Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/dabacb-e6f5-4065-86b6-8e0d83c5edfe/1/9Z_Zo8ffvLaiFXbaHjokASj84Ig.roa
File: 9Z_Zo8ffvLaiFXbaHjokASj84Ig.roa (raw, json)
Hash identifier: Na+OOTsm9PHhfkdKUP/x1wGEN4ZuraCxI0KFHlcjpa8=
Subject key identifier: F5:9F:D9:A3:C7:DF:BC:B6:A2:15:76:DA:1E:3A:24:01:28:FC:E0:88
Certificate issuer: /CN=aa21104b4f772224d11856a24edf9466a844d26c
Certificate serial: 01858674380D2F0ADEC53014AB27CF01B35E
Authority key identifier: AA:21:10:4B:4F:77:22:24:D1:18:56:A2:4E:DF:94:66:A8:44:D2:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qiEQS093IiTRGFaiTt-UZqhE0mw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/dabacb-e6f5-4065-86b6-8e0d83c5edfe/1/9Z_Zo8ffvLaiFXbaHjokASj84Ig.roa
Signing time: Fri 06 Jan 2023 09:40:41 +0000
ROA not before: Fri 06 Jan 2023 09:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43268
IP address blocks: 194.62.108.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:74:38:0d:2f:0a:de:c5:30:14:ab:27:cf:01:b3:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa21104b4f772224d11856a24edf9466a844d26c
Validity
Not Before: Jan 6 09:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f59fd9a3c7dfbcb6a21576da1e3a240128fce088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:84:c3:9b:f4:68:40:4c:87:c6:c5:88:fa:03:
8b:dc:64:b9:4c:44:3f:13:db:40:0e:28:96:49:f7:
ba:52:6f:23:e8:f7:73:87:9a:4f:4e:20:38:f9:ad:
d3:71:9c:31:72:d4:c6:d3:35:52:e4:94:a3:7b:1d:
b9:37:c5:cb:48:57:d1:b5:b8:5d:a8:85:00:b5:2c:
ac:80:c2:57:d8:52:81:4e:9a:6b:3e:82:d3:c2:6e:
c0:68:13:95:e7:04:35:7d:35:d6:b3:3a:46:6f:ca:
e8:7b:2e:04:b3:9f:41:fb:10:58:c2:2b:1f:46:91:
e4:b6:84:b3:f2:a8:9a:5a:94:85:c8:5c:46:ef:d7:
b2:c7:53:e9:6d:0c:1c:e3:19:4e:df:0d:33:47:74:
af:ee:82:13:ee:3e:6e:34:03:5a:1a:f8:ce:4e:a0:
17:94:d8:d9:f5:e6:ca:a6:a0:80:cb:03:77:cc:84:
17:5a:ed:05:1b:a6:4a:5b:ff:07:79:d4:c9:96:09:
18:1d:8c:3a:13:3f:34:69:a9:f9:56:97:ad:11:9e:
0e:cb:ba:58:84:4c:0b:f9:f0:af:8b:c5:5a:65:ef:
33:51:6a:cc:ad:bd:d5:bc:ed:b6:74:d2:c3:f5:e2:
fc:57:1d:cf:ff:a1:7d:59:a6:ab:56:39:4c:f4:59:
17:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9F:D9:A3:C7:DF:BC:B6:A2:15:76:DA:1E:3A:24:01:28:FC:E0:88
X509v3 Authority Key Identifier:
keyid:AA:21:10:4B:4F:77:22:24:D1:18:56:A2:4E:DF:94:66:A8:44:D2:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qiEQS093IiTRGFaiTt-UZqhE0mw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/dabacb-e6f5-4065-86b6-8e0d83c5edfe/1/9Z_Zo8ffvLaiFXbaHjokASj84Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/dabacb-e6f5-4065-86b6-8e0d83c5edfe/1/qiEQS093IiTRGFaiTt-UZqhE0mw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.108.0/22
Signature Algorithm: sha256WithRSAEncryption
79:99:59:e7:e1:e5:39:72:df:6c:a8:6b:89:b9:9d:ab:41:14:
dd:f0:93:ab:86:ec:d9:ce:17:9c:fb:f8:9a:a0:d8:d1:13:4b:
ce:5d:91:1a:0d:9d:b2:6a:52:f4:04:7b:d3:82:73:6a:28:ff:
8f:30:3b:a8:5a:f8:79:f7:18:66:6c:09:1c:76:4e:81:01:9a:
e7:6e:a9:dd:ce:9e:73:9e:29:a1:f3:9b:dc:b3:d5:54:83:cc:
d2:76:c1:f3:40:99:17:63:f4:7f:48:c2:b7:10:a1:4e:b4:bc:
ec:4b:f8:04:dd:25:76:e2:ef:a4:28:4f:8e:81:53:cf:7c:64:
f7:62:7c:af:53:7b:04:05:46:0b:0c:6c:f5:40:47:1e:85:83:
a9:d6:06:a1:4e:79:72:f1:0b:4c:09:eb:40:6a:a7:11:e4:13:
c6:10:90:dc:5d:2c:5a:25:1d:40:68:d6:93:33:4e:be:01:ef:
df:1e:5e:6e:8f:39:30:6e:ef:69:83:29:78:34:5c:b8:59:37:
25:19:0e:d6:db:74:af:bb:4c:1c:d1:bf:ce:49:64:61:fe:d5:
0c:7e:51:3e:b6:55:2e:1a:85:37:a5:e2:48:bc:20:f7:b3:6e:
b2:f0:7d:8a:76:e6:ff:29:a8:b8:1a:78:8a:a8:8b:98:33:15:
c0:76:bd:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWGdDgNLwrexTAUqyfPAbNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMjExMDRiNGY3NzIyMjRkMTE4NTZhMjRlZGY5NDY2YTg0
NGQyNmMwHhcNMjMwMTA2MDk0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTlmZDlhM2M3ZGZiY2I2YTIxNTc2ZGExZTNhMjQwMTI4ZmNlMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oTDm/RoQEyHxsWI+gOL3GS5TEQ/
E9tADiiWSfe6Um8j6Pdzh5pPTiA4+a3TcZwxctTG0zVS5JSjex25N8XLSFfRtbhd
qIUAtSysgMJX2FKBTpprPoLTwm7AaBOV5wQ1fTXWszpGb8roey4Es59B+xBYwisf
RpHktoSz8qiaWpSFyFxG79eyx1PpbQwc4xlO3w0zR3Sv7oIT7j5uNANaGvjOTqAX
lNjZ9ebKpqCAywN3zIQXWu0FG6ZKW/8HedTJlgkYHYw6Ez80aan5VpetEZ4Oy7pY
hEwL+fCvi8VaZe8zUWrMrb3VvO22dNLD9eL8Vx3P/6F9WaarVjlM9FkXgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPWf2aPH37y2ohV22h46JAEo/OCIMB8GA1UdIwQY
MBaAFKohEEtPdyIk0RhWok7flGaoRNJsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlFUVMwOTNJaVRSR0ZhaVR0LVVacWhFMG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kYWJhY2ItZTZmNS00MDY1LTg2YjYt
OGUwZDgzYzVlZGZlLzEvOVpfWm84ZmZ2TGFpRlhiYUhqb2tBU2o4NElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kYWJhY2ItZTZmNS00MDY1LTg2YjYtOGUwZDgzYzVlZGZl
LzEvcWlFUVMwOTNJaVRSR0ZhaVR0LVVacWhFMG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwj5sMA0G
CSqGSIb3DQEBCwUAA4IBAQB5mVnn4eU5ct9sqGuJuZ2rQRTd8JOrhuzZzhec+/ia
oNjRE0vOXZEaDZ2yalL0BHvTgnNqKP+PMDuoWvh59xhmbAkcdk6BAZrnbqndzp5z
nimh85vcs9VUg8zSdsHzQJkXY/R/SMK3EKFOtLzsS/gE3SV24u+kKE+OgVPPfGT3
YnyvU3sEBUYLDGz1QEcehYOp1gahTnly8QtMCetAaqcR5BPGEJDcXSxaJR1AaNaT
M06+Ae/fHl5ujzkwbu9pgyl4NFy4WTclGQ7W23Svu0wc0b/OSWRh/tUMflE+tlUu
GoU3peJIvCD3s26y8H2Kdub/Kai4GniKqIuYMxXAdr1H
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:06 2024 by rpki-client on console-ams.rpki-client.org