Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c8797b-02e0-4718-bdfd-0929cbcdb7aa/1/ho7wG8haZA22ZGaOu0lFedM6HJ4.roa
File: ho7wG8haZA22ZGaOu0lFedM6HJ4.roa (raw, json)
Hash identifier: l4cwAeij4X7nbvfiCKME14QyFoNMGwSTWcIGClPwWXQ=
Subject key identifier: 86:8E:F0:1B:C8:5A:64:0D:B6:64:66:8E:BB:49:45:79:D3:3A:1C:9E
Certificate issuer: /CN=f9cd2980c1c78bcf6bb9b80a0792058b0bcaed4b
Certificate serial: 01856DDD793ABF57566E5B7DA51070507DF8
Authority key identifier: F9:CD:29:80:C1:C7:8B:CF:6B:B9:B8:0A:07:92:05:8B:0B:CA:ED:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-c0pgMHHi89rubgKB5IFiwvK7Us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c8797b-02e0-4718-bdfd-0929cbcdb7aa/1/ho7wG8haZA22ZGaOu0lFedM6HJ4.roa
Signing time: Sun 01 Jan 2023 15:05:09 +0000
ROA not before: Sun 01 Jan 2023 15:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208040
IP address blocks: 193.161.24.0/23 maxlen: 23
193.161.28.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:79:3a:bf:57:56:6e:5b:7d:a5:10:70:50:7d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9cd2980c1c78bcf6bb9b80a0792058b0bcaed4b
Validity
Not Before: Jan 1 15:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=868ef01bc85a640db664668ebb494579d33a1c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:81:1b:c6:6f:00:89:a4:1c:ab:b0:38:f9:64:
40:d3:e3:72:1b:e3:b0:bd:d4:4e:51:47:31:c3:a1:
b1:76:51:95:25:e0:29:17:8e:ff:8c:3c:70:d9:ce:
22:09:60:bd:0d:ef:05:93:3b:2a:ea:60:bb:27:35:
d9:7a:44:a7:d0:fd:7f:fc:09:a6:73:83:83:a4:52:
81:9b:09:6a:99:99:c3:3e:4b:d2:e8:01:28:bf:c3:
fb:0b:f0:af:38:76:58:a7:eb:e4:3d:76:7b:19:1c:
29:8a:91:e6:f9:4d:5d:28:96:e4:86:58:55:51:84:
c3:4e:fb:92:8d:88:34:8a:0d:f3:11:31:91:ef:2a:
4c:90:e1:f8:93:3a:5c:05:49:08:70:9e:8d:e2:1e:
ff:57:98:1d:b4:19:63:3f:65:e9:36:a3:06:70:af:
b6:5d:bd:ed:7b:73:3f:ef:85:9f:af:0d:a1:e6:bf:
d6:da:26:f9:1b:b4:a8:43:39:67:f5:4e:00:f9:f9:
e5:30:be:6b:36:ef:79:7d:ff:b9:f4:0d:e5:44:e1:
53:d0:7a:5b:a5:66:b5:5a:1c:95:0f:8e:66:d8:0e:
ba:6f:d6:3a:7d:68:0c:dd:e7:e8:2b:9d:5a:b5:19:
2c:ee:39:81:33:e1:6b:f2:31:29:2f:3c:79:59:68:
a3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8E:F0:1B:C8:5A:64:0D:B6:64:66:8E:BB:49:45:79:D3:3A:1C:9E
X509v3 Authority Key Identifier:
keyid:F9:CD:29:80:C1:C7:8B:CF:6B:B9:B8:0A:07:92:05:8B:0B:CA:ED:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-c0pgMHHi89rubgKB5IFiwvK7Us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c8797b-02e0-4718-bdfd-0929cbcdb7aa/1/ho7wG8haZA22ZGaOu0lFedM6HJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c8797b-02e0-4718-bdfd-0929cbcdb7aa/1/1-c0pgMHHi89rubgKB5IFiwvK7Us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.161.24.0/23
193.161.28.0/23
Signature Algorithm: sha256WithRSAEncryption
b9:b9:43:4e:a1:37:d1:d6:04:9a:86:9d:2e:c1:9d:94:c2:ed:
fe:8f:8c:0c:4b:57:34:94:4e:b0:2d:19:15:e5:5b:be:2f:f2:
dd:c9:e3:71:09:5f:52:c7:47:9d:8d:1e:04:84:49:7a:f3:e0:
a4:82:a6:62:5e:46:02:ff:84:73:22:2d:7a:0e:ac:34:f6:6a:
8e:10:ae:0d:f2:ed:54:86:1b:90:33:e1:18:c7:6e:5f:1a:34:
ec:7a:c3:21:bb:be:43:fc:d4:15:1a:9d:6a:d6:82:ab:7c:cc:
6c:dd:2b:b0:fd:7b:ca:00:14:e2:3d:e4:be:32:a1:bf:9b:a2:
6e:0b:78:68:f5:d8:91:36:6f:4e:d9:4d:db:bd:47:8c:ac:e7:
a4:99:12:49:43:d7:5c:99:b9:d1:6b:4c:2f:fd:a9:8c:e0:f8:
a8:c2:a7:dd:04:d6:69:96:64:f7:20:31:e9:67:2c:27:66:5d:
f9:42:3d:80:90:d3:ef:98:74:6d:4b:b7:72:1f:a4:72:79:68:
9e:a9:7c:86:f8:ab:15:f1:d0:c9:d5:64:e6:f2:37:c9:be:be:
3b:57:a7:38:2f:92:76:5e:ce:e4:54:b0:12:a5:89:a0:75:cb:
4c:69:87:c7:73:43:1d:8c:09:ec:0b:45:fb:e4:32:b2:c1:74:
2a:6a:42:80
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVt3Xk6v1dWblt9pRBwUH34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5Y2QyOTgwYzFjNzhiY2Y2YmI5YjgwYTA3OTIwNThiMGJj
YWVkNGIwHhcNMjMwMTAxMTUwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjhlZjAxYmM4NWE2NDBkYjY2NDY2OGViYjQ5NDU3OWQzM2ExYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoEbxm8AiaQcq7A4+WRA0+NyG+Ow
vdROUUcxw6GxdlGVJeApF47/jDxw2c4iCWC9De8Fkzsq6mC7JzXZekSn0P1//Amm
c4ODpFKBmwlqmZnDPkvS6AEov8P7C/CvOHZYp+vkPXZ7GRwpipHm+U1dKJbkhlhV
UYTDTvuSjYg0ig3zETGR7ypMkOH4kzpcBUkIcJ6N4h7/V5gdtBljP2XpNqMGcK+2
Xb3te3M/74Wfrw2h5r/W2ib5G7SoQzln9U4A+fnlML5rNu95ff+59A3lROFT0Hpb
pWa1WhyVD45m2A66b9Y6fWgM3efoK51atRks7jmBM+Fr8jEpLzx5WWijEwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIaO8BvIWmQNtmRmjrtJRXnTOhyeMB8GA1UdIwQY
MBaAFPnNKYDBx4vPa7m4CgeSBYsLyu1LMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1jMHBnTUhIaTg5cnViZ0tCNUlGaXd2SzdVcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIvYzg3OTdiLTAyZTAtNDcxOC1iZGZk
LTA5MjljYmNkYjdhYS8xL2hvN3dHOGhhWkEyMlpHYU91MGxGZWRNNkhKNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzIvYzg3OTdiLTAyZTAtNDcxOC1iZGZkLTA5MjljYmNkYjdh
YS8xLzEtYzBwZ01ISGk4OXJ1YmdLQjVJRml3dks3VXMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAHBoRgD
BAHBoRwwDQYJKoZIhvcNAQELBQADggEBALm5Q06hN9HWBJqGnS7BnZTC7f6PjAxL
VzSUTrAtGRXlW74v8t3J43EJX1LHR52NHgSESXrz4KSCpmJeRgL/hHMiLXoOrDT2
ao4Qrg3y7VSGG5Az4RjHbl8aNOx6wyG7vkP81BUanWrWgqt8zGzdK7D9e8oAFOI9
5L4yob+bom4LeGj12JE2b07ZTdu9R4ys56SZEklD11yZudFrTC/9qYzg+KjCp90E
1mmWZPcgMelnLCdmXflCPYCQ0++YdG1Lt3IfpHJ5aJ6pfIb4qxXx0MnVZObyN8m+
vjtXpzgvknZezuRUsBKliaB1y0xph8dzQx2MCewLRfvkMrLBdCpqQoA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:49 2024 by rpki-client on console-ams.rpki-client.org