Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/8EsdCtXzxG7SAC0Y3moiAySVv-E.roa
File: 8EsdCtXzxG7SAC0Y3moiAySVv-E.roa (raw, json)
Hash identifier: W7DcpvVsuR1mhZ8SKgnrFt3tIyeQZ1cUrkhkryRxj5Q=
Subject key identifier: F0:4B:1D:0A:D5:F3:C4:6E:D2:00:2D:18:DE:6A:22:03:24:95:BF:E1
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 0191EDA39FDD9155AFCDB92BDC4FA61CDFD5
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/8EsdCtXzxG7SAC0Y3moiAySVv-E.roa
Signing time: Fri 13 Sep 2024 23:06:49 +0000
ROA not before: Fri 13 Sep 2024 23:06:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 146.255.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ed:a3:9f:dd:91:55:af:cd:b9:2b:dc:4f:a6:1c:df:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Sep 13 23:06:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f04b1d0ad5f3c46ed2002d18de6a22032495bfe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fd:8f:58:ba:12:c0:9e:21:dc:ef:ea:82:8a:
6f:fe:93:88:7b:d5:51:11:5a:50:c6:db:2d:f7:3b:
d5:c6:ce:4c:71:15:9a:63:25:2d:5f:ab:38:f1:3b:
03:5c:5b:69:12:27:81:66:43:a5:74:7f:d0:4e:88:
ef:60:cf:6b:fd:07:7d:a5:75:ef:f4:a5:28:f0:cc:
1b:6c:cf:23:64:9b:5c:82:28:b7:5b:37:99:16:80:
ab:b2:f7:e3:19:30:77:df:45:27:74:9c:30:5e:8c:
32:a8:32:86:7e:c7:35:49:fd:2e:59:71:5e:0f:ad:
21:6d:62:4c:e8:f0:e0:fb:02:e0:a9:fa:e7:7f:57:
cd:54:0e:29:e7:eb:9b:dc:0e:1a:4f:b5:40:43:a3:
dd:c1:07:65:be:3b:c2:d1:57:d1:bc:a1:71:8c:3a:
1e:a4:36:d8:fb:e3:dd:d8:ce:c3:9a:fe:b6:2d:b9:
40:6f:51:56:8d:17:53:ea:6e:5b:1b:90:64:35:d8:
2d:08:f5:64:38:d1:53:6c:44:15:7e:69:63:cb:8b:
10:77:ea:ba:90:5a:09:06:1a:5d:10:ff:31:55:ef:
80:d0:ac:88:bf:44:9e:b7:63:b3:a1:db:9a:12:13:
9f:90:7e:ff:b3:5d:92:2b:68:df:d4:fb:ea:20:28:
1c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:4B:1D:0A:D5:F3:C4:6E:D2:00:2D:18:DE:6A:22:03:24:95:BF:E1
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/8EsdCtXzxG7SAC0Y3moiAySVv-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.32.0/22
Signature Algorithm: sha256WithRSAEncryption
39:0e:92:e6:f3:a7:9a:61:7b:21:79:6b:37:bc:49:75:72:ec:
16:35:2f:d1:e8:ae:85:96:f7:a7:8a:13:7d:aa:46:bc:72:df:
c7:e8:c7:d8:9a:86:f8:b1:f2:2a:61:cb:e4:bc:e5:c5:6b:86:
a9:de:f5:0a:71:b7:82:2f:df:1a:df:e5:6d:1a:5d:02:b9:c9:
0c:7b:dc:3b:f7:bb:6e:c3:7a:d4:99:d8:d2:1d:25:72:67:fc:
10:0a:4c:ab:ba:fa:33:eb:84:b1:fa:af:8f:2e:c6:1b:f5:27:
6d:33:ce:f8:50:d9:25:36:b9:b5:3b:4a:53:0e:63:82:16:6e:
a5:b8:73:22:d4:70:60:a2:53:73:0b:97:94:4c:52:61:72:45:
f7:2a:8e:ac:fc:a1:f9:34:d9:e0:f7:cf:6b:38:7e:28:af:41:
85:19:e4:e9:15:2c:29:73:1e:84:05:8b:55:3b:cc:c1:ef:72:
1e:a3:ef:26:16:d2:73:90:42:37:a3:e3:46:b2:93:f6:8e:b9:
73:23:ae:ca:4a:d0:e8:f9:2f:1c:e9:b9:ba:af:1c:16:57:3e:
06:c2:f4:6b:19:5f:86:d9:c2:fc:d6:d0:92:77:3c:b9:1d:2d:
58:d7:5f:6f:82:92:42:e9:9c:21:14:f5:6b:60:27:3e:d4:1a:
89:e0:37:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHto5/dkVWvzbkr3E+mHN/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwOTEzMjMwNjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDRiMWQwYWQ1ZjNjNDZlZDIwMDJkMThkZTZhMjIwMzI0OTViZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1f2PWLoSwJ4h3O/qgopv/pOIe9VR
EVpQxtst9zvVxs5McRWaYyUtX6s48TsDXFtpEieBZkOldH/QTojvYM9r/Qd9pXXv
9KUo8MwbbM8jZJtcgii3WzeZFoCrsvfjGTB330UndJwwXowyqDKGfsc1Sf0uWXFe
D60hbWJM6PDg+wLgqfrnf1fNVA4p5+ub3A4aT7VAQ6PdwQdlvjvC0VfRvKFxjDoe
pDbY++Pd2M7Dmv62LblAb1FWjRdT6m5bG5BkNdgtCPVkONFTbEQVfmljy4sQd+q6
kFoJBhpdEP8xVe+A0KyIv0Set2OzoduaEhOfkH7/s12SK2jf1PvqICgcPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBLHQrV88Ru0gAtGN5qIgMklb/hMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvOEVzZEN0WHp4RzdTQUMwWTNtb2lBeVNWdi1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkv8gMA0G
CSqGSIb3DQEBCwUAA4IBAQA5DpLm86eaYXsheWs3vEl1cuwWNS/R6K6FlvenihN9
qka8ct/H6MfYmob4sfIqYcvkvOXFa4ap3vUKcbeCL98a3+VtGl0CuckMe9w797tu
w3rUmdjSHSVyZ/wQCkyruvoz64Sx+q+PLsYb9SdtM874UNklNrm1O0pTDmOCFm6l
uHMi1HBgolNzC5eUTFJhckX3Ko6s/KH5NNng989rOH4or0GFGeTpFSwpcx6EBYtV
O8zB73Ieo+8mFtJzkEI3o+NGspP2jrlzI67KStDo+S8c6bm6rxwWVz4GwvRrGV+G
2cL81tCSdzy5HS1Y119vgpJC6ZwhFPVrYCc+1BqJ4Ddv
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:19:26 2025 by rpki-client