Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/R9TuN_mIFSgrQeW4nlK4YnF_Ojk.roa
File: R9TuN_mIFSgrQeW4nlK4YnF_Ojk.roa (raw, json)
Hash identifier: d1QA6YekZZZDv89kd2NEJubbF3rHhxZ23ReoJZ4+4CU=
Subject key identifier: 47:D4:EE:37:F9:88:15:28:2B:41:E5:B8:9E:52:B8:62:71:7F:3A:39
Certificate issuer: /CN=d2075c84f529c87dd85fd4afea4e0934366af54a
Certificate serial: 0185719E77A0F46CD5725496688A3CF9B107
Authority key identifier: D2:07:5C:84:F5:29:C8:7D:D8:5F:D4:AF:EA:4E:09:34:36:6A:F5:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/R9TuN_mIFSgrQeW4nlK4YnF_Ojk.roa
Signing time: Mon 02 Jan 2023 08:34:48 +0000
ROA not before: Mon 02 Jan 2023 08:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20751
IP address blocks: 78.40.213.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:77:a0:f4:6c:d5:72:54:96:68:8a:3c:f9:b1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2075c84f529c87dd85fd4afea4e0934366af54a
Validity
Not Before: Jan 2 08:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47d4ee37f98815282b41e5b89e52b862717f3a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c7:8f:1f:ea:e5:c5:7f:ee:23:f9:30:2d:6f:
8a:57:86:dd:0d:b0:64:35:91:4e:56:6f:87:ef:bf:
1b:83:52:24:5b:80:0a:f2:ef:fb:69:ea:18:03:d5:
8d:10:88:0d:fd:af:92:09:79:6a:42:e0:d0:66:77:
d4:33:c4:e8:6e:71:5f:a3:fd:ed:61:53:9a:cc:f9:
2f:02:c4:54:0a:f1:03:a9:a8:63:c4:7e:1b:69:d7:
ec:54:9e:0c:70:47:d4:9b:a4:db:c2:51:b8:33:6a:
80:e3:79:5e:58:47:0c:9c:8e:ad:7c:fb:eb:42:c4:
dc:ee:ab:41:5b:b8:5b:65:6c:9d:cc:65:94:a5:ac:
78:78:b6:74:0e:09:c9:e4:0d:a7:0b:66:17:4b:70:
db:05:fd:c5:3b:fd:1f:51:77:55:61:c3:6d:39:07:
21:f9:3c:72:6d:aa:d2:45:3b:9a:81:02:4e:ab:d7:
7e:d8:43:92:51:3b:62:5d:b4:93:36:57:7c:a4:e6:
56:53:53:b9:52:c0:7c:bd:aa:5a:30:0c:15:53:44:
84:13:90:6b:85:d1:04:6b:f9:1b:a4:69:05:63:12:
0e:c6:a9:cd:ef:79:e2:cc:36:80:b1:13:01:77:18:
bf:5c:d0:c3:88:6a:00:df:46:1d:d2:53:57:f8:68:
30:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D4:EE:37:F9:88:15:28:2B:41:E5:B8:9E:52:B8:62:71:7F:3A:39
X509v3 Authority Key Identifier:
keyid:D2:07:5C:84:F5:29:C8:7D:D8:5F:D4:AF:EA:4E:09:34:36:6A:F5:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/R9TuN_mIFSgrQeW4nlK4YnF_Ojk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.213.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:6a:b9:f7:f2:2a:cd:15:c6:ef:d7:19:d1:ba:5f:e1:75:a1:
85:ed:f4:39:85:95:29:63:68:84:42:81:c2:d8:a5:15:47:bf:
7e:2b:65:64:5e:11:78:76:1c:d4:b6:ec:1d:83:3c:27:d4:0b:
14:cd:be:cf:53:2f:e0:c0:7d:fc:22:1a:b2:00:8f:9a:1e:47:
e0:12:05:97:86:48:8f:3f:83:04:b9:a2:fd:ed:0d:ea:4a:bb:
97:8b:d5:64:c2:ec:0b:7d:bf:31:c6:f1:99:e2:a0:d9:b0:6b:
76:01:b2:29:4b:d8:03:9f:40:24:c9:f0:a9:ed:29:35:29:de:
84:97:c2:46:1d:97:59:91:0f:33:74:d1:e9:ca:29:9c:a0:ef:
06:48:91:e8:b5:46:c7:d1:dc:9e:2d:3c:d2:ab:0e:d0:a5:bd:
65:d5:ed:90:e6:05:cc:67:5c:b6:ad:55:7d:15:7e:83:17:5d:
54:54:a1:2e:b7:39:e2:58:56:48:79:e7:92:40:66:71:75:ef:
ca:b8:ed:73:07:98:f4:e4:22:b5:a2:e9:7c:5b:fb:2c:17:ee:
5f:6a:49:39:70:3f:4a:c0:ed:e7:45:22:bd:d5:a7:02:d6:4d:
aa:a8:15:86:b2:5a:33:4e:f3:51:c9:ae:6f:e8:9b:df:24:4d:
1a:a5:ee:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnneg9GzVclSWaIo8+bEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDc1Yzg0ZjUyOWM4N2RkODVmZDRhZmVhNGUwOTM0MzY2
YWY1NGEwHhcNMjMwMTAyMDgzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2Q0ZWUzN2Y5ODgxNTI4MmI0MWU1Yjg5ZTUyYjg2MjcxN2YzYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcePH+rlxX/uI/kwLW+KV4bdDbBk
NZFOVm+H778bg1IkW4AK8u/7aeoYA9WNEIgN/a+SCXlqQuDQZnfUM8TobnFfo/3t
YVOazPkvAsRUCvEDqahjxH4badfsVJ4McEfUm6TbwlG4M2qA43leWEcMnI6tfPvr
QsTc7qtBW7hbZWydzGWUpax4eLZ0DgnJ5A2nC2YXS3DbBf3FO/0fUXdVYcNtOQch
+TxybarSRTuagQJOq9d+2EOSUTtiXbSTNld8pOZWU1O5UsB8vapaMAwVU0SEE5Br
hdEEa/kbpGkFYxIOxqnN73nizDaAsRMBdxi/XNDDiGoA30Yd0lNX+Ggw0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfU7jf5iBUoK0HluJ5SuGJxfzo5MB8GA1UdIwQY
MBaAFNIHXIT1Kch92F/Ur+pOCTQ2avVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdkY2hQVXB5SDNZWDlTdjZrNEpORFpxOVVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9lZWZhNzItOGY0Yy00ODZjLWIwMTkt
YjRlYWEwNTYxZmM3LzEvUjlUdU5fbUlGU2dyUWVXNG5sSzRZbkZfT2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9lZWZhNzItOGY0Yy00ODZjLWIwMTktYjRlYWEwNTYxZmM3
LzEvMGdkY2hQVXB5SDNZWDlTdjZrNEpORFpxOVVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATijVMA0G
CSqGSIb3DQEBCwUAA4IBAQCharn38irNFcbv1xnRul/hdaGF7fQ5hZUpY2iEQoHC
2KUVR79+K2VkXhF4dhzUtuwdgzwn1AsUzb7PUy/gwH38IhqyAI+aHkfgEgWXhkiP
P4MEuaL97Q3qSruXi9VkwuwLfb8xxvGZ4qDZsGt2AbIpS9gDn0AkyfCp7Sk1Kd6E
l8JGHZdZkQ8zdNHpyimcoO8GSJHotUbH0dyeLTzSqw7Qpb1l1e2Q5gXMZ1y2rVV9
FX6DF11UVKEutzniWFZIeeeSQGZxde/KuO1zB5j05CK1oul8W/ssF+5fakk5cD9K
wO3nRSK91acC1k2qqBWGslozTvNRya5v6JvfJE0ape5X
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:13 2024 by rpki-client on console-fra.rpki-client.org