Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/29MRCYzsjl-ajy3yEsrItuj9im4.roa
File: 29MRCYzsjl-ajy3yEsrItuj9im4.roa (raw, json)
Hash identifier: PQbg3aSkzuVy4bfKbPpyj9knK1BH9IA8LfSAzweM27U=
Subject key identifier: DB:D3:11:09:8C:EC:8E:5F:9A:8F:2D:F2:12:CA:C8:B6:E8:FD:8A:6E
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 0185BA0A17C1C7A7CF00B97098D36D4E09FD
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/29MRCYzsjl-ajy3yEsrItuj9im4.roa
Signing time: Mon 16 Jan 2023 10:05:01 +0000
ROA not before: Mon 16 Jan 2023 10:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39700
IP address blocks: 176.74.224.0/24 maxlen: 24
2001:4cb9::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 01 Jun 2023 12:59:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:0a:17:c1:c7:a7:cf:00:b9:70:98:d3:6d:4e:09:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 16 10:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbd311098cec8e5f9a8f2df212cac8b6e8fd8a6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:21:a1:76:41:a0:7b:be:41:bf:c9:8e:83:0f:
8a:90:6e:ed:e5:cf:ce:58:35:d0:1b:46:46:2f:41:
ec:90:50:a4:8f:02:af:5d:1a:72:ee:d7:af:65:fa:
02:a8:0c:2e:08:37:de:31:79:02:b2:75:44:0f:f7:
17:a3:1b:dd:34:3c:e8:b7:29:4a:51:b2:14:d1:03:
72:5c:5b:f8:fa:05:7b:e8:45:91:f9:79:a3:87:42:
10:55:39:05:3f:41:fb:76:7d:53:75:6d:5f:c6:70:
bc:97:35:3d:89:73:0a:d4:ed:0b:81:ba:4e:ce:9c:
a4:ea:b2:ad:30:3a:3f:e0:2d:d1:2f:a3:23:e9:83:
6f:19:a5:92:b9:fa:89:de:3e:6e:2c:65:d9:5f:b2:
33:ef:4a:29:de:12:2f:25:b9:0e:36:32:e4:70:ea:
e9:8d:71:76:77:90:f5:e1:0e:c6:1e:a4:ab:8c:d2:
3e:e1:26:03:8b:13:01:7a:da:2f:ec:69:fc:ce:dc:
0f:ca:18:9a:65:a6:88:2d:e4:c3:ac:64:b2:25:f2:
5b:ec:f9:01:bf:53:08:a2:da:21:fb:68:35:e7:cc:
ba:59:26:6f:41:6c:79:e8:57:f0:88:1d:5c:c7:13:
b5:e8:2a:60:35:fc:ad:be:06:30:0a:99:4f:a9:05:
22:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D3:11:09:8C:EC:8E:5F:9A:8F:2D:F2:12:CA:C8:B6:E8:FD:8A:6E
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/29MRCYzsjl-ajy3yEsrItuj9im4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.74.224.0/24
IPv6:
2001:4cb9::/32
Signature Algorithm: sha256WithRSAEncryption
d5:24:cc:d2:e6:50:92:49:ca:aa:3b:a0:f7:b7:a0:0d:d3:e0:
56:7d:ad:e2:88:cb:5f:a4:56:86:4c:ad:6f:3c:c3:77:83:41:
20:f8:9f:49:a1:bd:ac:41:49:16:03:4b:c4:4b:b2:e6:2d:8b:
24:58:88:aa:4a:1c:bb:9f:54:36:f0:2a:45:af:ae:26:ad:e3:
89:5a:ad:3e:91:cf:c0:f2:af:e1:67:c8:ff:81:57:c5:fe:47:
28:ca:2d:ca:69:a5:1e:c2:14:e8:c5:05:5b:e0:ed:cc:b4:e4:
c4:7c:bb:07:e5:60:34:9f:db:2c:5b:f5:ed:a6:15:ce:11:93:
34:47:9a:38:fa:52:5b:53:05:be:9a:52:49:cc:21:45:cd:96:
02:1b:e9:de:81:1e:9e:4d:c7:f6:e5:ff:c4:3e:15:8f:eb:a3:
8d:ea:1d:31:88:34:4e:60:3b:29:69:ef:01:e3:bd:e9:27:c6:
bf:ff:b7:e2:cd:d3:17:a4:e5:be:eb:43:2e:e1:0c:76:58:af:
12:87:dc:9f:85:ea:74:d3:c0:10:80:3f:e3:aa:7c:43:af:d9:
9f:45:f8:ee:d5:34:bb:0c:14:8d:1d:4c:3d:6e:6d:c2:99:7a:
7e:84:0c:1b:17:e4:85:f4:71:b2:ea:c2:bd:eb:3f:72:a6:a3:
b3:35:93:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYW6ChfBx6fPALlwmNNtTgn9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjMwMTE2MTAwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmQzMTEwOThjZWM4ZTVmOWE4ZjJkZjIxMmNhYzhiNmU4ZmQ4YTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSGhdkGge75Bv8mOgw+KkG7t5c/O
WDXQG0ZGL0HskFCkjwKvXRpy7tevZfoCqAwuCDfeMXkCsnVED/cXoxvdNDzotylK
UbIU0QNyXFv4+gV76EWR+Xmjh0IQVTkFP0H7dn1TdW1fxnC8lzU9iXMK1O0LgbpO
zpyk6rKtMDo/4C3RL6Mj6YNvGaWSufqJ3j5uLGXZX7Iz70op3hIvJbkONjLkcOrp
jXF2d5D14Q7GHqSrjNI+4SYDixMBetov7Gn8ztwPyhiaZaaILeTDrGSyJfJb7PkB
v1MIotoh+2g158y6WSZvQWx56FfwiB1cxxO16CpgNfytvgYwCplPqQUiwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNvTEQmM7I5fmo8t8hLKyLbo/YpuMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvMjlNUkNZenNqbC1hankzeUVzckl0dWo5aW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsErgMA0E
AgACMAcDBQAgAUy5MA0GCSqGSIb3DQEBCwUAA4IBAQDVJMzS5lCSScqqO6D3t6AN
0+BWfa3iiMtfpFaGTK1vPMN3g0Eg+J9Job2sQUkWA0vES7LmLYskWIiqShy7n1Q2
8CpFr64mreOJWq0+kc/A8q/hZ8j/gVfF/kcoyi3KaaUewhToxQVb4O3MtOTEfLsH
5WA0n9ssW/XtphXOEZM0R5o4+lJbUwW+mlJJzCFFzZYCG+negR6eTcf25f/EPhWP
66ON6h0xiDROYDspae8B473pJ8a//7fizdMXpOW+60Mu4Qx2WK8Sh9yfhep008AQ
gD/jqnxDr9mfRfju1TS7DBSNHUw9bm3CmXp+hAwbF+SF9HGy6sK96z9ypqOzNZN+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org