Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/jV4KyYOgRoTiEBd1z7O6p8ohyb0.roa
File: jV4KyYOgRoTiEBd1z7O6p8ohyb0.roa (raw, json)
Hash identifier: LV8co3zsXv3cHBPxPfQEUFy1p4Y87jIVKNUsHDiMHq0=
Subject key identifier: 8D:5E:0A:C9:83:A0:46:84:E2:10:17:75:CF:B3:BA:A7:CA:21:C9:BD
Certificate issuer: /CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Certificate serial: 018CC4922ADC7B64EFF542DEDE2FD6EFDDCA
Authority key identifier: 28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/jV4KyYOgRoTiEBd1z7O6p8ohyb0.roa
Signing time: Mon 01 Jan 2024 10:29:22 +0000
ROA not before: Mon 01 Jan 2024 10:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59456
IP address blocks: 194.99.66.0/23 maxlen: 23
45.88.128.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 01 Oct 2024 13:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2a:dc:7b:64:ef:f5:42:de:de:2f:d6:ef:dd:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Validity
Not Before: Jan 1 10:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d5e0ac983a04684e2101775cfb3baa7ca21c9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a8:c4:56:92:68:66:72:79:fb:b6:26:e4:5b:
3e:f7:58:ed:c3:45:0f:ac:33:5c:1a:b6:fb:28:64:
fc:08:0c:f5:e8:47:9d:3f:be:ba:72:8f:e6:e3:77:
5d:bc:f9:b5:e6:82:66:48:b3:65:d9:77:c9:ad:c8:
64:47:73:09:93:81:2d:2b:de:1e:a6:d6:69:11:c0:
6a:64:d9:b1:58:6e:b9:12:3a:3e:46:d5:c4:15:77:
ab:23:cd:81:1f:66:14:26:85:04:3c:d0:a8:3b:7f:
4b:64:c8:42:4a:66:9f:5a:fb:21:05:6a:91:a5:87:
ca:7b:90:c3:92:f6:09:40:ab:c4:a4:6b:03:66:67:
10:5f:22:8f:33:89:6d:4e:f6:d2:5e:2b:3f:47:bb:
9e:92:46:eb:70:7d:08:a4:41:81:2f:0d:98:51:cf:
22:cb:8c:65:ac:81:d3:22:a0:3f:94:4f:c4:43:5c:
6d:7e:af:ac:80:ea:d0:8f:c5:7b:c5:81:9a:08:92:
88:69:66:19:10:f4:59:1d:14:8d:0a:a7:c9:cf:84:
b3:93:bd:85:46:c4:be:f1:ff:9c:8c:44:2a:05:5d:
00:f7:d8:72:af:cf:12:ac:22:61:01:f9:3f:fa:49:
af:1a:b8:fe:b7:0a:94:28:3f:91:17:8c:ee:26:42:
42:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:5E:0A:C9:83:A0:46:84:E2:10:17:75:CF:B3:BA:A7:CA:21:C9:BD
X509v3 Authority Key Identifier:
keyid:28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/jV4KyYOgRoTiEBd1z7O6p8ohyb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/KGS7NPtdFsqdH6P5eUy0jUvthHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.128.0/22
194.99.66.0/23
Signature Algorithm: sha256WithRSAEncryption
99:ba:31:16:f9:62:bc:9a:8c:56:c8:fa:69:88:4b:89:09:92:
3c:04:ba:05:51:e6:c2:8c:7d:e1:27:1e:d6:9b:0f:c6:e2:31:
ab:5b:46:32:0a:f4:10:18:35:8a:5b:03:62:f6:b9:a2:5d:8e:
99:26:fa:55:98:2d:a3:d2:58:80:e5:55:cf:01:5d:5d:cd:6a:
06:c1:81:f8:0d:be:ad:ca:65:90:3a:5e:e3:5e:b1:76:a2:12:
81:29:ef:e7:05:b3:68:71:9d:f5:33:85:f0:fb:41:c9:07:a4:
0d:66:c2:02:89:06:91:34:c3:ec:d4:ca:24:9e:00:6c:4d:80:
c9:04:41:3c:d3:66:da:79:26:45:5c:b5:b5:05:24:21:0c:07:
37:15:b3:f0:56:e3:5c:a9:83:f9:67:34:88:ef:a8:75:5d:d3:
2c:78:0e:a2:ce:3f:0f:c4:d5:a9:40:92:b3:99:6e:4a:49:be:
3d:cc:fb:77:ed:89:46:20:96:24:cd:73:c5:78:80:f7:38:4b:
b5:86:b2:0f:04:85:da:a2:37:87:49:d8:f3:b5:b5:e6:c8:c7:
22:44:8e:02:21:38:7f:29:d2:2c:cd:62:26:e5:59:c8:13:ed:
cb:59:48:2c:49:99:ee:bd:20:d3:fb:46:ad:2f:7c:18:18:a4:
b3:18:71:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkirce2Tv9ULe3i/W793KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjRiYjM0ZmI1ZDE2Y2E5ZDFmYTNmOTc5NGNiNDhkNGJl
ZDg0NzMwHhcNMjQwMTAxMTAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDVlMGFjOTgzYTA0Njg0ZTIxMDE3NzVjZmIzYmFhN2NhMjFjOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjajEVpJoZnJ5+7Ym5Fs+91jtw0UP
rDNcGrb7KGT8CAz16EedP766co/m43ddvPm15oJmSLNl2XfJrchkR3MJk4EtK94e
ptZpEcBqZNmxWG65Ejo+RtXEFXerI82BH2YUJoUEPNCoO39LZMhCSmafWvshBWqR
pYfKe5DDkvYJQKvEpGsDZmcQXyKPM4ltTvbSXis/R7uekkbrcH0IpEGBLw2YUc8i
y4xlrIHTIqA/lE/EQ1xtfq+sgOrQj8V7xYGaCJKIaWYZEPRZHRSNCqfJz4Szk72F
RsS+8f+cjEQqBV0A99hyr88SrCJhAfk/+kmvGrj+twqUKD+RF4zuJkJCiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI1eCsmDoEaE4hAXdc+zuqfKIcm9MB8GA1UdIwQY
MBaAFChkuzT7XRbKnR+j+XlMtI1L7YRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dTN05QdGRGc3FkSDZQNWVVeTBqVXZ0aEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80N2Y0NDUtNWVhOS00MzdkLWE1OWEt
NTkwMGE1OTQ3YjhkLzEvalY0S3lZT2dSb1RpRUJkMXo3TzZwOG9oeWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80N2Y0NDUtNWVhOS00MzdkLWE1OWEtNTkwMGE1OTQ3Yjhk
LzEvS0dTN05QdGRGc3FkSDZQNWVVeTBqVXZ0aEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLViAAwQB
wmNCMA0GCSqGSIb3DQEBCwUAA4IBAQCZujEW+WK8moxWyPppiEuJCZI8BLoFUebC
jH3hJx7Wmw/G4jGrW0YyCvQQGDWKWwNi9rmiXY6ZJvpVmC2j0liA5VXPAV1dzWoG
wYH4Db6tymWQOl7jXrF2ohKBKe/nBbNocZ31M4Xw+0HJB6QNZsICiQaRNMPs1Mok
ngBsTYDJBEE802baeSZFXLW1BSQhDAc3FbPwVuNcqYP5ZzSI76h1XdMseA6izj8P
xNWpQJKzmW5KSb49zPt37YlGIJYkzXPFeID3OEu1hrIPBIXaojeHSdjztbXmyMci
RI4CITh/KdIszWIm5VnIE+3LWUgsSZnuvSDT+0atL3wYGKSzGHEw
-----END CERTIFICATE-----
Generated at Tue Oct 1 16:20:40 2024 by rpki-client on console-fra.rpki-client.org