Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9ddc9d-60c7-4bcb-919a-3408089edc45/1/9y9KuUIFepA-jnY_IaBrQ-0wEEk.roa
File: 9y9KuUIFepA-jnY_IaBrQ-0wEEk.roa (raw, json)
Hash identifier: +tntwOFIU82sZv8tebPx/dHApdfKoznRiHs0Tu2s37g=
Subject key identifier: F7:2F:4A:B9:42:05:7A:90:3E:8E:76:3F:21:A0:6B:43:ED:30:10:49
Certificate issuer: /CN=542d971ad3c2e438d4a312d1a1de751810aca4e0
Certificate serial: 018CC64ACB87CD912A17100B312B97D36B98
Authority key identifier: 54:2D:97:1A:D3:C2:E4:38:D4:A3:12:D1:A1:DE:75:18:10:AC:A4:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC2XGtPC5DjUoxLRod51GBCspOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9ddc9d-60c7-4bcb-919a-3408089edc45/1/9y9KuUIFepA-jnY_IaBrQ-0wEEk.roa
Signing time: Mon 01 Jan 2024 18:30:39 +0000
ROA not before: Mon 01 Jan 2024 18:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209490
IP address blocks: 171.22.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:cb:87:cd:91:2a:17:10:0b:31:2b:97:d3:6b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542d971ad3c2e438d4a312d1a1de751810aca4e0
Validity
Not Before: Jan 1 18:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f72f4ab942057a903e8e763f21a06b43ed301049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1e:17:64:b0:d4:90:9e:64:f6:60:0c:3a:6e:
11:75:3e:e4:e8:f8:7b:72:21:91:db:84:5f:5e:1b:
e5:fc:a9:82:98:07:cb:3f:54:c2:7b:ca:e4:c2:38:
ba:71:dd:82:30:d5:60:61:db:30:f5:74:99:b7:07:
b5:f3:3c:35:80:1e:ad:07:7f:29:0f:b9:c5:b4:6d:
3e:f4:2b:4d:1f:e6:17:3c:42:3c:c6:9a:71:c1:8d:
6c:dc:7f:d1:94:cf:69:fc:cd:df:63:dd:f4:63:75:
ee:60:76:c2:d3:30:5b:bd:06:d2:5a:f8:d3:1a:d7:
1f:bb:f1:97:28:3a:72:3c:58:bb:f5:2c:c5:44:90:
72:12:98:e8:83:64:85:2b:b2:ac:5b:52:54:da:e3:
1f:e2:e4:06:12:e9:7a:fe:13:55:38:72:2c:1b:d2:
e0:18:2e:a9:c4:34:5d:28:e0:1f:71:03:8b:a5:a2:
24:a6:d2:73:79:e4:d7:49:62:d3:89:cd:84:18:91:
e8:aa:8d:e1:77:bf:96:01:0c:ee:1a:a1:b2:eb:73:
37:3d:cb:91:d1:21:cd:21:d2:75:31:7f:b9:d3:ab:
9c:0d:ac:9b:bd:b6:c0:a9:57:5a:87:f3:6d:0e:0b:
0c:6f:30:11:51:ee:36:39:2f:83:7b:9a:d4:e8:e1:
89:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2F:4A:B9:42:05:7A:90:3E:8E:76:3F:21:A0:6B:43:ED:30:10:49
X509v3 Authority Key Identifier:
keyid:54:2D:97:1A:D3:C2:E4:38:D4:A3:12:D1:A1:DE:75:18:10:AC:A4:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC2XGtPC5DjUoxLRod51GBCspOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ddc9d-60c7-4bcb-919a-3408089edc45/1/9y9KuUIFepA-jnY_IaBrQ-0wEEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ddc9d-60c7-4bcb-919a-3408089edc45/1/VC2XGtPC5DjUoxLRod51GBCspOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.56.0/22
Signature Algorithm: sha256WithRSAEncryption
37:b4:9a:43:2c:83:1c:e8:4e:db:aa:d2:aa:09:f8:d0:79:c7:
e6:60:67:33:48:4c:9d:2b:b6:74:90:12:47:d7:d7:20:ce:05:
11:13:56:d5:b4:8a:3b:a9:48:ac:96:f4:7e:a8:0c:2b:b4:e3:
b5:da:ea:d0:a7:fc:f9:83:76:d7:61:2e:33:82:b8:21:c3:cc:
68:04:92:2b:a1:ad:fe:f5:3a:ad:5c:2f:62:3d:f0:ec:9a:01:
7c:a2:2a:a4:ca:11:55:e1:24:a0:40:c3:5b:86:31:3a:fc:54:
20:97:db:fa:37:85:73:00:2c:8b:de:7d:2f:10:64:0a:d8:f3:
13:36:a6:83:92:15:ee:cc:8f:91:8d:99:f0:9c:69:00:4d:ab:
a7:d3:5d:8a:b7:b3:21:27:ce:93:88:1c:b2:a6:26:11:f2:00:
2e:bf:ba:3c:42:a4:8d:f4:66:35:5e:72:b1:1c:1a:57:be:2f:
fc:a3:7f:0d:b3:4a:4d:a6:3c:4d:3e:94:53:24:24:77:bb:f8:
db:97:85:85:7c:e6:f1:7c:a5:87:45:07:4e:70:cc:8d:35:52:
98:47:47:d4:3b:a7:e6:64:2e:14:79:f8:f6:07:dd:3d:01:5a:
c9:43:7e:d1:4c:aa:d3:49:e5:ca:1c:78:28:58:03:f2:85:d8:
50:b8:5f:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSsuHzZEqFxALMSuX02uYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmQ5NzFhZDNjMmU0MzhkNGEzMTJkMWExZGU3NTE4MTBh
Y2E0ZTAwHhcNMjQwMTAxMTgzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzJmNGFiOTQyMDU3YTkwM2U4ZTc2M2YyMWEwNmI0M2VkMzAxMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB4XZLDUkJ5k9mAMOm4RdT7k6Ph7
ciGR24RfXhvl/KmCmAfLP1TCe8rkwji6cd2CMNVgYdsw9XSZtwe18zw1gB6tB38p
D7nFtG0+9CtNH+YXPEI8xppxwY1s3H/RlM9p/M3fY930Y3XuYHbC0zBbvQbSWvjT
Gtcfu/GXKDpyPFi79SzFRJByEpjog2SFK7KsW1JU2uMf4uQGEul6/hNVOHIsG9Lg
GC6pxDRdKOAfcQOLpaIkptJzeeTXSWLTic2EGJHoqo3hd7+WAQzuGqGy63M3PcuR
0SHNIdJ1MX+506ucDaybvbbAqVdah/NtDgsMbzARUe42OS+De5rU6OGJhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPcvSrlCBXqQPo52PyGga0PtMBBJMB8GA1UdIwQY
MBaAFFQtlxrTwuQ41KMS0aHedRgQrKTgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkMyWEd0UEM1RGpVb3hMUm9kNTFHQkNzcE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85ZGRjOWQtNjBjNy00YmNiLTkxOWEt
MzQwODA4OWVkYzQ1LzEvOXk5S3VVSUZlcEEtam5ZX0lhQnJRLTB3RUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85ZGRjOWQtNjBjNy00YmNiLTkxOWEtMzQwODA4OWVkYzQ1
LzEvVkMyWEd0UEM1RGpVb3hMUm9kNTFHQkNzcE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqxY4MA0G
CSqGSIb3DQEBCwUAA4IBAQA3tJpDLIMc6E7bqtKqCfjQecfmYGczSEydK7Z0kBJH
19cgzgURE1bVtIo7qUislvR+qAwrtOO12urQp/z5g3bXYS4zgrghw8xoBJIroa3+
9TqtXC9iPfDsmgF8oiqkyhFV4SSgQMNbhjE6/FQgl9v6N4VzACyL3n0vEGQK2PMT
NqaDkhXuzI+RjZnwnGkATaun012Kt7MhJ86TiByypiYR8gAuv7o8QqSN9GY1XnKx
HBpXvi/8o38Ns0pNpjxNPpRTJCR3u/jbl4WFfObxfKWHRQdOcMyNNVKYR0fUO6fm
ZC4Uefj2B909AVrJQ37RTKrTSeXKHHgoWAPyhdhQuF//
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:41 2025 by rpki-client