Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c87266-0d64-449c-ba46-0b617fe7c123/1/RIfobKbG2A-fLQ6w0Wvi_6VjulM.roa
File: RIfobKbG2A-fLQ6w0Wvi_6VjulM.roa (raw, json)
Hash identifier: Mt9UnKtFJ2icxrmXPzQCNU8F68wN0DQdYmWWfQP4AbA=
Subject key identifier: 44:87:E8:6C:A6:C6:D8:0F:9F:2D:0E:B0:D1:6B:E2:FF:A5:63:BA:53
Certificate issuer: /CN=a2dbf3dece882fad8a237468e08fd7beb1cafa39
Certificate serial: 0185A341013C3C0EE720E465080BFE997331
Authority key identifier: A2:DB:F3:DE:CE:88:2F:AD:8A:23:74:68:E0:8F:D7:BE:B1:CA:FA:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otvz3s6IL62KI3Ro4I_XvrHK-jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/c87266-0d64-449c-ba46-0b617fe7c123/1/RIfobKbG2A-fLQ6w0Wvi_6VjulM.roa
Signing time: Wed 11 Jan 2023 23:53:44 +0000
ROA not before: Wed 11 Jan 2023 23:53:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 146.19.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a3:41:01:3c:3c:0e:e7:20:e4:65:08:0b:fe:99:73:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2dbf3dece882fad8a237468e08fd7beb1cafa39
Validity
Not Before: Jan 11 23:53:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4487e86ca6c6d80f9f2d0eb0d16be2ffa563ba53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bb:59:07:3e:39:3d:9d:39:2a:3f:6d:7a:3b:
d8:ac:ee:70:2d:18:ce:a0:6a:83:0e:65:d4:d1:27:
cd:60:a5:d3:4e:5d:b6:0b:f2:35:60:6b:29:36:f1:
32:a7:6c:90:ce:7f:3c:e7:4d:9e:13:c5:c0:5e:c7:
5b:2a:f7:3a:43:23:31:87:33:07:d1:27:db:84:36:
12:70:e5:1b:35:d5:f7:3f:7f:d0:81:e9:f5:63:c9:
1c:1a:f7:f5:e5:ea:89:d7:d2:93:22:2f:87:8c:16:
1a:03:bd:38:58:13:01:cd:86:d1:09:29:d8:fc:e5:
42:66:12:90:b2:01:86:63:4c:54:8f:36:b3:ce:af:
33:bf:62:eb:ca:bf:2a:71:9a:27:f0:af:dd:d3:82:
74:ea:f7:ac:8a:2e:1a:45:d9:36:4e:5f:16:8e:54:
62:78:b1:bd:24:60:19:64:a8:82:f7:df:81:69:0f:
ff:1a:f0:20:63:91:50:59:0b:e2:2d:7e:6a:ee:5c:
49:94:ce:98:fc:1b:03:7e:13:4b:00:bf:84:ba:a8:
c7:3b:47:d8:b7:bf:40:11:9e:af:45:95:59:51:df:
b5:35:9d:1d:27:8e:c1:09:2d:c0:ab:e7:b6:71:c7:
e5:53:82:c5:2e:e7:97:48:be:29:c8:29:6b:18:0c:
c0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:87:E8:6C:A6:C6:D8:0F:9F:2D:0E:B0:D1:6B:E2:FF:A5:63:BA:53
X509v3 Authority Key Identifier:
keyid:A2:DB:F3:DE:CE:88:2F:AD:8A:23:74:68:E0:8F:D7:BE:B1:CA:FA:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otvz3s6IL62KI3Ro4I_XvrHK-jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c87266-0d64-449c-ba46-0b617fe7c123/1/RIfobKbG2A-fLQ6w0Wvi_6VjulM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c87266-0d64-449c-ba46-0b617fe7c123/1/otvz3s6IL62KI3Ro4I_XvrHK-jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.9.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:b6:dc:9e:fb:15:c4:e2:e7:6a:5d:43:de:83:70:9f:20:c3:
39:11:bd:63:cc:dd:6e:20:df:22:3d:4a:16:76:ab:bc:54:3b:
08:7c:46:4d:21:e7:d7:c7:ef:de:a1:3b:de:2d:3d:40:2b:a0:
68:64:49:99:e7:1a:27:50:5d:71:0d:e5:17:77:86:0c:b6:fe:
10:75:fa:cf:6a:a8:35:37:57:80:85:a1:e3:94:14:8d:fc:ed:
13:0a:49:a0:ad:7e:39:55:cb:35:52:0a:05:cc:0f:03:78:3a:
d1:23:c4:a7:99:16:c9:eb:ed:7d:28:38:53:90:0d:d2:1e:e1:
78:0e:57:5a:5a:70:b4:7f:ed:44:f1:63:88:79:2c:cd:c9:54:
94:36:f1:30:a4:da:9c:f4:68:6f:0e:de:e4:4c:e6:9a:08:a2:
26:c2:4e:c2:39:da:c7:10:b0:82:ab:aa:36:8d:cf:c0:a8:1e:
ca:cb:49:f6:f9:f1:75:51:62:4c:fb:a5:89:39:82:af:fd:be:
89:5e:0f:0f:fe:63:2b:cd:91:0a:c3:b4:ae:f3:d8:6f:23:90:
47:dc:3a:88:c4:9f:8c:23:c9:aa:e0:71:cb:5f:ec:0d:73:dd:
e2:75:07:61:5a:f2:f3:35:7a:d7:f9:7c:35:29:58:76:92:5c:
35:3a:da:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWjQQE8PA7nIORlCAv+mXMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZGJmM2RlY2U4ODJmYWQ4YTIzNzQ2OGUwOGZkN2JlYjFj
YWZhMzkwHhcNMjMwMTExMjM1MzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg3ZTg2Y2E2YzZkODBmOWYyZDBlYjBkMTZiZTJmZmE1NjNiYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbtZBz45PZ05Kj9tejvYrO5wLRjO
oGqDDmXU0SfNYKXTTl22C/I1YGspNvEyp2yQzn88502eE8XAXsdbKvc6QyMxhzMH
0SfbhDYScOUbNdX3P3/Qgen1Y8kcGvf15eqJ19KTIi+HjBYaA704WBMBzYbRCSnY
/OVCZhKQsgGGY0xUjzazzq8zv2Lryr8qcZon8K/d04J06vesii4aRdk2Tl8WjlRi
eLG9JGAZZKiC99+BaQ//GvAgY5FQWQviLX5q7lxJlM6Y/BsDfhNLAL+EuqjHO0fY
t79AEZ6vRZVZUd+1NZ0dJ47BCS3Aq+e2ccflU4LFLueXSL4pyClrGAzABQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESH6GymxtgPny0OsNFr4v+lY7pTMB8GA1UdIwQY
MBaAFKLb897OiC+tiiN0aOCP176xyvo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3R2ejNzNklMNjJLSTNSbzRJX1h2ckhLLWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jODcyNjYtMGQ2NC00NDljLWJhNDYt
MGI2MTdmZTdjMTIzLzEvUklmb2JLYkcyQS1mTFE2dzBXdmlfNlZqdWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jODcyNjYtMGQ2NC00NDljLWJhNDYtMGI2MTdmZTdjMTIz
LzEvb3R2ejNzNklMNjJLSTNSbzRJX1h2ckhLLWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMJMA0G
CSqGSIb3DQEBCwUAA4IBAQCgttye+xXE4udqXUPeg3CfIMM5Eb1jzN1uIN8iPUoW
dqu8VDsIfEZNIefXx+/eoTveLT1AK6BoZEmZ5xonUF1xDeUXd4YMtv4QdfrPaqg1
N1eAhaHjlBSN/O0TCkmgrX45Vcs1UgoFzA8DeDrRI8SnmRbJ6+19KDhTkA3SHuF4
DldaWnC0f+1E8WOIeSzNyVSUNvEwpNqc9GhvDt7kTOaaCKImwk7COdrHELCCq6o2
jc/AqB7Ky0n2+fF1UWJM+6WJOYKv/b6JXg8P/mMrzZEKw7Su89hvI5BH3DqIxJ+M
I8mq4HHLX+wNc93idQdhWvLzNXrX+Xw1KVh2klw1Otra
-----END CERTIFICATE-----
Generated at Thu Sep 14 01:05:59 2023 by rpki-client on console-ams.rpki-client.org