Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/4rwuJu5vh-IacOY1Wxlo-43dL1k.roa
File: 4rwuJu5vh-IacOY1Wxlo-43dL1k.roa (raw, json)
Hash identifier: d20tnDaDyRJB3z0jwPxO+jkYkcwX4/WURzNUIT5uwT8=
Subject key identifier: E2:BC:2E:26:EE:6F:87:E2:1A:70:E6:35:5B:19:68:FB:8D:DD:2F:59
Certificate issuer: /CN=aa9a164c656412b7daafae8571cc679cc6f587d0
Certificate serial: 0186BEB249F1899EF1E840191B2FFBDA3B27
Authority key identifier: AA:9A:16:4C:65:64:12:B7:DA:AF:AE:85:71:CC:67:9C:C6:F5:87:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qpoWTGVkErfar66FccxnnMb1h9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/4rwuJu5vh-IacOY1Wxlo-43dL1k.roa
Signing time: Wed 08 Mar 2023 00:50:00 +0000
ROA not before: Wed 08 Mar 2023 00:50:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25145
IP address blocks: 84.252.80.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 08 Mar 2023 06:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:be:b2:49:f1:89:9e:f1:e8:40:19:1b:2f:fb:da:3b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9a164c656412b7daafae8571cc679cc6f587d0
Validity
Not Before: Mar 8 00:50:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2bc2e26ee6f87e21a70e6355b1968fb8ddd2f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6b:f3:37:70:f7:27:ae:c6:01:76:7c:e5:d7:
ba:be:6d:d3:2c:0e:c1:97:a6:b7:99:a5:23:98:6f:
b6:fd:7c:94:4c:f5:cc:a3:8b:23:eb:2b:f4:50:12:
c9:42:9c:02:09:31:54:89:2b:a3:00:ee:aa:f0:3b:
85:61:b7:e8:eb:fc:17:4f:a5:56:3e:84:67:17:a9:
b5:ef:1f:7a:c4:e0:2d:20:f3:da:91:52:a6:cd:e9:
01:76:21:1e:d5:6a:23:0a:53:ca:0d:b9:9d:04:60:
ad:2c:3e:44:6c:c5:1d:ab:c5:ea:d7:56:d1:47:88:
16:82:0a:23:81:e4:96:8a:20:95:90:b4:24:12:62:
ef:63:be:de:cf:4f:16:19:8c:58:30:15:33:64:cb:
5d:1d:9a:46:0b:7a:3b:0a:0b:19:d2:79:25:37:a6:
f8:c9:db:b5:99:a6:5a:01:8c:f8:7d:5b:07:5a:72:
9b:47:e8:6b:0d:3d:22:f4:fc:40:a2:11:6b:2f:e6:
50:18:78:5c:d7:e9:47:bc:1e:59:78:66:d8:4c:df:
98:15:1a:41:bf:e5:b3:d9:fe:da:81:91:de:21:b8:
e7:92:cb:99:b3:d7:a5:cf:d9:bc:3d:ae:cd:e8:5e:
21:40:01:d4:2b:cd:50:55:f8:92:15:65:14:df:23:
a0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BC:2E:26:EE:6F:87:E2:1A:70:E6:35:5B:19:68:FB:8D:DD:2F:59
X509v3 Authority Key Identifier:
keyid:AA:9A:16:4C:65:64:12:B7:DA:AF:AE:85:71:CC:67:9C:C6:F5:87:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qpoWTGVkErfar66FccxnnMb1h9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/4rwuJu5vh-IacOY1Wxlo-43dL1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/qpoWTGVkErfar66FccxnnMb1h9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.80.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:c6:2f:ae:8a:91:c3:20:f2:64:8a:b2:b7:95:18:2a:a1:d6:
57:30:ff:fe:dd:73:cc:89:70:37:d5:ee:87:47:dc:0a:1f:0f:
a0:30:c9:30:9b:a4:54:3e:02:8c:8a:83:bc:82:4e:cd:49:ce:
c6:9f:26:5f:87:a5:51:4e:b7:09:c0:7b:cc:f9:d0:59:7c:d2:
1b:bf:9e:ad:9a:9e:62:8d:70:24:2c:f8:b2:00:f6:59:5b:71:
03:5e:ed:52:38:10:92:c8:4e:aa:6f:bc:f4:e7:9c:0f:50:b6:
4a:4f:b9:77:fa:0b:6e:ad:b5:d8:0c:a3:bc:db:75:f2:45:e0:
45:bb:81:93:b9:0c:7c:f3:a7:6b:a0:50:a6:31:f0:86:92:90:
da:e9:f0:fc:7b:84:58:95:61:cf:95:0f:a7:33:ba:25:85:f5:
44:87:2b:08:6d:60:5f:50:00:b9:c2:96:64:d7:7b:4d:22:31:
eb:4a:38:2e:c1:f3:5d:83:f6:eb:d7:66:6b:cb:40:7d:cd:0c:
27:2d:43:77:4b:04:b9:22:ed:1d:71:a9:00:84:84:19:64:0a:
54:38:4b:12:0a:81:b1:81:b5:83:7b:11:da:bb:45:66:da:4a:
a3:49:95:08:e6:ff:3b:3f:86:7b:a0:f6:f4:f5:04:d8:b4:53:
3e:8d:6f:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa+sknxiZ7x6EAZGy/72jsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOWExNjRjNjU2NDEyYjdkYWFmYWU4NTcxY2M2NzljYzZm
NTg3ZDAwHhcNMjMwMzA4MDA1MDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmJjMmUyNmVlNmY4N2UyMWE3MGU2MzU1YjE5NjhmYjhkZGQyZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2vzN3D3J67GAXZ85de6vm3TLA7B
l6a3maUjmG+2/XyUTPXMo4sj6yv0UBLJQpwCCTFUiSujAO6q8DuFYbfo6/wXT6VW
PoRnF6m17x96xOAtIPPakVKmzekBdiEe1WojClPKDbmdBGCtLD5EbMUdq8Xq11bR
R4gWggojgeSWiiCVkLQkEmLvY77ez08WGYxYMBUzZMtdHZpGC3o7CgsZ0nklN6b4
ydu1maZaAYz4fVsHWnKbR+hrDT0i9PxAohFrL+ZQGHhc1+lHvB5ZeGbYTN+YFRpB
v+Wz2f7agZHeIbjnksuZs9elz9m8Pa7N6F4hQAHUK81QVfiSFWUU3yOgwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOK8Libub4fiGnDmNVsZaPuN3S9ZMB8GA1UdIwQY
MBaAFKqaFkxlZBK32q+uhXHMZ5zG9YfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXBvV1RHVmtFcmZhcjY2RmNjeG5uTWIxaDlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9hZmRhOWEtNjYzMC00YTlmLWI1MjIt
Mjg4MjljMDNjNjlhLzEvNHJ3dUp1NXZoLUlhY09ZMVd4bG8tNDNkTDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9hZmRhOWEtNjYzMC00YTlmLWI1MjItMjg4MjljMDNjNjlh
LzEvcXBvV1RHVmtFcmZhcjY2RmNjeG5uTWIxaDlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVPxQMA0G
CSqGSIb3DQEBCwUAA4IBAQCLxi+uipHDIPJkirK3lRgqodZXMP/+3XPMiXA31e6H
R9wKHw+gMMkwm6RUPgKMioO8gk7NSc7GnyZfh6VRTrcJwHvM+dBZfNIbv56tmp5i
jXAkLPiyAPZZW3EDXu1SOBCSyE6qb7z055wPULZKT7l3+gturbXYDKO823XyReBF
u4GTuQx886droFCmMfCGkpDa6fD8e4RYlWHPlQ+nM7olhfVEhysIbWBfUAC5wpZk
13tNIjHrSjguwfNdg/br12Zry0B9zQwnLUN3SwS5Iu0dcakAhIQZZApUOEsSCoGx
gbWDexHau0Vm2kqjSZUI5v87P4Z7oPb09QTYtFM+jW/S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:49 2024 by rpki-client on console-ams.rpki-client.org