Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/9k8W-i3zuRr2KXtB6DD8C2qKTSU.roa
File: 9k8W-i3zuRr2KXtB6DD8C2qKTSU.roa (raw, json)
Hash identifier: mDsG7Gblnfk8xYWNP7t8IWeejPt6gfoLGHMKZS05jOw=
Subject key identifier: F6:4F:16:FA:2D:F3:B9:1A:F6:29:7B:41:E8:30:FC:0B:6A:8A:4D:25
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018D0CED655CC20D0B589DF21BC20B7844F8
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/9k8W-i3zuRr2KXtB6DD8C2qKTSU.roa
Signing time: Mon 15 Jan 2024 11:41:40 +0000
ROA not before: Mon 15 Jan 2024 11:41:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35112
IP address blocks: 217.119.129.0/24 maxlen: 24
146.19.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 12:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:ed:65:5c:c2:0d:0b:58:9d:f2:1b:c2:0b:78:44:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Jan 15 11:41:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f64f16fa2df3b91af6297b41e830fc0b6a8a4d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:aa:ae:fd:9b:01:29:7f:58:a7:13:3f:a1:25:
a2:8d:bc:9b:11:7e:3d:54:57:1a:65:9c:9e:57:11:
07:be:1d:98:54:86:78:39:ef:7c:cc:4c:31:15:f0:
aa:35:ab:92:f3:68:ed:52:bc:91:bb:80:95:97:75:
86:31:1e:e2:1b:a0:8d:e3:d6:01:6e:0b:be:f3:2b:
f9:1a:2f:6b:3c:11:74:51:cc:c2:e4:d7:5d:08:bd:
93:51:2c:e0:3c:a8:7c:d9:5d:40:fe:37:d8:b3:d8:
a2:bd:be:8a:8c:3a:ee:43:99:1f:c8:92:ef:c5:a1:
bd:da:6b:5c:78:69:8a:df:f7:fe:35:1e:7c:81:61:
67:54:48:e8:d2:3a:1e:48:68:e4:c0:89:da:87:85:
82:37:3d:48:67:e5:53:49:f5:8a:81:ff:0a:9a:29:
0f:f9:96:ba:0c:de:1e:de:de:84:f7:1f:34:2b:71:
63:2d:ff:54:a7:7c:13:fd:13:6e:12:12:1c:70:96:
fb:d9:61:a1:ad:89:d6:5a:94:6c:0f:c3:31:2b:e8:
8c:42:fb:a6:3c:2b:d1:ae:fc:6f:95:2d:f9:1f:47:
91:5f:ce:0a:8c:e0:1e:7e:67:61:51:80:bf:b9:09:
03:1e:a3:41:4f:40:21:04:bd:78:ac:5b:bb:6e:18:
81:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:4F:16:FA:2D:F3:B9:1A:F6:29:7B:41:E8:30:FC:0B:6A:8A:4D:25
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/9k8W-i3zuRr2KXtB6DD8C2qKTSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.128.0/24
217.119.129.0/24
Signature Algorithm: sha256WithRSAEncryption
22:31:5e:42:42:c2:23:9a:16:25:b9:4f:0c:16:0f:18:02:3c:
25:13:ef:27:05:4b:01:bb:7c:fa:a7:ed:c8:83:dd:1e:ef:ab:
7a:26:a4:72:69:b3:9b:4f:ee:7b:f2:d2:d3:2e:0d:a2:1f:44:
dd:f0:76:d4:14:0a:1f:f9:45:94:a5:c8:c6:84:71:3b:7b:dd:
c9:6c:f0:fa:bc:e1:ad:60:14:8d:f5:82:1b:eb:96:50:47:a3:
b3:49:3a:51:cc:85:96:a9:d6:23:b5:31:fd:b2:93:b1:65:c3:
97:b7:05:a6:3d:7b:de:3b:e6:71:ab:f6:a8:5a:1d:28:51:18:
f0:fe:d2:db:90:92:94:68:e1:1c:f0:ab:b1:5a:13:e3:13:70:
fa:bf:d4:f1:da:2a:84:00:b6:e4:a3:73:1d:6b:93:ec:88:fa:
d7:bc:d8:61:00:ab:7d:a3:16:31:09:3a:74:0c:80:aa:4a:a5:
e7:a6:be:b1:82:03:16:0e:62:c1:38:2d:7d:86:fc:1a:bb:6c:
ab:9e:cf:b6:29:3b:28:1a:0d:7d:fe:e2:4e:c8:26:9f:ea:c3:
96:ed:1d:c6:0c:c6:a8:c6:7e:85:97:8a:a1:85:be:1a:4f:a4:
6c:ec:20:08:5d:52:5a:d2:39:12:ab:fe:89:3f:b7:3c:2a:8d:
24:10:a2:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0M7WVcwg0LWJ3yG8ILeET4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwMTE1MTE0MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjRmMTZmYTJkZjNiOTFhZjYyOTdiNDFlODMwZmMwYjZhOGE0ZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6qu/ZsBKX9YpxM/oSWijbybEX49
VFcaZZyeVxEHvh2YVIZ4Oe98zEwxFfCqNauS82jtUryRu4CVl3WGMR7iG6CN49YB
bgu+8yv5Gi9rPBF0UczC5NddCL2TUSzgPKh82V1A/jfYs9iivb6KjDruQ5kfyJLv
xaG92mtceGmK3/f+NR58gWFnVEjo0joeSGjkwInah4WCNz1IZ+VTSfWKgf8KmikP
+Za6DN4e3t6E9x80K3FjLf9Up3wT/RNuEhIccJb72WGhrYnWWpRsD8MxK+iMQvum
PCvRrvxvlS35H0eRX84KjOAefmdhUYC/uQkDHqNBT0AhBL14rFu7bhiBVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPZPFvot87ka9il7Qegw/Atqik0lMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvOWs4Vy1pM3p1UnIyS1h0QjZERDhDMnFLVFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhOAAwQA
2XeBMA0GCSqGSIb3DQEBCwUAA4IBAQAiMV5CQsIjmhYluU8MFg8YAjwlE+8nBUsB
u3z6p+3Ig90e76t6JqRyabObT+578tLTLg2iH0Td8HbUFAof+UWUpcjGhHE7e93J
bPD6vOGtYBSN9YIb65ZQR6OzSTpRzIWWqdYjtTH9spOxZcOXtwWmPXveO+Zxq/ao
Wh0oURjw/tLbkJKUaOEc8KuxWhPjE3D6v9Tx2iqEALbko3Mda5PsiPrXvNhhAKt9
oxYxCTp0DICqSqXnpr6xggMWDmLBOC19hvwau2yrns+2KTsoGg19/uJOyCaf6sOW
7R3GDMaoxn6Fl4qhhb4aT6Rs7CAIXVJa0jkSq/6JP7c8Ko0kEKLS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:33 2025 by rpki-client