Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/0cCcJ2zgY9xWqj0mjvA9ML0FwiM.roa
File: 0cCcJ2zgY9xWqj0mjvA9ML0FwiM.roa (raw, json)
Hash identifier: KCghjzJdCa41d6TvOpClmi7Ms6N8qbaXWezraukK4fs=
Subject key identifier: D1:C0:9C:27:6C:E0:63:DC:56:AA:3D:26:8E:F0:3D:30:BD:05:C2:23
Certificate issuer: /CN=1196f87d5decfcbf04450b5fcf65b5b345f22464
Certificate serial: 018571150BFA43150D5555F2DD026A8ADA5A
Authority key identifier: 11:96:F8:7D:5D:EC:FC:BF:04:45:0B:5F:CF:65:B5:B3:45:F2:24:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EZb4fV3s_L8ERQtfz2W1s0XyJGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/0cCcJ2zgY9xWqj0mjvA9ML0FwiM.roa
Signing time: Mon 02 Jan 2023 06:04:42 +0000
ROA not before: Mon 02 Jan 2023 06:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205394
IP address blocks: 139.28.100.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:0b:fa:43:15:0d:55:55:f2:dd:02:6a:8a:da:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1196f87d5decfcbf04450b5fcf65b5b345f22464
Validity
Not Before: Jan 2 06:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1c09c276ce063dc56aa3d268ef03d30bd05c223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1e:23:6d:f4:76:c6:3e:7d:22:8f:62:5c:28:
cf:62:3e:84:42:dc:fa:48:9c:e6:ff:60:6e:ee:f6:
20:d6:5f:42:4c:8b:98:24:5a:cd:0d:9a:0c:e8:9c:
91:51:16:7c:d2:3d:58:e3:57:f8:71:93:e0:9d:a6:
e8:96:78:ac:73:8f:db:a3:7e:bf:5a:29:c0:8c:ed:
27:4e:5c:f8:f6:5d:17:27:90:43:99:21:fe:76:18:
6f:18:40:80:f7:99:f8:2d:86:2f:9f:e1:b5:c7:ef:
06:1e:48:b2:41:67:ca:b3:9b:c1:20:39:76:75:80:
73:0e:94:1b:87:a0:70:9a:62:57:9e:7c:fb:a4:91:
f6:79:ec:31:e7:fe:b6:c9:0d:c9:17:64:1b:3b:7c:
65:f4:7d:1b:eb:ce:31:08:d4:c8:1f:89:9f:99:dd:
10:50:fb:8c:6b:42:85:81:2f:5b:45:77:53:b9:b1:
9c:00:b8:31:67:5a:cd:a5:f9:60:c5:77:37:00:15:
96:93:d8:06:ef:a4:1b:c2:ff:f3:dd:56:3a:67:49:
d0:1d:a2:5c:47:80:65:7a:64:68:9e:8f:75:67:73:
f3:30:95:57:fd:58:dd:01:e0:f9:67:ae:21:46:44:
c2:c5:7d:6e:6e:c4:06:cd:d6:f2:aa:c6:74:3f:8e:
ff:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C0:9C:27:6C:E0:63:DC:56:AA:3D:26:8E:F0:3D:30:BD:05:C2:23
X509v3 Authority Key Identifier:
keyid:11:96:F8:7D:5D:EC:FC:BF:04:45:0B:5F:CF:65:B5:B3:45:F2:24:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EZb4fV3s_L8ERQtfz2W1s0XyJGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/0cCcJ2zgY9xWqj0mjvA9ML0FwiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/EZb4fV3s_L8ERQtfz2W1s0XyJGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.100.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:b2:65:55:7d:fb:8c:8d:65:75:a0:be:42:a1:0f:83:d0:97:
82:d7:36:b4:68:28:24:09:ba:8a:7b:1a:53:f6:e4:15:0e:23:
b3:43:b4:50:de:58:87:59:79:ff:c6:19:c6:c8:d3:09:07:69:
44:32:ff:28:2c:2c:1e:41:08:37:fa:10:c1:9a:b4:a0:f2:47:
8e:c2:d7:f5:2d:e3:ec:2b:a0:27:5b:d4:3e:a5:f1:37:43:9f:
61:13:35:53:80:54:55:ea:be:b5:6e:3d:ed:47:03:a1:78:c3:
5e:0d:86:4d:fa:7d:63:14:a9:d1:d7:8d:06:02:3b:01:c7:5d:
d7:7d:1c:fd:79:42:f2:7e:a8:01:22:00:d7:0a:76:17:29:e6:
6b:0b:a4:84:3b:97:7f:26:47:cf:7e:bb:64:aa:79:1f:5f:1f:
19:55:1c:f9:0f:2d:52:e2:40:cf:06:3f:2b:2a:0e:64:f0:28:
00:81:59:bb:ed:37:34:e7:b1:75:cf:e2:0a:7d:04:6f:7b:3b:
00:18:3f:9e:f9:9d:15:63:65:33:c5:e6:cb:b4:a1:62:af:65:
59:1f:47:b7:ed:60:ba:61:c4:fb:a9:f5:49:e0:ca:b1:ee:e5:
2f:1d:b3:09:d7:25:48:91:6c:5d:88:9b:d2:ef:e9:b8:b0:67:
98:02:4a:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFQv6QxUNVVXy3QJqitpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExOTZmODdkNWRlY2ZjYmYwNDQ1MGI1ZmNmNjViNWIzNDVm
MjI0NjQwHhcNMjMwMTAyMDYwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWMwOWMyNzZjZTA2M2RjNTZhYTNkMjY4ZWYwM2QzMGJkMDVjMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx4jbfR2xj59Io9iXCjPYj6EQtz6
SJzm/2Bu7vYg1l9CTIuYJFrNDZoM6JyRURZ80j1Y41f4cZPgnabolnisc4/bo36/
WinAjO0nTlz49l0XJ5BDmSH+dhhvGECA95n4LYYvn+G1x+8GHkiyQWfKs5vBIDl2
dYBzDpQbh6BwmmJXnnz7pJH2eewx5/62yQ3JF2QbO3xl9H0b684xCNTIH4mfmd0Q
UPuMa0KFgS9bRXdTubGcALgxZ1rNpflgxXc3ABWWk9gG76Qbwv/z3VY6Z0nQHaJc
R4BlemRono91Z3PzMJVX/VjdAeD5Z64hRkTCxX1ubsQGzdbyqsZ0P47/OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHAnCds4GPcVqo9Jo7wPTC9BcIjMB8GA1UdIwQY
MBaAFBGW+H1d7Py/BEULX89ltbNF8iRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVpiNGZWM3NfTDhFUlF0ZnoyVzFzMFh5SkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84ZjVlZjAtOWEyNS00OTQ2LWFhNzEt
MGQzMzkyYTllYjkzLzEvMGNDY0oyemdZOXhXcWowbWp2QTlNTDBGd2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84ZjVlZjAtOWEyNS00OTQ2LWFhNzEtMGQzMzkyYTllYjkz
LzEvRVpiNGZWM3NfTDhFUlF0ZnoyVzFzMFh5SkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixxkMA0G
CSqGSIb3DQEBCwUAA4IBAQBesmVVffuMjWV1oL5CoQ+D0JeC1za0aCgkCbqKexpT
9uQVDiOzQ7RQ3liHWXn/xhnGyNMJB2lEMv8oLCweQQg3+hDBmrSg8keOwtf1LePs
K6AnW9Q+pfE3Q59hEzVTgFRV6r61bj3tRwOheMNeDYZN+n1jFKnR140GAjsBx13X
fRz9eULyfqgBIgDXCnYXKeZrC6SEO5d/JkfPfrtkqnkfXx8ZVRz5Dy1S4kDPBj8r
Kg5k8CgAgVm77Tc057F1z+IKfQRvezsAGD+e+Z0VY2UzxebLtKFir2VZH0e37WC6
YcT7qfVJ4Mqx7uUvHbMJ1yVIkWxdiJvS7+m4sGeYAkqY
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:49 2024 by rpki-client on console-ams.rpki-client.org