Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/9z9_es7-T8d8w07g5EKYQZzuJck.roa
File: 9z9_es7-T8d8w07g5EKYQZzuJck.roa (raw, json)
Hash identifier: Mdibsd9fgbmEPXWpDXyywde2zdUU06tZb2ZEw7m1XPY=
Subject key identifier: F7:3F:7F:7A:CE:FE:4F:C7:7C:C3:4E:E0:E4:42:98:41:9C:EE:25:C9
Certificate issuer: /CN=c8d322beb7e363f4d4575e1e4feee5ccb84e1275
Certificate serial: 01857102F7D84A62904099218048805FE272
Authority key identifier: C8:D3:22:BE:B7:E3:63:F4:D4:57:5E:1E:4F:EE:E5:CC:B8:4E:12:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNMivrfjY_TUV14eT-7lzLhOEnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/9z9_es7-T8d8w07g5EKYQZzuJck.roa
Signing time: Mon 02 Jan 2023 05:44:57 +0000
ROA not before: Mon 02 Jan 2023 05:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200562
IP address blocks: 146.255.116.0/22 maxlen: 22
45.159.172.0/22 maxlen: 22
185.75.144.0/22 maxlen: 22
2a05:5300::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:f7:d8:4a:62:90:40:99:21:80:48:80:5f:e2:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d322beb7e363f4d4575e1e4feee5ccb84e1275
Validity
Not Before: Jan 2 05:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f73f7f7acefe4fc77cc34ee0e44298419cee25c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:16:20:a7:fd:34:6b:c9:e3:ba:12:18:c6:17:
46:34:f4:90:a6:9e:35:44:a7:7e:ae:3f:51:de:59:
c6:f8:e3:d6:50:16:90:85:80:20:72:3d:36:97:30:
33:3b:c1:b6:c8:a5:cb:8f:bf:ca:01:64:79:e7:0c:
a1:3a:6b:81:d6:14:cd:1e:11:66:d6:57:96:1b:5c:
3e:40:7d:9b:1d:02:40:f5:df:e8:35:e7:f4:85:3e:
ce:69:ba:87:59:b4:24:94:d4:f2:c3:9a:ef:96:6e:
dd:ec:47:67:44:00:b9:74:61:23:e7:2c:c5:9f:6b:
85:0d:96:e6:82:9d:c2:c6:9e:25:f3:bf:fa:77:4a:
bb:38:54:b7:02:c4:61:36:09:fd:70:97:e8:69:7b:
e9:a4:64:30:d8:7d:8c:b8:8a:f8:35:f6:03:65:ad:
93:37:55:e6:6a:0d:b8:71:54:70:fa:97:f3:92:cc:
8f:2c:99:19:82:fd:92:82:ad:91:c4:d3:55:62:0c:
ff:dc:54:0a:e9:0e:bb:4c:5d:f9:96:fe:64:34:a2:
60:a1:30:b0:71:4e:b4:d4:43:48:44:86:d2:13:50:
0e:44:77:97:bf:11:48:80:1b:41:a7:66:95:0d:e8:
d1:4f:29:7d:50:f6:e8:cb:16:b1:77:09:69:8d:58:
b4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3F:7F:7A:CE:FE:4F:C7:7C:C3:4E:E0:E4:42:98:41:9C:EE:25:C9
X509v3 Authority Key Identifier:
keyid:C8:D3:22:BE:B7:E3:63:F4:D4:57:5E:1E:4F:EE:E5:CC:B8:4E:12:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNMivrfjY_TUV14eT-7lzLhOEnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/9z9_es7-T8d8w07g5EKYQZzuJck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/yNMivrfjY_TUV14eT-7lzLhOEnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.172.0/22
146.255.116.0/22
185.75.144.0/22
IPv6:
2a05:5300::/29
Signature Algorithm: sha256WithRSAEncryption
93:a6:cd:54:05:67:f5:07:62:78:52:4f:41:e6:42:b5:ab:09:
bf:22:64:a1:d7:15:e6:6f:b7:28:65:86:fa:01:ba:8c:99:82:
97:45:15:52:ca:d0:28:ff:17:6b:68:61:f3:4b:48:cf:a7:00:
d8:f3:8a:59:43:ee:ea:9a:1c:2a:bf:43:dd:56:6f:d0:8b:0f:
14:1a:da:be:c7:86:4f:25:6b:99:29:14:2e:a6:3f:2d:d7:04:
b1:3d:11:68:14:08:b2:f5:4f:a5:76:a8:8f:52:9d:6e:d9:fb:
03:90:2d:52:8c:33:62:df:f7:f1:6a:44:2a:8b:e0:d4:4e:09:
6e:84:ee:1e:31:fb:f3:da:e6:23:58:fe:db:14:fa:f4:7f:05:
a4:fb:67:de:f8:1b:1c:c0:d3:47:19:96:1b:5f:4e:91:01:11:
73:6b:bd:53:0a:95:3d:c1:a5:3b:bb:f0:f5:59:ed:83:85:7d:
ed:89:41:2e:41:58:24:cf:d2:b5:71:1c:e4:76:d1:b7:9e:eb:
6a:bf:46:56:77:5e:cf:e3:0e:87:45:98:49:24:9a:1f:e4:d9:
22:0b:24:8c:57:38:78:45:cf:ef:0c:a5:24:c8:57:82:53:83:
63:5a:28:4e:2c:e7:80:93:06:24:c5:ab:8c:d0:8c:de:81:94:
32:00:82:3d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxAvfYSmKQQJkhgEiAX+JyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDMyMmJlYjdlMzYzZjRkNDU3NWUxZTRmZWVlNWNjYjg0
ZTEyNzUwHhcNMjMwMTAyMDU0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzNmN2Y3YWNlZmU0ZmM3N2NjMzRlZTBlNDQyOTg0MTljZWUyNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhYgp/00a8njuhIYxhdGNPSQpp41
RKd+rj9R3lnG+OPWUBaQhYAgcj02lzAzO8G2yKXLj7/KAWR55wyhOmuB1hTNHhFm
1leWG1w+QH2bHQJA9d/oNef0hT7OabqHWbQklNTyw5rvlm7d7EdnRAC5dGEj5yzF
n2uFDZbmgp3Cxp4l87/6d0q7OFS3AsRhNgn9cJfoaXvppGQw2H2MuIr4NfYDZa2T
N1Xmag24cVRw+pfzksyPLJkZgv2Sgq2RxNNVYgz/3FQK6Q67TF35lv5kNKJgoTCw
cU601ENIRIbSE1AORHeXvxFIgBtBp2aVDejRTyl9UPboyxaxdwlpjVi08wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPc/f3rO/k/HfMNO4ORCmEGc7iXJMB8GA1UdIwQY
MBaAFMjTIr6342P01FdeHk/u5cy4ThJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5NaXZyZmpZX1RVVjE0ZVQtN2x6TGhPRW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9lZjRkYjAtYjZjOS00N2FhLTg0YzEt
ZGMzNzY5ZThmNmExLzEvOXo5X2VzNy1UOGQ4dzA3ZzVFS1lRWnp1SmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9lZjRkYjAtYjZjOS00N2FhLTg0YzEtZGMzNzY5ZThmNmEx
LzEveU5NaXZyZmpZX1RVVjE0ZVQtN2x6TGhPRW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZ+sAwQC
kv90AwQCuUuQMA0EAgACMAcDBQMqBVMAMA0GCSqGSIb3DQEBCwUAA4IBAQCTps1U
BWf1B2J4Uk9B5kK1qwm/ImSh1xXmb7coZYb6AbqMmYKXRRVSytAo/xdraGHzS0jP
pwDY84pZQ+7qmhwqv0PdVm/Qiw8UGtq+x4ZPJWuZKRQupj8t1wSxPRFoFAiy9U+l
dqiPUp1u2fsDkC1SjDNi3/fxakQqi+DUTgluhO4eMfvz2uYjWP7bFPr0fwWk+2fe
+BscwNNHGZYbX06RARFza71TCpU9waU7u/D1We2DhX3tiUEuQVgkz9K1cRzkdtG3
nutqv0ZWd17P4w6HRZhJJJof5NkiCySMVzh4Rc/vDKUkyFeCU4NjWihOLOeAkwYk
xauM0IzegZQyAII9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:49 2024 by rpki-client on console-fra.rpki-client.org