Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/b329eb-fa5b-4fa8-b49b-f623304ed79a/1/I9KhxBqpPQNGkZTF-qERIHz43t8.roa
File: I9KhxBqpPQNGkZTF-qERIHz43t8.roa (raw, json)
Hash identifier: Tm9s1RJVOqqFWfwu6sYKlSZcjXvLX+j8q/i6Ld42u34=
Subject key identifier: 23:D2:A1:C4:1A:A9:3D:03:46:91:94:C5:FA:A1:11:20:7C:F8:DE:DF
Certificate issuer: /CN=cd40d5ea59f80da61b4486bd999be112a1a35387
Certificate serial: 018570671BB66A944EC27719AEE59D4E445E
Authority key identifier: CD:40:D5:EA:59:F8:0D:A6:1B:44:86:BD:99:9B:E1:12:A1:A3:53:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zUDV6ln4DaYbRIa9mZvhEqGjU4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/b329eb-fa5b-4fa8-b49b-f623304ed79a/1/I9KhxBqpPQNGkZTF-qERIHz43t8.roa
Signing time: Mon 02 Jan 2023 02:54:43 +0000
ROA not before: Mon 02 Jan 2023 02:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38942
IP address blocks: 87.239.40.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:1b:b6:6a:94:4e:c2:77:19:ae:e5:9d:4e:44:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd40d5ea59f80da61b4486bd999be112a1a35387
Validity
Not Before: Jan 2 02:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23d2a1c41aa93d03469194c5faa111207cf8dedf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:66:c3:dd:ca:1f:82:c6:0b:11:d7:91:bb:d2:
93:bb:bc:08:9e:08:39:12:e3:d6:ca:dd:d8:05:54:
63:01:d9:0c:5e:25:2a:d9:59:8f:9f:13:3e:76:1f:
fb:f6:30:87:3b:81:19:c1:31:1e:18:b4:a7:49:83:
a8:f5:d1:1b:7c:4f:19:db:58:e7:3f:75:6c:c2:b8:
37:77:8f:e4:a8:92:98:38:bf:97:ff:69:7e:02:67:
a2:b4:82:fd:79:58:a4:13:52:52:f7:f5:a7:70:22:
04:78:33:cc:0f:22:b6:71:b7:f7:3c:22:65:38:5f:
43:4b:da:c0:48:f4:2b:39:18:76:5b:db:8e:c4:f7:
6e:e6:9d:fd:a3:98:19:e6:c6:91:48:dd:0f:3a:57:
fe:4c:fa:a8:36:29:34:f9:e5:10:b1:70:bc:14:82:
9d:5c:66:6a:22:94:f6:90:65:ec:6d:a4:38:6d:15:
3c:ff:fd:58:bf:db:b2:aa:ab:2d:0f:b2:f9:6d:9d:
26:14:4a:d8:31:06:32:de:4a:24:25:5c:de:cc:d3:
94:21:d4:a9:86:d7:37:43:f4:44:f4:cf:24:a6:2e:
7c:57:a7:35:3b:46:3b:df:66:bb:60:7a:db:c9:c7:
a1:73:17:c0:14:97:d9:6b:29:a3:6a:5d:22:e5:d1:
b8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D2:A1:C4:1A:A9:3D:03:46:91:94:C5:FA:A1:11:20:7C:F8:DE:DF
X509v3 Authority Key Identifier:
keyid:CD:40:D5:EA:59:F8:0D:A6:1B:44:86:BD:99:9B:E1:12:A1:A3:53:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zUDV6ln4DaYbRIa9mZvhEqGjU4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/b329eb-fa5b-4fa8-b49b-f623304ed79a/1/I9KhxBqpPQNGkZTF-qERIHz43t8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/b329eb-fa5b-4fa8-b49b-f623304ed79a/1/zUDV6ln4DaYbRIa9mZvhEqGjU4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.40.0/21
Signature Algorithm: sha256WithRSAEncryption
59:2c:36:4f:66:75:bd:ce:f3:36:9e:e3:a4:10:de:78:ac:3b:
79:43:17:a2:c1:95:d6:8e:c5:fb:4a:a2:6a:e7:5e:46:4e:4b:
80:ee:e6:62:83:9d:96:03:01:35:0f:46:5a:28:c5:ee:d8:31:
fc:6f:37:19:f7:86:41:bc:13:51:cc:21:9e:c9:f0:07:8e:70:
6f:75:38:7c:11:16:6b:39:1d:ea:da:af:2f:19:84:ca:48:7e:
5f:af:2e:4b:ae:ac:58:34:30:09:69:11:64:8d:bc:62:c1:c0:
70:a0:a6:3c:ce:8d:4a:a0:1e:98:ce:b6:e2:d2:8c:99:38:dd:
6e:f8:ab:04:e2:51:45:38:41:0c:ca:50:d9:cb:90:2b:05:18:
7f:22:af:de:fe:47:18:08:9c:32:f6:5b:40:f7:a6:ff:f4:7e:
61:9c:c6:30:f1:ce:a2:78:de:f9:fb:0d:e5:8e:f6:fa:e8:6d:
03:a4:30:f9:3d:d0:d0:48:43:17:20:46:a5:bc:22:fc:ed:fe:
a5:cb:31:93:77:c3:cf:da:16:21:d5:ee:90:8c:f1:9c:b5:2e:
9d:84:b5:ae:89:28:88:b7:12:fc:14:a4:5a:db:ff:40:53:1d:
dc:25:82:30:93:90:2e:ec:b3:fa:ab:71:83:1f:1c:9e:4c:31:
ac:45:ee:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZxu2apROwncZruWdTkReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNDBkNWVhNTlmODBkYTYxYjQ0ODZiZDk5OWJlMTEyYTFh
MzUzODcwHhcNMjMwMTAyMDI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2QyYTFjNDFhYTkzZDAzNDY5MTk0YzVmYWExMTEyMDdjZjhkZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmbD3cofgsYLEdeRu9KTu7wIngg5
EuPWyt3YBVRjAdkMXiUq2VmPnxM+dh/79jCHO4EZwTEeGLSnSYOo9dEbfE8Z21jn
P3Vswrg3d4/kqJKYOL+X/2l+AmeitIL9eVikE1JS9/WncCIEeDPMDyK2cbf3PCJl
OF9DS9rASPQrORh2W9uOxPdu5p39o5gZ5saRSN0POlf+TPqoNik0+eUQsXC8FIKd
XGZqIpT2kGXsbaQ4bRU8//1Yv9uyqqstD7L5bZ0mFErYMQYy3kokJVzezNOUIdSp
htc3Q/RE9M8kpi58V6c1O0Y732a7YHrbycehcxfAFJfZaymjal0i5dG45wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPSocQaqT0DRpGUxfqhESB8+N7fMB8GA1UdIwQY
MBaAFM1A1epZ+A2mG0SGvZmb4RKho1OHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelVEVjZsbjREYVliUklhOW1admhFcUdqVTRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9iMzI5ZWItZmE1Yi00ZmE4LWI0OWIt
ZjYyMzMwNGVkNzlhLzEvSTlLaHhCcXBQUU5Ha1pURi1xRVJJSHo0M3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9iMzI5ZWItZmE1Yi00ZmE4LWI0OWItZjYyMzMwNGVkNzlh
LzEvelVEVjZsbjREYVliUklhOW1admhFcUdqVTRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDV+8oMA0G
CSqGSIb3DQEBCwUAA4IBAQBZLDZPZnW9zvM2nuOkEN54rDt5QxeiwZXWjsX7SqJq
515GTkuA7uZig52WAwE1D0ZaKMXu2DH8bzcZ94ZBvBNRzCGeyfAHjnBvdTh8ERZr
OR3q2q8vGYTKSH5fry5LrqxYNDAJaRFkjbxiwcBwoKY8zo1KoB6Yzrbi0oyZON1u
+KsE4lFFOEEMylDZy5ArBRh/Iq/e/kcYCJwy9ltA96b/9H5hnMYw8c6ieN75+w3l
jvb66G0DpDD5PdDQSEMXIEalvCL87f6lyzGTd8PP2hYh1e6QjPGctS6dhLWuiSiI
txL8FKRa2/9AUx3cJYIwk5Au7LP6q3GDHxyeTDGsRe7x
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:12 2024 by rpki-client on console-ams.rpki-client.org