Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/35656a-066e-49df-b709-7bfcd7e94b9e/1/n0OuTzskzkrsI0RchFTXF7JFRxQ.roa
File: n0OuTzskzkrsI0RchFTXF7JFRxQ.roa (raw, json)
Hash identifier: Kw0TDJTBYmWVe+tbe5r+QI2lkTGTh8lCW8w6k9UX6iw=
Subject key identifier: 9F:43:AE:4F:3B:24:CE:4A:EC:23:44:5C:84:54:D7:17:B2:45:47:14
Certificate issuer: /CN=63c34455c0d4e4fc3ba2f1c46f08b475c8f6d980
Certificate serial: 01856E01B8226D1579D406C66AE9E9D5A9C5
Authority key identifier: 63:C3:44:55:C0:D4:E4:FC:3B:A2:F1:C4:6F:08:B4:75:C8:F6:D9:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y8NEVcDU5Pw7ovHEbwi0dcj22YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/35656a-066e-49df-b709-7bfcd7e94b9e/1/n0OuTzskzkrsI0RchFTXF7JFRxQ.roa
Signing time: Sun 01 Jan 2023 15:44:44 +0000
ROA not before: Sun 01 Jan 2023 15:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24867
IP address blocks: 78.40.152.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:b8:22:6d:15:79:d4:06:c6:6a:e9:e9:d5:a9:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63c34455c0d4e4fc3ba2f1c46f08b475c8f6d980
Validity
Not Before: Jan 1 15:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f43ae4f3b24ce4aec23445c8454d717b2454714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c2:de:a6:8a:c0:a1:67:e2:c2:ec:0c:c9:80:
cf:3a:c6:95:e6:75:0d:ba:98:f4:a9:79:c7:50:be:
11:b1:11:aa:0b:04:f3:b3:01:96:f6:2f:3b:7d:87:
73:88:62:b1:16:1a:01:3a:09:e3:5e:6b:c4:c6:ca:
05:62:74:74:b4:47:4f:81:1d:51:d9:61:48:ae:6d:
74:17:3c:c9:e5:ba:6b:b2:c0:13:88:42:ee:11:27:
28:d7:cf:51:67:e1:64:67:73:1f:5e:94:57:66:7b:
ec:b0:b8:86:96:78:15:19:99:83:1f:c6:2d:d5:45:
8c:c8:43:29:39:44:e0:76:2c:f8:f4:6b:43:9c:72:
06:74:5d:54:4c:85:5b:64:2f:95:df:1b:89:d2:b9:
35:4e:a6:c2:49:d6:ad:69:6e:ed:d8:11:82:fc:95:
c3:1d:e1:03:0d:9e:53:42:e0:be:33:05:04:61:ce:
e1:a9:82:28:45:d6:51:59:b2:55:bc:9f:3b:a8:e8:
9a:12:34:28:57:d6:e5:e1:21:c2:02:1f:d7:34:b2:
f0:1f:fc:8e:83:27:7e:9e:2c:85:7f:d2:04:13:fd:
bf:17:23:8f:e2:b3:95:65:6d:03:eb:15:30:f7:29:
3e:ca:bf:ce:0f:43:8c:d1:37:38:be:41:f7:ba:7c:
20:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:43:AE:4F:3B:24:CE:4A:EC:23:44:5C:84:54:D7:17:B2:45:47:14
X509v3 Authority Key Identifier:
keyid:63:C3:44:55:C0:D4:E4:FC:3B:A2:F1:C4:6F:08:B4:75:C8:F6:D9:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8NEVcDU5Pw7ovHEbwi0dcj22YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/35656a-066e-49df-b709-7bfcd7e94b9e/1/n0OuTzskzkrsI0RchFTXF7JFRxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/35656a-066e-49df-b709-7bfcd7e94b9e/1/Y8NEVcDU5Pw7ovHEbwi0dcj22YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.152.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:dc:2d:dc:0a:75:73:5c:95:5c:55:63:5d:25:e6:71:68:bd:
9a:0e:10:a8:da:97:b6:f2:fc:50:ee:3a:b0:89:38:44:10:bc:
a4:98:26:e1:c1:cb:1c:9d:4d:9b:d4:c1:91:fa:79:42:66:69:
e7:5f:3d:e3:ff:8d:b8:f3:42:44:76:79:01:bd:65:f6:3c:03:
85:07:8f:66:34:a1:b7:1e:de:3e:d6:05:26:54:c8:7e:41:3e:
25:62:a1:15:aa:05:e9:35:14:61:db:c8:01:6f:b3:d9:b2:28:
c1:86:99:d6:48:97:9f:03:d3:be:80:9d:d5:15:94:3d:6c:31:
2f:1f:a4:33:d4:eb:78:58:07:8a:92:4f:b2:2d:cb:35:44:7c:
a4:41:e7:8e:4a:76:58:2f:8c:f4:d2:28:9f:b5:f0:49:8d:92:
1d:b2:67:7b:ef:7e:7f:f2:1e:df:15:d9:78:90:5d:29:6d:6e:
65:e8:e3:1a:24:75:9e:69:47:0e:fd:1a:0a:29:58:07:0a:6a:
a0:61:2e:b2:33:2e:ab:de:f7:80:46:7b:a9:7f:b8:1e:dc:a3:
0c:d8:2b:83:bc:cb:a3:68:1d:a7:4f:f4:66:6f:0b:01:60:be:
8a:37:c5:63:c7:a2:a2:2d:ca:42:38:cf:9c:ba:b4:c8:46:d9:
6b:eb:cf:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAbgibRV51AbGaunp1anFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYzM0NDU1YzBkNGU0ZmMzYmEyZjFjNDZmMDhiNDc1Yzhm
NmQ5ODAwHhcNMjMwMTAxMTU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQzYWU0ZjNiMjRjZTRhZWMyMzQ0NWM4NDU0ZDcxN2IyNDU0NzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cLeporAoWfiwuwMyYDPOsaV5nUN
upj0qXnHUL4RsRGqCwTzswGW9i87fYdziGKxFhoBOgnjXmvExsoFYnR0tEdPgR1R
2WFIrm10FzzJ5bprssATiELuESco189RZ+FkZ3MfXpRXZnvssLiGlngVGZmDH8Yt
1UWMyEMpOUTgdiz49GtDnHIGdF1UTIVbZC+V3xuJ0rk1TqbCSdataW7t2BGC/JXD
HeEDDZ5TQuC+MwUEYc7hqYIoRdZRWbJVvJ87qOiaEjQoV9bl4SHCAh/XNLLwH/yO
gyd+niyFf9IEE/2/FyOP4rOVZW0D6xUw9yk+yr/OD0OM0Tc4vkH3unwgHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ9Drk87JM5K7CNEXIRU1xeyRUcUMB8GA1UdIwQY
MBaAFGPDRFXA1OT8O6LxxG8ItHXI9tmAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWThORVZjRFU1UHc3b3ZIRWJ3aTBkY2oyMllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8zNTY1NmEtMDY2ZS00OWRmLWI3MDkt
N2JmY2Q3ZTk0YjllLzEvbjBPdVR6c2t6a3JzSTBSY2hGVFhGN0pGUnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8zNTY1NmEtMDY2ZS00OWRmLWI3MDktN2JmY2Q3ZTk0Yjll
LzEvWThORVZjRFU1UHc3b3ZIRWJ3aTBkY2oyMllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTiiYMA0G
CSqGSIb3DQEBCwUAA4IBAQBf3C3cCnVzXJVcVWNdJeZxaL2aDhCo2pe28vxQ7jqw
iThEELykmCbhwcscnU2b1MGR+nlCZmnnXz3j/42480JEdnkBvWX2PAOFB49mNKG3
Ht4+1gUmVMh+QT4lYqEVqgXpNRRh28gBb7PZsijBhpnWSJefA9O+gJ3VFZQ9bDEv
H6Qz1Ot4WAeKkk+yLcs1RHykQeeOSnZYL4z00iiftfBJjZIdsmd7735/8h7fFdl4
kF0pbW5l6OMaJHWeaUcO/RoKKVgHCmqgYS6yMy6r3veARnupf7ge3KMM2CuDvMuj
aB2nT/RmbwsBYL6KN8Vjx6KiLcpCOM+curTIRtlr68/n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:02 2024 by rpki-client on console-fra.rpki-client.org