Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/CRappzUDx3degUxef6xzhYwqbU0.roa
File: CRappzUDx3degUxef6xzhYwqbU0.roa (raw, json)
Hash identifier: 45meg59ygWAU0Ydcav5FWGj6qsKATL5r+Uou3jDF2ng=
Subject key identifier: 09:16:A9:A7:35:03:C7:77:5E:81:4C:5E:7F:AC:73:85:8C:2A:6D:4D
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 01864D7668CA29159FDEFC93524D7A1121C1
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/CRappzUDx3degUxef6xzhYwqbU0.roa
Signing time: Tue 14 Feb 2023 01:07:31 +0000
ROA not before: Tue 14 Feb 2023 01:07:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398779
IP address blocks: 147.189.139.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4d:76:68:ca:29:15:9f:de:fc:93:52:4d:7a:11:21:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Feb 14 01:07:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0916a9a73503c7775e814c5e7fac73858c2a6d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6b:ac:1c:6a:c3:77:88:44:a4:6d:1c:8b:19:
75:28:2c:c2:8d:e3:70:ee:0c:c9:a6:d0:1d:86:80:
96:72:bf:81:e5:f4:17:6f:14:73:31:29:0c:00:f5:
71:66:08:ab:99:40:97:89:fb:3f:0f:10:45:de:c2:
9b:af:b6:f4:8a:16:ac:c8:9d:9b:a5:4b:ec:0d:04:
81:99:1d:b7:1d:0d:fe:7c:b6:12:95:c5:2a:58:7c:
2c:7d:d8:cb:48:a8:7e:e6:68:5f:ce:28:34:ac:7b:
9f:d1:05:82:0a:0d:9c:de:0f:3a:53:58:5a:15:fc:
09:08:bb:93:2e:3c:f1:31:43:a1:5b:32:b4:88:55:
5f:e7:4c:fb:c5:35:2f:f7:63:af:f0:46:e5:12:03:
aa:0c:16:70:5c:96:2a:84:0b:5a:09:9a:c8:dd:a0:
15:84:4f:52:81:69:7b:ad:cc:7a:0c:bc:7e:10:75:
02:d1:58:bf:76:b4:ae:b5:ba:68:45:6f:9c:ca:65:
2a:d7:a1:7e:0f:40:77:dc:0e:36:74:7a:f5:1e:03:
03:0b:bb:8c:51:c8:e6:33:d7:99:d1:a6:df:81:17:
4a:af:d5:6e:4f:2f:0c:9a:e3:d6:bb:d7:7b:2b:f9:
03:74:e6:3d:72:1a:48:f3:8b:2c:46:bc:64:9a:74:
67:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:16:A9:A7:35:03:C7:77:5E:81:4C:5E:7F:AC:73:85:8C:2A:6D:4D
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/CRappzUDx3degUxef6xzhYwqbU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.139.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:23:00:1f:97:54:9d:b1:83:c2:50:11:b0:aa:9a:cf:15:30:
97:92:70:22:72:31:d8:fd:ab:b9:7e:1b:cc:7c:af:38:45:d5:
b5:59:40:1f:0e:97:95:02:6b:e6:44:ed:1a:50:0b:fc:e7:c6:
08:ba:4f:0b:3d:fd:dc:9b:65:10:bd:cf:af:e0:47:39:42:85:
8b:2c:41:17:e0:92:d1:b9:86:6a:ed:21:cc:8b:54:ff:7b:5b:
cf:1a:b7:c0:0e:5a:5f:e5:cf:c0:3c:f0:86:a7:98:b9:65:fc:
b8:43:44:5a:34:2e:fc:76:69:94:34:0b:7c:b9:85:69:79:bd:
e6:08:12:d7:88:6d:f3:38:95:ac:21:bf:f1:2f:fe:55:b8:61:
bc:dd:5a:a6:bf:d4:fe:7f:e0:fa:c1:71:6c:7e:0b:3b:d6:cf:
07:49:b8:e7:8d:cd:05:e5:95:19:79:7d:6c:04:93:be:32:3a:
06:a7:9f:59:c3:82:00:53:81:28:25:bb:f8:87:f7:66:9b:2d:
4f:33:ab:7f:c4:0b:e1:5c:02:8e:b2:64:67:fe:55:f3:11:23:
74:86:67:df:d7:b4:28:4d:a0:19:f1:32:a5:c8:6a:7e:77:43:
b3:3b:71:8d:e2:6e:a9:99:78:99:06:5d:15:b8:c5:4e:11:ff:
31:91:93:2a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYZNdmjKKRWf3vyTUk16ESHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjMwMjE0MDEwNzMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTE2YTlhNzM1MDNjNzc3NWU4MTRjNWU3ZmFjNzM4NThjMmE2ZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGusHGrDd4hEpG0cixl1KCzCjeNw
7gzJptAdhoCWcr+B5fQXbxRzMSkMAPVxZgirmUCXifs/DxBF3sKbr7b0ihasyJ2b
pUvsDQSBmR23HQ3+fLYSlcUqWHwsfdjLSKh+5mhfzig0rHuf0QWCCg2c3g86U1ha
FfwJCLuTLjzxMUOhWzK0iFVf50z7xTUv92Ov8EblEgOqDBZwXJYqhAtaCZrI3aAV
hE9SgWl7rcx6DLx+EHUC0Vi/drSutbpoRW+cymUq16F+D0B33A42dHr1HgMDC7uM
UcjmM9eZ0abfgRdKr9VuTy8MmuPWu9d7K/kDdOY9chpI84ssRrxkmnRnYQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAkWqac1A8d3XoFMXn+sc4WMKm1NMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL0NSYXBwelVEeDNkZWdVeGVmNnh6aFl3cWJVMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTvYsw
DQYJKoZIhvcNAQELBQADggEBAA0jAB+XVJ2xg8JQEbCqms8VMJeScCJyMdj9q7l+
G8x8rzhF1bVZQB8Ol5UCa+ZE7RpQC/znxgi6Tws9/dybZRC9z6/gRzlChYssQRfg
ktG5hmrtIcyLVP97W88at8AOWl/lz8A88IanmLll/LhDRFo0Lvx2aZQ0C3y5hWl5
veYIEteIbfM4lawhv/Ev/lW4YbzdWqa/1P5/4PrBcWx+CzvWzwdJuOeNzQXllRl5
fWwEk74yOgann1nDggBTgSglu/iH92abLU8zq3/EC+FcAo6yZGf+VfMRI3SGZ9/X
tChNoBnxMqXIan53Q7M7cY3ibqmZeJkGXRW4xU4R/zGRkyo=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:26 2024 by rpki-client on console-fra.rpki-client.org