Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/x9I-BqNakIFFkQRRRGyqpbFe_R8.roa
File: x9I-BqNakIFFkQRRRGyqpbFe_R8.roa (raw, json)
Hash identifier: rstuTzxHly60UoecFMmsedkhARpdAi50o2tA5l/SgQw=
Subject key identifier: C7:D2:3E:06:A3:5A:90:81:45:91:04:51:44:6C:AA:A5:B1:5E:FD:1F
Certificate issuer: /CN=9bff15278f53f7761c2f3d33dd9be77a8a4fbd94
Certificate serial: 0185DDA8B7D9B49754E58F3FC43BAD9F803D
Authority key identifier: 9B:FF:15:27:8F:53:F7:76:1C:2F:3D:33:DD:9B:E7:7A:8A:4F:BD:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m_8VJ49T93YcLz0z3ZvneopPvZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/x9I-BqNakIFFkQRRRGyqpbFe_R8.roa
Signing time: Mon 23 Jan 2023 08:04:59 +0000
ROA not before: Mon 23 Jan 2023 08:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12297
IP address blocks: 178.160.245.0/24 maxlen: 24
178.160.248.0/22 maxlen: 24
178.160.251.0/24 maxlen: 24
178.160.252.0/22 maxlen: 24
46.70.0.0/15 maxlen: 24
87.241.128.0/18 maxlen: 24
178.160.192.0/18 maxlen: 24
212.73.64.0/19 maxlen: 24
2a00:f38:0:111e::/64 maxlen: 64
2a00:f38:0:111c::/64 maxlen: 64
2a00:f38:0:111d::/64 maxlen: 64
2a00:f38::/29 maxlen: 64
2a00:f38:0:101d::/64 maxlen: 64
2a00:f38::/32 maxlen: 64
2a00:f38:0:111f::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 24 Jan 2023 07:53:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:a8:b7:d9:b4:97:54:e5:8f:3f:c4:3b:ad:9f:80:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bff15278f53f7761c2f3d33dd9be77a8a4fbd94
Validity
Not Before: Jan 23 08:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7d23e06a35a908145910451446caaa5b15efd1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:32:2f:0b:3d:e4:6f:da:1d:a0:0a:2b:49:f8:
6e:b9:fb:5d:b3:d1:8a:3e:9d:25:ce:9d:fd:aa:75:
e9:02:3b:0c:43:e6:52:e4:d2:b9:91:f9:f4:4a:2f:
f1:7e:b1:d3:c4:60:9b:dd:39:31:e1:80:16:34:ac:
39:74:b1:8d:04:2f:7c:2c:62:b8:00:9b:e7:29:51:
99:8e:90:5c:f0:db:82:d0:46:54:64:61:7b:59:28:
09:a8:0a:d7:a4:b6:b0:99:74:c7:93:3b:ad:da:35:
af:61:88:9f:56:49:2c:b7:39:54:3d:e5:83:35:cc:
c3:f4:0e:c2:3c:b3:b8:74:6b:04:85:a4:48:fb:b0:
a9:49:62:ae:4a:12:50:8b:79:ef:d7:c9:c7:46:72:
1f:ae:a0:28:cb:57:1f:c0:9c:44:07:73:e3:37:62:
53:e7:a5:5e:e1:7e:ec:08:7c:8f:e7:f1:35:6b:be:
51:e4:22:29:29:b0:5b:a4:79:28:f0:12:f7:b7:13:
8c:2c:9f:a6:76:4e:46:4c:a7:68:04:b6:30:75:93:
a5:ad:99:ad:d1:39:cc:0a:9d:d8:a8:b8:2b:e1:30:
0c:2e:c3:23:b4:b4:48:a1:85:b2:9d:59:46:6b:c7:
bf:0c:4e:89:85:2c:f2:18:3a:6c:f7:e4:be:e3:dd:
5b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D2:3E:06:A3:5A:90:81:45:91:04:51:44:6C:AA:A5:B1:5E:FD:1F
X509v3 Authority Key Identifier:
keyid:9B:FF:15:27:8F:53:F7:76:1C:2F:3D:33:DD:9B:E7:7A:8A:4F:BD:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m_8VJ49T93YcLz0z3ZvneopPvZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/x9I-BqNakIFFkQRRRGyqpbFe_R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/m_8VJ49T93YcLz0z3ZvneopPvZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.70.0.0/15
87.241.128.0/18
178.160.192.0/18
212.73.64.0/19
IPv6:
2a00:f38::/29
Signature Algorithm: sha256WithRSAEncryption
7d:cc:b7:28:dd:e9:55:17:32:76:cc:77:9e:e1:d4:b5:cc:8b:
b7:a4:29:90:d8:8f:d1:06:67:47:33:e1:d4:2a:f8:5c:c9:d3:
b1:5b:48:22:24:8d:33:0a:89:71:09:c9:64:e5:56:6c:e3:b8:
36:f5:12:b6:1d:30:b9:f2:a9:79:e7:8b:1a:ba:a8:f1:34:2c:
95:c2:ec:07:b1:82:d4:38:73:b9:0d:2d:53:60:99:f8:99:59:
b6:a9:6b:bc:9e:d2:38:ad:71:af:8e:19:89:87:ec:fe:a5:bf:
ea:44:7a:8b:56:0a:0c:a9:b7:af:63:56:a4:ec:9a:e2:89:de:
01:03:62:5e:98:37:47:56:05:a2:5d:ed:ce:d5:6c:45:3e:60:
82:09:fe:0e:3d:b6:9c:77:b0:dc:17:ac:a6:35:24:12:32:e6:
1b:a8:09:f5:87:f0:63:14:10:9c:b2:12:59:e9:07:50:ed:d0:
7e:ae:14:1b:79:e5:68:e5:72:1d:c1:98:c3:5d:7c:33:33:97:
d5:c9:62:00:81:a0:af:ff:c9:65:eb:03:3a:d0:9f:24:05:9f:
28:62:54:34:d4:ae:34:a0:24:a9:16:47:ed:ba:33:d6:01:29:
cf:d3:98:0e:f6:80:a7:1a:32:f4:55:55:bc:02:ed:e6:4d:bd:
7d:fa:13:d7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYXdqLfZtJdU5Y8/xDutn4A9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZmYxNTI3OGY1M2Y3NzYxYzJmM2QzM2RkOWJlNzdhOGE0
ZmJkOTQwHhcNMjMwMTIzMDgwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2QyM2UwNmEzNWE5MDgxNDU5MTA0NTE0NDZjYWFhNWIxNWVmZDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjIvCz3kb9odoAorSfhuuftds9GK
Pp0lzp39qnXpAjsMQ+ZS5NK5kfn0Si/xfrHTxGCb3Tkx4YAWNKw5dLGNBC98LGK4
AJvnKVGZjpBc8NuC0EZUZGF7WSgJqArXpLawmXTHkzut2jWvYYifVkkstzlUPeWD
NczD9A7CPLO4dGsEhaRI+7CpSWKuShJQi3nv18nHRnIfrqAoy1cfwJxEB3PjN2JT
56Ve4X7sCHyP5/E1a75R5CIpKbBbpHko8BL3txOMLJ+mdk5GTKdoBLYwdZOlrZmt
0TnMCp3YqLgr4TAMLsMjtLRIoYWynVlGa8e/DE6JhSzyGDps9+S+491b2wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMfSPgajWpCBRZEEUURsqqWxXv0fMB8GA1UdIwQY
MBaAFJv/FSePU/d2HC89M92b53qKT72UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbV84Vko0OVQ5M1ljTHowejNadm5lb3BQdlpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hYTdiMzMtZGVlYi00YWJkLWI4ZDIt
NTY5NzI0OWY1MTI0LzEveDlJLUJxTmFrSUZGa1FSUlJHeXFwYkZlX1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hYTdiMzMtZGVlYi00YWJkLWI4ZDItNTY5NzI0OWY1MTI0
LzEvbV84Vko0OVQ5M1ljTHowejNadm5lb3BQdlpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMBLkYDBAZX
8YADBAayoMADBAXUSUAwDQQCAAIwBwMFAyoADzgwDQYJKoZIhvcNAQELBQADggEB
AH3Mtyjd6VUXMnbMd57h1LXMi7ekKZDYj9EGZ0cz4dQq+FzJ07FbSCIkjTMKiXEJ
yWTlVmzjuDb1ErYdMLnyqXnnixq6qPE0LJXC7AexgtQ4c7kNLVNgmfiZWbapa7ye
0jitca+OGYmH7P6lv+pEeotWCgypt69jVqTsmuKJ3gEDYl6YN0dWBaJd7c7VbEU+
YIIJ/g49tpx3sNwXrKY1JBIy5huoCfWH8GMUEJyyElnpB1Dt0H6uFBt55Wjlch3B
mMNdfDMzl9XJYgCBoK//yWXrAzrQnyQFnyhiVDTUrjSgJKkWR+26M9YBKc/TmA72
gKcaMvRVVbwC7eZNvX36E9c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:27 2024 by rpki-client on console-fra.rpki-client.org