Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/b8b5bd-8adf-43ef-8abd-2b3a159ca2ef/1/f9ehqEjGceGfMRmtWgmZx9J94nQ.roa
File: f9ehqEjGceGfMRmtWgmZx9J94nQ.roa (raw, json)
Hash identifier: VMGZNyuf0tHUt3IWmASZIfdGkmzC1Valokop4mzEeeA=
Subject key identifier: 7F:D7:A1:A8:48:C6:71:E1:9F:31:19:AD:5A:09:99:C7:D2:7D:E2:74
Certificate issuer: /CN=0d18532baa2fd86583a263bb1fbccbc80d40d990
Certificate serial: 01857015039F1F9F0F16E895C8D0DB476D4A
Authority key identifier: 0D:18:53:2B:AA:2F:D8:65:83:A2:63:BB:1F:BC:CB:C8:0D:40:D9:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DRhTK6ov2GWDomO7H7zLyA1A2ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/b8b5bd-8adf-43ef-8abd-2b3a159ca2ef/1/f9ehqEjGceGfMRmtWgmZx9J94nQ.roa
Signing time: Mon 02 Jan 2023 01:25:03 +0000
ROA not before: Mon 02 Jan 2023 01:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207628
IP address blocks: 176.119.207.0/24 maxlen: 24
2a05:ed40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:03:9f:1f:9f:0f:16:e8:95:c8:d0:db:47:6d:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d18532baa2fd86583a263bb1fbccbc80d40d990
Validity
Not Before: Jan 2 01:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fd7a1a848c671e19f3119ad5a0999c7d27de274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:20:21:4d:03:af:c8:aa:75:1c:4a:df:ff:62:
bf:f7:ad:72:eb:68:9b:93:f0:da:0d:a9:ea:2c:69:
7b:d5:eb:08:a6:4f:30:18:4e:01:c0:54:5f:c3:2b:
50:e8:8d:2c:83:de:3c:23:e4:c8:03:99:70:05:16:
e7:a2:35:69:9d:5b:ac:50:ae:06:da:bd:65:61:a9:
24:fa:03:44:25:e9:0a:83:5d:ce:3b:47:23:73:f0:
35:fb:f6:a3:bc:42:26:c6:fe:36:6f:b5:7f:0a:18:
d9:67:f3:c9:d6:fd:bf:84:ee:4b:9d:b6:b6:fa:aa:
85:03:1e:c5:a7:73:50:fc:c3:82:2b:ab:12:e3:a8:
8b:52:c0:5f:f9:7d:96:23:a3:98:aa:75:ee:8a:41:
5d:59:18:d3:bd:59:d5:c0:e4:a4:78:11:ac:26:c1:
92:3d:c1:e8:15:9b:cc:f0:f9:a3:86:a7:2e:de:35:
aa:17:a6:c3:5b:a8:33:24:76:13:38:09:46:40:68:
b2:79:d1:15:29:75:a3:67:62:18:27:38:f1:87:1c:
6f:e5:a7:c5:a2:5e:78:df:6d:ca:ca:19:1c:a1:85:
c6:2a:35:38:d8:4e:f6:c1:68:49:91:43:c3:a5:01:
fc:91:9f:2d:6f:05:13:16:4b:1f:90:46:e6:3d:20:
ab:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D7:A1:A8:48:C6:71:E1:9F:31:19:AD:5A:09:99:C7:D2:7D:E2:74
X509v3 Authority Key Identifier:
keyid:0D:18:53:2B:AA:2F:D8:65:83:A2:63:BB:1F:BC:CB:C8:0D:40:D9:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRhTK6ov2GWDomO7H7zLyA1A2ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b8b5bd-8adf-43ef-8abd-2b3a159ca2ef/1/f9ehqEjGceGfMRmtWgmZx9J94nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b8b5bd-8adf-43ef-8abd-2b3a159ca2ef/1/DRhTK6ov2GWDomO7H7zLyA1A2ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.207.0/24
IPv6:
2a05:ed40::/29
Signature Algorithm: sha256WithRSAEncryption
15:cd:81:7c:ff:7d:19:e9:af:f9:fc:dc:77:04:40:2c:d6:3a:
e4:8c:01:13:50:0d:23:a7:1c:68:17:36:1e:59:bc:c6:c0:7f:
12:ce:a2:82:37:fe:64:da:a7:85:f7:e9:6d:7a:02:10:32:cc:
a0:2f:f6:88:b0:29:54:ab:97:78:e1:5d:d5:c2:47:e6:63:cb:
89:e6:da:08:4c:aa:d8:cb:a8:d7:22:5d:b5:ba:70:39:38:ee:
a0:34:ed:e4:c2:11:ae:ec:16:9e:06:52:58:13:f9:ec:34:9a:
04:15:f4:58:62:57:a9:31:7e:4f:5d:cb:61:78:73:cf:67:59:
b4:5d:62:6b:d9:3a:3f:1c:35:89:8d:02:a4:3e:4c:5a:4a:92:
f5:36:2b:a2:97:00:f4:ef:b5:a9:f1:a5:be:c9:a5:7d:e9:06:
4d:f4:dd:90:0b:8d:92:07:2d:92:e9:03:65:77:7e:91:17:28:
4e:48:7f:7f:1f:26:eb:0f:74:92:8e:50:34:e7:8e:c6:75:9b:
1b:7a:f8:42:2c:70:a6:78:4d:38:79:78:ce:cd:f9:a8:3e:a4:
c2:6b:3d:e7:d8:d8:2f:ae:8c:c2:d7:84:78:fc:e1:c1:47:53:
be:17:38:0a:b8:a3:9b:65:9d:46:f9:e6:61:b6:1a:41:9f:c9:
26:84:57:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwFQOfH58PFuiVyNDbR21KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMTg1MzJiYWEyZmQ4NjU4M2EyNjNiYjFmYmNjYmM4MGQ0
MGQ5OTAwHhcNMjMwMTAyMDEyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQ3YTFhODQ4YzY3MWUxOWYzMTE5YWQ1YTA5OTljN2QyN2RlMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyAhTQOvyKp1HErf/2K/961y62ib
k/DaDanqLGl71esIpk8wGE4BwFRfwytQ6I0sg948I+TIA5lwBRbnojVpnVusUK4G
2r1lYakk+gNEJekKg13OO0cjc/A1+/ajvEImxv42b7V/ChjZZ/PJ1v2/hO5Lnba2
+qqFAx7Fp3NQ/MOCK6sS46iLUsBf+X2WI6OYqnXuikFdWRjTvVnVwOSkeBGsJsGS
PcHoFZvM8Pmjhqcu3jWqF6bDW6gzJHYTOAlGQGiyedEVKXWjZ2IYJzjxhxxv5afF
ol54323KyhkcoYXGKjU42E72wWhJkUPDpQH8kZ8tbwUTFksfkEbmPSCrJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH/XoahIxnHhnzEZrVoJmcfSfeJ0MB8GA1UdIwQY
MBaAFA0YUyuqL9hlg6Jjux+8y8gNQNmQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFJoVEs2b3YyR1dEb21PN0g3ekx5QTFBMlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9iOGI1YmQtOGFkZi00M2VmLThhYmQt
MmIzYTE1OWNhMmVmLzEvZjllaHFFakdjZUdmTVJtdFdnbVp4OUo5NG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9iOGI1YmQtOGFkZi00M2VmLThhYmQtMmIzYTE1OWNhMmVm
LzEvRFJoVEs2b3YyR1dEb21PN0g3ekx5QTFBMlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsHfPMA0E
AgACMAcDBQMqBe1AMA0GCSqGSIb3DQEBCwUAA4IBAQAVzYF8/30Z6a/5/Nx3BEAs
1jrkjAETUA0jpxxoFzYeWbzGwH8SzqKCN/5k2qeF9+ltegIQMsygL/aIsClUq5d4
4V3VwkfmY8uJ5toITKrYy6jXIl21unA5OO6gNO3kwhGu7BaeBlJYE/nsNJoEFfRY
YlepMX5PXctheHPPZ1m0XWJr2To/HDWJjQKkPkxaSpL1NiuilwD077Wp8aW+yaV9
6QZN9N2QC42SBy2S6QNld36RFyhOSH9/HybrD3SSjlA0547GdZsbevhCLHCmeE04
eXjOzfmoPqTCaz3n2NgvrozC14R4/OHBR1O+FzgKuKObZZ1G+eZhthpBn8kmhFeo
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:39 2024 by rpki-client on console-fra.rpki-client.org