Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a997b6-0bb7-4766-8acc-275ac1443318/1/F1eUFlw-pFHxcyctu0_zkJhwAls.roa
File: F1eUFlw-pFHxcyctu0_zkJhwAls.roa (raw, json)
Hash identifier: sx3FR/gH4J2Vtkf+3kbd9Lilk4qUiSS5/Um3H5HQ6ww=
Subject key identifier: 17:57:94:16:5C:3E:A4:51:F1:73:27:2D:BB:4F:F3:90:98:70:02:5B
Certificate issuer: /CN=82b64d7f159e902ea6a5add7a100dc05fa14a9ed
Certificate serial: 018CC802F8AD3E55330F3D9B81B7EBB413CC
Authority key identifier: 82:B6:4D:7F:15:9E:90:2E:A6:A5:AD:D7:A1:00:DC:05:FA:14:A9:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grZNfxWekC6mpa3XoQDcBfoUqe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a997b6-0bb7-4766-8acc-275ac1443318/1/F1eUFlw-pFHxcyctu0_zkJhwAls.roa
Signing time: Tue 02 Jan 2024 02:31:27 +0000
ROA not before: Tue 02 Jan 2024 02:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197721
IP address blocks: 192.162.164.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f8:ad:3e:55:33:0f:3d:9b:81:b7:eb:b4:13:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b64d7f159e902ea6a5add7a100dc05fa14a9ed
Validity
Not Before: Jan 2 02:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=175794165c3ea451f173272dbb4ff3909870025b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0a:11:ed:9f:5c:77:2d:3f:99:64:b4:30:e2:
14:af:57:f3:35:7e:26:01:14:b5:02:97:4f:fc:74:
d1:0e:ae:cc:d6:73:34:b7:7e:cb:46:cd:9c:20:25:
0a:70:0a:31:10:c4:bf:be:47:20:03:5d:11:b1:5c:
2f:10:41:6a:9e:c9:db:b8:ce:ba:a6:ff:9c:f5:ab:
a6:1e:16:76:8b:e4:5f:4b:16:be:41:c1:42:d8:24:
ca:c0:5c:91:6f:c3:c8:91:0a:c7:5f:99:ba:86:e8:
1c:32:6d:98:43:7b:17:93:dc:e4:59:10:c2:3f:cf:
d0:2e:b4:ad:42:b3:2d:6a:2a:c7:38:01:ae:a1:98:
07:83:58:f6:df:10:76:46:3a:a8:ab:68:e7:80:35:
6d:ea:e0:51:91:01:86:6c:f8:02:4c:bc:3a:fa:4e:
70:6b:d4:80:14:1a:c1:1e:f0:31:fe:38:28:09:4f:
06:f3:43:4b:47:ad:33:bd:de:ab:c5:af:6d:b1:94:
3f:1c:c6:52:29:de:28:94:23:02:ac:d2:17:80:fb:
a8:d8:90:65:f6:e6:4d:0d:6e:58:53:04:11:4e:75:
99:f9:8e:51:85:45:3f:1d:da:2f:02:19:83:2d:83:
c4:60:50:39:23:6e:58:bd:04:cf:c9:63:0e:01:8f:
d8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:57:94:16:5C:3E:A4:51:F1:73:27:2D:BB:4F:F3:90:98:70:02:5B
X509v3 Authority Key Identifier:
keyid:82:B6:4D:7F:15:9E:90:2E:A6:A5:AD:D7:A1:00:DC:05:FA:14:A9:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grZNfxWekC6mpa3XoQDcBfoUqe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a997b6-0bb7-4766-8acc-275ac1443318/1/F1eUFlw-pFHxcyctu0_zkJhwAls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a997b6-0bb7-4766-8acc-275ac1443318/1/grZNfxWekC6mpa3XoQDcBfoUqe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.164.0/22
Signature Algorithm: sha256WithRSAEncryption
22:1d:74:09:8b:f3:36:fb:a5:fa:22:6a:08:24:4b:73:62:0e:
72:5a:4c:ee:6c:a3:e5:c1:da:3b:19:0b:f6:03:95:cc:70:bc:
c0:06:68:87:67:21:99:46:89:2b:84:6c:28:19:09:f1:25:6a:
cb:3f:15:97:cb:d9:86:dc:f7:1b:24:d4:24:73:4f:24:07:9e:
b7:6b:b6:bf:be:79:ec:c2:25:cc:0b:fd:fb:3e:ee:fc:10:05:
e5:d9:81:68:c6:65:0f:4a:70:6b:62:77:c3:44:f4:c9:54:29:
58:ff:90:9d:59:12:58:d0:a8:13:ce:aa:9d:04:ed:f3:33:d6:
54:a2:5c:93:88:f3:c1:15:b0:1f:16:ca:cd:ef:65:2b:37:0a:
f2:9a:c7:3f:7d:6e:18:13:c9:cd:99:cc:7a:0b:69:e0:c4:db:
69:e6:a1:22:27:98:f8:49:ec:56:99:02:1a:94:dc:9c:fd:19:
22:88:1d:00:1e:bd:55:97:f0:3e:ba:aa:06:55:7f:a0:e6:18:
fe:c9:e3:ca:d9:9b:50:7c:65:ed:c5:e4:0e:cf:94:a8:e8:7f:
46:b9:99:1d:25:87:6b:37:6a:56:da:a8:6c:8a:99:b7:49:2f:
71:45:1a:cf:60:bd:d4:b5:d5:90:ad:2e:5f:65:27:fd:ff:7d:
ea:7b:6f:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAvitPlUzDz2bgbfrtBPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjY0ZDdmMTU5ZTkwMmVhNmE1YWRkN2ExMDBkYzA1ZmEx
NGE5ZWQwHhcNMjQwMTAyMDIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzU3OTQxNjVjM2VhNDUxZjE3MzI3MmRiYjRmZjM5MDk4NzAwMjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAoR7Z9cdy0/mWS0MOIUr1fzNX4m
ARS1ApdP/HTRDq7M1nM0t37LRs2cICUKcAoxEMS/vkcgA10RsVwvEEFqnsnbuM66
pv+c9aumHhZ2i+RfSxa+QcFC2CTKwFyRb8PIkQrHX5m6hugcMm2YQ3sXk9zkWRDC
P8/QLrStQrMtairHOAGuoZgHg1j23xB2Rjqoq2jngDVt6uBRkQGGbPgCTLw6+k5w
a9SAFBrBHvAx/jgoCU8G80NLR60zvd6rxa9tsZQ/HMZSKd4olCMCrNIXgPuo2JBl
9uZNDW5YUwQRTnWZ+Y5RhUU/HdovAhmDLYPEYFA5I25YvQTPyWMOAY/YWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBdXlBZcPqRR8XMnLbtP85CYcAJbMB8GA1UdIwQY
MBaAFIK2TX8VnpAupqWt16EA3AX6FKntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JaTmZ4V2VrQzZtcGEzWG9RRGNCZm9VcWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hOTk3YjYtMGJiNy00NzY2LThhY2Mt
Mjc1YWMxNDQzMzE4LzEvRjFlVUZsdy1wRkh4Y3ljdHUwX3prSmh3QWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hOTk3YjYtMGJiNy00NzY2LThhY2MtMjc1YWMxNDQzMzE4
LzEvZ3JaTmZ4V2VrQzZtcGEzWG9RRGNCZm9VcWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwKKkMA0G
CSqGSIb3DQEBCwUAA4IBAQAiHXQJi/M2+6X6ImoIJEtzYg5yWkzubKPlwdo7GQv2
A5XMcLzABmiHZyGZRokrhGwoGQnxJWrLPxWXy9mG3PcbJNQkc08kB563a7a/vnns
wiXMC/37Pu78EAXl2YFoxmUPSnBrYnfDRPTJVClY/5CdWRJY0KgTzqqdBO3zM9ZU
olyTiPPBFbAfFsrN72UrNwrymsc/fW4YE8nNmcx6C2ngxNtp5qEiJ5j4SexWmQIa
lNyc/RkiiB0AHr1Vl/A+uqoGVX+g5hj+yePK2ZtQfGXtxeQOz5So6H9GuZkdJYdr
N2pW2qhsipm3SS9xRRrPYL3UtdWQrS5fZSf9/33qe2+3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:13 2025 by rpki-client