Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/9n35izxO-URltrPDAmjsRYcHSOo.roa
File: 9n35izxO-URltrPDAmjsRYcHSOo.roa (raw, json)
Hash identifier: UufXJnYm5j7+0ClhpFW7YMoMyxzG8ziSg+MdhCPwfO8=
Subject key identifier: F6:7D:F9:8B:3C:4E:F9:44:65:B6:B3:C3:02:68:EC:45:87:07:48:EA
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 019281BA21C6569B64A8818DCF02E86862B0
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/9n35izxO-URltrPDAmjsRYcHSOo.roa
Signing time: Sat 12 Oct 2024 17:15:12 +0000
ROA not before: Sat 12 Oct 2024 17:15:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 43.240.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Oct 2024 15:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:81:ba:21:c6:56:9b:64:a8:81:8d:cf:02:e8:68:62:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Oct 12 17:15:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f67df98b3c4ef94465b6b3c30268ec45870748ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bb:58:ed:89:77:a8:2a:2d:3a:22:e1:1a:5d:
d0:7b:e4:38:79:bc:90:1f:d5:78:28:71:b2:7a:0d:
8f:5a:e5:01:75:42:a7:64:26:55:7c:b6:b4:19:b9:
73:15:1b:5a:80:59:df:8e:2a:11:b7:93:15:e8:17:
59:d5:2a:29:aa:15:f9:86:e6:f3:90:2b:f9:7e:fd:
7a:c8:b1:2e:f9:ed:86:ac:a9:72:df:67:d8:29:fc:
37:b0:2e:fc:c9:bf:2b:d5:d4:e9:a5:92:93:b1:6c:
d7:6f:2f:de:d5:dd:e3:33:a9:89:47:87:d2:c6:fa:
0f:b8:55:81:7b:d2:b6:9d:b8:5e:4f:bc:c7:71:d6:
c2:50:5d:c6:3d:33:29:81:99:e8:3f:04:cf:31:12:
66:e1:39:72:7e:48:af:ce:3b:bc:65:62:74:e3:3f:
3a:59:01:b4:b1:9f:c8:65:d6:4f:9b:25:1f:7b:35:
e2:53:92:7b:92:d3:bd:4c:71:88:8b:86:37:e2:a7:
51:f4:99:4e:2c:91:cc:79:93:e1:c6:cb:55:d1:93:
d2:d8:a3:f1:81:88:68:62:1c:df:0c:96:64:27:65:
58:86:2d:2d:3f:dd:cf:2d:6a:97:26:23:26:c0:84:
38:8e:78:0e:22:c7:2f:33:ee:94:ea:64:eb:9e:54:
42:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:7D:F9:8B:3C:4E:F9:44:65:B6:B3:C3:02:68:EC:45:87:07:48:EA
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/9n35izxO-URltrPDAmjsRYcHSOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.150.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:79:fb:d5:83:00:bb:e1:57:36:49:f6:87:5f:b3:c9:f9:7a:
fd:33:ee:36:94:e9:67:6e:ed:27:ac:f4:56:11:2f:00:70:bf:
05:2c:33:e8:df:f2:39:60:86:39:77:40:8a:bb:ac:c8:14:2a:
a9:07:f1:dc:ee:79:8d:a4:12:d3:82:5b:34:1d:d1:e0:28:c3:
b4:30:5c:17:ee:ee:9b:7a:26:21:c9:6a:b5:3d:b7:4f:31:e7:
b8:f9:ee:9f:9b:1f:c1:e1:a9:a3:41:17:da:14:93:db:23:2e:
9a:45:c1:de:69:68:81:57:2a:44:34:12:de:84:ac:7c:f3:ca:
b5:67:68:a9:70:11:ba:49:01:b5:a4:f4:a6:8a:a9:97:d2:c4:
c0:f5:d3:6b:a5:18:0d:e2:6c:d7:3a:51:c2:5b:a9:c8:6e:14:
f7:6b:1a:34:84:c9:73:af:10:f9:1e:fe:0e:d8:e9:3b:1e:25:
7a:d5:e0:c8:dc:75:7e:09:20:2e:ff:30:a8:c5:2f:59:1d:8d:
89:5e:f0:f0:03:ef:57:40:b7:f9:89:96:cd:04:60:8f:cc:17:
83:e1:45:e3:b3:23:94:f5:99:b8:a2:57:f6:0f:12:a4:ae:b2:
96:32:6e:f3:51:0d:42:59:8c:0c:74:3c:c7:0b:e1:dd:06:4b:
86:8b:b0:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKBuiHGVptkqIGNzwLoaGKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQxMDEyMTcxNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjdkZjk4YjNjNGVmOTQ0NjViNmIzYzMwMjY4ZWM0NTg3MDc0OGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurtY7Yl3qCotOiLhGl3Qe+Q4ebyQ
H9V4KHGyeg2PWuUBdUKnZCZVfLa0GblzFRtagFnfjioRt5MV6BdZ1SopqhX5hubz
kCv5fv16yLEu+e2GrKly32fYKfw3sC78yb8r1dTppZKTsWzXby/e1d3jM6mJR4fS
xvoPuFWBe9K2nbheT7zHcdbCUF3GPTMpgZnoPwTPMRJm4Tlyfkivzju8ZWJ04z86
WQG0sZ/IZdZPmyUfezXiU5J7ktO9THGIi4Y34qdR9JlOLJHMeZPhxstV0ZPS2KPx
gYhoYhzfDJZkJ2VYhi0tP93PLWqXJiMmwIQ4jngOIscvM+6U6mTrnlRCEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZ9+Ys8TvlEZbazwwJo7EWHB0jqMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvOW4zNWl6eE8tVVJsdHJQREFtanNSWWNIU09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK/CWMA0G
CSqGSIb3DQEBCwUAA4IBAQChefvVgwC74Vc2SfaHX7PJ+Xr9M+42lOlnbu0nrPRW
ES8AcL8FLDPo3/I5YIY5d0CKu6zIFCqpB/Hc7nmNpBLTgls0HdHgKMO0MFwX7u6b
eiYhyWq1PbdPMee4+e6fmx/B4amjQRfaFJPbIy6aRcHeaWiBVypENBLehKx888q1
Z2ipcBG6SQG1pPSmiqmX0sTA9dNrpRgN4mzXOlHCW6nIbhT3axo0hMlzrxD5Hv4O
2Ok7HiV61eDI3HV+CSAu/zCoxS9ZHY2JXvDwA+9XQLf5iZbNBGCPzBeD4UXjsyOU
9Zm4olf2DxKkrrKWMm7zUQ1CWYwMdDzHC+HdBkuGi7DH
-----END CERTIFICATE-----
Generated at Sun Oct 20 17:47:47 2024 by rpki-client on console-fra.rpki-client.org