Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aNicpPXihtTMukKC4wgb3lS69-A.roa
File: aNicpPXihtTMukKC4wgb3lS69-A.roa (raw, json)
Hash identifier: E5B3eZ+q3KCZYgxcNlxegRv115gOIMwnQ96+0o2/GFg=
Subject key identifier: 68:D8:9C:A4:F5:E2:86:D4:CC:BA:42:82:E3:08:1B:DE:54:BA:F7:E0
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018605477CAD6D83BBF45700D7AD6DBD6F23
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aNicpPXihtTMukKC4wgb3lS69-A.roa
Signing time: Tue 31 Jan 2023 00:43:36 +0000
ROA not before: Tue 31 Jan 2023 00:43:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 171.22.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Jan 2023 09:38:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:05:47:7c:ad:6d:83:bb:f4:57:00:d7:ad:6d:bd:6f:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 31 00:43:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68d89ca4f5e286d4ccba4282e3081bde54baf7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:18:6a:01:07:35:4e:ad:1b:a5:71:2c:a2:22:
61:b5:01:15:e1:87:b9:8b:6e:79:d5:67:24:21:bb:
5c:ea:0d:c5:a4:7f:07:5d:7e:4d:1f:8c:40:b0:92:
61:d8:1b:44:83:5f:b1:f9:e9:07:9f:13:f6:db:0c:
18:5f:8a:25:7a:ad:27:f1:9f:f3:27:6c:e8:fe:2d:
50:bb:f8:64:6d:9f:47:3f:4a:94:31:24:5b:db:41:
db:74:ae:f9:b9:8d:9b:88:12:89:0b:e9:37:61:fb:
18:96:9d:26:29:47:ce:f6:47:ff:7d:ba:96:e1:ce:
01:68:e3:50:58:41:a9:b6:dc:6b:82:b2:b8:f4:ab:
1b:85:3f:3e:66:fb:fe:8c:c4:e1:dc:34:68:e3:b9:
14:64:c2:67:91:b4:de:d4:29:51:c6:86:65:e8:0a:
ef:e1:29:9f:b1:50:52:31:e3:91:54:e6:5c:89:1f:
c7:a2:b8:0d:00:5d:36:96:bf:02:50:07:0c:b1:45:
36:90:56:3e:81:82:59:53:1d:33:47:1a:e8:25:77:
c7:89:84:b6:91:d3:b4:6e:97:dd:33:2a:f8:04:c6:
32:37:58:4a:15:dc:7c:05:f3:90:85:c6:2e:19:3d:
3c:bd:56:8e:1e:38:3f:df:9c:a8:a2:35:d4:ef:d6:
d0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D8:9C:A4:F5:E2:86:D4:CC:BA:42:82:E3:08:1B:DE:54:BA:F7:E0
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aNicpPXihtTMukKC4wgb3lS69-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.147.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:41:22:3f:cc:5f:ba:e8:46:11:ef:b6:74:05:fd:6f:4a:da:
7a:b0:f0:66:e1:09:3b:88:7c:0e:4f:3f:2d:be:c1:b5:40:0f:
3e:cf:e0:33:fe:01:64:42:40:91:d9:b5:d1:0e:f2:19:72:3c:
eb:23:6d:b8:4f:a3:51:a9:d0:88:97:2a:6c:ef:4e:e2:53:12:
ea:ee:eb:11:36:18:d5:ee:a9:d6:75:75:95:84:2c:e1:67:b7:
59:3a:c6:f5:7e:b8:f2:f4:dc:77:34:59:52:82:9f:0d:35:f9:
b0:ad:06:0d:a7:05:4f:cd:4a:c6:b0:bf:e6:35:5b:13:66:8a:
69:d1:32:d9:b9:cb:e3:f9:9f:f3:0a:4f:8b:27:30:9e:8d:6c:
5b:49:83:ce:3f:ad:a3:da:76:06:80:16:f3:12:b8:b2:7f:39:
f9:9e:f3:23:19:0e:1c:5b:46:8c:28:97:d8:bc:11:4d:ca:c5:
c4:a7:a1:0b:8d:8e:f9:b0:d8:35:50:e6:cb:8a:3d:76:a9:a5:
ca:be:58:6f:9b:3b:30:81:9d:37:47:af:b4:72:c5:4f:5b:b8:
f1:75:31:02:4a:11:67:de:13:0c:96:15:6b:60:e1:dd:19:c4:
cf:6c:17:3a:34:20:84:cc:2b:0d:24:af:d2:89:83:3a:09:d9:
01:5e:61:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYFR3ytbYO79FcA161tvW8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwMTMxMDA0MzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQ4OWNhNGY1ZTI4NmQ0Y2NiYTQyODJlMzA4MWJkZTU0YmFmN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBhqAQc1Tq0bpXEsoiJhtQEV4Ye5
i2551WckIbtc6g3FpH8HXX5NH4xAsJJh2BtEg1+x+ekHnxP22wwYX4oleq0n8Z/z
J2zo/i1Qu/hkbZ9HP0qUMSRb20HbdK75uY2biBKJC+k3YfsYlp0mKUfO9kf/fbqW
4c4BaONQWEGpttxrgrK49KsbhT8+Zvv+jMTh3DRo47kUZMJnkbTe1ClRxoZl6Arv
4SmfsVBSMeORVOZciR/HorgNAF02lr8CUAcMsUU2kFY+gYJZUx0zRxroJXfHiYS2
kdO0bpfdMyr4BMYyN1hKFdx8BfOQhcYuGT08vVaOHjg/35yoojXU79bQ+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjYnKT14obUzLpCguMIG95UuvfgMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvYU5pY3BQWGlodFRNdWtLQzR3Z2IzbFM2OS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxaTMA0G
CSqGSIb3DQEBCwUAA4IBAQAvQSI/zF+66EYR77Z0Bf1vStp6sPBm4Qk7iHwOTz8t
vsG1QA8+z+Az/gFkQkCR2bXRDvIZcjzrI224T6NRqdCIlyps707iUxLq7usRNhjV
7qnWdXWVhCzhZ7dZOsb1frjy9Nx3NFlSgp8NNfmwrQYNpwVPzUrGsL/mNVsTZopp
0TLZucvj+Z/zCk+LJzCejWxbSYPOP62j2nYGgBbzEriyfzn5nvMjGQ4cW0aMKJfY
vBFNysXEp6ELjY75sNg1UObLij12qaXKvlhvmzswgZ03R6+0csVPW7jxdTECShFn
3hMMlhVrYOHdGcTPbBc6NCCEzCsNJK/SiYM6CdkBXmE4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org