Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/cN2hfHFqOfL8hlQYKHujHy28pUs.roa
File: cN2hfHFqOfL8hlQYKHujHy28pUs.roa (raw, json)
Hash identifier: Db8rmwoKCwpehQE5vnub2PGejokwxMgMe5IiI9oJjUI=
Subject key identifier: 70:DD:A1:7C:71:6A:39:F2:FC:86:54:18:28:7B:A3:1F:2D:BC:A5:4B
Certificate issuer: /CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Certificate serial: 018AC4C285F39D7511CFEE0AC42C9107BA6D
Authority key identifier: 1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/cN2hfHFqOfL8hlQYKHujHy28pUs.roa
Signing time: Sun 24 Sep 2023 01:16:37 +0000
ROA not before: Sun 24 Sep 2023 01:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 193.176.98.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c4:c2:85:f3:9d:75:11:cf:ee:0a:c4:2c:91:07:ba:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Validity
Not Before: Sep 24 01:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70dda17c716a39f2fc865418287ba31f2dbca54b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8c:7a:61:99:49:56:3d:20:d1:77:50:f5:8c:
ee:a2:2a:d2:5a:66:bf:36:a6:37:83:e0:e9:88:a6:
85:7c:99:dc:bf:4c:68:0b:c2:9f:0b:c6:5f:4c:25:
6e:8c:40:c1:06:bf:0c:3d:06:65:75:b4:9d:61:93:
2f:00:45:78:27:95:ef:14:18:3a:19:0b:57:4f:78:
4a:09:1e:25:6a:6d:5b:0c:42:fc:b9:ef:6a:b2:fe:
15:3a:21:5a:17:ba:6c:63:86:e0:83:a8:a6:9c:d5:
96:3e:ea:c0:5c:14:21:cd:3f:0f:5c:b6:ff:45:74:
57:c0:2b:ab:4a:ee:86:c2:b7:56:d6:92:6b:42:99:
8f:af:a4:14:32:19:d4:7e:78:5f:12:24:6b:13:64:
f9:ad:62:14:9e:53:27:22:e2:c0:fc:7c:8f:c8:46:
0f:b5:c1:84:b3:94:ca:a0:38:54:89:7b:dc:57:23:
b7:ec:18:0b:f0:b6:7d:b2:74:df:2e:ec:e7:2b:ce:
81:8a:87:ad:d9:a2:05:97:2f:f2:6d:67:8a:71:92:
b7:a0:85:17:72:2a:ed:6c:ea:2c:8a:ff:fc:0d:78:
40:3a:4a:e2:36:b9:46:5b:00:ba:7e:a9:88:5b:85:
07:51:69:43:d9:f9:b6:3f:33:93:4d:a9:4c:e5:bd:
5c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DD:A1:7C:71:6A:39:F2:FC:86:54:18:28:7B:A3:1F:2D:BC:A5:4B
X509v3 Authority Key Identifier:
keyid:1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/cN2hfHFqOfL8hlQYKHujHy28pUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.98.0/24
Signature Algorithm: sha256WithRSAEncryption
98:c1:d9:3b:18:9c:7c:a6:39:2d:1d:fa:2c:10:ae:d0:b6:d5:
20:b2:75:f2:b4:81:71:2c:9a:28:3e:f6:c4:3f:04:24:ac:3b:
26:20:b6:87:a5:c0:bb:71:91:a1:29:72:d4:50:b4:63:9e:37:
76:7f:2f:ee:b2:dc:65:5b:5e:a2:5d:96:ef:08:54:3c:ca:e4:
6a:5c:ed:b1:06:e1:e5:a2:01:13:cb:d9:ce:3f:ce:d0:d4:85:
b2:f0:74:39:a9:8d:6d:22:4a:6e:80:8d:36:e6:45:e9:f8:a9:
9d:0c:4a:8b:6b:c4:f7:e1:f3:b9:ad:22:e6:ef:90:aa:1f:0b:
63:63:2c:11:f3:b9:b4:9c:73:03:4a:52:a3:37:46:15:51:e6:
2a:af:fb:f3:e7:21:13:5d:d6:e6:46:89:2c:ab:82:60:6d:ac:
a7:08:64:71:bf:78:21:8a:04:fd:d7:fc:49:00:48:9b:73:f1:
4b:e9:4b:f6:de:48:dd:80:24:d2:03:2d:b9:f2:d2:39:b7:50:
7b:3b:52:17:7b:fa:ad:cc:ac:78:25:ff:5f:80:9b:64:78:84:
5d:8e:5b:fa:21:2d:d5:38:df:3f:39:cc:3b:2e:bd:86:df:02:
bc:30:da:df:08:b6:d0:42:3d:eb:ec:05:bf:cb:07:63:c3:22:
c9:cc:e3:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrEwoXznXURz+4KxCyRB7ptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTE1NGUxYzU1NzhiMGZlZjhhYmI3NzlmODExN2U2NGU4
ODRkMTgwHhcNMjMwOTI0MDExNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGRkYTE3YzcxNmEzOWYyZmM4NjU0MTgyODdiYTMxZjJkYmNhNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4x6YZlJVj0g0XdQ9YzuoirSWma/
NqY3g+DpiKaFfJncv0xoC8KfC8ZfTCVujEDBBr8MPQZldbSdYZMvAEV4J5XvFBg6
GQtXT3hKCR4lam1bDEL8ue9qsv4VOiFaF7psY4bgg6imnNWWPurAXBQhzT8PXLb/
RXRXwCurSu6GwrdW1pJrQpmPr6QUMhnUfnhfEiRrE2T5rWIUnlMnIuLA/HyPyEYP
tcGEs5TKoDhUiXvcVyO37BgL8LZ9snTfLuznK86Bioet2aIFly/ybWeKcZK3oIUX
cirtbOosiv/8DXhAOkriNrlGWwC6fqmIW4UHUWlD2fm2PzOTTalM5b1c9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDdoXxxajny/IZUGCh7ox8tvKVLMB8GA1UdIwQY
MBaAFBqRVOHFV4sP74q7d5+BF+ZOiE0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDIt
Mzg4ZDhhZDJhNWJiLzEvY04yaGZIRnFPZkw4aGxRWUtIdWpIeTI4cFVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJi
LzEvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbBiMA0G
CSqGSIb3DQEBCwUAA4IBAQCYwdk7GJx8pjktHfosEK7QttUgsnXytIFxLJooPvbE
PwQkrDsmILaHpcC7cZGhKXLUULRjnjd2fy/ustxlW16iXZbvCFQ8yuRqXO2xBuHl
ogETy9nOP87Q1IWy8HQ5qY1tIkpugI025kXp+KmdDEqLa8T34fO5rSLm75CqHwtj
YywR87m0nHMDSlKjN0YVUeYqr/vz5yETXdbmRoksq4JgbaynCGRxv3ghigT91/xJ
AEibc/FL6Uv23kjdgCTSAy258tI5t1B7O1IXe/qtzKx4Jf9fgJtkeIRdjlv6IS3V
ON8/Ocw7Lr2G3wK8MNrfCLbQQj3r7AW/ywdjwyLJzONe
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:11 2024 by rpki-client on console-ams.rpki-client.org