Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/ia9IJ02LCwl3K06fFISFeW2v4j0.roa
File: ia9IJ02LCwl3K06fFISFeW2v4j0.roa (raw, json)
Hash identifier: Od+ZKW89psQvSDej0Yrj3/StZGpNfWubB20YcLRdCdw=
Subject key identifier: 89:AF:48:27:4D:8B:0B:09:77:2B:4E:9F:14:84:85:79:6D:AF:E2:3D
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 018BD34F64C240DDD7CAA4BBC110152F3B9C
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/ia9IJ02LCwl3K06fFISFeW2v4j0.roa
Signing time: Wed 15 Nov 2023 14:07:57 +0000
ROA not before: Wed 15 Nov 2023 14:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47377
IP address blocks: 91.242.245.0/24 maxlen: 24
176.126.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:4f:64:c2:40:dd:d7:ca:a4:bb:c1:10:15:2f:3b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Nov 15 14:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89af48274d8b0b09772b4e9f148485796dafe23d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:05:34:e7:47:75:65:5e:7d:ac:20:70:00:27:
38:48:b4:dc:49:11:0b:68:7c:b4:25:7b:96:5b:2f:
61:bd:83:dd:ca:0b:7f:b1:ee:f4:52:cf:d8:ad:df:
be:47:b8:59:77:85:27:2a:04:91:e3:ab:10:a1:d2:
8b:be:27:dc:04:2a:90:eb:1c:1c:fb:a3:3b:16:9e:
6c:32:5c:55:b2:cb:30:a1:7c:d0:e6:1b:25:1b:f5:
06:a9:18:cb:ad:ad:72:8a:b1:98:1f:b6:20:90:a1:
85:cd:00:64:51:48:21:fd:b5:6a:ec:20:49:35:fe:
f5:2c:8b:5e:cf:2d:79:d8:6d:38:cb:3b:73:86:00:
99:aa:e8:39:25:95:33:5b:91:d8:e8:1e:e9:4f:48:
bc:f3:e5:ab:26:d7:48:26:fc:96:6b:bf:1f:5d:8f:
1f:6d:29:07:78:69:e8:1e:2c:55:e3:ee:af:7d:c6:
b5:83:46:ae:dd:47:db:cd:37:8e:c0:f3:74:22:a8:
ce:b1:9a:3c:fd:18:5a:5f:c6:c9:09:08:7c:aa:de:
59:30:aa:e2:ce:fc:cf:d9:48:a9:7c:45:66:ff:8a:
29:2d:0c:ac:33:5c:16:cd:2b:8d:9a:37:89:ad:96:
4f:aa:21:9a:09:df:c5:c5:2a:2f:2a:5b:2b:aa:fb:
0b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AF:48:27:4D:8B:0B:09:77:2B:4E:9F:14:84:85:79:6D:AF:E2:3D
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/ia9IJ02LCwl3K06fFISFeW2v4j0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.245.0/24
176.126.100.0/24
Signature Algorithm: sha256WithRSAEncryption
88:81:cc:1b:2d:13:1a:dd:ad:7e:93:a6:e0:8c:8e:0c:1e:ff:
df:04:c4:7b:ae:df:83:de:60:e7:9a:fb:d3:b8:e0:51:0c:ed:
ae:44:fd:4a:db:33:8c:69:4c:f4:cc:4e:14:8d:a2:a3:d5:00:
18:23:bd:12:0f:9a:81:d3:d1:40:3c:2f:1a:c7:a1:e5:c2:3b:
66:26:9c:c5:e1:cc:33:d2:44:36:aa:5d:40:7f:79:ea:26:dd:
55:0a:14:df:a8:55:74:56:0a:27:42:3b:4c:17:d3:c8:ca:9e:
e3:35:22:d6:3e:64:35:87:bc:5c:6b:48:da:3a:e2:8a:11:59:
26:3e:41:0d:7d:51:b8:52:8a:9d:84:c8:fd:20:52:5e:70:91:
53:f4:2d:97:19:36:c2:c7:c0:d2:1c:b9:6f:5b:6d:3b:87:42:
d5:cc:f7:a0:76:c4:85:68:03:f8:d1:83:f5:3c:ed:d9:ce:39:
53:72:87:e5:4e:f1:87:96:7a:b5:b9:72:c8:d9:6d:24:7a:ef:
33:e4:7f:b6:37:c7:39:79:5e:98:37:9a:eb:21:eb:55:d8:75:
8d:c0:bb:d6:43:5f:8e:df:b7:6b:3b:de:66:04:40:a6:64:92:
4d:98:60:73:2d:71:d6:88:38:16:a0:4a:d0:90:fa:23:d7:63:
98:c9:e4:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvTT2TCQN3XyqS7wRAVLzucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjMxMTE1MTQwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWFmNDgyNzRkOGIwYjA5NzcyYjRlOWYxNDg0ODU3OTZkYWZlMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQU050d1ZV59rCBwACc4SLTcSREL
aHy0JXuWWy9hvYPdygt/se70Us/Yrd++R7hZd4UnKgSR46sQodKLvifcBCqQ6xwc
+6M7Fp5sMlxVssswoXzQ5hslG/UGqRjLra1yirGYH7YgkKGFzQBkUUgh/bVq7CBJ
Nf71LItezy152G04yztzhgCZqug5JZUzW5HY6B7pT0i88+WrJtdIJvyWa78fXY8f
bSkHeGnoHixV4+6vfca1g0au3UfbzTeOwPN0IqjOsZo8/RhaX8bJCQh8qt5ZMKri
zvzP2UipfEVm/4opLQysM1wWzSuNmjeJrZZPqiGaCd/FxSovKlsrqvsLqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFImvSCdNiwsJdytOnxSEhXltr+I9MB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvaWE5SUowMkxDd2wzSzA2ZkZJU0ZlVzJ2NGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/L1AwQA
sH5kMA0GCSqGSIb3DQEBCwUAA4IBAQCIgcwbLRMa3a1+k6bgjI4MHv/fBMR7rt+D
3mDnmvvTuOBRDO2uRP1K2zOMaUz0zE4UjaKj1QAYI70SD5qB09FAPC8ax6Hlwjtm
JpzF4cwz0kQ2ql1Af3nqJt1VChTfqFV0VgonQjtMF9PIyp7jNSLWPmQ1h7xca0ja
OuKKEVkmPkENfVG4UoqdhMj9IFJecJFT9C2XGTbCx8DSHLlvW207h0LVzPegdsSF
aAP40YP1PO3ZzjlTcoflTvGHlnq1uXLI2W0keu8z5H+2N8c5eV6YN5rrIetV2HWN
wLvWQ1+O37drO95mBECmZJJNmGBzLXHWiDgWoErQkPoj12OYyeSV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:37 2024 by rpki-client on console-ams.rpki-client.org