Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/8bcaba-38ad-4051-b414-94d37e9595c1/1/4i4PYEpZ9Xw_m7jhjQu7BRX6taQ.roa
File: 4i4PYEpZ9Xw_m7jhjQu7BRX6taQ.roa (raw, json)
Hash identifier: UStPG0MOHMwFdpCrmElosZma7Yo3edb6BI+BiP1g5U0=
Subject key identifier: E2:2E:0F:60:4A:59:F5:7C:3F:9B:B8:E1:8D:0B:BB:05:15:FA:B5:A4
Certificate issuer: /CN=3d8afec17a41b39dbf69013eca167bdf63aa865d
Certificate serial: 018ACC192F38D965B33BA8E1FF06136071B1
Authority key identifier: 3D:8A:FE:C1:7A:41:B3:9D:BF:69:01:3E:CA:16:7B:DF:63:AA:86:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYr-wXpBs52_aQE-yhZ732Oqhl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/8bcaba-38ad-4051-b414-94d37e9595c1/1/4i4PYEpZ9Xw_m7jhjQu7BRX6taQ.roa
Signing time: Mon 25 Sep 2023 11:28:37 +0000
ROA not before: Mon 25 Sep 2023 11:28:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41337
IP address blocks: 194.9.2.0/23 maxlen: 23
2a07:2fc0::/48 maxlen: 48
2a07:2fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:19:2f:38:d9:65:b3:3b:a8:e1:ff:06:13:60:71:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8afec17a41b39dbf69013eca167bdf63aa865d
Validity
Not Before: Sep 25 11:28:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e22e0f604a59f57c3f9bb8e18d0bbb0515fab5a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:18:2c:75:11:f2:66:13:f9:2b:9d:fc:67:a5:
b5:df:d7:c2:23:e9:69:51:58:c2:38:ab:c7:eb:35:
ea:36:30:c8:ea:43:7b:f7:81:bf:d2:1f:bd:f5:4e:
90:69:49:88:78:0c:d2:68:27:26:fd:4b:22:b0:27:
87:a7:b9:b6:bc:22:c1:46:ce:ac:1c:ef:2e:16:d1:
dd:2c:8a:70:b4:e6:8b:eb:bd:63:12:40:62:f3:0a:
3d:51:36:c7:bc:d5:0e:77:65:bf:33:5a:1b:65:09:
b0:dd:36:78:16:e0:7f:5a:ad:62:06:9f:f9:85:99:
75:a0:30:26:01:16:d8:91:e1:1b:5b:e0:4c:80:67:
0e:b7:f8:55:e5:e1:ae:81:f2:f4:4f:2e:7d:e7:ea:
7b:4b:fd:63:36:52:d0:c4:b4:1a:70:a9:80:35:ec:
4d:be:e5:86:01:b9:2d:b1:e2:9f:3e:7d:dd:1e:bd:
46:19:85:5b:21:dc:37:57:ae:15:e1:7b:8b:fc:59:
7c:ca:a7:09:4b:4e:4d:d6:d9:ac:2a:34:30:7e:4e:
07:0c:91:02:68:09:2f:78:32:1f:92:cd:8c:86:15:
c0:19:54:9c:35:60:c3:41:8c:ad:16:f0:1a:b7:ff:
3d:78:bc:a8:4e:00:9a:ff:c3:ac:08:cc:a0:db:84:
c1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:2E:0F:60:4A:59:F5:7C:3F:9B:B8:E1:8D:0B:BB:05:15:FA:B5:A4
X509v3 Authority Key Identifier:
keyid:3D:8A:FE:C1:7A:41:B3:9D:BF:69:01:3E:CA:16:7B:DF:63:AA:86:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYr-wXpBs52_aQE-yhZ732Oqhl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/8bcaba-38ad-4051-b414-94d37e9595c1/1/4i4PYEpZ9Xw_m7jhjQu7BRX6taQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/8bcaba-38ad-4051-b414-94d37e9595c1/1/PYr-wXpBs52_aQE-yhZ732Oqhl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.2.0/23
IPv6:
2a07:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:ce:de:e5:b3:0a:c4:04:ee:20:ae:ad:d1:6f:99:b2:ad:09:
fa:ae:ac:43:df:3f:df:19:da:c1:57:62:a8:54:12:c4:e3:6c:
90:9a:b8:74:5f:08:34:15:47:cf:8c:c2:99:8f:23:6a:01:bf:
d7:88:ec:73:9c:79:73:67:91:ef:af:3c:aa:f4:e6:2b:8c:17:
e5:75:04:81:3a:a5:8f:0f:da:2a:35:bc:d9:ad:f9:d4:94:81:
51:79:88:5d:c8:e5:79:17:7c:50:f5:de:11:6c:a4:b1:38:74:
43:51:58:77:64:ef:8e:f8:7c:d7:74:ad:10:99:55:2b:a9:c6:
1f:43:f6:f9:c6:12:cf:40:1d:11:96:10:10:3a:e7:14:8d:1e:
b7:a0:a5:bd:75:42:97:07:3c:26:4f:d0:ca:5e:c5:20:b2:4b:
bc:7b:ee:a6:27:3d:b8:4f:25:e0:5f:b5:d8:c7:cd:36:9e:19:
55:66:04:81:d1:89:d1:e7:23:b0:36:2b:4b:e6:f9:9a:01:3f:
8c:30:ca:f2:a1:5c:91:c1:b9:1b:86:6e:12:03:fc:0c:8f:8a:
88:53:0f:f4:06:e3:05:a7:db:d0:b5:be:d6:f2:15:a2:04:94:
f2:2f:f7:bd:46:50:80:48:76:7d:84:07:73:b3:87:6c:c7:e2:
37:da:08:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrMGS842WWzO6jh/wYTYHGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGFmZWMxN2E0MWIzOWRiZjY5MDEzZWNhMTY3YmRmNjNh
YTg2NWQwHhcNMjMwOTI1MTEyODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjJlMGY2MDRhNTlmNTdjM2Y5YmI4ZTE4ZDBiYmIwNTE1ZmFiNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghgsdRHyZhP5K538Z6W139fCI+lp
UVjCOKvH6zXqNjDI6kN794G/0h+99U6QaUmIeAzSaCcm/UsisCeHp7m2vCLBRs6s
HO8uFtHdLIpwtOaL671jEkBi8wo9UTbHvNUOd2W/M1obZQmw3TZ4FuB/Wq1iBp/5
hZl1oDAmARbYkeEbW+BMgGcOt/hV5eGugfL0Ty595+p7S/1jNlLQxLQacKmANexN
vuWGAbktseKfPn3dHr1GGYVbIdw3V64V4XuL/Fl8yqcJS05N1tmsKjQwfk4HDJEC
aAkveDIfks2MhhXAGVScNWDDQYytFvAat/89eLyoTgCa/8OsCMyg24TBpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOIuD2BKWfV8P5u44Y0LuwUV+rWkMB8GA1UdIwQY
MBaAFD2K/sF6QbOdv2kBPsoWe99jqoZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlyLXdYcEJzNTJfYVFFLXloWjczMk9xaGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84YmNhYmEtMzhhZC00MDUxLWI0MTQt
OTRkMzdlOTU5NWMxLzEvNGk0UFlFcFo5WHdfbTdqaGpRdTdCUlg2dGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84YmNhYmEtMzhhZC00MDUxLWI0MTQtOTRkMzdlOTU5NWMx
LzEvUFlyLXdYcEJzNTJfYVFFLXloWjczMk9xaGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwgkCMA0E
AgACMAcDBQMqBy/AMA0GCSqGSIb3DQEBCwUAA4IBAQAdzt7lswrEBO4grq3Rb5my
rQn6rqxD3z/fGdrBV2KoVBLE42yQmrh0Xwg0FUfPjMKZjyNqAb/XiOxznHlzZ5Hv
rzyq9OYrjBfldQSBOqWPD9oqNbzZrfnUlIFReYhdyOV5F3xQ9d4RbKSxOHRDUVh3
ZO+O+HzXdK0QmVUrqcYfQ/b5xhLPQB0RlhAQOucUjR63oKW9dUKXBzwmT9DKXsUg
sku8e+6mJz24TyXgX7XYx802nhlVZgSB0YnR5yOwNitL5vmaAT+MMMryoVyRwbkb
hm4SA/wMj4qIUw/0BuMFp9vQtb7W8hWiBJTyL/e9RlCASHZ9hAdzs4dsx+I32ghz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:09 2024 by rpki-client on console-ams.rpki-client.org