Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/6iUwUBKotw1cWN89o9bzUbhlzY0.roa
File: 6iUwUBKotw1cWN89o9bzUbhlzY0.roa (raw, json)
Hash identifier: clQKQpB47fBCiZARCtE5RbCSXJEbxT75yfaNrCq1ezo=
Subject key identifier: EA:25:30:50:12:A8:B7:0D:5C:58:DF:3D:A3:D6:F3:51:B8:65:CD:8D
Certificate issuer: /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial: 018CC870457376E3CE8958CCEF73F75132AD
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/6iUwUBKotw1cWN89o9bzUbhlzY0.roa
Signing time: Tue 02 Jan 2024 04:30:50 +0000
ROA not before: Tue 02 Jan 2024 04:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13448
IP address blocks: 157.167.3.0/24 maxlen: 24
157.167.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 13:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:45:73:76:e3:ce:89:58:cc:ef:73:f7:51:32:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Validity
Not Before: Jan 2 04:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea25305012a8b70d5c58df3da3d6f351b865cd8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:53:54:ac:a3:fa:b1:87:e1:a4:f9:df:af:d5:
84:02:4c:59:f6:e0:87:54:eb:27:6f:8c:45:e5:1b:
a8:ce:48:63:e4:c9:62:ca:20:27:9b:20:a6:00:09:
95:8b:4a:2e:32:54:5c:35:7c:6c:6e:93:1d:5d:8c:
22:70:46:24:a3:a6:db:db:06:0f:4d:e6:84:20:f7:
bf:08:92:23:f5:ec:30:ce:27:74:12:9a:20:97:59:
c1:f0:da:89:90:a1:7d:e1:64:fd:24:43:8e:a8:1f:
53:8a:9b:29:4b:e6:6c:16:cd:6e:2b:e5:3f:96:a2:
ca:28:d8:fd:f6:19:7b:87:21:f1:0f:9b:53:e1:8e:
22:29:2a:7d:34:e4:5d:2d:f0:c3:18:fb:9d:fd:7f:
62:99:2c:88:96:d5:fb:3d:d6:36:25:c2:83:6c:73:
7c:32:90:4d:bd:63:43:d9:3f:dd:19:82:5d:24:48:
ad:fb:08:e4:db:83:a7:46:62:54:89:c5:af:a6:a5:
3a:e6:dd:b1:ba:ec:ef:64:ca:29:50:6f:3a:a2:14:
8f:19:e6:a1:fb:5d:c1:be:94:fe:90:cc:a9:a7:a9:
f0:fa:7e:9e:fb:19:77:f0:01:f6:f4:73:43:61:bd:
dc:af:4d:90:de:1c:cf:a2:af:41:a1:76:bc:5c:a7:
23:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:25:30:50:12:A8:B7:0D:5C:58:DF:3D:A3:D6:F3:51:B8:65:CD:8D
X509v3 Authority Key Identifier:
keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/6iUwUBKotw1cWN89o9bzUbhlzY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.167.1.0/24
157.167.3.0/24
Signature Algorithm: sha256WithRSAEncryption
54:2a:27:c5:4a:91:c1:48:af:88:15:99:3f:27:73:8f:ad:70:
9f:45:2e:2d:1c:d3:11:04:51:6b:fe:30:2f:27:06:72:19:53:
9c:b1:f6:16:b5:3f:dc:30:2f:24:d1:ed:97:a7:9b:44:9b:53:
31:e8:30:39:95:19:bf:21:12:94:24:fb:c9:d7:01:69:a7:f1:
f2:1d:b5:58:bb:b3:ba:5a:c3:a6:3f:d9:96:2a:a1:13:73:f6:
ed:f3:60:80:8b:79:80:87:6c:e3:cf:30:a8:03:05:01:1c:a2:
88:ed:4f:86:e7:2c:d1:60:ba:37:98:d3:78:d7:9c:34:20:b4:
64:3e:63:10:0f:76:38:ff:ea:b4:c6:9c:30:c5:92:0a:44:c6:
82:db:de:fc:09:48:e8:94:b0:4a:2e:3f:d9:bb:b4:df:e1:79:
e8:ce:7c:d3:df:08:0b:72:4c:d3:71:1e:7d:df:22:5a:fe:a6:
8e:14:c7:1b:7e:21:9a:8c:55:90:25:ba:c1:44:27:45:e4:42:
24:43:53:1b:d1:c0:40:8d:6d:7b:3c:77:7e:b7:fb:0f:58:3c:
8e:c3:be:18:1b:c1:32:fc:47:a1:52:53:23:43:21:91:0b:d2:
e0:90:f2:5b:0e:e1:cc:1a:cd:d8:27:a0:63:49:37:a6:d2:38:
4c:2c:52:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcEVzduPOiVjM73P3UTKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjQwMTAyMDQzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTI1MzA1MDEyYThiNzBkNWM1OGRmM2RhM2Q2ZjM1MWI4NjVjZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolNUrKP6sYfhpPnfr9WEAkxZ9uCH
VOsnb4xF5Ruozkhj5MliyiAnmyCmAAmVi0ouMlRcNXxsbpMdXYwicEYko6bb2wYP
TeaEIPe/CJIj9ewwzid0Epogl1nB8NqJkKF94WT9JEOOqB9TipspS+ZsFs1uK+U/
lqLKKNj99hl7hyHxD5tT4Y4iKSp9NORdLfDDGPud/X9imSyIltX7PdY2JcKDbHN8
MpBNvWND2T/dGYJdJEit+wjk24OnRmJUicWvpqU65t2xuuzvZMopUG86ohSPGeah
+13BvpT+kMypp6nw+n6e+xl38AH29HNDYb3cr02Q3hzPoq9BoXa8XKcjUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOolMFASqLcNXFjfPaPW81G4Zc2NMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvNmlVd1VCS290dzFjV044OW85YnpVYmhselkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnacBAwQA
nacDMA0GCSqGSIb3DQEBCwUAA4IBAQBUKifFSpHBSK+IFZk/J3OPrXCfRS4tHNMR
BFFr/jAvJwZyGVOcsfYWtT/cMC8k0e2Xp5tEm1Mx6DA5lRm/IRKUJPvJ1wFpp/Hy
HbVYu7O6WsOmP9mWKqETc/bt82CAi3mAh2zjzzCoAwUBHKKI7U+G5yzRYLo3mNN4
15w0ILRkPmMQD3Y4/+q0xpwwxZIKRMaC2978CUjolLBKLj/Zu7Tf4XnoznzT3wgL
ckzTcR593yJa/qaOFMcbfiGajFWQJbrBRCdF5EIkQ1Mb0cBAjW17PHd+t/sPWDyO
w74YG8Ey/EehUlMjQyGRC9LgkPJbDuHMGs3YJ6BjSTem0jhMLFJU
-----END CERTIFICATE-----
Generated at Tue Oct 1 16:20:40 2024 by rpki-client on console-fra.rpki-client.org