Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/pIgo10sLOBtB6Z8Hph9fI2YLnaA.roa
File: pIgo10sLOBtB6Z8Hph9fI2YLnaA.roa (raw, json)
Hash identifier: Gw6N6RoHPUdRRMbeKfS4H6bm0bk8Pa8tXOicwQBXS3E=
Subject key identifier: A4:88:28:D7:4B:0B:38:1B:41:E9:9F:07:A6:1F:5F:23:66:0B:9D:A0
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 01856F547A301F321AA0B404E24B9F20A99E
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/pIgo10sLOBtB6Z8Hph9fI2YLnaA.roa
Signing time: Sun 01 Jan 2023 21:54:45 +0000
ROA not before: Sun 01 Jan 2023 21:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20719
IP address blocks: 213.244.124.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:7a:30:1f:32:1a:a0:b4:04:e2:4b:9f:20:a9:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Jan 1 21:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a48828d74b0b381b41e99f07a61f5f23660b9da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:37:4f:88:85:f5:bc:8a:8a:9f:de:9b:f2:94:
4a:82:d7:3a:2f:b0:78:c7:9e:58:35:24:d2:08:0a:
d2:be:1a:c9:10:f0:42:06:a7:68:e3:95:ed:97:64:
9d:7e:34:cb:94:c3:b5:9d:74:b5:e3:9b:c8:93:70:
5d:5e:6d:c5:d1:e0:d7:09:8b:c4:0b:21:a4:6a:ac:
d5:df:a6:b9:30:ca:04:d3:55:24:27:36:51:64:76:
5d:8d:40:80:17:88:07:07:7c:a5:2b:7d:f2:95:c1:
ae:b5:9c:4e:66:90:4d:f8:2c:5f:43:41:c6:97:e2:
21:14:b5:f3:62:d7:dd:f4:f2:40:95:4c:ee:90:64:
ca:b7:4e:8b:7d:2d:0b:f2:ae:d3:e2:f3:a9:8d:08:
c9:1a:ff:ce:85:93:52:34:6a:19:16:03:d8:41:d8:
b3:9d:27:49:28:59:d4:35:4f:98:5f:fe:6b:c1:4c:
e5:db:e9:f8:d2:7f:58:69:87:d2:68:b2:76:3e:95:
f4:37:ec:f9:a7:63:31:e3:c2:e8:dc:78:1f:4d:b5:
7d:fe:79:d4:ca:d7:28:cb:88:5c:cb:33:74:61:a2:
9f:97:7f:34:40:93:1e:b6:27:31:5b:cc:05:63:15:
b1:0d:00:b3:33:19:7e:59:77:72:d7:d4:0b:2c:dd:
98:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:88:28:D7:4B:0B:38:1B:41:E9:9F:07:A6:1F:5F:23:66:0B:9D:A0
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/pIgo10sLOBtB6Z8Hph9fI2YLnaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.244.124.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:db:9e:fb:6e:51:86:79:e0:d6:e5:01:59:10:82:a5:70:1e:
5a:ce:d3:3b:34:70:cb:2c:68:c1:ab:04:1d:54:7f:14:0a:3b:
79:a9:34:14:eb:c9:f1:c8:4c:f5:86:f7:76:a4:0a:13:38:fd:
ee:87:35:e6:56:d6:a1:76:a7:20:a7:88:c9:20:98:6b:9a:0d:
32:d6:b7:39:cb:fd:bd:e9:78:d4:82:de:48:36:69:fc:50:db:
82:6a:99:5d:9a:74:64:94:42:be:a6:31:c6:1b:a1:d4:82:18:
7b:be:e1:bb:63:1b:e3:6b:d9:87:c1:ec:f7:d9:28:76:6f:34:
f4:21:cd:60:07:e9:c1:9a:96:3c:b0:a1:19:7d:e1:e7:70:ee:
47:86:6b:6c:dd:71:bd:30:a7:db:ff:c1:a1:ac:e5:53:c7:10:
c1:5e:c8:dd:66:4f:56:c0:a8:16:ff:d5:b6:d4:36:10:e7:e9:
4e:78:05:90:d4:92:11:b9:35:5d:86:96:ae:2c:4c:3f:c9:d6:
a2:0f:d7:d8:79:e0:4c:b6:ab:2e:d0:1c:db:fa:5f:32:7d:82:
46:99:b4:30:e3:4f:51:00:05:1c:af:77:cc:1f:68:9f:1f:40:
f0:12:60:f2:96:c3:b3:d8:ad:89:ba:0f:88:ba:5f:fc:d7:f6:
f8:c3:84:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVHowHzIaoLQE4kufIKmeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjMwMTAxMjE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDg4MjhkNzRiMGIzODFiNDFlOTlmMDdhNjFmNWYyMzY2MGI5ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjdPiIX1vIqKn96b8pRKgtc6L7B4
x55YNSTSCArSvhrJEPBCBqdo45Xtl2SdfjTLlMO1nXS145vIk3BdXm3F0eDXCYvE
CyGkaqzV36a5MMoE01UkJzZRZHZdjUCAF4gHB3ylK33ylcGutZxOZpBN+CxfQ0HG
l+IhFLXzYtfd9PJAlUzukGTKt06LfS0L8q7T4vOpjQjJGv/OhZNSNGoZFgPYQdiz
nSdJKFnUNU+YX/5rwUzl2+n40n9YaYfSaLJ2PpX0N+z5p2Mx48Lo3HgfTbV9/nnU
ytcoy4hcyzN0YaKfl380QJMeticxW8wFYxWxDQCzMxl+WXdy19QLLN2YwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSIKNdLCzgbQemfB6YfXyNmC52gMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvcElnbzEwc0xPQnRCNlo4SHBoOWZJMllMbmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1fR8MA0G
CSqGSIb3DQEBCwUAA4IBAQBL2577blGGeeDW5QFZEIKlcB5aztM7NHDLLGjBqwQd
VH8UCjt5qTQU68nxyEz1hvd2pAoTOP3uhzXmVtahdqcgp4jJIJhrmg0y1rc5y/29
6XjUgt5INmn8UNuCapldmnRklEK+pjHGG6HUghh7vuG7Yxvja9mHwez32Sh2bzT0
Ic1gB+nBmpY8sKEZfeHncO5Hhmts3XG9MKfb/8GhrOVTxxDBXsjdZk9WwKgW/9W2
1DYQ5+lOeAWQ1JIRuTVdhpauLEw/ydaiD9fYeeBMtqsu0Bzb+l8yfYJGmbQw409R
AAUcr3fMH2ifH0DwEmDylsOz2K2Jug+Iul/81/b4w4Rn
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:48 2024 by rpki-client on console-fra.rpki-client.org