:9a:6f:05:df:6c:aa:75:93:32:81:b1:e4:
0c:9a:91:aa:bb:6f:5b:fd:f9:1f:ef:4c:ec:fb:bb:
06:bb:bb:c5:34:55:57:c9:98:eb:9c:6c:73:0c:43:
ad:26:6f:c5:fc:ee:33:ce:7e:e8:60:80:44:ab:8a:
f4:ab:ca:f7:00:50:ae:51:8b:0b:54:8b:fd:3c:9c:
10:26:d1:95:a3:b0:9d:05:0e:70:63:89:67:95:da:
25:54:43:12:42:2a:8b:ee:24:33:f7:a4:1f:f7:85:
5e:a6:6c:f7:89:f2:b9:d2:42:46:87:72:05:52:89:
5e:ce:3c:5c:c2:3e:64:1d:b9:d0:93:0b:eb:32:e7:
70:77:bd:e5:77:d6:d9:64:1f:4e:80:c2:ba:48:48:
16:62:40:ce:a5:48:6e:af:ce:1f:59:43:af:e4:9a:
4b:49:db:2e:7a:39:8e:85:65:ef:88:27:28:45:b4:
a9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4F:E6:1F:36:9A:A7:02:35:9F:D6:DE:E7:E7:6F:5A:68:3D:EE:41
X509v3 Authority Key Identifier:
keyid:8F:D2:6A:D6:F9:1B:A4:47:28:14:BA:E4:84:A8:DF:1F:63:4C:33:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/K0_mHzaapwI1n9be5-dvWmg97kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.123.0.0-176.123.11.255
IPv6:
2001:678:6d4::/48
Signature Algorithm: sha256WithRSAEncryption
20:92:b5:d6:7f:23:c4:1c:7e:00:53:36:56:6a:6a:35:e7:3b:
c3:00:98:e2:04:29:f6:0c:74:0f:fa:ef:f7:73:2e:19:1f:a1:
68:50:fc:aa:d5:55:ab:b7:ed:7a:91:58:a6:aa:82:7f:b5:f3:
11:e7:56:9d:ff:c7:56:fc:95:60:37:45:0e:0b:d7:99:3f:df:
3b:fe:97:ee:01:57:9f:13:52:88:48:a2:8b:dd:75:24:d0:07:
45:fa:02:c7:09:29:6b:2a:ba:1c:d2:22:53:46:5b:67:f7:9c:
bc:37:90:dc:d8:6e:b2:ab:c0:36:be:e7:bc:e3:15:95:d6:31:
f1:0f:17:41:53:5d:52:88:49:cc:64:0d:8a:4b:aa:4d:af:9c:
91:e4:7c:da:86:bc:1a:e3:b6:ca:54:21:c7:9b:01:c7:96:0e:
69:9c:41:58:e5:02:c4:25:83:4c:f5:d4:01:3c:07:cf:6f:5b:
46:0c:ab:88:81:3a:8c:a0:e3:51:e4:a0:12:92:1f:c3:9b:67:
2b:4c:2e:65:1d:5a:be:28:d1:03:6f:a8:e6:44:25:fc:13:d9:
f3:5c:88:6d:cb:1e:02:1e:5b:d5:7c:39:c6:80:7b:dc:e0:1a:
ff:e8:95:fb:82:1c:fa:f3:cf:29:a0:69:68:b8:63:70:a4:24:
d1:a5:66:bc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVxTEVWr2+ZtdVoAS7zTDBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZDI2YWQ2ZjkxYmE0NDcyODE0YmFlNDg0YThkZjFmNjM0
YzMzNDEwHhcNMjMwMTAyMDcwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjRmZTYxZjM2OWFhNzAyMzU5ZmQ2ZGVlN2U3NmY1YTY4M2RlZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4su2vssFcN3/Iioo3zlo7erO/nv
nJ+8CjTWlRCJWA8h1AmSdvOg0OXKHOKAW/qFZ/oJ7yR2rZaLjl1D1sbsaHMtZ2zL
ft+ecbt8HXaabwXfbKp1kzKBseQMmpGqu29b/fkf70zs+7sGu7vFNFVXyZjrnGxz
DEOtJm/F/O4zzn7oYIBEq4r0q8r3AFCuUYsLVIv9PJwQJtGVo7CdBQ5wY4lnldol
VEMSQiqL7iQz96Qf94Vepmz3ifK50kJGh3IFUolezjxcwj5kHbnQkwvrMudwd73l
d9bZZB9OgMK6SEgWYkDOpUhur84fWUOv5JpLSdsuejmOhWXviCcoRbSpUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCtP5h82mqcCNZ/W3ufnb1poPe5BMB8GA1UdIwQY
MBaAFI/Satb5G6RHKBS65ISo3x9jTDNBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajlKcTF2a2JwRWNvRkxya2hLamZIMk5NTTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZGFkOGYtYjkxOS00NWQxLWFmMTgt
NjM3NDJkMTlhMDEyLzEvSzBfbUh6YWFwd0kxbjliZTUtZHZXbWc5N2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZGFkOGYtYjkxOS00NWQxLWFmMTgtNjM3NDJkMTlhMDEy
LzEvajlKcTF2a2JwRWNvRkxya2hLamZIMk5NTTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjATBAIAATANMAsDAwCwewME
ArB7CDAPBAIAAjAJAwcAIAEGeAbUMA0GCSqGSIb3DQEBCwUAA4IBAQAgkrXWfyPE
HH4AUzZWamo15zvDAJjiBCn2DHQP+u/3cy4ZH6FoUPyq1VWrt+16kVimqoJ/tfMR
51ad/8dW/JVgN0UOC9eZP987/pfuAVefE1KISKKL3XUk0AdF+gLHCSlrKroc0iJT
Rltn95y8N5Dc2G6yq8A2vue84xWV1jHxDxdBU11SiEnMZA2KS6pNr5yR5Hzahrwa
47bKVCHHmwHHlg5pnEFY5QLEJYNM9dQBPAfPb1tGDKuIgTqMoONR5KASkh/Dm2cr
TC5lHVq+KNEDb6jmRCX8E9nzXIhtyx4CHlvVfDnGgHvc4Br/6JX7ghz6888poGlo
uGNwpCTRpWa8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:37 2024 by rpki-client on console-ams.rpki-client.org