Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/67dbzGZ8JrOx38IVMCU4khJ7HYE.roa
File: 67dbzGZ8JrOx38IVMCU4khJ7HYE.roa (raw, json)
Hash identifier: l0L5PPHFsqcc7YsNqG3QIGMBYgNb5UrGV8x9NpE0KYY=
Subject key identifier: EB:B7:5B:CC:66:7C:26:B3:B1:DF:C2:15:30:25:38:92:12:7B:1D:81
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01874685EB5267062F6E1E5C12E0C533F518
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/67dbzGZ8JrOx38IVMCU4khJ7HYE.roa
Signing time: Mon 03 Apr 2023 09:49:54 +0000
ROA not before: Mon 03 Apr 2023 09:49:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207508
IP address blocks: 176.98.40.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:85:eb:52:67:06:2f:6e:1e:5c:12:e0:c5:33:f5:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Apr 3 09:49:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebb75bcc667c26b3b1dfc21530253892127b1d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c2:6d:5e:28:1a:1c:1b:b6:f9:f4:41:f3:7b:
f5:ab:e8:2e:c3:16:b9:12:0e:dd:6f:2a:1c:8f:43:
d8:37:e5:1f:90:ef:a5:62:b3:7b:74:a1:47:7c:43:
04:1d:bb:da:4a:c1:10:9b:d4:86:70:f4:e7:69:75:
68:3a:0a:24:05:52:17:da:15:f2:fe:6e:25:ad:05:
9e:eb:81:e9:09:ff:60:95:3a:03:67:00:6c:cf:88:
86:6d:d5:31:1c:cb:c9:9b:c5:cd:43:58:d7:8d:ea:
41:ea:26:36:19:73:88:d3:63:97:49:f8:67:48:1b:
61:af:84:96:82:66:ce:6b:6b:f1:ff:b4:e2:14:6a:
e4:1f:a0:6f:8f:e3:f6:50:ad:48:36:ad:73:b9:45:
e4:c5:39:5f:a0:ed:07:ad:f5:e8:ff:b7:e4:52:82:
12:93:f4:02:31:78:4b:3d:63:cb:77:bc:dc:1d:fe:
83:d3:8e:14:d0:2f:ae:a3:83:5f:6d:6f:50:29:1c:
14:31:22:fe:42:d1:5a:4d:67:cf:ad:5e:88:70:f6:
4b:1e:9a:2e:e0:85:56:8a:28:45:85:8e:fc:1d:6b:
23:35:f5:54:3a:93:3e:a9:65:e3:e2:63:bb:f8:e7:
90:03:5c:f2:f0:21:01:ac:ca:98:a4:26:30:de:b2:
64:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B7:5B:CC:66:7C:26:B3:B1:DF:C2:15:30:25:38:92:12:7B:1D:81
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/67dbzGZ8JrOx38IVMCU4khJ7HYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.40.0/24
Signature Algorithm: sha256WithRSAEncryption
62:17:ba:fe:c7:5a:1f:64:41:f5:69:46:16:61:df:10:8a:51:
98:3d:b0:41:9a:60:3a:32:7a:e8:a0:3f:8f:1f:bb:68:b8:94:
e3:04:b4:d7:c0:b6:9c:3c:73:f7:32:07:50:b8:d6:bd:34:98:
70:3f:97:36:9c:59:bb:2a:35:23:72:cb:06:db:9c:9f:42:bf:
cb:53:29:9c:eb:1d:7b:48:13:8e:d2:a6:72:fa:12:a6:09:e8:
2f:bd:62:f2:5a:68:ca:50:81:2f:5f:64:f4:d5:2f:6d:8d:08:
19:1c:19:e6:a4:64:b4:16:8a:a8:7e:2e:18:04:f0:ac:c0:91:
fe:08:6d:55:92:05:20:d8:23:71:9e:ef:99:18:ad:32:d2:a4:
7b:81:ee:10:6f:5a:c2:06:e9:70:d5:81:1b:b4:30:c3:8c:3a:
63:b8:29:11:18:19:3f:42:24:94:bd:eb:02:31:7f:e2:df:ff:
e7:56:0f:52:81:22:57:2c:0a:7a:36:55:44:9c:c7:00:aa:03:
b2:13:56:dc:b7:c1:0f:2d:c8:fb:19:bf:7d:31:9c:23:76:82:
f1:fc:2f:3a:ad:1b:79:51:ca:7b:b7:42:34:84:d9:3e:77:98:
80:04:fb:bd:c5:8d:73:5d:42:fc:9a:8d:9e:d4:ae:87:fe:3b:
3f:e4:3e:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdGhetSZwYvbh5cEuDFM/UYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwNDAzMDk0OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmI3NWJjYzY2N2MyNmIzYjFkZmMyMTUzMDI1Mzg5MjEyN2IxZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcJtXigaHBu2+fRB83v1q+guwxa5
Eg7dbyocj0PYN+UfkO+lYrN7dKFHfEMEHbvaSsEQm9SGcPTnaXVoOgokBVIX2hXy
/m4lrQWe64HpCf9glToDZwBsz4iGbdUxHMvJm8XNQ1jXjepB6iY2GXOI02OXSfhn
SBthr4SWgmbOa2vx/7TiFGrkH6Bvj+P2UK1INq1zuUXkxTlfoO0HrfXo/7fkUoIS
k/QCMXhLPWPLd7zcHf6D044U0C+uo4NfbW9QKRwUMSL+QtFaTWfPrV6IcPZLHpou
4IVWiihFhY78HWsjNfVUOpM+qWXj4mO7+OeQA1zy8CEBrMqYpCYw3rJk+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOu3W8xmfCazsd/CFTAlOJISex2BMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvNjdkYnpHWjhKck94MzhJVk1DVTRraEo3SFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGIoMA0G
CSqGSIb3DQEBCwUAA4IBAQBiF7r+x1ofZEH1aUYWYd8QilGYPbBBmmA6MnrooD+P
H7touJTjBLTXwLacPHP3MgdQuNa9NJhwP5c2nFm7KjUjcssG25yfQr/LUymc6x17
SBOO0qZy+hKmCegvvWLyWmjKUIEvX2T01S9tjQgZHBnmpGS0Foqofi4YBPCswJH+
CG1VkgUg2CNxnu+ZGK0y0qR7ge4Qb1rCBulw1YEbtDDDjDpjuCkRGBk/QiSUvesC
MX/i3//nVg9SgSJXLAp6NlVEnMcAqgOyE1bct8EPLcj7Gb99MZwjdoLx/C86rRt5
Ucp7t0I0hNk+d5iABPu9xY1zXUL8mo2e1K6H/js/5D4k
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:05 2024 by rpki-client on console-ams.rpki-client.org