Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7a96d1-cf1b-4f47-93ee-259fe1750eeb/1/Ob2efj6ZdhrGX4UoLjviblcswBk.roa
File: Ob2efj6ZdhrGX4UoLjviblcswBk.roa (raw, json)
Hash identifier: aUEuaSh6T+ONug/m7PgzzmBHJQNQABSOfclcPMV+wYo=
Subject key identifier: 39:BD:9E:7E:3E:99:76:1A:C6:5F:85:28:2E:3B:E2:6E:57:2C:C0:19
Certificate issuer: /CN=fcf9ada9b28b6997fda1c468a8d869638407a0bb
Certificate serial: 01856C4A3CC270E235E3BB51C629498BA44A
Authority key identifier: FC:F9:AD:A9:B2:8B:69:97:FD:A1:C4:68:A8:D8:69:63:84:07:A0:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_PmtqbKLaZf9ocRoqNhpY4QHoLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7a96d1-cf1b-4f47-93ee-259fe1750eeb/1/Ob2efj6ZdhrGX4UoLjviblcswBk.roa
Signing time: Sun 01 Jan 2023 07:44:42 +0000
ROA not before: Sun 01 Jan 2023 07:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202814
IP address blocks: 171.22.140.0/22 maxlen: 24
185.139.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:3c:c2:70:e2:35:e3:bb:51:c6:29:49:8b:a4:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcf9ada9b28b6997fda1c468a8d869638407a0bb
Validity
Not Before: Jan 1 07:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39bd9e7e3e99761ac65f85282e3be26e572cc019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:82:a5:92:8e:4c:28:c9:bd:40:12:a7:94:e1:
d6:90:06:36:15:8e:b4:27:7b:45:40:8a:b9:fd:d2:
38:ae:34:8c:69:0e:40:9f:a1:7d:a9:3d:e4:09:84:
74:f5:5a:a1:1b:83:d3:c8:f3:8f:bc:80:52:13:25:
a8:e8:45:be:bf:d5:00:b6:50:61:86:c9:d3:9a:38:
5d:4f:79:d2:a4:aa:bd:5e:01:a0:28:82:f3:03:30:
96:95:e4:b0:51:a8:43:c2:18:82:fe:a0:52:83:10:
a7:24:e1:5a:c3:32:35:f4:15:4f:40:cd:ec:0e:b1:
12:9a:21:c0:8f:35:af:a2:c1:65:59:51:3c:a7:bd:
bf:68:58:5e:cf:ab:aa:87:d9:82:9f:b2:3b:04:ed:
6e:e8:1f:0f:9f:81:02:e6:fb:08:ae:d1:1d:7a:f4:
60:d6:5d:6b:82:b3:06:86:3d:9e:4e:fc:d0:60:c8:
6e:10:5b:0d:a9:37:da:ad:25:1e:5d:7d:cf:b2:63:
40:6a:0f:d5:88:c1:be:f6:3a:ec:3d:88:90:86:50:
29:ff:1e:a2:34:9d:26:0c:a9:9c:e1:53:62:fe:f1:
f1:9a:c2:a6:3a:a6:e2:cf:34:9f:a0:d6:01:b6:22:
fd:8e:a0:bf:32:da:d4:5f:38:8c:79:96:2f:83:a6:
fd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BD:9E:7E:3E:99:76:1A:C6:5F:85:28:2E:3B:E2:6E:57:2C:C0:19
X509v3 Authority Key Identifier:
keyid:FC:F9:AD:A9:B2:8B:69:97:FD:A1:C4:68:A8:D8:69:63:84:07:A0:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_PmtqbKLaZf9ocRoqNhpY4QHoLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7a96d1-cf1b-4f47-93ee-259fe1750eeb/1/Ob2efj6ZdhrGX4UoLjviblcswBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7a96d1-cf1b-4f47-93ee-259fe1750eeb/1/_PmtqbKLaZf9ocRoqNhpY4QHoLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.140.0/22
185.139.192.0/22
Signature Algorithm: sha256WithRSAEncryption
45:a7:3c:bf:9a:32:37:00:44:43:bd:4b:b6:3e:c5:1e:82:29:
bd:c8:b4:3a:3f:75:4b:6b:b0:64:bd:03:27:ca:79:76:41:b8:
0e:99:68:cc:cf:a0:74:99:32:fb:d1:69:01:7c:d7:ea:b4:06:
44:d7:3b:39:d7:80:8c:ff:16:c0:db:b9:ff:1c:a0:fb:29:28:
b2:27:f8:ee:82:d8:74:b3:8a:52:86:60:7a:79:97:13:4f:2c:
99:7a:7f:4c:ce:63:82:39:a1:a1:a5:7f:de:2a:87:e8:32:8e:
1e:e6:26:25:dc:7e:9a:a1:de:10:03:45:eb:8e:46:d5:34:da:
56:5d:8a:86:81:b1:e8:96:c3:c9:bb:ea:f5:94:f4:4d:ae:6a:
96:51:cf:3d:9b:53:c2:45:38:ab:3a:31:f2:b3:d9:bd:a0:df:
79:aa:a3:54:4f:21:77:62:b3:56:bf:8d:07:91:19:fe:d1:4c:
a1:3b:a6:03:5b:0c:92:7a:b9:ec:d7:03:43:7c:e2:bf:ad:ff:
7a:67:60:f2:33:96:bc:88:a8:96:2a:c2:e5:1d:a8:bb:42:5b:
ca:7f:bd:f8:bb:96:cd:64:b7:6e:22:d8:2e:c6:9e:3a:75:59:
a6:92:13:a0:ed:33:f3:48:62:a6:8a:dc:3e:dd:f6:e3:2b:1d:
ce:1d:fc:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsSjzCcOI147tRxilJi6RKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZjlhZGE5YjI4YjY5OTdmZGExYzQ2OGE4ZDg2OTYzODQw
N2EwYmIwHhcNMjMwMTAxMDc0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWJkOWU3ZTNlOTk3NjFhYzY1Zjg1MjgyZTNiZTI2ZTU3MmNjMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYKlko5MKMm9QBKnlOHWkAY2FY60
J3tFQIq5/dI4rjSMaQ5An6F9qT3kCYR09VqhG4PTyPOPvIBSEyWo6EW+v9UAtlBh
hsnTmjhdT3nSpKq9XgGgKILzAzCWleSwUahDwhiC/qBSgxCnJOFawzI19BVPQM3s
DrESmiHAjzWvosFlWVE8p72/aFhez6uqh9mCn7I7BO1u6B8Pn4EC5vsIrtEdevRg
1l1rgrMGhj2eTvzQYMhuEFsNqTfarSUeXX3PsmNAag/ViMG+9jrsPYiQhlAp/x6i
NJ0mDKmc4VNi/vHxmsKmOqbizzSfoNYBtiL9jqC/MtrUXziMeZYvg6b9qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDm9nn4+mXYaxl+FKC474m5XLMAZMB8GA1UdIwQY
MBaAFPz5ramyi2mX/aHEaKjYaWOEB6C7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1BtdHFiS0xhWmY5b2NSb3FOaHBZNFFIb0xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YTk2ZDEtY2YxYi00ZjQ3LTkzZWUt
MjU5ZmUxNzUwZWViLzEvT2IyZWZqNlpkaHJHWDRVb0xqdmlibGNzd0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YTk2ZDEtY2YxYi00ZjQ3LTkzZWUtMjU5ZmUxNzUwZWVi
LzEvX1BtdHFiS0xhWmY5b2NSb3FOaHBZNFFIb0xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCqxaMAwQC
uYvAMA0GCSqGSIb3DQEBCwUAA4IBAQBFpzy/mjI3AERDvUu2PsUegim9yLQ6P3VL
a7BkvQMnynl2QbgOmWjMz6B0mTL70WkBfNfqtAZE1zs514CM/xbA27n/HKD7KSiy
J/jugth0s4pShmB6eZcTTyyZen9MzmOCOaGhpX/eKofoMo4e5iYl3H6aod4QA0Xr
jkbVNNpWXYqGgbHolsPJu+r1lPRNrmqWUc89m1PCRTirOjHys9m9oN95qqNUTyF3
YrNWv40HkRn+0UyhO6YDWwySerns1wNDfOK/rf96Z2DyM5a8iKiWKsLlHai7QlvK
f734u5bNZLduItguxp46dVmmkhOg7TPzSGKmitw+3fbjKx3OHfz7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:37 2024 by rpki-client on console-ams.rpki-client.org