Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/IpYpUqsp1J5pwp4hvJrwx_30fIY.roa
File: IpYpUqsp1J5pwp4hvJrwx_30fIY.roa (raw, json)
Hash identifier: pFmXlO6T7vifgVfk1CqOwHfsgUGMkeL0goWGy2Z20lY=
Subject key identifier: 22:96:29:52:AB:29:D4:9E:69:C2:9E:21:BC:9A:F0:C7:FD:F4:7C:86
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 018933AC818749C6B4D54086845C93F693F0
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/IpYpUqsp1J5pwp4hvJrwx_30fIY.roa
Signing time: Sat 08 Jul 2023 04:04:50 +0000
ROA not before: Sat 08 Jul 2023 04:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138968
IP address blocks: 116.206.92.0/22 maxlen: 24
2a0f:6700::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 08 Jul 2023 10:22:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:33:ac:81:87:49:c6:b4:d5:40:86:84:5c:93:f6:93:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Jul 8 04:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22962952ab29d49e69c29e21bc9af0c7fdf47c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:96:42:4d:b4:eb:87:f0:ee:69:83:0c:46:60:
8b:7d:18:6d:3b:cc:14:2d:d9:20:bf:3b:03:a5:bc:
bd:c4:19:5c:6f:e4:f2:71:11:87:c3:89:60:08:e5:
f8:96:b3:d9:18:e4:a1:0c:53:ea:00:e7:43:84:c4:
13:74:79:a1:78:1a:98:47:b2:b0:13:85:3f:6a:b3:
6c:d8:cb:c3:6f:96:ed:8e:4b:78:92:9c:12:05:bc:
62:e4:87:58:4b:c1:12:b3:41:2b:20:59:0c:08:4f:
87:af:f8:c1:3d:d8:27:9e:f2:2e:2f:f4:19:1d:54:
e2:88:f9:2d:00:c4:96:6a:05:9e:de:6b:bb:07:c3:
54:01:6b:63:82:d9:ad:2f:70:8d:95:15:1e:61:ae:
3f:cb:62:6b:7f:1e:12:84:9c:e4:e5:7a:07:96:37:
2d:4e:63:74:af:fb:9b:86:d8:7a:7b:e7:59:25:ff:
4c:fc:79:dd:db:ba:96:38:2b:fa:c3:67:bf:eb:e9:
e6:a0:11:a1:cb:32:59:7a:ff:1f:1a:fd:98:05:7e:
76:4f:83:ee:23:03:fb:fe:6c:3f:89:24:90:5b:a3:
ef:b4:b6:9f:76:6a:64:b8:1e:59:dd:9a:3b:9b:a4:
73:ef:7e:1a:fb:d6:5d:dc:5c:f6:9f:6e:ba:47:66:
da:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:96:29:52:AB:29:D4:9E:69:C2:9E:21:BC:9A:F0:C7:FD:F4:7C:86
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/IpYpUqsp1J5pwp4hvJrwx_30fIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.206.92.0/22
IPv6:
2a0f:6700::/29
Signature Algorithm: sha256WithRSAEncryption
20:23:a1:28:a7:2a:69:0f:2d:6a:17:dc:68:8e:da:9a:a6:5e:
36:3b:b1:7a:05:e3:4d:41:a6:7f:52:ae:2a:b7:d2:9e:97:01:
bf:0d:c9:02:1d:1d:16:3e:e7:f4:c8:3e:9d:21:f5:e5:db:fd:
2d:f2:6c:e5:f5:84:ba:19:01:da:d0:b3:f0:d2:fa:d9:b6:86:
8d:5e:e6:b4:c6:e4:7d:d2:91:c5:b1:1f:27:50:35:d5:d2:19:
e7:e2:a0:d0:1c:a6:c6:50:84:b4:8d:f3:c4:c8:83:93:a4:b1:
45:ee:ca:94:f9:84:0e:08:df:ce:b9:06:68:69:33:b2:8c:57:
c2:4c:aa:a4:35:d9:18:4e:c9:e4:1b:fd:4b:f0:84:19:fd:c6:
51:f3:1c:0a:7a:00:70:b7:4f:87:de:fd:3f:0f:b6:a5:62:c4:
76:50:f8:89:d5:65:77:00:7c:dd:03:c0:b3:43:1d:ef:87:64:
c4:31:27:5c:a3:54:66:ec:e1:e7:81:ba:60:82:66:a2:f4:da:
fc:f6:39:e4:8e:e2:ea:7d:fd:c6:51:5a:ea:fa:53:1f:8a:0a:
c1:67:71:c5:bc:8f:4b:1c:6c:63:26:98:7b:df:ff:94:c7:bf:
fd:b2:41:b6:ac:aa:57:9e:92:e3:aa:a8:99:53:63:16:77:b9:
5b:9c:08:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkzrIGHSca01UCGhFyT9pPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjMwNzA4MDQwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjk2Mjk1MmFiMjlkNDllNjljMjllMjFiYzlhZjBjN2ZkZjQ3Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpZCTbTrh/DuaYMMRmCLfRhtO8wU
LdkgvzsDpby9xBlcb+TycRGHw4lgCOX4lrPZGOShDFPqAOdDhMQTdHmheBqYR7Kw
E4U/arNs2MvDb5btjkt4kpwSBbxi5IdYS8ESs0ErIFkMCE+Hr/jBPdgnnvIuL/QZ
HVTiiPktAMSWagWe3mu7B8NUAWtjgtmtL3CNlRUeYa4/y2Jrfx4ShJzk5XoHljct
TmN0r/ubhth6e+dZJf9M/Hnd27qWOCv6w2e/6+nmoBGhyzJZev8fGv2YBX52T4Pu
IwP7/mw/iSSQW6PvtLafdmpkuB5Z3Zo7m6Rz734a+9Zd3Fz2n266R2baewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCKWKVKrKdSeacKeIbya8Mf99HyGMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvSXBZcFVxc3AxSjVwd3A0aHZKcnd4XzMwZklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCdM5cMA0E
AgACMAcDBQMqD2cAMA0GCSqGSIb3DQEBCwUAA4IBAQAgI6EopyppDy1qF9xojtqa
pl42O7F6BeNNQaZ/Uq4qt9KelwG/DckCHR0WPuf0yD6dIfXl2/0t8mzl9YS6GQHa
0LPw0vrZtoaNXua0xuR90pHFsR8nUDXV0hnn4qDQHKbGUIS0jfPEyIOTpLFF7sqU
+YQOCN/OuQZoaTOyjFfCTKqkNdkYTsnkG/1L8IQZ/cZR8xwKegBwt0+H3v0/D7al
YsR2UPiJ1WV3AHzdA8CzQx3vh2TEMSdco1Rm7OHngbpggmai9Nr89jnkjuLqff3G
UVrq+lMfigrBZ3HFvI9LHGxjJph73/+Ux7/9skG2rKpXnpLjqqiZU2MWd7lbnAhb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:33 2024 by rpki-client on console-fra.rpki-client.org