Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/ckfh6De5eeV9QzGVEB88jvGTijk.roa
File: ckfh6De5eeV9QzGVEB88jvGTijk.roa (raw, json)
Hash identifier: U6OMFZzl3XlEPTOhJqskBI6Zzxjzh+l0lYuwg8UpRqY=
Subject key identifier: 72:47:E1:E8:37:B9:79:E5:7D:43:31:95:10:1F:3C:8E:F1:93:8A:39
Certificate issuer: /CN=bd7d8178cec5cd376548a9049117f469c0a7431c
Certificate serial: 01856F9DDD850885E729CB12226644E7108B
Authority key identifier: BD:7D:81:78:CE:C5:CD:37:65:48:A9:04:91:17:F4:69:C0:A7:43:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/ckfh6De5eeV9QzGVEB88jvGTijk.roa
Signing time: Sun 01 Jan 2023 23:14:54 +0000
ROA not before: Sun 01 Jan 2023 23:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 131171
IP address blocks: 178.255.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:dd:85:08:85:e7:29:cb:12:22:66:44:e7:10:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7d8178cec5cd376548a9049117f469c0a7431c
Validity
Not Before: Jan 1 23:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7247e1e837b979e57d433195101f3c8ef1938a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:fc:dc:c4:be:e9:ff:75:73:dd:21:96:d2:47:
0e:d0:7e:ec:ed:90:35:83:51:59:df:4c:9a:d3:29:
89:0a:b6:77:96:29:ba:d9:fc:a9:17:1d:57:74:e9:
d4:8b:0a:51:3e:d5:1c:f5:1d:68:72:b5:ae:4e:26:
1c:58:45:52:15:85:3f:58:cb:ff:d7:9d:92:aa:fc:
9f:9f:51:79:9b:25:f2:de:79:be:ce:ad:ca:65:04:
87:b3:b7:97:6c:62:0b:36:4b:80:ee:3a:87:07:95:
60:29:0a:87:f3:2e:29:39:64:ae:39:01:f8:ed:42:
78:3d:40:e9:8d:2a:25:bf:01:33:1f:bf:e8:bd:13:
06:f2:33:b2:61:b5:38:90:3f:e3:72:b4:8b:64:dc:
48:0d:ba:d3:80:38:22:e3:2d:25:eb:5e:d7:b5:8b:
38:06:de:d9:ba:bf:f8:b0:7f:52:76:ae:a4:9b:d5:
f3:f3:75:a1:6b:46:23:ac:78:6c:8a:bd:5a:17:f7:
1f:f3:d9:3b:90:bb:fa:d1:ce:5c:7a:80:fd:ea:a3:
b8:25:98:34:52:93:30:d3:52:81:04:a9:0c:47:8a:
33:d6:10:40:0e:a7:49:4a:dc:34:f6:f3:1d:9c:62:
78:45:b9:06:87:3f:3f:5a:4c:b0:8b:27:30:07:c3:
0e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:47:E1:E8:37:B9:79:E5:7D:43:31:95:10:1F:3C:8E:F1:93:8A:39
X509v3 Authority Key Identifier:
keyid:BD:7D:81:78:CE:C5:CD:37:65:48:A9:04:91:17:F4:69:C0:A7:43:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/ckfh6De5eeV9QzGVEB88jvGTijk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/vX2BeM7FzTdlSKkEkRf0acCnQxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.10.0/24
Signature Algorithm: sha256WithRSAEncryption
60:04:ea:0f:fb:0a:ee:c1:c0:08:e0:48:47:3f:84:e3:0b:8b:
fa:24:1b:b8:01:e0:5b:8c:82:76:33:6a:34:a2:51:d9:d0:30:
e4:a2:8e:45:f0:8d:82:e2:12:d0:09:5c:59:46:14:75:68:f5:
5e:ce:69:39:40:c2:ba:c4:d1:6a:7e:53:92:4c:05:f1:77:a4:
46:21:46:e2:94:df:2f:78:85:fc:ff:99:1c:2b:b3:33:41:ea:
92:12:21:7f:d0:28:53:14:ce:8d:41:ba:a1:23:05:cc:27:2a:
ae:4a:97:ea:6a:79:61:92:d5:ba:59:20:04:21:03:96:43:ea:
30:88:9f:f0:f0:4b:de:89:eb:69:33:cb:59:78:f0:fd:07:ab:
51:3e:98:10:58:ef:ab:78:8a:3e:f5:c9:a2:be:60:e2:f8:b8:
0b:b9:1e:7a:f3:03:69:b2:e9:dd:6b:5e:9c:b4:18:c6:14:26:
9d:8c:c5:3b:55:58:5a:55:f8:f4:e9:a0:6d:9f:ea:67:6c:91:
19:21:58:4d:c4:34:f6:91:7e:2c:2d:6c:38:a7:4c:1e:7e:c1:
65:fa:3f:8c:d3:d9:34:dc:3f:86:87:61:cf:81:7d:c3:7e:1d:
8e:1b:eb:4d:dd:b2:99:0f:e8:a7:7a:b0:ad:f6:2b:99:e4:af:
05:8d:53:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnd2FCIXnKcsSImZE5xCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkN2Q4MTc4Y2VjNWNkMzc2NTQ4YTkwNDkxMTdmNDY5YzBh
NzQzMWMwHhcNMjMwMTAxMjMxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQ3ZTFlODM3Yjk3OWU1N2Q0MzMxOTUxMDFmM2M4ZWYxOTM4YTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+vzcxL7p/3Vz3SGW0kcO0H7s7ZA1
g1FZ30ya0ymJCrZ3lim62fypFx1XdOnUiwpRPtUc9R1ocrWuTiYcWEVSFYU/WMv/
152Sqvyfn1F5myXy3nm+zq3KZQSHs7eXbGILNkuA7jqHB5VgKQqH8y4pOWSuOQH4
7UJ4PUDpjSolvwEzH7/ovRMG8jOyYbU4kD/jcrSLZNxIDbrTgDgi4y0l617XtYs4
Bt7Zur/4sH9Sdq6km9Xz83Wha0YjrHhsir1aF/cf89k7kLv60c5ceoD96qO4JZg0
UpMw01KBBKkMR4oz1hBADqdJStw09vMdnGJ4RbkGhz8/WkywiycwB8MOTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJH4eg3uXnlfUMxlRAfPI7xk4o5MB8GA1UdIwQY
MBaAFL19gXjOxc03ZUipBJEX9GnAp0McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlgyQmVNN0Z6VGRsU0trRWtSZjBhY0NuUXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mMzE3YjMtMDY2OC00ZTA0LTliNmQt
NjE1YWNhNTFlMmY2LzEvY2tmaDZEZTVlZVY5UXpHVkVCODhqdkdUaWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mMzE3YjMtMDY2OC00ZTA0LTliNmQtNjE1YWNhNTFlMmY2
LzEvdlgyQmVNN0Z6VGRsU0trRWtSZjBhY0NuUXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv8KMA0G
CSqGSIb3DQEBCwUAA4IBAQBgBOoP+wruwcAI4EhHP4TjC4v6JBu4AeBbjIJ2M2o0
olHZ0DDkoo5F8I2C4hLQCVxZRhR1aPVezmk5QMK6xNFqflOSTAXxd6RGIUbilN8v
eIX8/5kcK7MzQeqSEiF/0ChTFM6NQbqhIwXMJyquSpfqanlhktW6WSAEIQOWQ+ow
iJ/w8EveietpM8tZePD9B6tRPpgQWO+reIo+9cmivmDi+LgLuR568wNpsunda16c
tBjGFCadjMU7VVhaVfj06aBtn+pnbJEZIVhNxDT2kX4sLWw4p0wefsFl+j+M09k0
3D+Gh2HPgX3Dfh2OG+tN3bKZD+inerCt9iuZ5K8FjVN+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org