Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/u8XWgwzw4-_egcRBHBmoIAt-TTI.roa
File: u8XWgwzw4-_egcRBHBmoIAt-TTI.roa (raw, json)
Hash identifier: nim1j/RS4cJ1VWN2rnLOpBVwzOmNXHphR6XIQTfg2bM=
Subject key identifier: BB:C5:D6:83:0C:F0:E3:EF:DE:81:C4:41:1C:19:A8:20:0B:7E:4D:32
Certificate issuer: /CN=ab684e50e33f3a0015c8f899c88bcb137bcfb5f9
Certificate serial: 01856F393D649B5FC3F780F2CD4DAD915298
Authority key identifier: AB:68:4E:50:E3:3F:3A:00:15:C8:F8:99:C8:8B:CB:13:7B:CF:B5:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/u8XWgwzw4-_egcRBHBmoIAt-TTI.roa
Signing time: Sun 01 Jan 2023 21:25:00 +0000
ROA not before: Sun 01 Jan 2023 21:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42473
IP address blocks: 176.119.152.0/24 maxlen: 24
176.119.155.0/24 maxlen: 24
176.119.153.0/24 maxlen: 24
176.119.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:3d:64:9b:5f:c3:f7:80:f2:cd:4d:ad:91:52:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab684e50e33f3a0015c8f899c88bcb137bcfb5f9
Validity
Not Before: Jan 1 21:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbc5d6830cf0e3efde81c4411c19a8200b7e4d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:af:32:8b:1e:2e:69:b8:69:00:68:ed:26:8d:
48:b6:0c:1b:65:0b:91:56:ae:b5:04:ac:6f:08:da:
a6:4e:ac:e0:4a:f9:7c:a9:36:42:08:01:7a:aa:e2:
85:ff:e8:0a:f4:2f:10:63:fe:8e:fb:e4:79:4b:1a:
59:dc:d0:fb:d5:2d:f4:08:e5:05:a3:83:f9:80:80:
d7:e7:e9:8e:72:d9:51:29:50:f0:f6:76:61:f8:31:
6e:e0:62:0a:aa:be:90:3b:09:d3:c5:2d:9e:09:1a:
c5:8a:eb:91:1e:5f:d9:5d:13:f4:f8:40:69:f5:b7:
05:1e:9b:d0:f3:5e:00:b9:da:40:d0:6b:f5:bf:a2:
4f:a6:97:6c:12:4e:80:a1:8b:8d:26:23:68:bd:eb:
e9:cb:a4:30:5f:6c:b4:20:3f:00:1a:89:82:4f:72:
e5:e3:7b:4c:e2:f2:b2:be:22:b6:8a:6c:9f:55:17:
76:67:94:08:71:21:26:54:c3:f5:43:ad:2a:6c:d7:
2e:58:fc:59:61:4b:1c:23:d2:07:5b:a8:39:b7:f5:
34:ef:43:f1:0e:dc:2c:76:64:49:e7:5f:6a:cd:f8:
31:8a:33:07:4e:48:eb:c5:d1:11:1e:19:89:42:7a:
98:41:90:67:e4:73:6c:99:3f:8a:3f:fa:1c:a3:7f:
18:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C5:D6:83:0C:F0:E3:EF:DE:81:C4:41:1C:19:A8:20:0B:7E:4D:32
X509v3 Authority Key Identifier:
keyid:AB:68:4E:50:E3:3F:3A:00:15:C8:F8:99:C8:8B:CB:13:7B:CF:B5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/u8XWgwzw4-_egcRBHBmoIAt-TTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.152.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:62:ee:60:0b:dd:9f:9f:ce:77:83:72:79:75:b5:72:2f:be:
9e:cc:49:50:94:f8:87:78:a0:8e:74:ae:1a:26:ff:03:5b:e0:
0a:d1:cf:70:00:46:a5:f5:eb:54:09:24:e0:a6:b5:63:8a:9a:
1b:fd:47:bc:69:58:50:ae:41:51:49:f9:4a:6f:9a:52:e5:d5:
c7:87:fa:e7:a4:c1:62:92:7e:df:b2:df:5f:5c:08:98:c5:67:
74:38:35:d3:5e:2c:8c:a3:f9:67:a7:42:d2:e4:8a:1d:dc:7b:
23:ff:d1:29:8f:d2:75:9e:a5:42:0c:9e:e0:a2:48:a5:e8:47:
5b:43:73:1a:83:14:92:f9:39:5a:d5:5c:bc:08:6b:9a:d6:10:
10:0b:38:7b:af:1a:af:96:c2:ad:b3:df:50:f3:b2:81:31:5d:
19:71:99:51:1e:b2:48:36:e5:d4:08:d6:17:c7:05:e8:ae:3f:
58:a9:2b:7b:47:4b:d8:bf:6e:38:00:45:7f:b8:73:6a:3a:69:
07:39:7f:18:ce:60:ea:c9:cc:9f:da:39:df:05:53:5c:2e:54:
bf:2d:9c:dd:53:26:42:bd:64:57:63:41:96:5b:c2:f8:93:ab:
80:03:da:32:f4:8c:e0:ac:f1:88:cf:bf:68:58:ec:a1:10:8f:
5d:95:d1:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOT1km1/D94DyzU2tkVKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNjg0ZTUwZTMzZjNhMDAxNWM4Zjg5OWM4OGJjYjEzN2Jj
ZmI1ZjkwHhcNMjMwMTAxMjEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmM1ZDY4MzBjZjBlM2VmZGU4MWM0NDExYzE5YTgyMDBiN2U0ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra8yix4uabhpAGjtJo1ItgwbZQuR
Vq61BKxvCNqmTqzgSvl8qTZCCAF6quKF/+gK9C8QY/6O++R5SxpZ3ND71S30COUF
o4P5gIDX5+mOctlRKVDw9nZh+DFu4GIKqr6QOwnTxS2eCRrFiuuRHl/ZXRP0+EBp
9bcFHpvQ814AudpA0Gv1v6JPppdsEk6AoYuNJiNovevpy6QwX2y0ID8AGomCT3Ll
43tM4vKyviK2imyfVRd2Z5QIcSEmVMP1Q60qbNcuWPxZYUscI9IHW6g5t/U070Px
DtwsdmRJ519qzfgxijMHTkjrxdERHhmJQnqYQZBn5HNsmT+KP/oco38YXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvF1oMM8OPv3oHEQRwZqCALfk0yMB8GA1UdIwQY
MBaAFKtoTlDjPzoAFcj4mciLyxN7z7X5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC85NDcyYTYtZDAyMi00M2NlLWIzNjIt
ODBlNWQ1M2VkYjQxLzEvdThYV2d3enc0LV9lZ2NSQkhCbW9JQXQtVFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC85NDcyYTYtZDAyMi00M2NlLWIzNjItODBlNWQ1M2VkYjQx
LzEvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHeYMA0G
CSqGSIb3DQEBCwUAA4IBAQBPYu5gC92fn853g3J5dbVyL76ezElQlPiHeKCOdK4a
Jv8DW+AK0c9wAEal9etUCSTgprVjipob/Ue8aVhQrkFRSflKb5pS5dXHh/rnpMFi
kn7fst9fXAiYxWd0ODXTXiyMo/lnp0LS5Iod3Hsj/9Epj9J1nqVCDJ7gokil6Edb
Q3MagxSS+Tla1Vy8CGua1hAQCzh7rxqvlsKts99Q87KBMV0ZcZlRHrJINuXUCNYX
xwXorj9YqSt7R0vYv244AEV/uHNqOmkHOX8YzmDqycyf2jnfBVNcLlS/LZzdUyZC
vWRXY0GWW8L4k6uAA9oy9IzgrPGIz79oWOyhEI9dldHW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:23 2024 by rpki-client on console-fra.rpki-client.org