Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/12349e-5282-472a-ae52-2a06223623e0/1/jAoxyQofNj4dif69rC1iIUMONsI.roa
File: jAoxyQofNj4dif69rC1iIUMONsI.roa (raw, json)
Hash identifier: 2hb/VSmWzlJQGTn0nGMiuMtVDPfkDvVmPGdjAcq1xqE=
Subject key identifier: 8C:0A:31:C9:0A:1F:36:3E:1D:89:FE:BD:AC:2D:62:21:43:0E:36:C2
Certificate issuer: /CN=6b92cf3390caa5879e759729cd9008c6eca55a27
Certificate serial: 018C64F0B725BCCE1433B0F8B7DAA83DB37A
Authority key identifier: 6B:92:CF:33:90:CA:A5:87:9E:75:97:29:CD:90:08:C6:EC:A5:5A:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a5LPM5DKpYeedZcpzZAIxuylWic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/12349e-5282-472a-ae52-2a06223623e0/1/jAoxyQofNj4dif69rC1iIUMONsI.roa
Signing time: Wed 13 Dec 2023 20:49:06 +0000
ROA not before: Wed 13 Dec 2023 20:49:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21874
IP address blocks: 168.168.56.0/23 maxlen: 23
168.168.64.0/24 maxlen: 24
168.168.60.0/22 maxlen: 22
168.168.40.0/22 maxlen: 22
168.168.44.0/22 maxlen: 22
168.168.48.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:64:f0:b7:25:bc:ce:14:33:b0:f8:b7:da:a8:3d:b3:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b92cf3390caa5879e759729cd9008c6eca55a27
Validity
Not Before: Dec 13 20:49:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c0a31c90a1f363e1d89febdac2d6221430e36c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4c:27:1d:87:a9:58:09:8b:c6:60:66:c8:4c:
be:af:12:29:6d:ab:13:e0:1e:72:42:57:ca:e0:52:
de:1c:94:06:bd:2f:30:b6:c1:47:41:3e:e5:72:94:
c6:63:7e:6c:10:8a:f7:70:04:df:e1:3e:00:13:73:
88:ef:5d:d2:f4:96:ba:ba:57:3f:9a:7f:c0:93:55:
8f:18:da:d1:a8:95:21:2f:c1:eb:9b:fd:05:72:8a:
99:95:44:87:b5:b6:a4:fb:37:d2:d3:ba:17:64:38:
58:7e:3f:e6:de:98:7f:ff:7e:82:16:1d:83:53:6c:
e9:ec:07:b7:11:36:98:36:a0:ad:22:a6:6b:d6:4c:
56:c2:9e:64:9a:ed:4f:9f:16:8f:92:c8:a5:f2:87:
07:54:ae:59:8e:1f:9b:92:5b:69:dc:91:2f:46:97:
23:87:12:7d:8b:73:f9:e1:25:d7:35:74:c8:1e:17:
25:c3:65:d8:1a:bd:02:eb:af:32:f0:80:a6:9c:13:
8b:15:b0:d8:a2:cc:0f:80:aa:41:b1:ae:a9:a3:14:
d8:ae:63:10:21:4a:7f:f7:4e:35:19:82:bd:50:1f:
18:41:b7:f2:45:b9:c3:da:8d:8f:51:31:f1:b2:e7:
e3:4d:1f:59:ae:76:ba:5f:0f:c5:86:6b:fb:65:8d:
26:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0A:31:C9:0A:1F:36:3E:1D:89:FE:BD:AC:2D:62:21:43:0E:36:C2
X509v3 Authority Key Identifier:
keyid:6B:92:CF:33:90:CA:A5:87:9E:75:97:29:CD:90:08:C6:EC:A5:5A:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5LPM5DKpYeedZcpzZAIxuylWic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/12349e-5282-472a-ae52-2a06223623e0/1/jAoxyQofNj4dif69rC1iIUMONsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/12349e-5282-472a-ae52-2a06223623e0/1/a5LPM5DKpYeedZcpzZAIxuylWic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.168.40.0-168.168.57.255
168.168.60.0-168.168.64.255
Signature Algorithm: sha256WithRSAEncryption
60:25:fb:eb:78:d6:61:a4:fb:87:b0:44:a3:76:72:7a:4b:2d:
9d:75:66:14:be:0a:c9:85:e9:71:90:60:de:44:09:55:b3:16:
3f:e6:74:c4:f4:b3:fc:8b:2d:05:b4:33:b0:be:ef:fe:8c:c4:
ec:25:26:c7:22:49:e0:17:f9:b3:ce:da:fd:48:3d:02:02:fd:
05:8d:80:12:02:5b:33:d9:7a:9e:a4:d1:ca:37:5b:74:bf:06:
32:ad:36:ba:36:bd:e9:d9:02:74:ae:46:81:0d:ce:71:60:8b:
4f:31:dd:bb:ca:f3:63:78:c7:c4:33:46:ec:2e:dc:b0:77:62:
2a:e0:a7:fc:f7:d8:aa:46:9f:9f:6c:fa:48:8d:2f:70:be:5d:
e9:c4:1c:77:9c:46:18:e8:c9:7e:77:10:3a:99:18:30:fc:02:
ab:17:d6:c9:93:f8:21:c6:c2:bc:2a:79:85:c2:95:4d:a2:aa:
87:0d:77:fa:b1:86:3f:91:3c:4d:47:b0:f7:6b:2f:00:16:f3:
06:87:7f:7e:c5:f7:fa:43:a6:52:cd:88:25:36:1d:a9:34:4c:
d8:59:fd:3b:3b:54:46:7f:0d:e5:f5:5f:04:12:a1:45:8f:4a:
b9:65:48:c6:34:58:74:14:33:69:25:9e:1d:2a:62:d3:16:76:
e0:5a:4d:2c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYxk8LclvM4UM7D4t9qoPbN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTJjZjMzOTBjYWE1ODc5ZTc1OTcyOWNkOTAwOGM2ZWNh
NTVhMjcwHhcNMjMxMjEzMjA0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzBhMzFjOTBhMWYzNjNlMWQ4OWZlYmRhYzJkNjIyMTQzMGUzNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0wnHYepWAmLxmBmyEy+rxIpbasT
4B5yQlfK4FLeHJQGvS8wtsFHQT7lcpTGY35sEIr3cATf4T4AE3OI713S9Ja6ulc/
mn/Ak1WPGNrRqJUhL8Hrm/0FcoqZlUSHtbak+zfS07oXZDhYfj/m3ph//36CFh2D
U2zp7Ae3ETaYNqCtIqZr1kxWwp5kmu1PnxaPksil8ocHVK5Zjh+bkltp3JEvRpcj
hxJ9i3P54SXXNXTIHhclw2XYGr0C668y8ICmnBOLFbDYoswPgKpBsa6poxTYrmMQ
IUp/9041GYK9UB8YQbfyRbnD2o2PUTHxsufjTR9Zrna6Xw/Fhmv7ZY0mPQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIwKMckKHzY+HYn+vawtYiFDDjbCMB8GA1UdIwQY
MBaAFGuSzzOQyqWHnnWXKc2QCMbspVonMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVMUE01REtwWWVlZFpjcHpaQUl4dXlsV2ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xMjM0OWUtNTI4Mi00NzJhLWFlNTIt
MmEwNjIyMzYyM2UwLzEvakFveHlRb2ZOajRkaWY2OXJDMWlJVU1PTnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xMjM0OWUtNTI4Mi00NzJhLWFlNTItMmEwNjIyMzYyM2Uw
LzEvYTVMUE01REtwWWVlZFpjcHpaQUl4dXlsV2ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAOoqCgD
BAGoqDgwDAMEAqioPAMEAKioQDANBgkqhkiG9w0BAQsFAAOCAQEAYCX763jWYaT7
h7BEo3ZyekstnXVmFL4KyYXpcZBg3kQJVbMWP+Z0xPSz/IstBbQzsL7v/ozE7CUm
xyJJ4Bf5s87a/Ug9AgL9BY2AEgJbM9l6nqTRyjdbdL8GMq02uja96dkCdK5GgQ3O
cWCLTzHdu8rzY3jHxDNG7C7csHdiKuCn/PfYqkafn2z6SI0vcL5d6cQcd5xGGOjJ
fncQOpkYMPwCqxfWyZP4IcbCvCp5hcKVTaKqhw13+rGGP5E8TUew92svABbzBod/
fsX3+kOmUs2IJTYdqTRM2Fn9OztURn8N5fVfBBKhRY9KuWVIxjRYdBQzaSWeHSpi
0xZ24FpNLA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:52 2024 by rpki-client on console-ams.rpki-client.org