Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/iP7uIiOFelxppsGWUJ1X_pw4ceg.roa
File: iP7uIiOFelxppsGWUJ1X_pw4ceg.roa (raw, json)
Hash identifier: ycwLzJUhklOghbM9T9TTm3f0G0MOpgCC63QyalYlyRA=
Subject key identifier: 88:FE:EE:22:23:85:7A:5C:69:A6:C1:96:50:9D:57:FE:9C:38:71:E8
Certificate issuer: /CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Certificate serial: 01856F66E85B80D46BF646CE32CEEE4F9BD7
Authority key identifier: 8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/iP7uIiOFelxppsGWUJ1X_pw4ceg.roa
Signing time: Sun 01 Jan 2023 22:14:53 +0000
ROA not before: Sun 01 Jan 2023 22:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 192.33.88.0/24 maxlen: 24
2001:67c:2e40::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e8:5b:80:d4:6b:f6:46:ce:32:ce:ee:4f:9b:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Validity
Not Before: Jan 1 22:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88feee2223857a5c69a6c196509d57fe9c3871e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:12:5c:22:c0:d0:40:12:bf:9b:fa:31:8c:04:
40:80:57:45:c9:d5:2f:88:91:67:7b:2c:4c:b2:e1:
73:15:18:50:01:72:15:c2:d5:e4:df:3e:48:be:e3:
94:28:37:bd:07:82:92:cd:66:b5:eb:9c:22:b7:53:
01:95:d3:c7:7f:a3:3f:1b:51:ab:a8:85:63:07:dc:
06:0f:53:c4:bd:83:b9:ce:81:4b:49:75:58:e6:a7:
25:28:57:d2:56:7a:1b:81:f7:42:19:40:cc:11:61:
03:10:ff:13:75:27:9b:e5:82:f6:f9:fc:90:55:58:
df:c2:f1:a7:45:cf:ed:21:52:e5:0a:24:34:d8:ee:
cb:6d:dd:0a:8a:21:34:e3:01:bc:40:23:1b:4a:4a:
15:26:02:ee:3f:e0:94:24:f0:76:b7:cc:13:e3:7f:
36:22:a0:a6:b3:52:28:1c:2e:ca:9d:d6:0d:e1:de:
3f:f8:df:fb:ed:37:1f:4f:5d:a7:dd:b7:2b:42:f6:
4e:a0:0b:0d:c8:8c:92:1a:b4:20:d6:6f:de:0a:db:
03:83:82:9c:fa:dd:44:49:80:8d:4d:b8:ab:0d:0b:
dc:1c:e5:98:c9:e8:3e:4c:e9:02:4b:f3:3a:77:b5:
8b:b8:fc:01:12:de:7e:26:fd:b3:c1:b2:9e:32:2f:
61:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FE:EE:22:23:85:7A:5C:69:A6:C1:96:50:9D:57:FE:9C:38:71:E8
X509v3 Authority Key Identifier:
keyid:8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/iP7uIiOFelxppsGWUJ1X_pw4ceg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.33.88.0/24
IPv6:
2001:67c:2e40::/48
Signature Algorithm: sha256WithRSAEncryption
25:8d:03:da:b2:b5:03:92:fa:f0:56:e0:b1:8b:30:cb:31:b8:
ee:16:5a:6c:c1:7b:5e:83:98:f0:a9:ee:3d:9a:9f:8f:4f:78:
62:98:e6:e6:b1:c6:17:e9:2d:e6:5c:2d:29:5b:1d:73:39:07:
84:90:35:51:e2:f7:2f:c6:99:d0:be:4a:ce:55:28:e5:fc:09:
50:94:46:0c:34:c3:3a:96:e3:91:4f:76:07:65:11:a6:54:02:
e1:59:f2:04:75:ef:6a:56:53:47:d3:76:52:3f:c0:4d:5a:aa:
9c:b5:da:b0:08:47:a9:ed:f3:4a:89:b6:d5:a9:00:ec:36:d8:
fa:3e:c7:40:a4:a0:13:ea:15:93:1c:6f:b6:d5:9e:23:3c:9e:
79:b4:6e:0d:3a:8f:02:03:4b:f2:68:6c:08:60:77:8d:1d:b5:
be:a4:53:44:73:35:50:53:bf:c2:74:15:f2:a5:31:05:4f:bd:
8b:47:4f:b6:95:b6:ed:8d:01:08:cf:1b:07:5c:cd:79:b2:3f:
5a:3c:42:ab:bd:9e:60:07:a2:f9:8d:e5:c6:48:98:69:55:de:
f7:6b:e6:de:ab:21:1f:fd:34:ce:03:e3:72:fa:0f:90:19:a2:
ca:a4:e9:07:ad:03:1a:a8:ae:f7:9d:05:70:61:07:3e:b6:8a:
fa:a9:e8:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvZuhbgNRr9kbOMs7uT5vXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTgyNGJjNjMxY2NlZTFhZTk5ZDcxMDNhZmQyZGM3NGYx
ZTI5YzQwHhcNMjMwMTAxMjIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGZlZWUyMjIzODU3YTVjNjlhNmMxOTY1MDlkNTdmZTljMzg3MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRJcIsDQQBK/m/oxjARAgFdFydUv
iJFneyxMsuFzFRhQAXIVwtXk3z5IvuOUKDe9B4KSzWa165wit1MBldPHf6M/G1Gr
qIVjB9wGD1PEvYO5zoFLSXVY5qclKFfSVnobgfdCGUDMEWEDEP8TdSeb5YL2+fyQ
VVjfwvGnRc/tIVLlCiQ02O7Lbd0KiiE04wG8QCMbSkoVJgLuP+CUJPB2t8wT4382
IqCms1IoHC7KndYN4d4/+N/77TcfT12n3bcrQvZOoAsNyIySGrQg1m/eCtsDg4Kc
+t1ESYCNTbirDQvcHOWYyeg+TOkCS/M6d7WLuPwBEt5+Jv2zwbKeMi9hWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIj+7iIjhXpcaabBllCdV/6cOHHoMB8GA1UdIwQY
MBaAFI2oJLxjHM7hrpnXEDr9LcdPHinEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUt
Mzg2YzFmOGIwNjQwLzEvaVA3dUlpT0ZlbHhwcHNHV1VKMVhfcHc0Y2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUtMzg2YzFmOGIwNjQw
LzEvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwCFYMA8E
AgACMAkDBwAgAQZ8LkAwDQYJKoZIhvcNAQELBQADggEBACWNA9qytQOS+vBW4LGL
MMsxuO4WWmzBe16DmPCp7j2an49PeGKY5uaxxhfpLeZcLSlbHXM5B4SQNVHi9y/G
mdC+Ss5VKOX8CVCURgw0wzqW45FPdgdlEaZUAuFZ8gR172pWU0fTdlI/wE1aqpy1
2rAIR6nt80qJttWpAOw22Po+x0CkoBPqFZMcb7bVniM8nnm0bg06jwIDS/JobAhg
d40dtb6kU0RzNVBTv8J0FfKlMQVPvYtHT7aVtu2NAQjPGwdczXmyP1o8Qqu9nmAH
ovmN5cZImGlV3vdr5t6rIR/9NM4D43L6D5AZosqk6QetAxqorvedBXBhBz62ivqp
6Dc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:59 2024 by rpki-client on console-ams.rpki-client.org