Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/CSJ6nzkzz-s63D_BJI4YMim1vAs.roa
File: CSJ6nzkzz-s63D_BJI4YMim1vAs.roa (raw, json)
Hash identifier: q1DKFn66TX8qJ1/nRgmjTvOAetu4SHxmBQ5fTktJ5BI=
Subject key identifier: 09:22:7A:9F:39:33:CF:EB:3A:DC:3F:C1:24:8E:18:32:29:B5:BC:0B
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 01856E2675A632BC7914CD8AF4F14DCD248F
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/CSJ6nzkzz-s63D_BJI4YMim1vAs.roa
Signing time: Sun 01 Jan 2023 16:24:52 +0000
ROA not before: Sun 01 Jan 2023 16:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25227
IP address blocks: 77.73.129.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:75:a6:32:bc:79:14:cd:8a:f4:f1:4d:cd:24:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Jan 1 16:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09227a9f3933cfeb3adc3fc1248e183229b5bc0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:53:96:1b:60:73:9d:e7:85:db:f9:c0:33:7c:
49:d7:ea:89:52:17:35:c3:19:7d:49:2e:78:13:a5:
75:e2:ed:60:8a:b3:10:80:3c:db:e8:ff:92:ea:c3:
17:c6:cc:22:2b:64:62:0c:95:6a:80:30:8a:eb:4b:
55:fd:95:64:03:61:41:46:7c:8a:09:ef:9f:91:42:
6c:45:b2:38:90:6a:60:93:02:77:a1:f6:8a:40:7b:
56:9c:42:f2:ba:7f:7b:1c:84:de:45:2f:12:ca:6f:
70:9a:60:9f:12:92:20:96:01:7d:6b:dc:de:bf:cc:
a0:d1:50:39:82:3f:83:74:0b:bd:f8:ba:aa:bc:70:
ec:cd:2a:8f:84:9f:5b:d2:4f:1e:79:83:d9:77:f7:
58:38:ac:0b:b0:47:46:8b:97:ff:a7:9b:35:5b:2b:
5e:f9:61:5b:d6:b0:4b:9e:31:af:00:f9:52:4d:da:
b0:53:c4:cf:db:ae:47:4a:35:e2:23:e9:07:c4:bb:
fc:b3:eb:f7:a1:26:58:b0:d1:fb:f5:69:d1:0d:d6:
1b:38:94:c8:e4:91:95:03:14:7c:05:27:68:dc:6a:
3e:0f:58:f3:d4:87:47:fb:ff:44:48:68:db:b3:97:
ee:c7:04:58:99:c8:90:c9:e6:fa:05:b5:ec:b6:59:
08:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:22:7A:9F:39:33:CF:EB:3A:DC:3F:C1:24:8E:18:32:29:B5:BC:0B
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/CSJ6nzkzz-s63D_BJI4YMim1vAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.129.0/24
Signature Algorithm: sha256WithRSAEncryption
16:9e:39:bf:da:06:b7:2f:e5:11:12:94:c1:98:68:03:a1:e4:
6b:e8:32:3e:96:d5:7d:f2:9d:57:90:62:04:ce:99:3e:50:e3:
68:82:b4:4d:10:1b:ef:b2:9d:75:f3:e9:8d:24:74:9f:6c:4f:
a5:a6:83:07:ba:ad:42:6d:6b:19:04:26:73:67:e0:f2:fd:e2:
f0:e9:1e:1d:1a:50:ca:27:9a:85:f2:f4:eb:de:da:3b:a9:c4:
37:3e:a4:b3:73:34:92:28:fd:f4:4d:41:26:01:cb:39:0d:95:
6d:e3:b0:d9:d8:cf:3e:ba:15:3c:cd:93:70:60:45:7e:90:c5:
bf:89:02:71:d9:2e:45:f4:5a:bc:7c:43:27:39:85:4c:16:4d:
75:da:6a:2d:27:2f:28:6d:d3:e9:99:56:3d:60:86:21:f8:b9:
be:1a:9e:13:4d:d4:e3:b5:c6:83:96:e1:94:01:79:77:72:54:
1e:cf:ed:17:d3:ba:20:58:b4:4d:78:40:8a:a6:1c:f5:e6:8b:
33:dd:31:d6:e0:86:ae:98:c3:31:12:d4:f5:d2:94:6f:39:37:
be:55:3d:99:16:5f:39:c7:bd:11:12:2d:dc:d3:d1:eb:26:80:
ef:c2:0b:91:7e:4b:b3:e9:e2:dd:13:60:e0:bb:53:b8:57:7a:
64:7b:a4:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJnWmMrx5FM2K9PFNzSSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjMwMTAxMTYyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTIyN2E5ZjM5MzNjZmViM2FkYzNmYzEyNDhlMTgzMjI5YjViYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilOWG2BzneeF2/nAM3xJ1+qJUhc1
wxl9SS54E6V14u1girMQgDzb6P+S6sMXxswiK2RiDJVqgDCK60tV/ZVkA2FBRnyK
Ce+fkUJsRbI4kGpgkwJ3ofaKQHtWnELyun97HITeRS8Sym9wmmCfEpIglgF9a9ze
v8yg0VA5gj+DdAu9+LqqvHDszSqPhJ9b0k8eeYPZd/dYOKwLsEdGi5f/p5s1Wyte
+WFb1rBLnjGvAPlSTdqwU8TP265HSjXiI+kHxLv8s+v3oSZYsNH79WnRDdYbOJTI
5JGVAxR8BSdo3Go+D1jz1IdH+/9ESGjbs5fuxwRYmciQyeb6BbXstlkICQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkiep85M8/rOtw/wSSOGDIptbwLMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvQ1NKNm56a3p6LXM2M0RfQkpJNFlNaW0xdkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmBMA0G
CSqGSIb3DQEBCwUAA4IBAQAWnjm/2ga3L+UREpTBmGgDoeRr6DI+ltV98p1XkGIE
zpk+UONogrRNEBvvsp118+mNJHSfbE+lpoMHuq1CbWsZBCZzZ+Dy/eLw6R4dGlDK
J5qF8vTr3to7qcQ3PqSzczSSKP30TUEmAcs5DZVt47DZ2M8+uhU8zZNwYEV+kMW/
iQJx2S5F9Fq8fEMnOYVMFk112motJy8obdPpmVY9YIYh+Lm+Gp4TTdTjtcaDluGU
AXl3clQez+0X07ogWLRNeECKphz15osz3THW4IaumMMxEtT10pRvOTe+VT2ZFl85
x70REi3c09HrJoDvwguRfkuz6eLdE2Dgu1O4V3pke6TP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:51 2023 by rpki-client on console-fra.rpki-client.org