Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/7F9MBo-HmlfC1Jq-9lqbfMefLJo.roa
File: 7F9MBo-HmlfC1Jq-9lqbfMefLJo.roa (raw, json)
Hash identifier: xs0xxb7jY3NpbZ2diEkVgiGQLsdL6jiMNccVDa0q/n8=
Subject key identifier: EC:5F:4C:06:8F:87:9A:57:C2:D4:9A:BE:F6:5A:9B:7C:C7:9F:2C:9A
Certificate issuer: /CN=c4a31628565820b3a5a3e1cfc87773e283fb95c1
Certificate serial: 01856B9C639FE292FD3F4387E9EDE7AAC309
Authority key identifier: C4:A3:16:28:56:58:20:B3:A5:A3:E1:CF:C8:77:73:E2:83:FB:95:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/7F9MBo-HmlfC1Jq-9lqbfMefLJo.roa
Signing time: Sun 01 Jan 2023 04:34:49 +0000
ROA not before: Sun 01 Jan 2023 04:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41599
IP address blocks: 195.3.252.0/22 maxlen: 24
2001:67c:380::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:9c:63:9f:e2:92:fd:3f:43:87:e9:ed:e7:aa:c3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4a31628565820b3a5a3e1cfc87773e283fb95c1
Validity
Not Before: Jan 1 04:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec5f4c068f879a57c2d49abef65a9b7cc79f2c9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:93:67:47:b4:04:d9:a0:1d:32:95:5f:72:19:
0c:a5:38:fd:9c:f2:f4:99:3e:f0:a8:4c:ca:8f:b8:
20:c6:b0:87:e7:1e:8c:3d:37:a3:41:14:ff:85:15:
e4:e5:52:4a:eb:3d:8d:21:53:2b:4e:f7:9e:26:17:
48:4c:b0:c3:37:97:44:fc:9c:58:f3:77:37:e2:60:
0a:86:60:98:ab:73:8c:29:e6:8e:c9:29:39:ba:44:
cc:d0:61:5e:37:e1:99:13:ae:51:4a:47:0b:bf:fc:
10:1b:ce:75:f1:f8:af:16:82:20:45:5b:38:95:ff:
26:dd:72:c0:ea:4c:65:ac:b2:a3:e0:23:8b:1d:a0:
78:2d:0a:3c:31:d7:ea:4d:bb:aa:45:9e:cb:be:3b:
ba:dc:48:39:1b:ca:11:e7:5c:cd:b9:cc:6f:08:84:
93:84:c5:73:c3:28:15:49:b8:84:e1:2b:9e:ef:66:
69:30:2c:6a:34:13:ff:34:3b:97:fa:76:6c:8b:36:
a7:a3:b9:1d:50:94:cd:d3:d4:0b:35:fb:50:26:72:
97:65:46:c1:0f:a6:7a:99:a8:46:44:6c:25:22:05:
e3:9b:7c:0b:25:57:25:6f:81:ca:e7:d7:c1:bc:36:
62:1f:46:89:15:c9:d5:26:f8:b7:d2:cb:32:a2:17:
4f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:5F:4C:06:8F:87:9A:57:C2:D4:9A:BE:F6:5A:9B:7C:C7:9F:2C:9A
X509v3 Authority Key Identifier:
keyid:C4:A3:16:28:56:58:20:B3:A5:A3:E1:CF:C8:77:73:E2:83:FB:95:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/7F9MBo-HmlfC1Jq-9lqbfMefLJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.3.252.0/22
IPv6:
2001:67c:380::/48
Signature Algorithm: sha256WithRSAEncryption
78:a8:59:f9:11:35:41:c0:0e:d7:d5:67:21:02:09:db:47:be:
e2:35:b0:60:c8:99:4b:11:c4:7b:e4:c5:7e:ba:cf:bf:d3:58:
37:b7:6a:cf:ef:18:c5:8e:c1:63:47:a1:32:ec:77:ab:9b:33:
f6:32:3e:3f:ad:c2:6a:9d:1a:d5:fc:22:a5:34:d2:bc:84:cb:
18:a3:bb:c3:dd:ff:f8:55:cb:10:68:ee:54:97:73:d5:dd:6e:
11:bf:2d:0f:7f:1e:f9:83:83:03:0f:47:08:9e:b2:f9:20:5e:
66:fc:69:57:1a:f7:57:ad:7e:b3:04:4f:6f:dc:fc:f8:c5:ea:
c0:d7:e4:fe:74:86:0c:27:1e:64:61:24:40:db:3a:5d:be:e4:
00:0a:44:b1:84:22:53:1e:12:18:2f:e2:d8:cc:fa:9e:f5:66:
0d:a5:c5:17:4f:b0:9e:77:9e:69:58:c4:5a:be:18:7e:d4:a6:
3a:b6:28:8c:e9:c9:37:e1:8f:6e:92:40:86:5d:45:ee:f4:30:
3a:37:9d:15:ce:3b:6d:4a:fc:9f:15:14:1a:64:e5:46:36:b9:
11:5f:55:e5:1c:b4:65:94:85:40:e5:67:08:ee:e1:60:1d:8a:
48:c9:db:a3:19:89:a7:05:3b:01:d0:83:24:12:68:1a:98:db:
d0:9f:69:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrnGOf4pL9P0OH6e3nqsMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YTMxNjI4NTY1ODIwYjNhNWEzZTFjZmM4Nzc3M2UyODNm
Yjk1YzEwHhcNMjMwMTAxMDQzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzVmNGMwNjhmODc5YTU3YzJkNDlhYmVmNjVhOWI3Y2M3OWYyYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05NnR7QE2aAdMpVfchkMpTj9nPL0
mT7wqEzKj7ggxrCH5x6MPTejQRT/hRXk5VJK6z2NIVMrTveeJhdITLDDN5dE/JxY
83c34mAKhmCYq3OMKeaOySk5ukTM0GFeN+GZE65RSkcLv/wQG8518fivFoIgRVs4
lf8m3XLA6kxlrLKj4COLHaB4LQo8MdfqTbuqRZ7Lvju63Eg5G8oR51zNucxvCIST
hMVzwygVSbiE4Sue72ZpMCxqNBP/NDuX+nZsizano7kdUJTN09QLNftQJnKXZUbB
D6Z6mahGRGwlIgXjm3wLJVclb4HK59fBvDZiH0aJFcnVJvi30ssyohdPowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOxfTAaPh5pXwtSavvZam3zHnyyaMB8GA1UdIwQY
MBaAFMSjFihWWCCzpaPhz8h3c+KD+5XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83YTgwYWEtMDAwYS00NzE0LWEyZmEt
ZmIzMDdiYWRlYzRkLzEvN0Y5TUJvLUhtbGZDMUpxLTlscWJmTWVmTEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83YTgwYWEtMDAwYS00NzE0LWEyZmEtZmIzMDdiYWRlYzRk
LzEveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwwP8MA8E
AgACMAkDBwAgAQZ8A4AwDQYJKoZIhvcNAQELBQADggEBAHioWfkRNUHADtfVZyEC
CdtHvuI1sGDImUsRxHvkxX66z7/TWDe3as/vGMWOwWNHoTLsd6ubM/YyPj+twmqd
GtX8IqU00ryEyxiju8Pd//hVyxBo7lSXc9XdbhG/LQ9/HvmDgwMPRwiesvkgXmb8
aVca91etfrMET2/c/PjF6sDX5P50hgwnHmRhJEDbOl2+5AAKRLGEIlMeEhgv4tjM
+p71Zg2lxRdPsJ53nmlYxFq+GH7Upjq2KIzpyTfhj26SQIZdRe70MDo3nRXOO21K
/J8VFBpk5UY2uRFfVeUctGWUhUDlZwju4WAdikjJ26MZiacFOwHQgyQSaBqY29Cf
aaM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:41 2024 by rpki-client on console-fra.rpki-client.org