Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/skHRwMDA3Z8y8565XH6ixm9NfWY.roa
File: skHRwMDA3Z8y8565XH6ixm9NfWY.roa (raw, json)
Hash identifier: +44A8idVqJ/xgEqe9F80FBe/K5gClkawSJrKER5rdvY=
Subject key identifier: B2:41:D1:C0:C0:C0:DD:9F:32:F3:9E:B9:5C:7E:A2:C6:6F:4D:7D:66
Certificate issuer: /CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca
Certificate serial: 01856B6EAC92677C20AD5AD149B71A0F2A35
Authority key identifier: 9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/skHRwMDA3Z8y8565XH6ixm9NfWY.roa
Signing time: Sun 01 Jan 2023 03:44:53 +0000
ROA not before: Sun 01 Jan 2023 03:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 23.252.72.0/24 maxlen: 24
185.179.245.0/24 maxlen: 24
2a10:4cc0::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:ac:92:67:7c:20:ad:5a:d1:49:b7:1a:0f:2a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca
Validity
Not Before: Jan 1 03:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b241d1c0c0c0dd9f32f39eb95c7ea2c66f4d7d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:76:de:92:97:77:e7:ca:ab:39:80:2e:ef:0d:
9d:e6:cb:76:19:02:21:6c:67:67:6d:42:86:f1:69:
7a:34:43:e0:26:cf:36:74:07:17:b9:bb:92:6c:02:
60:44:fd:d6:f8:71:89:f0:59:54:6a:3c:23:47:9d:
9d:77:5c:e8:b5:6e:f2:5f:d3:05:fc:f8:80:bf:44:
cc:4e:d6:ab:a0:d2:43:1a:1e:4b:e0:8f:41:ca:fe:
d2:3a:78:06:cd:15:22:d1:ea:9d:bf:55:9d:15:f6:
c3:b4:6c:88:8f:91:b0:76:ea:14:fb:3b:f9:76:eb:
03:00:f2:b7:da:56:75:ff:c3:b3:1e:65:11:9e:93:
c2:aa:ba:17:12:d8:3c:9e:78:18:d6:d9:cb:86:fe:
15:1a:a6:e8:58:c4:9f:84:3e:85:f4:d5:94:6e:8f:
b9:d8:d7:01:93:a8:6f:04:61:27:81:9b:ca:06:0e:
27:aa:57:c1:d6:cf:55:f9:de:68:43:d0:f8:02:c2:
06:8e:d5:ad:f6:42:c8:2a:c4:d2:9b:ce:e9:8f:41:
90:80:ff:2d:c8:2d:fb:97:b1:1b:bd:1d:73:fa:3d:
93:50:24:88:37:da:09:b3:8d:89:b4:0e:40:03:06:
1f:05:5a:83:5e:fd:78:e9:02:69:11:c4:d1:21:18:
6e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:41:D1:C0:C0:C0:DD:9F:32:F3:9E:B9:5C:7E:A2:C6:6F:4D:7D:66
X509v3 Authority Key Identifier:
keyid:9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/skHRwMDA3Z8y8565XH6ixm9NfWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.72.0/24
185.179.245.0/24
IPv6:
2a10:4cc0::/40
Signature Algorithm: sha256WithRSAEncryption
84:27:ee:3e:76:8b:96:01:79:33:84:2e:22:20:4f:7a:9e:d9:
62:82:99:92:e5:d6:c6:f1:73:5a:3e:28:be:8d:13:bc:a5:f5:
d9:29:92:cf:66:8f:8c:47:d1:e6:58:a5:61:1e:7e:4f:78:85:
d2:91:96:b9:2d:5f:66:66:0a:d7:33:2b:e8:01:85:b6:ec:34:
7e:10:94:18:94:c1:a0:bb:9d:57:aa:cb:0e:e6:ff:c9:9f:9b:
5c:44:72:15:12:67:c1:95:31:bb:f8:4d:51:03:e5:6c:c4:e0:
b8:f1:db:2f:13:59:19:78:76:08:eb:4a:61:38:01:a5:46:fa:
4f:95:a7:44:66:a4:0b:a6:22:3a:88:c8:36:f2:60:d0:a0:1a:
80:2e:35:0c:64:49:d7:69:67:73:4e:6e:63:c3:e7:82:56:17:
67:23:79:a3:da:23:2e:79:69:91:94:d5:14:f3:07:6e:13:62:
1a:83:bd:6c:80:3f:ef:2a:1e:a6:4a:24:75:0a:d3:d5:76:1c:
1b:20:24:53:30:1a:45:ec:0e:a6:43:08:c0:f9:9e:7f:50:08:
e0:40:32:f9:4b:1c:2d:41:74:a7:d6:d1:87:f7:50:b3:3c:1e:
32:a3:18:e3:2b:96:ad:8d:e4:a5:89:a2:ed:18:0d:d0:b8:f0:
a7:cd:73:52
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVrbqySZ3wgrVrRSbcaDyo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYWQxMGY5NzJlNjc4OWUyYTQzNzdhMmMyOWVlMDhiYzNh
MzY3Y2EwHhcNMjMwMTAxMDM0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjQxZDFjMGMwYzBkZDlmMzJmMzllYjk1YzdlYTJjNjZmNGQ3ZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHbekpd358qrOYAu7w2d5st2GQIh
bGdnbUKG8Wl6NEPgJs82dAcXubuSbAJgRP3W+HGJ8FlUajwjR52dd1zotW7yX9MF
/PiAv0TMTtaroNJDGh5L4I9Byv7SOngGzRUi0eqdv1WdFfbDtGyIj5GwduoU+zv5
dusDAPK32lZ1/8OzHmURnpPCqroXEtg8nngY1tnLhv4VGqboWMSfhD6F9NWUbo+5
2NcBk6hvBGEngZvKBg4nqlfB1s9V+d5oQ9D4AsIGjtWt9kLIKsTSm87pj0GQgP8t
yC37l7EbvR1z+j2TUCSIN9oJs42JtA5AAwYfBVqDXv146QJpEcTRIRhu1wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLJB0cDAwN2fMvOeuVx+osZvTX1mMB8GA1UdIwQY
MBaAFJutEPly5nieKkN3osKe4IvDo2fKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTYwUS1YTG1lSjRxUTNlaXdwN2dpOE9qWjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9iNGY2ZDMtYTRjMC00MzdjLWI0YzYt
MGQzODE0ZWE3M2M3LzEvc2tIUndNREEzWjh5ODU2NVhINml4bTlOZldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9iNGY2ZDMtYTRjMC00MzdjLWI0YzYtMGQzODE0ZWE3M2M3
LzEvbTYwUS1YTG1lSjRxUTNlaXdwN2dpOE9qWjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAF/xIAwQA
ubP1MA4EAgACMAgDBgAqEEzAADANBgkqhkiG9w0BAQsFAAOCAQEAhCfuPnaLlgF5
M4QuIiBPep7ZYoKZkuXWxvFzWj4ovo0TvKX12SmSz2aPjEfR5lilYR5+T3iF0pGW
uS1fZmYK1zMr6AGFtuw0fhCUGJTBoLudV6rLDub/yZ+bXERyFRJnwZUxu/hNUQPl
bMTguPHbLxNZGXh2COtKYTgBpUb6T5WnRGakC6YiOojINvJg0KAagC41DGRJ12ln
c05uY8PnglYXZyN5o9ojLnlpkZTVFPMHbhNiGoO9bIA/7yoepkokdQrT1XYcGyAk
UzAaRewOpkMIwPmef1AI4EAy+UscLUF0p9bRh/dQszweMqMY4yuWrY3kpYmi7RgN
0Ljwp81zUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:56 2024 by rpki-client on console-fra.rpki-client.org