Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d33758-4c60-4cb3-a208-c0697306f9a5/1/hoMOAcyNOtEGJN3zun10ugOK_v8.roa
File: hoMOAcyNOtEGJN3zun10ugOK_v8.roa (raw, json)
Hash identifier: 2D/HQ5cNViwK95PaVAxCq9jMVtB3wvpNlHSy5rWmrEw=
Subject key identifier: 86:83:0E:01:CC:8D:3A:D1:06:24:DD:F3:BA:7D:74:BA:03:8A:FE:FF
Certificate issuer: /CN=0095a4f8f4d41888e4394c5f564979295d2f13aa
Certificate serial: 018CC42536E33BD2CD54F4EA4E6ED8AD0B63
Authority key identifier: 00:95:A4:F8:F4:D4:18:88:E4:39:4C:5F:56:49:79:29:5D:2F:13:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AJWk-PTUGIjkOUxfVkl5KV0vE6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d33758-4c60-4cb3-a208-c0697306f9a5/1/hoMOAcyNOtEGJN3zun10ugOK_v8.roa
Signing time: Mon 01 Jan 2024 08:30:22 +0000
ROA not before: Mon 01 Jan 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209531
IP address blocks: 147.78.168.0/22 maxlen: 22
2a09:27c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 24 Feb 2024 09:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:36:e3:3b:d2:cd:54:f4:ea:4e:6e:d8:ad:0b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0095a4f8f4d41888e4394c5f564979295d2f13aa
Validity
Not Before: Jan 1 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86830e01cc8d3ad10624ddf3ba7d74ba038afeff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2f:79:d9:44:b2:a5:9d:1e:3f:7e:29:99:7c:
dc:26:d5:2e:25:32:72:e3:3c:78:c9:93:7d:77:87:
27:f6:4e:a2:d3:18:22:fe:62:1b:07:d7:ba:4c:3d:
74:c2:87:8e:a3:2f:44:d5:e4:0c:79:ca:7f:47:4d:
a6:38:8d:62:3a:12:4f:92:44:49:72:ad:ad:de:bf:
65:8b:53:4d:3e:51:a7:32:5b:82:f3:3d:5a:f3:74:
30:1b:d5:3c:50:99:de:95:d4:5b:c4:42:4a:16:dd:
a8:68:d7:61:a2:4e:fb:04:8e:61:fa:8b:97:3c:10:
ef:62:b9:61:8f:f2:b9:4b:d4:a1:df:b3:5b:07:68:
9b:34:e6:8d:07:b7:39:38:a4:1e:60:45:c9:29:d4:
fa:ae:c5:9f:55:b3:59:81:f4:58:b9:ca:19:21:7c:
3e:bf:7b:c6:aa:c3:2a:18:4d:d3:f9:e6:69:7a:f8:
84:17:0c:ba:43:76:65:64:22:94:ab:50:c5:1c:d4:
8d:83:b2:1c:f9:70:65:bd:ce:f2:1a:1d:ce:27:c6:
f7:fa:2f:5c:9c:09:8b:3f:df:65:bc:29:68:c3:f3:
5d:73:d1:7c:6b:54:f3:d0:cd:c9:4b:f5:82:91:25:
29:5d:ee:ab:a4:bf:21:85:45:a9:10:d7:91:34:08:
f5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:83:0E:01:CC:8D:3A:D1:06:24:DD:F3:BA:7D:74:BA:03:8A:FE:FF
X509v3 Authority Key Identifier:
keyid:00:95:A4:F8:F4:D4:18:88:E4:39:4C:5F:56:49:79:29:5D:2F:13:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJWk-PTUGIjkOUxfVkl5KV0vE6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d33758-4c60-4cb3-a208-c0697306f9a5/1/hoMOAcyNOtEGJN3zun10ugOK_v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d33758-4c60-4cb3-a208-c0697306f9a5/1/AJWk-PTUGIjkOUxfVkl5KV0vE6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.168.0/22
IPv6:
2a09:27c0::/29
Signature Algorithm: sha256WithRSAEncryption
83:28:5f:2a:a8:2b:87:c8:fc:32:e1:6e:d7:f0:35:30:7b:c7:
9e:60:fd:83:51:e0:c0:81:7c:e3:42:f0:e1:fb:fe:cb:39:67:
ca:42:e2:57:db:c4:79:fc:e4:47:a2:e2:15:40:21:ad:41:98:
4f:9f:02:ef:be:27:75:72:b5:a1:cc:e6:a4:ea:aa:af:73:65:
81:75:dd:79:02:f4:ea:00:16:61:60:30:1e:d1:35:c8:be:04:
08:f8:cf:a2:ad:7c:12:70:de:b9:b7:1d:c4:0b:a7:84:5f:f2:
6e:b9:a2:2d:2f:3b:58:65:bf:e5:26:4a:c3:ba:c7:de:73:c9:
8c:38:cc:af:e0:f3:f0:55:1b:cc:b5:d7:4c:8f:b8:e9:84:b9:
47:ef:11:12:cc:80:ea:95:af:e8:fe:ee:0a:e7:1b:1b:15:ca:
55:41:45:d0:03:b8:f3:66:c0:64:cf:ee:ef:61:21:ed:d1:ac:
65:39:59:27:b9:3e:58:01:8d:b5:17:6a:05:df:b2:17:ed:08:
7b:82:57:df:f8:4c:2a:a9:a8:77:3e:6b:22:ef:6e:ae:5a:5c:
c1:83:ef:a3:b0:54:41:03:30:20:d3:fa:5c:55:c9:61:65:32:
50:1f:70:cd:b0:80:99:7e:27:2e:64:74:44:82:cd:e1:de:65:
24:a7:40:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJTbjO9LNVPTqTm7YrQtjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwOTVhNGY4ZjRkNDE4ODhlNDM5NGM1ZjU2NDk3OTI5NWQy
ZjEzYWEwHhcNMjQwMTAxMDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjgzMGUwMWNjOGQzYWQxMDYyNGRkZjNiYTdkNzRiYTAzOGFmZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry952USypZ0eP34pmXzcJtUuJTJy
4zx4yZN9d4cn9k6i0xgi/mIbB9e6TD10woeOoy9E1eQMecp/R02mOI1iOhJPkkRJ
cq2t3r9li1NNPlGnMluC8z1a83QwG9U8UJneldRbxEJKFt2oaNdhok77BI5h+ouX
PBDvYrlhj/K5S9Sh37NbB2ibNOaNB7c5OKQeYEXJKdT6rsWfVbNZgfRYucoZIXw+
v3vGqsMqGE3T+eZpeviEFwy6Q3ZlZCKUq1DFHNSNg7Ic+XBlvc7yGh3OJ8b3+i9c
nAmLP99lvClow/Ndc9F8a1Tz0M3JS/WCkSUpXe6rpL8hhUWpENeRNAj1jwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIaDDgHMjTrRBiTd87p9dLoDiv7/MB8GA1UdIwQY
MBaAFACVpPj01BiI5DlMX1ZJeSldLxOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUpXay1QVFVHSWprT1V4ZlZrbDVLVjB2RTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9kMzM3NTgtNGM2MC00Y2IzLWEyMDgt
YzA2OTczMDZmOWE1LzEvaG9NT0FjeU5PdEVHSk4zenVuMTB1Z09LX3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9kMzM3NTgtNGM2MC00Y2IzLWEyMDgtYzA2OTczMDZmOWE1
LzEvQUpXay1QVFVHSWprT1V4ZlZrbDVLVjB2RTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk06oMA0E
AgACMAcDBQMqCSfAMA0GCSqGSIb3DQEBCwUAA4IBAQCDKF8qqCuHyPwy4W7X8DUw
e8eeYP2DUeDAgXzjQvDh+/7LOWfKQuJX28R5/ORHouIVQCGtQZhPnwLvvid1crWh
zOak6qqvc2WBdd15AvTqABZhYDAe0TXIvgQI+M+irXwScN65tx3EC6eEX/JuuaIt
LztYZb/lJkrDusfec8mMOMyv4PPwVRvMtddMj7jphLlH7xESzIDqla/o/u4K5xsb
FcpVQUXQA7jzZsBkz+7vYSHt0axlOVknuT5YAY21F2oF37IX7Qh7glff+Ewqqah3
Pmsi726uWlzBg++jsFRBAzAg0/pcVclhZTJQH3DNsICZficuZHREgs3h3mUkp0AZ
-----END CERTIFICATE-----
Generated at Sat Feb 24 13:43:56 2024 by rpki-client on console-ams.rpki-client.org