Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/7d43ea-1ef7-4bdd-8d4d-f277745cf5a3/1/C9ah5uKJd-Haln_-ddS3-QJiIYQ.roa
File: C9ah5uKJd-Haln_-ddS3-QJiIYQ.roa (raw, json)
Hash identifier: aBGzuLAaEIcUXrf/CJ6CcpB87LOjtQl7kUBF7WgA1Io=
Subject key identifier: 0B:D6:A1:E6:E2:89:77:E1:DA:96:7F:FE:75:D4:B7:F9:02:62:21:84
Certificate issuer: /CN=66118b4e1c9e5543d1ea70c3b73f8e3fee02dea2
Certificate serial: 018570B09B93212D5367592A73C146F10D43
Authority key identifier: 66:11:8B:4E:1C:9E:55:43:D1:EA:70:C3:B7:3F:8E:3F:EE:02:DE:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhGLThyeVUPR6nDDtz-OP-4C3qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/7d43ea-1ef7-4bdd-8d4d-f277745cf5a3/1/C9ah5uKJd-Haln_-ddS3-QJiIYQ.roa
Signing time: Mon 02 Jan 2023 04:15:00 +0000
ROA not before: Mon 02 Jan 2023 04:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207045
IP address blocks: 185.123.113.0/24 maxlen: 24
2a0c:6400::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:9b:93:21:2d:53:67:59:2a:73:c1:46:f1:0d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66118b4e1c9e5543d1ea70c3b73f8e3fee02dea2
Validity
Not Before: Jan 2 04:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bd6a1e6e28977e1da967ffe75d4b7f902622184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0b:e6:70:39:f5:98:79:66:bc:2a:73:00:cb:
e0:62:d0:fb:be:ba:ca:56:11:2d:91:07:71:78:39:
2a:de:74:65:4f:93:3f:af:e6:65:4e:7f:56:ce:d3:
e6:c3:48:be:9f:88:82:71:b8:dd:2f:b6:b4:d5:db:
df:94:eb:02:40:bb:b3:75:da:cb:a1:15:d0:7b:df:
90:6d:36:1d:dd:b7:91:a2:aa:98:a9:97:82:0c:c9:
f4:0e:d3:d3:db:f3:36:0e:b1:29:c2:85:a5:ac:c1:
f5:d6:e2:3c:06:d1:9b:25:b1:8e:50:02:fd:19:0b:
d0:f4:9d:47:24:3e:73:c4:c4:9b:5a:1d:fc:97:54:
92:c2:f4:22:14:0d:62:5b:ba:44:83:f2:cf:c8:7d:
16:1c:9f:5a:71:c5:73:de:84:12:2d:6c:03:01:3c:
6f:5f:04:76:54:01:df:90:ab:72:44:4e:34:3e:07:
9d:c1:ea:13:55:f9:e7:d5:ba:76:4f:21:fb:68:f7:
af:5b:be:37:11:0d:11:7b:74:01:56:f6:76:c9:36:
bf:03:da:7f:7a:b4:4f:57:7c:2e:ff:4f:00:1f:47:
3d:d8:7f:b7:07:4c:7c:45:9c:74:25:d0:f9:c5:08:
ab:fa:52:9c:f1:2f:2b:3d:3b:a5:1b:77:38:a6:06:
0a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D6:A1:E6:E2:89:77:E1:DA:96:7F:FE:75:D4:B7:F9:02:62:21:84
X509v3 Authority Key Identifier:
keyid:66:11:8B:4E:1C:9E:55:43:D1:EA:70:C3:B7:3F:8E:3F:EE:02:DE:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhGLThyeVUPR6nDDtz-OP-4C3qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/7d43ea-1ef7-4bdd-8d4d-f277745cf5a3/1/C9ah5uKJd-Haln_-ddS3-QJiIYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/7d43ea-1ef7-4bdd-8d4d-f277745cf5a3/1/ZhGLThyeVUPR6nDDtz-OP-4C3qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.113.0/24
IPv6:
2a0c:6400::/32
Signature Algorithm: sha256WithRSAEncryption
0f:b8:38:e3:37:57:55:0e:f4:4e:d4:56:87:1b:eb:35:07:50:
1b:c5:f5:0b:30:4b:7c:24:e7:4e:1a:d3:e5:18:62:ca:c8:86:
4c:d7:53:0e:97:aa:4c:bf:a2:e2:92:fc:59:94:61:da:46:03:
be:5a:1f:43:85:63:d5:ed:23:e5:63:bb:f5:e2:90:cb:c5:97:
c8:9b:c8:98:a9:36:71:75:f8:3f:fc:a0:5d:d5:dc:2b:24:fc:
4f:30:79:d3:2b:c3:a5:1a:43:7a:85:cb:a5:0b:cd:d5:5d:8f:
b2:8b:50:eb:03:bc:be:eb:03:3d:4e:1f:17:2e:be:e2:89:fc:
fd:3a:ff:56:1d:c7:4a:62:11:29:c1:28:87:6e:0a:98:06:5f:
43:bd:97:6d:36:af:a6:24:4e:2f:88:d2:95:16:13:c8:15:fa:
51:1b:ab:bb:50:c2:2c:e3:c9:54:96:a8:e6:8f:3c:a3:ac:f3:
ea:bb:49:42:a1:5b:79:f4:6d:ec:a2:f6:a4:ce:61:97:94:e2:
3f:69:cc:ed:9f:76:d9:5c:b9:98:fa:1c:15:d5:87:cb:8b:36:
92:a9:74:3f:72:1e:3d:a4:38:31:6e:2e:53:df:01:be:9a:25:
58:87:87:6f:2c:f8:22:82:68:68:7b:6d:3f:66:a4:dc:d6:c1:
20:fb:f8:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsJuTIS1TZ1kqc8FG8Q1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTE4YjRlMWM5ZTU1NDNkMWVhNzBjM2I3M2Y4ZTNmZWUw
MmRlYTIwHhcNMjMwMTAyMDQxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmQ2YTFlNmUyODk3N2UxZGE5NjdmZmU3NWQ0YjdmOTAyNjIyMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwvmcDn1mHlmvCpzAMvgYtD7vrrK
VhEtkQdxeDkq3nRlT5M/r+ZlTn9WztPmw0i+n4iCcbjdL7a01dvflOsCQLuzddrL
oRXQe9+QbTYd3beRoqqYqZeCDMn0DtPT2/M2DrEpwoWlrMH11uI8BtGbJbGOUAL9
GQvQ9J1HJD5zxMSbWh38l1SSwvQiFA1iW7pEg/LPyH0WHJ9accVz3oQSLWwDATxv
XwR2VAHfkKtyRE40PgedweoTVfnn1bp2TyH7aPevW743EQ0Re3QBVvZ2yTa/A9p/
erRPV3wu/08AH0c92H+3B0x8RZx0JdD5xQir+lKc8S8rPTulG3c4pgYKbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAvWoebiiXfh2pZ//nXUt/kCYiGEMB8GA1UdIwQY
MBaAFGYRi04cnlVD0epww7c/jj/uAt6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhHTFRoeWVWVVBSNm5ERHR6LU9QLTRDM3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83ZDQzZWEtMWVmNy00YmRkLThkNGQt
ZjI3Nzc0NWNmNWEzLzEvQzlhaDV1S0pkLUhhbG5fLWRkUzMtUUppSVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83ZDQzZWEtMWVmNy00YmRkLThkNGQtZjI3Nzc0NWNmNWEz
LzEvWmhHTFRoeWVWVVBSNm5ERHR6LU9QLTRDM3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXtxMA0E
AgACMAcDBQAqDGQAMA0GCSqGSIb3DQEBCwUAA4IBAQAPuDjjN1dVDvRO1FaHG+s1
B1AbxfULMEt8JOdOGtPlGGLKyIZM11MOl6pMv6LikvxZlGHaRgO+Wh9DhWPV7SPl
Y7v14pDLxZfIm8iYqTZxdfg//KBd1dwrJPxPMHnTK8OlGkN6hculC83VXY+yi1Dr
A7y+6wM9Th8XLr7iifz9Ov9WHcdKYhEpwSiHbgqYBl9DvZdtNq+mJE4viNKVFhPI
FfpRG6u7UMIs48lUlqjmjzyjrPPqu0lCoVt59G3sovakzmGXlOI/acztn3bZXLmY
+hwV1YfLizaSqXQ/ch49pDgxbi5T3wG+miVYh4dvLPgigmhoe20/ZqTc1sEg+/i6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:26 2024 by rpki-client on console-ams.rpki-client.org