Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/386185-5acc-4fe1-9784-6b4afa40678d/1/IZ8bfYGQMYpM7u9yf6Nz2-bAv7E.roa
File: IZ8bfYGQMYpM7u9yf6Nz2-bAv7E.roa (raw, json)
Hash identifier: udyOBUmNXCPitb6mObR5yYItKjT6mtwN0NuYWcSWyT8=
Subject key identifier: 21:9F:1B:7D:81:90:31:8A:4C:EE:EF:72:7F:A3:73:DB:E6:C0:BF:B1
Certificate issuer: /CN=107f7d0b64c98c99e8d08683505264d6b08bfd86
Certificate serial: 018571D7B9778AC3863F02AEC33DCF1977D4
Authority key identifier: 10:7F:7D:0B:64:C9:8C:99:E8:D0:86:83:50:52:64:D6:B0:8B:FD:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EH99C2TJjJno0IaDUFJk1rCL_YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/386185-5acc-4fe1-9784-6b4afa40678d/1/IZ8bfYGQMYpM7u9yf6Nz2-bAv7E.roa
Signing time: Mon 02 Jan 2023 09:37:21 +0000
ROA not before: Mon 02 Jan 2023 09:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57707
IP address blocks: 171.25.220.0/23 maxlen: 23
171.25.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:b9:77:8a:c3:86:3f:02:ae:c3:3d:cf:19:77:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107f7d0b64c98c99e8d08683505264d6b08bfd86
Validity
Not Before: Jan 2 09:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=219f1b7d8190318a4ceeef727fa373dbe6c0bfb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f6:9b:17:34:ec:1b:25:3e:02:08:81:b6:40:
8d:24:5c:6f:6e:bc:68:fc:c5:a9:f4:64:8d:5b:60:
69:25:15:df:65:3b:f4:63:67:55:f5:35:17:8f:e6:
56:60:b7:98:77:f7:00:be:f9:3e:47:66:d1:78:1a:
7f:31:48:d0:99:a4:89:80:93:9d:7b:51:63:e1:82:
be:eb:e0:d2:78:a9:0e:b3:02:1d:f7:d8:d1:71:90:
8f:6d:6d:bc:8e:d0:68:32:a0:c8:6e:42:07:92:ac:
ab:fb:e9:38:65:e6:90:dc:0b:d9:17:95:96:42:b1:
f6:3d:8a:cd:d4:ce:76:bf:91:91:ca:46:81:e1:57:
e9:d3:6c:e0:a6:e7:34:78:d0:36:99:52:48:42:1d:
14:56:93:00:a3:c4:c3:c5:0d:5d:49:23:56:0d:c5:
d7:30:c2:fd:48:94:fc:c9:31:b7:52:b6:6a:9e:99:
7c:53:2a:93:7e:f5:a4:66:90:12:70:d4:fb:d4:b9:
f7:40:09:c1:e4:57:22:e0:db:e5:9e:38:74:63:ea:
23:f6:7c:70:82:c4:94:72:3a:35:4e:28:ce:3d:47:
12:90:3f:8d:c5:be:c4:46:2f:45:47:86:55:8f:9d:
17:df:43:d5:a4:4e:d8:f8:79:35:d3:24:17:79:d4:
3d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:9F:1B:7D:81:90:31:8A:4C:EE:EF:72:7F:A3:73:DB:E6:C0:BF:B1
X509v3 Authority Key Identifier:
keyid:10:7F:7D:0B:64:C9:8C:99:E8:D0:86:83:50:52:64:D6:B0:8B:FD:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EH99C2TJjJno0IaDUFJk1rCL_YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/386185-5acc-4fe1-9784-6b4afa40678d/1/IZ8bfYGQMYpM7u9yf6Nz2-bAv7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/386185-5acc-4fe1-9784-6b4afa40678d/1/EH99C2TJjJno0IaDUFJk1rCL_YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.220.0-171.25.222.255
Signature Algorithm: sha256WithRSAEncryption
4c:df:9b:b4:b8:0b:2b:a5:36:a7:9b:c2:c5:d0:4d:bb:f1:b0:
c7:69:9f:eb:11:14:40:9e:ba:55:41:b4:55:8e:62:4c:39:60:
6e:20:23:ee:00:dd:ec:93:ac:ed:7a:55:4b:97:d4:02:eb:cd:
72:8a:46:54:9b:09:e7:a6:4e:f5:8d:ff:a3:da:67:5a:78:20:
a5:84:df:79:90:4d:4c:d7:48:b1:e8:3f:c1:32:82:fc:26:27:
23:3f:60:70:5c:46:ae:b0:0c:de:23:be:76:3b:6d:52:30:6b:
39:74:cf:af:2b:c5:e4:c3:07:45:ca:33:1a:52:57:81:8d:db:
43:09:7c:4a:eb:9b:f6:bc:fa:39:1a:b2:69:03:12:93:fe:f9:
b0:68:05:d9:7c:05:09:b1:5c:23:a9:dc:86:63:b3:df:23:f1:
5e:c5:54:49:f8:2d:88:b5:8d:52:00:6a:0c:82:fb:89:55:62:
84:ba:b2:a6:e0:21:fb:87:64:87:20:f5:78:7e:2a:9c:cb:7b:
f6:5e:f5:f8:7a:7a:96:ab:34:93:9f:80:d5:b6:33:af:b0:e3:
7b:8c:0d:1c:4f:6d:41:30:aa:2f:a9:33:75:95:a6:93:6e:de:
2e:c4:29:c4:36:b2:1f:8b:07:26:19:7e:f2:0e:93:c3:67:4c:
c9:fe:4e:ca
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVx17l3isOGPwKuwz3PGXfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwN2Y3ZDBiNjRjOThjOTllOGQwODY4MzUwNTI2NGQ2YjA4
YmZkODYwHhcNMjMwMTAyMDkzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTlmMWI3ZDgxOTAzMThhNGNlZWVmNzI3ZmEzNzNkYmU2YzBiZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPabFzTsGyU+AgiBtkCNJFxvbrxo
/MWp9GSNW2BpJRXfZTv0Y2dV9TUXj+ZWYLeYd/cAvvk+R2bReBp/MUjQmaSJgJOd
e1Fj4YK+6+DSeKkOswId99jRcZCPbW28jtBoMqDIbkIHkqyr++k4ZeaQ3AvZF5WW
QrH2PYrN1M52v5GRykaB4Vfp02zgpuc0eNA2mVJIQh0UVpMAo8TDxQ1dSSNWDcXX
MML9SJT8yTG3UrZqnpl8UyqTfvWkZpAScNT71Ln3QAnB5Fci4Nvlnjh0Y+oj9nxw
gsSUcjo1TijOPUcSkD+Nxb7ERi9FR4ZVj50X30PVpE7Y+Hk10yQXedQ9AwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCGfG32BkDGKTO7vcn+jc9vmwL+xMB8GA1UdIwQY
MBaAFBB/fQtkyYyZ6NCGg1BSZNawi/2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUg5OUMyVEpqSm5vMElhRFVGSmsxckNMX1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8zODYxODUtNWFjYy00ZmUxLTk3ODQt
NmI0YWZhNDA2NzhkLzEvSVo4YmZZR1FNWXBNN3U5eWY2TnoyLWJBdjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8zODYxODUtNWFjYy00ZmUxLTk3ODQtNmI0YWZhNDA2Nzhk
LzEvRUg5OUMyVEpqSm5vMElhRFVGSmsxckNMX1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKrGdwD
BACrGd4wDQYJKoZIhvcNAQELBQADggEBAEzfm7S4CyulNqebwsXQTbvxsMdpn+sR
FECeulVBtFWOYkw5YG4gI+4A3eyTrO16VUuX1ALrzXKKRlSbCeemTvWN/6PaZ1p4
IKWE33mQTUzXSLHoP8EygvwmJyM/YHBcRq6wDN4jvnY7bVIwazl0z68rxeTDB0XK
MxpSV4GN20MJfErrm/a8+jkasmkDEpP++bBoBdl8BQmxXCOp3IZjs98j8V7FVEn4
LYi1jVIAagyC+4lVYoS6sqbgIfuHZIcg9Xh+KpzLe/Ze9fh6eparNJOfgNW2M6+w
43uMDRxPbUEwqi+pM3WVppNu3i7EKcQ2sh+LByYZfvIOk8NnTMn+Tso=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org