Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/af1OIvEYXnqoS4lTrlaTpn4ImkU.roa
File: af1OIvEYXnqoS4lTrlaTpn4ImkU.roa (raw, json)
Hash identifier: h92YoO2MbCGb93MFi8q9v5YupNmH+bEsFoYLcxkO+k0=
Subject key identifier: 69:FD:4E:22:F1:18:5E:7A:A8:4B:89:53:AE:56:93:A6:7E:08:9A:45
Certificate issuer: /CN=a52fc60d36e28bb8df145c84acab19cfa53b025a
Certificate serial: 01867EC79F23C2DA1BFD115600DD0F83CD19
Authority key identifier: A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/af1OIvEYXnqoS4lTrlaTpn4ImkU.roa
Signing time: Thu 23 Feb 2023 14:57:37 +0000
ROA not before: Thu 23 Feb 2023 14:57:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201612
IP address blocks: 176.97.158.0/24 maxlen: 24
2001:67c:10b8::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Apr 2023 13:11:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:c7:9f:23:c2:da:1b:fd:11:56:00:dd:0f:83:cd:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a52fc60d36e28bb8df145c84acab19cfa53b025a
Validity
Not Before: Feb 23 14:57:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69fd4e22f1185e7aa84b8953ae5693a67e089a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:11:f7:f8:3b:34:ff:e0:48:7d:ba:8a:4c:c4:
0e:85:a9:1e:30:44:47:ed:02:97:98:a2:50:90:5a:
5f:2d:5f:7a:99:1b:72:dc:a8:2d:c6:6a:c1:b7:74:
f0:23:2b:ed:3c:8b:f8:0b:32:23:17:42:c0:49:61:
21:af:ed:dc:5d:e7:3f:2a:cd:8b:37:b9:df:3c:08:
71:2d:35:d1:de:b9:d2:89:ac:0b:4a:ae:0d:c5:d3:
04:cb:0a:57:a2:e7:6b:95:b8:63:c7:84:f6:30:dc:
ac:27:01:36:54:1a:95:d4:d1:da:93:0c:f3:c5:40:
8e:4d:41:0c:b7:42:cb:02:cb:14:ff:02:95:cf:da:
c8:71:69:e5:3b:ea:55:ba:73:cc:ad:87:d4:9d:c2:
cb:1f:a7:1f:8b:88:67:b6:db:23:61:9d:8c:b5:2e:
d7:72:de:1a:90:88:52:84:2b:ab:90:a6:29:35:64:
ae:4a:2f:fa:06:a8:ca:7b:44:5d:54:3c:9a:59:98:
ca:7b:69:d1:ba:1c:95:fc:ec:35:f9:71:eb:e5:84:
18:07:2a:40:be:49:3c:a5:d3:c4:3b:75:61:f7:23:
5c:80:3b:92:34:46:63:0c:f4:53:9f:c2:00:ec:c7:
ee:e9:69:bf:db:8f:e9:c4:0c:f3:95:e1:b9:0e:3d:
30:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FD:4E:22:F1:18:5E:7A:A8:4B:89:53:AE:56:93:A6:7E:08:9A:45
X509v3 Authority Key Identifier:
keyid:A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/af1OIvEYXnqoS4lTrlaTpn4ImkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.158.0/24
IPv6:
2001:67c:10b8::/48
Signature Algorithm: sha256WithRSAEncryption
87:ba:46:61:74:f9:62:1e:8a:e5:63:63:a8:1e:b1:69:0a:62:
5f:f9:81:7b:e5:c0:12:55:60:73:80:c8:6e:69:95:d1:06:cd:
81:74:81:39:7c:54:62:85:d3:e0:96:a3:46:c7:e6:2d:79:4e:
18:88:e6:fb:bc:47:e7:c2:bf:ca:ff:cc:be:ab:f7:7e:59:4c:
04:b5:94:15:5c:af:f6:f1:6a:b5:6a:5b:6c:37:dc:95:22:eb:
89:61:87:73:4f:3e:b1:27:5b:b0:40:f8:8f:5a:54:ed:42:0c:
f2:af:5a:7c:9f:67:ca:b0:63:19:15:52:81:d6:2d:ce:38:30:
b9:e0:6e:26:ba:fa:af:c6:64:50:1d:b0:30:13:b5:d7:65:c7:
e4:67:fc:e1:9f:4e:a9:df:dc:b3:61:9d:e5:2d:8c:ec:b0:53:
09:80:bf:d6:c2:b0:54:42:fb:f9:51:95:2f:aa:d4:9f:57:98:
69:45:65:00:80:cb:b3:1c:40:72:17:da:cd:21:ca:35:3b:69:
36:2c:ed:56:dc:b4:3d:31:a2:3a:d6:eb:48:96:94:d1:78:fd:
ce:95:95:cc:19:f5:3a:64:03:f3:54:ad:cd:47:19:1f:b5:c9:
12:e3:86:83:72:8e:3f:0a:7b:56:5c:35:27:1c:d1:ac:15:4b:
e6:d4:43:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ+x58jwtob/RFWAN0Pg80ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MmZjNjBkMzZlMjhiYjhkZjE0NWM4NGFjYWIxOWNmYTUz
YjAyNWEwHhcNMjMwMjIzMTQ1NzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWZkNGUyMmYxMTg1ZTdhYTg0Yjg5NTNhZTU2OTNhNjdlMDg5YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxH3+Ds0/+BIfbqKTMQOhakeMERH
7QKXmKJQkFpfLV96mRty3KgtxmrBt3TwIyvtPIv4CzIjF0LASWEhr+3cXec/Ks2L
N7nfPAhxLTXR3rnSiawLSq4NxdMEywpXoudrlbhjx4T2MNysJwE2VBqV1NHakwzz
xUCOTUEMt0LLAssU/wKVz9rIcWnlO+pVunPMrYfUncLLH6cfi4hnttsjYZ2MtS7X
ct4akIhShCurkKYpNWSuSi/6BqjKe0RdVDyaWZjKe2nRuhyV/Ow1+XHr5YQYBypA
vkk8pdPEO3Vh9yNcgDuSNEZjDPRTn8IA7Mfu6Wm/24/pxAzzleG5Dj0w9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGn9TiLxGF56qEuJU65Wk6Z+CJpFMB8GA1UdIwQY
MBaAFKUvxg024ou43xRchKyrGc+lOwJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTct
OWI0YTJkNWYzYTc2LzEvYWYxT0l2RVlYbnFvUzRsVHJsYVRwbjRJbWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTctOWI0YTJkNWYzYTc2
LzEvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsGGeMA8E
AgACMAkDBwAgAQZ8ELgwDQYJKoZIhvcNAQELBQADggEBAIe6RmF0+WIeiuVjY6ge
sWkKYl/5gXvlwBJVYHOAyG5pldEGzYF0gTl8VGKF0+CWo0bH5i15ThiI5vu8R+fC
v8r/zL6r935ZTAS1lBVcr/bxarVqW2w33JUi64lhh3NPPrEnW7BA+I9aVO1CDPKv
WnyfZ8qwYxkVUoHWLc44MLngbia6+q/GZFAdsDATtddlx+Rn/OGfTqnf3LNhneUt
jOywUwmAv9bCsFRC+/lRlS+q1J9XmGlFZQCAy7McQHIX2s0hyjU7aTYs7VbctD0x
ojrW60iWlNF4/c6VlcwZ9TpkA/NUrc1HGR+1yRLjhoNyjj8Ke1ZcNScc0awVS+bU
Q9U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:42 2024 by rpki-client on console-fra.rpki-client.org