Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/3Frni6-iwbgsqzCwTkhDCel0gMU.roa
File: 3Frni6-iwbgsqzCwTkhDCel0gMU.roa (raw, json)
Hash identifier: qz7IxFqRZMBi7cYFci+R5DcPt95RMPDLH90hdR555uc=
Subject key identifier: DC:5A:E7:8B:AF:A2:C1:B8:2C:AB:30:B0:4E:48:43:09:E9:74:80:C5
Certificate issuer: /CN=9da140e8028e6d537600e0888a9af5a971c5db46
Certificate serial: 01856D93E98083212FFE969C0EA024D487DB
Authority key identifier: 9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/3Frni6-iwbgsqzCwTkhDCel0gMU.roa
Signing time: Sun 01 Jan 2023 13:44:48 +0000
ROA not before: Sun 01 Jan 2023 13:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8837
IP address blocks: 192.58.41.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:e9:80:83:21:2f:fe:96:9c:0e:a0:24:d4:87:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9da140e8028e6d537600e0888a9af5a971c5db46
Validity
Not Before: Jan 1 13:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc5ae78bafa2c1b82cab30b04e484309e97480c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:95:0d:55:3a:23:35:bf:f0:49:7c:cf:0d:29:
a2:78:66:44:dd:4f:1a:35:26:8e:8d:58:d8:ba:38:
d1:bf:e4:c1:77:46:0b:b6:47:01:17:22:0a:4e:99:
cf:8e:8f:f9:8a:23:df:e5:44:a9:bf:f2:e1:ee:76:
32:16:0c:79:32:54:2c:25:9e:af:86:42:9c:8a:02:
81:5f:33:f1:41:20:07:e3:ed:89:fe:cc:8d:0f:e2:
48:33:5d:4f:fc:77:ad:43:3e:f8:00:8a:43:b1:af:
91:78:ac:9a:85:3c:2f:88:85:ad:47:db:b1:43:2b:
d1:7b:c9:99:02:fb:50:29:00:f2:2b:03:71:7f:9f:
13:24:f9:02:d8:c9:40:ae:19:c1:19:ac:b0:64:a4:
35:72:a9:33:6c:f0:70:c0:9b:a2:a6:a3:34:6e:42:
8c:ce:9d:db:0e:66:20:fe:01:89:88:8d:c6:62:40:
08:bc:1c:76:72:09:e6:03:33:b0:b3:60:61:c5:4d:
d5:dd:1f:ef:d9:33:ba:59:5c:0c:89:23:d6:34:2c:
e1:67:1a:4b:33:fe:e2:ee:f3:85:a7:97:d3:f4:5d:
21:4e:4c:5d:ab:c0:a6:c4:41:28:70:32:97:1e:dc:
3d:96:3c:fc:d7:28:fd:cb:70:62:f9:7a:1d:2a:41:
1e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:5A:E7:8B:AF:A2:C1:B8:2C:AB:30:B0:4E:48:43:09:E9:74:80:C5
X509v3 Authority Key Identifier:
keyid:9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/3Frni6-iwbgsqzCwTkhDCel0gMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.58.41.0/24
Signature Algorithm: sha256WithRSAEncryption
34:31:7c:ab:1b:42:85:43:da:a0:62:ba:04:e5:13:88:fd:3f:
93:ff:c2:c7:ab:ed:75:4c:79:93:7a:7f:f8:64:b1:52:38:5a:
67:48:09:43:2a:de:1a:e4:10:87:12:11:f5:8f:a3:d1:c6:36:
6e:1b:f6:fd:d6:4a:23:d8:b4:3a:23:2a:8d:ca:f8:67:b6:52:
7d:c0:e9:54:da:46:91:85:f7:20:71:a9:02:85:18:82:e8:ab:
a2:fa:a9:a8:58:bd:38:ac:50:ba:f4:a4:3d:81:85:fd:c4:ef:
ee:98:b2:fd:13:3a:ff:81:ef:8c:70:a5:df:36:8e:83:11:47:
11:b4:27:c4:48:5a:b6:bf:40:c6:e8:f0:ff:7a:df:54:43:21:
5c:be:01:f0:07:e6:15:12:18:ba:e9:d7:33:7e:1a:1b:dd:df:
49:8f:b2:29:70:4f:64:7b:d5:54:c2:a7:3c:d3:84:58:b4:e8:
03:08:74:d8:ec:5f:23:3f:d3:be:83:dd:fe:f5:83:55:19:46:
0a:7c:a3:fe:99:dc:98:61:d9:3b:0e:f1:fa:de:01:67:43:d3:
e6:c8:7e:0c:c7:4a:58:46:93:87:18:60:03:5e:5d:67:8c:0f:
ce:8d:b5:06:fd:df:e4:ff:c7:43:08:c9:1e:22:4f:7f:46:b4:
65:61:d9:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtk+mAgyEv/pacDqAk1IfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYTE0MGU4MDI4ZTZkNTM3NjAwZTA4ODhhOWFmNWE5NzFj
NWRiNDYwHhcNMjMwMTAxMTM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzVhZTc4YmFmYTJjMWI4MmNhYjMwYjA0ZTQ4NDMwOWU5NzQ4MGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5UNVTojNb/wSXzPDSmieGZE3U8a
NSaOjVjYujjRv+TBd0YLtkcBFyIKTpnPjo/5iiPf5USpv/Lh7nYyFgx5MlQsJZ6v
hkKcigKBXzPxQSAH4+2J/syND+JIM11P/HetQz74AIpDsa+ReKyahTwviIWtR9ux
QyvRe8mZAvtQKQDyKwNxf58TJPkC2MlArhnBGaywZKQ1cqkzbPBwwJuipqM0bkKM
zp3bDmYg/gGJiI3GYkAIvBx2cgnmAzOws2BhxU3V3R/v2TO6WVwMiSPWNCzhZxpL
M/7i7vOFp5fT9F0hTkxdq8CmxEEocDKXHtw9ljz81yj9y3Bi+XodKkEeAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxa54uvosG4LKswsE5IQwnpdIDFMB8GA1UdIwQY
MBaAFJ2hQOgCjm1TdgDgiIqa9alxxdtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgt
YTRjYThiOWMyMDViLzEvM0Zybmk2LWl3YmdzcXpDd1RraERDZWwwZ01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgtYTRjYThiOWMyMDVi
LzEvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwDopMA0G
CSqGSIb3DQEBCwUAA4IBAQA0MXyrG0KFQ9qgYroE5ROI/T+T/8LHq+11THmTen/4
ZLFSOFpnSAlDKt4a5BCHEhH1j6PRxjZuG/b91koj2LQ6IyqNyvhntlJ9wOlU2kaR
hfcgcakChRiC6Kui+qmoWL04rFC69KQ9gYX9xO/umLL9Ezr/ge+McKXfNo6DEUcR
tCfESFq2v0DG6PD/et9UQyFcvgHwB+YVEhi66dczfhob3d9Jj7IpcE9ke9VUwqc8
04RYtOgDCHTY7F8jP9O+g93+9YNVGUYKfKP+mdyYYdk7DvH63gFnQ9PmyH4Mx0pY
RpOHGGADXl1njA/OjbUG/d/k/8dDCMkeIk9/RrRlYdki
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:26 2024 by rpki-client on console-ams.rpki-client.org