Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/100ea7-3afa-40c5-a2c3-37c652f0f348/1/iKQtYjlS1j6Xc_tUrPp4mOVjznk.roa
File: iKQtYjlS1j6Xc_tUrPp4mOVjznk.roa (raw, json)
Hash identifier: 89PWF3SSC6ww77MZFnNNcVaHD12SpxlQ6wheo1cTveA=
Subject key identifier: 88:A4:2D:62:39:52:D6:3E:97:73:FB:54:AC:FA:78:98:E5:63:CE:79
Certificate issuer: /CN=ca9a2be7a2b9b9a473dabc8578b444a7b2e8952e
Certificate serial: 0185724C7A4A6680E82CE207D1A1BC0FA4E6
Authority key identifier: CA:9A:2B:E7:A2:B9:B9:A4:73:DA:BC:85:78:B4:44:A7:B2:E8:95:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypor56K5uaRz2ryFeLREp7LolS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/100ea7-3afa-40c5-a2c3-37c652f0f348/1/iKQtYjlS1j6Xc_tUrPp4mOVjznk.roa
Signing time: Mon 02 Jan 2023 11:44:52 +0000
ROA not before: Mon 02 Jan 2023 11:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60631
IP address blocks: 158.255.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:7a:4a:66:80:e8:2c:e2:07:d1:a1:bc:0f:a4:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9a2be7a2b9b9a473dabc8578b444a7b2e8952e
Validity
Not Before: Jan 2 11:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88a42d623952d63e9773fb54acfa7898e563ce79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9b:fd:cc:ae:91:fc:f1:2b:1a:cc:32:4d:33:
f9:0a:c1:5f:8e:dc:86:f9:3b:26:e7:dc:f7:a7:8c:
32:94:3a:b9:e7:e8:f5:f9:a5:45:d8:4a:35:ce:c5:
32:36:a2:0c:ae:8b:c8:a1:f8:53:a7:5f:ec:6c:90:
30:4e:da:19:45:44:b6:98:df:ae:71:02:f0:c7:a1:
0f:ed:d9:1d:0d:25:d5:9d:12:18:5a:66:a9:8e:66:
4d:d2:aa:f5:a3:66:9a:8d:2d:43:5c:e6:72:ab:01:
66:9b:6c:c7:3b:50:26:79:5a:a4:6f:6c:9e:78:ea:
f6:3e:7d:24:8a:db:d8:93:eb:84:75:1f:b8:fd:bd:
07:c7:c9:f3:8a:74:78:32:7b:7e:b9:69:27:6d:28:
b5:3d:3d:9d:2b:84:a8:ba:4c:94:ad:a0:d0:18:f8:
17:66:d8:3e:52:99:9d:02:14:56:f2:6b:94:7e:71:
bf:61:3c:eb:f6:ad:9d:4e:ae:1b:22:1d:a7:e9:31:
0b:2d:2c:bd:8c:ab:a2:11:9b:07:a4:03:90:ae:e0:
89:6a:86:f7:4b:b9:72:83:ac:1e:57:d6:60:8b:52:
9d:47:08:fc:ad:05:26:e3:67:0a:ee:29:32:85:42:
ed:4d:1b:17:34:86:24:a5:b2:01:16:8e:05:59:c0:
a0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A4:2D:62:39:52:D6:3E:97:73:FB:54:AC:FA:78:98:E5:63:CE:79
X509v3 Authority Key Identifier:
keyid:CA:9A:2B:E7:A2:B9:B9:A4:73:DA:BC:85:78:B4:44:A7:B2:E8:95:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypor56K5uaRz2ryFeLREp7LolS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/100ea7-3afa-40c5-a2c3-37c652f0f348/1/iKQtYjlS1j6Xc_tUrPp4mOVjznk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/100ea7-3afa-40c5-a2c3-37c652f0f348/1/ypor56K5uaRz2ryFeLREp7LolS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.255.74.0/24
Signature Algorithm: sha256WithRSAEncryption
73:a4:41:07:50:da:41:4c:23:cf:05:5a:ba:2b:aa:1d:75:29:
c1:a0:96:42:89:a0:32:59:fc:ef:29:d9:9e:23:c7:9f:a6:e9:
a4:f0:a0:04:de:06:dd:c1:7f:1f:75:4e:72:69:0c:ca:5c:3f:
71:18:af:09:31:da:bd:44:f5:8e:16:f6:65:25:84:31:4f:62:
cd:1f:94:15:fa:ee:3c:7b:13:f9:0b:b2:0b:44:c1:29:94:b9:
40:33:51:30:c4:9c:ee:8d:58:56:50:7a:69:53:fa:f9:87:8d:
f2:62:16:d7:5b:77:f9:84:29:34:48:fb:17:6f:49:02:ae:88:
8e:72:71:e7:43:b1:f8:ea:97:27:fe:ba:87:c7:35:02:cb:0c:
a2:17:9b:2a:8f:65:e0:6a:a9:8a:1d:d3:c3:14:40:91:b6:b6:
18:e0:a6:7c:49:48:ef:58:ec:0a:a2:14:b2:52:d7:09:cf:9d:
fe:e2:0d:54:d9:ae:72:42:ca:0f:ac:e0:1b:8b:3e:60:13:46:
b4:4b:f3:fd:60:bb:dd:3f:58:f9:3b:25:9e:b4:ee:ae:e0:9d:
9c:c8:e5:1d:08:dd:7c:8d:5f:7c:44:7b:02:19:6f:73:7c:7c:
68:c2:e0:6a:5e:99:ab:4b:da:70:a9:09:32:78:a4:8c:d0:46:
c1:37:c3:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTHpKZoDoLOIH0aG8D6TmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWEyYmU3YTJiOWI5YTQ3M2RhYmM4NTc4YjQ0NGE3YjJl
ODk1MmUwHhcNMjMwMTAyMTE0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGE0MmQ2MjM5NTJkNjNlOTc3M2ZiNTRhY2ZhNzg5OGU1NjNjZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZv9zK6R/PErGswyTTP5CsFfjtyG
+Tsm59z3p4wylDq55+j1+aVF2Eo1zsUyNqIMrovIofhTp1/sbJAwTtoZRUS2mN+u
cQLwx6EP7dkdDSXVnRIYWmapjmZN0qr1o2aajS1DXOZyqwFmm2zHO1AmeVqkb2ye
eOr2Pn0kitvYk+uEdR+4/b0Hx8nzinR4Mnt+uWknbSi1PT2dK4SoukyUraDQGPgX
Ztg+UpmdAhRW8muUfnG/YTzr9q2dTq4bIh2n6TELLSy9jKuiEZsHpAOQruCJaob3
S7lyg6weV9Zgi1KdRwj8rQUm42cK7ikyhULtTRsXNIYkpbIBFo4FWcCghQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIikLWI5UtY+l3P7VKz6eJjlY855MB8GA1UdIwQY
MBaAFMqaK+eiubmkc9q8hXi0RKey6JUuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBvcjU2SzV1YVJ6MnJ5RmVMUkVwN0xvbFM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8xMDBlYTctM2FmYS00MGM1LWEyYzMt
MzdjNjUyZjBmMzQ4LzEvaUtRdFlqbFMxajZYY190VXJQcDRtT1Zqem5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8xMDBlYTctM2FmYS00MGM1LWEyYzMtMzdjNjUyZjBmMzQ4
LzEveXBvcjU2SzV1YVJ6MnJ5RmVMUkVwN0xvbFM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnv9KMA0G
CSqGSIb3DQEBCwUAA4IBAQBzpEEHUNpBTCPPBVq6K6oddSnBoJZCiaAyWfzvKdme
I8efpumk8KAE3gbdwX8fdU5yaQzKXD9xGK8JMdq9RPWOFvZlJYQxT2LNH5QV+u48
exP5C7ILRMEplLlAM1EwxJzujVhWUHppU/r5h43yYhbXW3f5hCk0SPsXb0kCroiO
cnHnQ7H46pcn/rqHxzUCywyiF5sqj2XgaqmKHdPDFECRtrYY4KZ8SUjvWOwKohSy
UtcJz53+4g1U2a5yQsoPrOAbiz5gE0a0S/P9YLvdP1j5OyWetO6u4J2cyOUdCN18
jV98RHsCGW9zfHxowuBqXpmrS9pwqQkyeKSM0EbBN8Ph
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:50 2024 by rpki-client on console-ams.rpki-client.org