Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/H7TxC1Q4TVtLTFI-egn4fj-nOkI.roa
File: H7TxC1Q4TVtLTFI-egn4fj-nOkI.roa (raw, json)
Hash identifier: EZgL4ZbiIpFL5ZfF7tQb3YngU/x0BJ0bWMqJrB08Fcc=
Subject key identifier: 1F:B4:F1:0B:54:38:4D:5B:4B:4C:52:3E:7A:09:F8:7E:3F:A7:3A:42
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01857247007E7C456BB727816A1A20399D8F
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/H7TxC1Q4TVtLTFI-egn4fj-nOkI.roa
Signing time: Mon 02 Jan 2023 11:38:53 +0000
ROA not before: Mon 02 Jan 2023 11:38:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39558
IP address blocks: 5.8.20.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:00:7e:7c:45:6b:b7:27:81:6a:1a:20:39:9d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fb4f10b54384d5b4b4c523e7a09f87e3fa73a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4b:85:8d:58:e1:c6:0e:df:3f:4d:60:a4:96:
9a:30:e3:c6:1b:c1:49:ff:b2:4f:08:cd:84:77:6e:
df:68:bc:63:85:70:95:12:ff:6d:c9:33:19:49:51:
16:b4:db:18:7a:73:9c:c4:ce:05:c1:55:ef:43:b0:
06:a0:31:a6:0d:e4:56:ea:fd:55:97:5f:0f:97:e2:
a5:12:69:5d:99:5e:ea:e9:4f:d1:82:32:b5:32:5b:
cd:9a:26:15:3b:be:ad:78:e0:d1:a1:a4:08:4d:ba:
90:21:93:0e:09:98:f8:ae:91:92:85:6f:be:aa:3c:
6e:c4:25:04:17:34:2d:99:68:6a:82:a1:f0:8a:7b:
4d:5f:7b:4f:59:e7:39:fc:82:f2:c7:cc:49:0c:33:
dc:d5:1f:20:71:84:38:38:e0:ce:46:c1:b9:26:fc:
32:ab:c2:57:a1:6c:a0:bd:78:07:75:e0:5c:da:a1:
e6:b1:be:b9:e3:77:e0:81:57:1e:ca:e7:33:76:a3:
f9:0e:16:66:81:d3:bf:33:7a:90:8f:45:5a:4e:5c:
98:08:22:e5:cb:b8:c7:1a:51:f3:46:70:50:5c:a6:
e7:5f:99:c4:69:e5:b1:04:25:f5:42:07:10:dc:52:
1b:17:40:29:e1:43:b2:f3:ff:4e:ee:4e:a1:ff:a7:
b1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B4:F1:0B:54:38:4D:5B:4B:4C:52:3E:7A:09:F8:7E:3F:A7:3A:42
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/H7TxC1Q4TVtLTFI-egn4fj-nOkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.20.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:38:9e:74:3a:33:42:83:36:6e:1d:29:0a:af:c6:f0:ad:6e:
02:df:de:30:e3:1a:86:f0:36:23:9f:f1:0f:de:7e:62:91:8d:
00:40:27:51:c9:ba:a6:c3:0c:ae:fe:ef:64:eb:ca:1f:49:ff:
6d:38:c2:e9:18:84:c1:04:75:82:1f:ed:a4:96:c1:10:65:ba:
a5:67:ca:d6:f5:90:60:f6:43:a6:1f:a1:51:d3:5c:a9:91:b8:
ae:7e:b2:27:8f:77:53:9f:b3:46:99:99:c9:9a:2d:af:b9:71:
8f:cf:06:42:1e:4f:8b:0d:20:97:bc:0d:35:b1:3e:5f:c6:b5:
29:2c:8d:eb:9e:db:1f:fd:db:95:6e:29:8e:3b:7f:fc:85:b1:
4c:d1:0d:cd:10:4e:ac:38:a1:33:41:73:49:53:58:24:4f:16:
98:81:38:cd:32:61:1b:e5:38:03:87:53:bb:35:bc:20:8c:f2:
6c:09:46:07:55:55:1a:c9:0d:43:5e:1f:03:b3:94:bf:ec:7a:
8f:84:db:ea:64:47:fc:ba:74:a6:ed:3d:f3:8a:f4:4d:08:30:
ca:5b:6c:42:c8:ed:b1:c0:b9:70:ec:bc:0f:d7:ab:be:66:08:
6d:25:1f:a3:d8:2c:e0:4d:36:e3:b0:61:e7:e4:f4:a7:4f:28:
36:69:0f:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRwB+fEVrtyeBahogOZ2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmI0ZjEwYjU0Mzg0ZDViNGI0YzUyM2U3YTA5Zjg3ZTNmYTczYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEuFjVjhxg7fP01gpJaaMOPGG8FJ
/7JPCM2Ed27faLxjhXCVEv9tyTMZSVEWtNsYenOcxM4FwVXvQ7AGoDGmDeRW6v1V
l18Pl+KlEmldmV7q6U/RgjK1MlvNmiYVO76teODRoaQITbqQIZMOCZj4rpGShW++
qjxuxCUEFzQtmWhqgqHwintNX3tPWec5/ILyx8xJDDPc1R8gcYQ4OODORsG5Jvwy
q8JXoWygvXgHdeBc2qHmsb6543fggVceyuczdqP5DhZmgdO/M3qQj0VaTlyYCCLl
y7jHGlHzRnBQXKbnX5nEaeWxBCX1QgcQ3FIbF0Ap4UOy8/9O7k6h/6exYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+08QtUOE1bS0xSPnoJ+H4/pzpCMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvSDdUeEMxUTRUVnRMVEZJLWVnbjRmai1uT2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBQgUMA0G
CSqGSIb3DQEBCwUAA4IBAQCKOJ50OjNCgzZuHSkKr8bwrW4C394w4xqG8DYjn/EP
3n5ikY0AQCdRybqmwwyu/u9k68ofSf9tOMLpGITBBHWCH+2klsEQZbqlZ8rW9ZBg
9kOmH6FR01ypkbiufrInj3dTn7NGmZnJmi2vuXGPzwZCHk+LDSCXvA01sT5fxrUp
LI3rntsf/duVbimOO3/8hbFM0Q3NEE6sOKEzQXNJU1gkTxaYgTjNMmEb5TgDh1O7
NbwgjPJsCUYHVVUayQ1DXh8Ds5S/7HqPhNvqZEf8unSm7T3zivRNCDDKW2xCyO2x
wLlw7LwP16u+ZghtJR+j2CzgTTbjsGHn5PSnTyg2aQ++
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:25 2024 by rpki-client on console-fra.rpki-client.org