Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/scv9BP_jnMN6g-puUJk7e3r-9QY.roa
File: scv9BP_jnMN6g-puUJk7e3r-9QY.roa (raw, json)
Hash identifier: JJWSxgWRMRAO4abOYqnJks9X0zAdmYGujd2Buukz41s=
Subject key identifier: B1:CB:FD:04:FF:E3:9C:C3:7A:83:EA:6E:50:99:3B:7B:7A:FE:F5:06
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 01877B5292E9E90FF0299110A2A6C79111CD
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/scv9BP_jnMN6g-puUJk7e3r-9QY.roa
Signing time: Thu 13 Apr 2023 15:53:41 +0000
ROA not before: Thu 13 Apr 2023 15:53:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60257
IP address blocks: 145.255.240.0/21 maxlen: 24
185.24.12.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7b:52:92:e9:e9:0f:f0:29:91:10:a2:a6:c7:91:11:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Apr 13 15:53:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1cbfd04ffe39cc37a83ea6e50993b7b7afef506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:39:d3:a9:6c:48:27:a2:2e:6e:d2:6b:6b:53:
6a:bd:1d:21:f3:c6:b5:b8:bf:25:13:98:ba:14:ed:
3e:ec:b2:6b:3b:8a:36:41:27:1e:66:01:26:e3:4e:
7f:5f:3d:1a:46:2c:57:3a:4e:45:2e:20:89:95:58:
5d:3c:68:58:08:25:3c:f7:06:45:f4:a1:81:f9:31:
06:e9:05:f2:02:f1:65:67:bb:bc:ba:dd:fb:63:eb:
26:61:f1:5b:3e:9a:de:96:a3:ff:cc:5a:6e:db:86:
9a:c6:fa:a2:ed:4a:09:51:4c:f8:34:e7:f7:b6:ac:
b8:0e:84:f8:c3:a6:92:a4:67:93:58:56:e7:89:09:
a6:3c:4f:63:7b:7d:ff:9c:bd:a7:6d:30:19:4e:9c:
77:f1:a2:af:83:eb:ff:2d:c8:1b:ea:db:29:d5:05:
e8:b2:f9:4a:fe:45:e9:7f:91:6d:5a:a2:f8:2a:97:
c2:1b:87:06:86:5e:29:dd:6e:c7:c7:1d:9e:10:43:
53:f2:58:ee:a7:9f:63:76:95:1b:7e:60:ac:10:ff:
87:d5:dd:62:42:3f:da:54:86:38:e0:ec:99:9a:60:
be:2e:7c:5d:61:3a:58:6a:c2:8e:60:d9:86:23:21:
28:b0:64:d0:43:ad:ee:90:6f:3d:20:04:19:b4:14:
e9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:CB:FD:04:FF:E3:9C:C3:7A:83:EA:6E:50:99:3B:7B:7A:FE:F5:06
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/scv9BP_jnMN6g-puUJk7e3r-9QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.255.240.0/21
185.24.12.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:8c:06:a2:50:9a:f9:37:5c:ab:42:0a:b2:91:58:4c:56:d8:
ea:66:f7:0c:7c:80:c9:a4:76:82:2e:13:60:63:4e:2d:53:cd:
35:93:8a:69:1b:9f:de:fd:ce:7d:a3:6c:57:a9:a8:0f:47:3c:
3f:e4:eb:4f:ec:07:89:df:17:27:5e:00:b0:8a:e7:99:37:5f:
77:09:5b:ff:07:dc:90:7e:0c:6f:33:9d:7f:e7:af:18:7d:8c:
a7:17:ce:c4:51:7f:6c:6b:f1:d1:47:eb:2c:71:fe:c7:08:1a:
a0:8e:aa:8e:e2:ec:28:9b:bd:b1:c8:29:98:2f:ba:53:6f:44:
8c:65:3b:22:08:4f:eb:90:88:0b:76:08:93:ee:95:74:03:bc:
80:f0:f0:83:74:da:59:14:32:31:db:7c:b5:76:d5:a5:4e:cb:
06:2e:20:45:dc:0c:07:39:64:84:d0:de:03:c8:3e:5e:e6:ec:
7a:2c:56:55:f6:80:7b:20:01:cf:61:3d:91:4c:54:8f:60:bc:
36:45:f5:cd:ba:31:61:91:ee:4f:41:74:99:89:7e:02:e7:c5:
a1:56:bf:90:0f:ce:bf:39:c0:c2:46:ea:97:1a:ba:9e:96:f2:
92:2d:71:44:98:4f:37:64:dc:81:f4:89:92:18:cd:13:22:c8:
bc:54:aa:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd7UpLp6Q/wKZEQoqbHkRHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwNDEzMTU1MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWNiZmQwNGZmZTM5Y2MzN2E4M2VhNmU1MDk5M2I3YjdhZmVmNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlznTqWxIJ6IubtJra1NqvR0h88a1
uL8lE5i6FO0+7LJrO4o2QSceZgEm405/Xz0aRixXOk5FLiCJlVhdPGhYCCU89wZF
9KGB+TEG6QXyAvFlZ7u8ut37Y+smYfFbPprelqP/zFpu24aaxvqi7UoJUUz4NOf3
tqy4DoT4w6aSpGeTWFbniQmmPE9je33/nL2nbTAZTpx38aKvg+v/Lcgb6tsp1QXo
svlK/kXpf5FtWqL4KpfCG4cGhl4p3W7Hxx2eEENT8ljup59jdpUbfmCsEP+H1d1i
Qj/aVIY44OyZmmC+LnxdYTpYasKOYNmGIyEosGTQQ63ukG89IAQZtBTpmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLHL/QT/45zDeoPqblCZO3t6/vUGMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvc2N2OUJQX2puTU42Zy1wdVVKazdlM3ItOVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDkf/wAwQC
uRgMMA0GCSqGSIb3DQEBCwUAA4IBAQB7jAaiUJr5N1yrQgqykVhMVtjqZvcMfIDJ
pHaCLhNgY04tU801k4ppG5/e/c59o2xXqagPRzw/5OtP7AeJ3xcnXgCwiueZN193
CVv/B9yQfgxvM51/568YfYynF87EUX9sa/HRR+sscf7HCBqgjqqO4uwom72xyCmY
L7pTb0SMZTsiCE/rkIgLdgiT7pV0A7yA8PCDdNpZFDIx23y1dtWlTssGLiBF3AwH
OWSE0N4DyD5e5ux6LFZV9oB7IAHPYT2RTFSPYLw2RfXNujFhke5PQXSZiX4C58Wh
Vr+QD86/OcDCRuqXGrqelvKSLXFEmE83ZNyB9ImSGM0TIsi8VKoH
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:58 2024 by rpki-client on console-fra.rpki-client.org