Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/eRanAawq7fWXE0gP5CXq57EsKsQ.roa
File: eRanAawq7fWXE0gP5CXq57EsKsQ.roa (raw, json)
Hash identifier: YU3eoWl2EgE3NR8dDLzcHeq903PofxUAGOq2ER2+TVQ=
Subject key identifier: 79:16:A7:01:AC:2A:ED:F5:97:13:48:0F:E4:25:EA:E7:B1:2C:2A:C4
Certificate issuer: /CN=9af9d0d4befda09e999eabd0c8724e217364de10
Certificate serial: 018C7DC124AF0C582C75F9F524C7A3CFDF0F
Authority key identifier: 9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/eRanAawq7fWXE0gP5CXq57EsKsQ.roa
Signing time: Mon 18 Dec 2023 16:27:38 +0000
ROA not before: Mon 18 Dec 2023 16:27:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13238
IP address blocks: 199.36.240.0/22 maxlen: 22
100.43.64.0/19 maxlen: 19
199.21.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:c1:24:af:0c:58:2c:75:f9:f5:24:c7:a3:cf:df:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d0d4befda09e999eabd0c8724e217364de10
Validity
Not Before: Dec 18 16:27:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7916a701ac2aedf59713480fe425eae7b12c2ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ad:d3:47:ca:b5:f0:88:99:8d:60:a1:da:7a:
2a:22:d6:2b:7e:4b:d5:55:ec:b7:cc:1e:46:dc:a0:
35:c8:a3:e7:8d:21:74:8e:38:81:d6:bd:db:a8:bc:
36:33:61:04:7f:a4:8f:be:88:6c:63:6e:ed:0f:9b:
41:6e:51:aa:5c:5b:bd:ea:49:35:25:54:11:7e:16:
ae:2d:07:38:d3:fc:21:69:8a:fd:89:bd:a2:81:61:
3b:ec:b1:08:7f:9a:87:5b:ac:3d:81:75:6c:6b:d2:
09:be:81:c5:68:b5:fd:07:86:b3:c0:4f:b5:b4:46:
c5:ce:f8:81:74:7c:42:2e:7a:fa:85:f8:8b:e4:4d:
b2:62:f6:62:bc:76:8d:15:d0:e2:83:b3:ff:0d:49:
1c:d4:98:bb:c6:43:df:61:d9:1e:ab:7d:f5:0f:ec:
09:64:73:af:6a:95:c1:8a:ff:ee:c7:18:95:74:a8:
80:80:9e:20:18:cb:ef:f8:1d:f3:12:af:e5:45:53:
fd:2a:2c:21:79:b8:1a:81:d7:a1:09:8b:32:b8:74:
d2:15:85:6e:24:b3:60:46:c4:4c:3a:b3:a0:7a:63:
56:ab:86:8f:52:6a:98:d3:30:6b:b5:81:fc:00:15:
2a:00:74:71:9f:da:ca:71:ba:cd:5a:1b:be:9b:31:
87:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:16:A7:01:AC:2A:ED:F5:97:13:48:0F:E4:25:EA:E7:B1:2C:2A:C4
X509v3 Authority Key Identifier:
keyid:9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/eRanAawq7fWXE0gP5CXq57EsKsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
100.43.64.0/19
199.21.96.0/22
199.36.240.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:b3:7f:af:f2:b1:9a:11:35:ba:5f:48:d5:6a:69:cb:ed:4f:
de:4a:71:e5:82:aa:d8:08:03:b2:78:a4:06:24:76:5a:88:6c:
47:e3:64:cc:db:0e:90:9b:99:3d:d3:b4:e2:e3:2f:c0:6e:ec:
10:bd:31:d5:6c:9e:e9:49:3e:69:4c:23:d4:34:13:44:8d:69:
3b:18:5a:6a:0a:fa:25:ec:cd:55:05:64:b0:0d:93:f6:f4:68:
04:05:24:1a:70:51:a4:11:08:6d:c7:a2:a5:39:65:ca:1e:3c:
72:81:93:2e:ea:13:db:e0:2d:5e:47:7f:bf:27:10:9d:da:aa:
6f:bf:19:36:3f:0a:f3:fc:2e:65:7f:63:7b:aa:77:6c:bb:8d:
6c:6e:5d:e9:e1:cc:3b:4a:ea:65:2e:7c:b8:83:25:8c:42:23:
98:b9:57:bb:cf:0e:1b:1c:2c:27:ff:69:5d:1c:2e:87:34:7e:
0d:35:61:59:17:73:79:17:54:ed:83:9d:13:ff:31:6e:9e:e6:
87:b2:42:b1:36:62:43:34:80:2e:62:b9:b5:70:f2:89:33:05:
6d:5c:7b:ec:92:33:f0:4d:b4:42:90:9d:7a:75:ed:49:02:7d:
01:a8:75:d4:bc:94:56:42:48:90:80:0c:cf:1b:9f:7a:eb:9f:
b7:36:88:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx9wSSvDFgsdfn1JMejz98PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMGQ0YmVmZGEwOWU5OTllYWJkMGM4NzI0ZTIxNzM2
NGRlMTAwHhcNMjMxMjE4MTYyNzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTE2YTcwMWFjMmFlZGY1OTcxMzQ4MGZlNDI1ZWFlN2IxMmMyYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa3TR8q18IiZjWCh2noqItYrfkvV
Vey3zB5G3KA1yKPnjSF0jjiB1r3bqLw2M2EEf6SPvohsY27tD5tBblGqXFu96kk1
JVQRfhauLQc40/whaYr9ib2igWE77LEIf5qHW6w9gXVsa9IJvoHFaLX9B4azwE+1
tEbFzviBdHxCLnr6hfiL5E2yYvZivHaNFdDig7P/DUkc1Ji7xkPfYdkeq331D+wJ
ZHOvapXBiv/uxxiVdKiAgJ4gGMvv+B3zEq/lRVP9KiwhebgagdehCYsyuHTSFYVu
JLNgRsRMOrOgemNWq4aPUmqY0zBrtYH8ABUqAHRxn9rKcbrNWhu+mzGH+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHkWpwGsKu31lxNID+Ql6uexLCrEMB8GA1UdIwQY
MBaAFJr50NS+/aCemZ6r0MhyTiFzZN4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgt
MjY3MDFiMTYyZmMzLzEvZVJhbkFhd3E3ZldYRTBnUDVDWHE1N0VzS3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgtMjY3MDFiMTYyZmMz
LzEvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFZCtAAwQC
xxVgAwQCxyTwMA0GCSqGSIb3DQEBCwUAA4IBAQCrs3+v8rGaETW6X0jVamnL7U/e
SnHlgqrYCAOyeKQGJHZaiGxH42TM2w6Qm5k907Ti4y/AbuwQvTHVbJ7pST5pTCPU
NBNEjWk7GFpqCvol7M1VBWSwDZP29GgEBSQacFGkEQhtx6KlOWXKHjxygZMu6hPb
4C1eR3+/JxCd2qpvvxk2Pwrz/C5lf2N7qndsu41sbl3p4cw7SuplLny4gyWMQiOY
uVe7zw4bHCwn/2ldHC6HNH4NNWFZF3N5F1Ttg50T/zFunuaHskKxNmJDNIAuYrm1
cPKJMwVtXHvskjPwTbRCkJ16de1JAn0BqHXUvJRWQkiQgAzPG59665+3Noh3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:14 2024 by rpki-client on console-ams.rpki-client.org