Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/hJz1st9cg-Ggz66zB24KYuAmFl0.roa
File: hJz1st9cg-Ggz66zB24KYuAmFl0.roa (raw, json)
Hash identifier: CXvK8jd45zCNc8Dcy0+9npso47JKPMgKiaZ1tbW8lQM=
Subject key identifier: 84:9C:F5:B2:DF:5C:83:E1:A0:CF:AE:B3:07:6E:0A:62:E0:26:16:5D
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 0185719563BEAE297412B3F839E1C50C81F6
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/hJz1st9cg-Ggz66zB24KYuAmFl0.roa
Signing time: Mon 02 Jan 2023 08:24:53 +0000
ROA not before: Mon 02 Jan 2023 08:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2386
IP address blocks: 145.139.13.0/24 maxlen: 24
145.139.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:63:be:ae:29:74:12:b3:f8:39:e1:c5:0c:81:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 08:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=849cf5b2df5c83e1a0cfaeb3076e0a62e026165d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:94:01:df:bc:a5:da:83:c4:39:af:fe:1c:6b:
71:ec:52:dd:f3:60:5d:41:f6:c6:64:98:b0:c4:d6:
64:da:34:8a:b4:53:63:2b:26:ca:47:fd:ae:3e:5c:
66:c1:3a:98:5b:01:2b:f9:66:8c:37:cf:cf:af:01:
d1:2e:26:7f:63:32:b6:2d:53:a2:96:a9:5f:fd:af:
6f:cf:e7:df:cd:24:f2:c4:f8:86:b7:7b:e2:dc:69:
2e:3d:1e:6d:d2:ab:7a:d3:eb:97:75:13:6b:36:ed:
65:d6:66:26:1b:8c:12:0b:f2:97:ce:cc:bb:53:b0:
4f:ad:51:d7:d3:84:02:6b:5e:88:7e:21:6e:94:20:
e5:ec:75:a3:04:37:01:eb:36:15:26:49:f2:4f:62:
23:72:48:7b:ff:0f:5e:b8:2a:5c:37:18:72:e9:a4:
23:db:fa:e1:2a:ab:09:91:ee:4a:fa:f2:44:3e:eb:
af:0a:87:93:df:bb:16:88:0d:c5:f6:25:e9:de:86:
42:61:79:c2:3e:91:0e:b1:ef:88:86:7e:dc:12:81:
33:95:c1:93:e0:60:06:a7:14:f9:5d:be:ab:1e:93:
68:b1:c6:53:bb:c9:0e:1a:c3:8e:80:2f:31:3f:23:
af:10:13:bb:13:1b:b0:7f:f5:e0:d3:30:5c:bb:e9:
f7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:9C:F5:B2:DF:5C:83:E1:A0:CF:AE:B3:07:6E:0A:62:E0:26:16:5D
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/hJz1st9cg-Ggz66zB24KYuAmFl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.139.13.0-145.139.14.255
Signature Algorithm: sha256WithRSAEncryption
59:fe:3e:44:81:3b:54:a5:48:2f:2e:db:a9:49:c2:ff:21:c1:
2b:67:57:7b:e6:f3:c8:18:b3:13:f4:ac:c6:13:79:68:02:bc:
68:4e:b7:35:b0:e4:b4:50:95:f4:48:ad:da:1c:b2:0c:53:fb:
a9:8f:64:fb:63:1a:41:9e:e1:6e:b7:3f:31:06:41:3b:55:81:
80:62:13:69:07:64:f8:ed:f3:28:f6:e6:7c:13:15:6c:8b:f5:
d3:bf:68:21:c0:80:65:81:f3:f8:e4:47:32:ed:ce:68:c4:7d:
9b:bb:e7:e7:84:45:91:10:a0:35:1f:82:11:24:3d:c1:d9:8c:
1c:d9:e6:4a:2e:b9:60:c7:52:37:68:b5:a0:c6:b0:94:06:eb:
8e:b9:08:67:0a:14:9a:c4:92:54:36:d7:68:03:74:9b:b2:bc:
30:0e:b5:a4:69:c3:64:09:fb:8e:35:a9:ee:1a:6a:06:2d:db:
ae:b0:bb:4f:db:33:3b:10:8a:17:84:18:6d:e5:1a:64:7b:ac:
48:dc:40:d2:7f:3a:dc:ad:15:aa:02:4c:72:c5:e8:0f:49:e1:
a2:3d:06:ed:09:a2:93:26:6b:89:06:3d:e4:76:61:6d:b5:1b:
97:70:79:76:7e:8b:b3:db:e1:91:99:c1:14:a2:a4:8a:89:f2:
a7:45:f3:03
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxlWO+ril0ErP4OeHFDIH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDljZjViMmRmNWM4M2UxYTBjZmFlYjMwNzZlMGE2MmUwMjYxNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5QB37yl2oPEOa/+HGtx7FLd82Bd
QfbGZJiwxNZk2jSKtFNjKybKR/2uPlxmwTqYWwEr+WaMN8/PrwHRLiZ/YzK2LVOi
lqlf/a9vz+ffzSTyxPiGt3vi3GkuPR5t0qt60+uXdRNrNu1l1mYmG4wSC/KXzsy7
U7BPrVHX04QCa16IfiFulCDl7HWjBDcB6zYVJknyT2Ijckh7/w9euCpcNxhy6aQj
2/rhKqsJke5K+vJEPuuvCoeT37sWiA3F9iXp3oZCYXnCPpEOse+Ihn7cEoEzlcGT
4GAGpxT5Xb6rHpNoscZTu8kOGsOOgC8xPyOvEBO7Exuwf/Xg0zBcu+n3twIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFISc9bLfXIPhoM+uswduCmLgJhZdMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvaEp6MXN0OWNnLUdnejY2ekIyNEtZdUFtRmwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACRiw0D
BACRiw4wDQYJKoZIhvcNAQELBQADggEBAFn+PkSBO1SlSC8u26lJwv8hwStnV3vm
88gYsxP0rMYTeWgCvGhOtzWw5LRQlfRIrdocsgxT+6mPZPtjGkGe4W63PzEGQTtV
gYBiE2kHZPjt8yj25nwTFWyL9dO/aCHAgGWB8/jkRzLtzmjEfZu75+eERZEQoDUf
ghEkPcHZjBzZ5kouuWDHUjdotaDGsJQG6465CGcKFJrEklQ212gDdJuyvDAOtaRp
w2QJ+441qe4aagYt266wu0/bMzsQiheEGG3lGmR7rEjcQNJ/OtytFaoCTHLF6A9J
4aI9Bu0JopMma4kGPeR2YW21G5dweXZ+i7Pb4ZGZwRSipIqJ8qdF8wM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:44 2024 by rpki-client on console-ams.rpki-client.org