Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/8450a1-66db-48c6-93b8-947859c0ecc4/1/cgjSeLnjJgRETzd79fiTbjJtd-0.roa
File: cgjSeLnjJgRETzd79fiTbjJtd-0.roa (raw, json)
Hash identifier: MlN95NrU6hAlDZKrCOYb1LbQ/nu7P3NUKKzCmzoGKBQ=
Subject key identifier: 72:08:D2:78:B9:E3:26:04:44:4F:37:7B:F5:F8:93:6E:32:6D:77:ED
Certificate issuer: /CN=9a62e26a1cafff5530a70190c8d000c10f24b966
Certificate serial: 01856F5DC4AB4CCDDF49D06D1DD359779C1E
Authority key identifier: 9A:62:E2:6A:1C:AF:FF:55:30:A7:01:90:C8:D0:00:C1:0F:24:B9:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mmLiahyv_1UwpwGQyNAAwQ8kuWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/8450a1-66db-48c6-93b8-947859c0ecc4/1/cgjSeLnjJgRETzd79fiTbjJtd-0.roa
Signing time: Sun 01 Jan 2023 22:04:54 +0000
ROA not before: Sun 01 Jan 2023 22:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209624
IP address blocks: 139.28.148.0/22 maxlen: 22
2a09:7c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:c4:ab:4c:cd:df:49:d0:6d:1d:d3:59:77:9c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a62e26a1cafff5530a70190c8d000c10f24b966
Validity
Not Before: Jan 1 22:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7208d278b9e32604444f377bf5f8936e326d77ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:34:da:9d:12:fe:59:5f:93:1d:04:c0:f8:3a:
ed:2a:03:63:2e:70:30:53:87:26:0b:20:b4:93:5e:
fc:91:a2:39:06:4b:52:80:b7:79:b9:14:fd:be:e0:
64:ee:ff:83:74:9d:27:fa:f0:44:df:e0:db:dc:f0:
c6:cf:1a:36:11:51:0a:f5:c6:3c:8b:d7:59:f3:7c:
07:15:37:d8:42:61:85:d6:cd:ab:79:64:c4:c8:bb:
6c:f9:59:70:6e:39:18:54:63:53:4b:09:78:5e:d0:
06:d0:18:17:31:22:c5:58:24:48:cb:51:47:ee:5d:
2e:65:c9:32:4d:49:f6:99:87:40:0e:26:52:80:3b:
ef:1b:2a:92:c6:9c:ef:d2:78:e9:73:9a:80:73:5f:
1e:3a:dc:ad:ea:58:44:06:b8:00:1c:45:5a:62:89:
67:23:50:30:fd:62:46:a4:53:1d:04:6c:29:f2:5c:
30:db:a2:75:4c:68:a1:5a:10:e3:ce:9e:05:4d:a1:
91:0f:ea:f9:f0:a2:bd:19:bc:2c:cd:88:c0:ec:6f:
fe:c5:07:b9:3a:6e:e7:37:d5:4b:cf:93:11:43:54:
7e:b6:3d:b7:79:26:0c:fe:51:e4:f8:48:37:3a:4b:
f9:7f:37:37:73:f8:02:0d:21:9e:11:45:14:95:5e:
85:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:08:D2:78:B9:E3:26:04:44:4F:37:7B:F5:F8:93:6E:32:6D:77:ED
X509v3 Authority Key Identifier:
keyid:9A:62:E2:6A:1C:AF:FF:55:30:A7:01:90:C8:D0:00:C1:0F:24:B9:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mmLiahyv_1UwpwGQyNAAwQ8kuWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8450a1-66db-48c6-93b8-947859c0ecc4/1/cgjSeLnjJgRETzd79fiTbjJtd-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8450a1-66db-48c6-93b8-947859c0ecc4/1/mmLiahyv_1UwpwGQyNAAwQ8kuWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.148.0/22
IPv6:
2a09:7c0::/29
Signature Algorithm: sha256WithRSAEncryption
73:c2:76:80:f3:33:31:8f:cf:e7:e1:de:26:cc:ef:05:c8:03:
12:50:08:2f:70:52:75:1a:4d:bb:43:39:37:67:0d:94:21:64:
bf:b9:4b:d1:c0:13:c7:5a:77:9b:f3:a7:39:a2:29:51:be:4c:
06:fd:6f:87:39:48:e0:21:54:0c:95:a5:3f:7b:b3:22:06:9f:
db:3c:09:b4:fd:78:8f:a4:23:55:69:96:1e:ad:a1:62:87:33:
8c:ab:0f:45:22:97:8a:67:0d:ef:d6:89:9e:76:4b:4b:5e:c9:
1a:6d:eb:5e:e8:16:6b:0a:01:bd:db:de:5c:91:1f:91:ee:31:
78:fd:7a:4d:bc:8e:01:1e:d3:0d:71:33:b2:f2:ad:e4:df:6e:
c5:da:c4:00:da:6a:f0:b9:7a:7a:9c:e9:24:6a:f5:b1:c5:2a:
43:94:d9:df:30:95:ce:15:fb:67:9f:57:f5:42:a0:88:73:6f:
76:43:3a:a2:b3:ac:d7:95:48:11:20:4f:ff:78:71:d4:36:4c:
34:9e:c3:07:f6:a3:58:e4:be:2e:20:74:b9:8e:0e:05:61:94:
17:fa:6b:55:19:c6:1e:cf:f6:35:99:2b:d6:58:0b:ee:35:b7:
c2:d6:74:61:9c:41:cc:7b:43:0b:23:d0:a9:68:71:76:72:c4:
d1:af:c7:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvXcSrTM3fSdBtHdNZd5weMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNjJlMjZhMWNhZmZmNTUzMGE3MDE5MGM4ZDAwMGMxMGYy
NGI5NjYwHhcNMjMwMTAxMjIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjA4ZDI3OGI5ZTMyNjA0NDQ0ZjM3N2JmNWY4OTM2ZTMyNmQ3N2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTTanRL+WV+THQTA+DrtKgNjLnAw
U4cmCyC0k178kaI5BktSgLd5uRT9vuBk7v+DdJ0n+vBE3+Db3PDGzxo2EVEK9cY8
i9dZ83wHFTfYQmGF1s2reWTEyLts+VlwbjkYVGNTSwl4XtAG0BgXMSLFWCRIy1FH
7l0uZckyTUn2mYdADiZSgDvvGyqSxpzv0njpc5qAc18eOtyt6lhEBrgAHEVaYoln
I1Aw/WJGpFMdBGwp8lww26J1TGihWhDjzp4FTaGRD+r58KK9GbwszYjA7G/+xQe5
Om7nN9VLz5MRQ1R+tj23eSYM/lHk+Eg3Okv5fzc3c/gCDSGeEUUUlV6FRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHII0ni54yYERE83e/X4k24ybXftMB8GA1UdIwQY
MBaAFJpi4mocr/9VMKcBkMjQAMEPJLlmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW1MaWFoeXZfMVV3cHdHUXlOQUF3UThrdVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84NDUwYTEtNjZkYi00OGM2LTkzYjgt
OTQ3ODU5YzBlY2M0LzEvY2dqU2VMbmpKZ1JFVHpkNzlmaVRiakp0ZC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84NDUwYTEtNjZkYi00OGM2LTkzYjgtOTQ3ODU5YzBlY2M0
LzEvbW1MaWFoeXZfMVV3cHdHUXlOQUF3UThrdVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCixyUMA0E
AgACMAcDBQMqCQfAMA0GCSqGSIb3DQEBCwUAA4IBAQBzwnaA8zMxj8/n4d4mzO8F
yAMSUAgvcFJ1Gk27Qzk3Zw2UIWS/uUvRwBPHWneb86c5oilRvkwG/W+HOUjgIVQM
laU/e7MiBp/bPAm0/XiPpCNVaZYeraFihzOMqw9FIpeKZw3v1omedktLXskabete
6BZrCgG9295ckR+R7jF4/XpNvI4BHtMNcTOy8q3k327F2sQA2mrwuXp6nOkkavWx
xSpDlNnfMJXOFftnn1f1QqCIc292Qzqis6zXlUgRIE//eHHUNkw0nsMH9qNY5L4u
IHS5jg4FYZQX+mtVGcYez/Y1mSvWWAvuNbfC1nRhnEHMe0MLI9CpaHF2csTRr8d4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:59 2024 by rpki-client on console-ams.rpki-client.org