Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/heExVrreaAFCz2ocksmPHONXjkg.roa
File: heExVrreaAFCz2ocksmPHONXjkg.roa (raw, json)
Hash identifier: r7A2jhdqeH+WxwzBX5Z0I3WeuGZLV39Z73q5XwgFVCI=
Subject key identifier: 85:E1:31:56:BA:DE:68:01:42:CF:6A:1C:92:C9:8F:1C:E3:57:8E:48
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 0186C5F9932768004BF1E8B805498D3989A8
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/heExVrreaAFCz2ocksmPHONXjkg.roa
Signing time: Thu 09 Mar 2023 10:45:13 +0000
ROA not before: Thu 09 Mar 2023 10:45:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50628
IP address blocks: 166.108.128.0/24 maxlen: 24
2a0e:d500::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 13 Mar 2023 23:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c5:f9:93:27:68:00:4b:f1:e8:b8:05:49:8d:39:89:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Mar 9 10:45:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85e13156bade680142cf6a1c92c98f1ce3578e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:54:ad:9c:a1:6b:37:2a:9a:ea:f3:92:df:72:
88:c6:cb:41:03:5d:15:41:c4:1d:9b:0f:26:ff:77:
64:d8:b8:4f:44:3b:c5:3a:68:49:d7:b8:50:2c:f6:
66:3a:b2:96:18:1a:71:c5:26:52:9e:c2:77:66:a3:
50:d5:15:3a:63:f9:84:24:46:c1:fa:d8:87:d0:f1:
eb:00:f8:2e:c1:df:cc:53:9d:3e:3b:79:ed:d1:99:
2d:a4:1d:ca:60:f2:f5:c2:28:6d:83:bb:df:9c:f7:
93:07:ee:d4:88:2b:01:a8:11:9e:6a:ad:29:05:21:
94:98:db:5f:1b:5a:f6:c7:1c:46:4e:7a:51:06:37:
22:d5:aa:2e:59:7d:6e:f6:63:c3:24:45:63:e5:1e:
3b:75:a8:db:e4:a5:98:69:25:0c:68:e3:a4:d1:11:
8c:e1:79:75:a9:1d:53:e2:2e:89:0d:d6:18:ed:57:
c5:fb:35:af:67:70:01:04:51:74:3c:1c:8f:f4:fd:
52:3c:25:88:74:f4:80:52:75:0d:da:c9:ea:8d:c9:
45:20:e1:31:9d:5b:4b:66:0b:ce:32:a0:0b:ab:f9:
e1:0b:97:1f:d4:39:2d:81:37:bb:44:b1:28:a0:0f:
44:37:da:0b:35:5e:a8:f9:88:06:8b:c2:b0:a8:80:
14:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E1:31:56:BA:DE:68:01:42:CF:6A:1C:92:C9:8F:1C:E3:57:8E:48
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/heExVrreaAFCz2ocksmPHONXjkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.128.0/24
IPv6:
2a0e:d500::/29
Signature Algorithm: sha256WithRSAEncryption
7b:be:83:db:4f:3a:e9:a8:64:b6:5c:99:4e:2a:91:ce:2c:13:
f9:e1:46:cb:b1:d1:08:8d:e8:d5:ba:4f:cc:fe:ba:5a:d3:19:
3a:ff:f6:2c:95:5f:c6:8d:94:58:2c:17:9e:d7:27:d3:b2:e6:
a9:72:e4:c8:0b:4e:00:a1:21:e1:2a:a9:df:4c:49:a8:ac:a4:
92:51:0c:41:8a:c2:81:e9:ca:ec:11:e8:49:c5:df:ad:f4:ba:
c6:b7:41:15:c7:98:f1:8f:d8:4c:66:b5:fd:ac:b3:c8:bd:b2:
9d:95:7f:17:19:1d:cd:53:cc:6c:02:c9:16:80:7f:53:d3:56:
12:65:ba:c9:c3:1a:ef:5e:df:1c:86:17:da:ab:06:16:de:27:
dc:88:96:a4:f5:99:bc:74:a5:69:7e:c2:29:bf:3e:50:6f:59:
d6:96:8f:b7:51:db:2e:29:fa:a8:a8:e6:2d:a1:20:96:b4:a1:
ac:ea:bd:b3:3e:7e:d4:ec:e1:54:20:b2:76:f2:2f:6f:53:f1:
80:60:cf:50:98:e2:38:f3:17:8d:4c:29:da:dd:13:fb:7b:bf:
31:9f:f5:48:35:8a:44:7f:43:a5:a8:b1:6f:c3:90:60:95:c0:
85:84:2d:f0:74:94:54:fe:ab:b4:6a:52:11:93:d0:26:a6:a0:
df:ce:b1:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbF+ZMnaABL8ei4BUmNOYmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjMwMzA5MTA0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWUxMzE1NmJhZGU2ODAxNDJjZjZhMWM5MmM5OGYxY2UzNTc4ZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVStnKFrNyqa6vOS33KIxstBA10V
QcQdmw8m/3dk2LhPRDvFOmhJ17hQLPZmOrKWGBpxxSZSnsJ3ZqNQ1RU6Y/mEJEbB
+tiH0PHrAPguwd/MU50+O3nt0ZktpB3KYPL1wihtg7vfnPeTB+7UiCsBqBGeaq0p
BSGUmNtfG1r2xxxGTnpRBjci1aouWX1u9mPDJEVj5R47dajb5KWYaSUMaOOk0RGM
4Xl1qR1T4i6JDdYY7VfF+zWvZ3ABBFF0PByP9P1SPCWIdPSAUnUN2snqjclFIOEx
nVtLZgvOMqALq/nhC5cf1DktgTe7RLEooA9EN9oLNV6o+YgGi8KwqIAUBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIXhMVa63mgBQs9qHJLJjxzjV45IMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvaGVFeFZycmVhQUZDejJvY2tzbVBIT05YamtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQApmyAMA0E
AgACMAcDBQMqDtUAMA0GCSqGSIb3DQEBCwUAA4IBAQB7voPbTzrpqGS2XJlOKpHO
LBP54UbLsdEIjejVuk/M/rpa0xk6//YslV/GjZRYLBee1yfTsuapcuTIC04AoSHh
KqnfTEmorKSSUQxBisKB6crsEehJxd+t9LrGt0EVx5jxj9hMZrX9rLPIvbKdlX8X
GR3NU8xsAskWgH9T01YSZbrJwxrvXt8chhfaqwYW3ifciJak9Zm8dKVpfsIpvz5Q
b1nWlo+3UdsuKfqoqOYtoSCWtKGs6r2zPn7U7OFUILJ28i9vU/GAYM9QmOI48xeN
TCna3RP7e78xn/VINYpEf0OlqLFvw5BglcCFhC3wdJRU/qu0alIRk9AmpqDfzrGZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:46 2024 by rpki-client on console-fra.rpki-client.org