Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/vCqvRqOvTSD3yHOqBeKQYjHzoO0.roa
File: vCqvRqOvTSD3yHOqBeKQYjHzoO0.roa (raw, json)
Hash identifier: miDhtTbvY71zqVRfeaKmQwF6VaBK5PbCknz7Xyd1Bjs=
Subject key identifier: BC:2A:AF:46:A3:AF:4D:20:F7:C8:73:AA:05:E2:90:62:31:F3:A0:ED
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 0192045678D567D633D7D188C2B57B81C145
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/vCqvRqOvTSD3yHOqBeKQYjHzoO0.roa
Signing time: Wed 18 Sep 2024 08:53:48 +0000
ROA not before: Wed 18 Sep 2024 08:53:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35758
IP address blocks: 171.22.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Oct 2024 08:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:56:78:d5:67:d6:33:d7:d1:88:c2:b5:7b:81:c1:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Sep 18 08:53:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc2aaf46a3af4d20f7c873aa05e2906231f3a0ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f4:20:1b:c5:ea:7e:03:92:51:10:1a:3b:41:
51:d4:2f:e7:2f:04:9d:aa:c9:16:0d:6b:bb:fc:66:
1a:b1:48:ee:a2:26:60:c3:c8:5c:75:bb:32:d1:84:
5d:19:0a:40:f1:cd:2d:b0:e8:65:14:f7:31:7c:ce:
f5:e6:95:d9:aa:b7:9c:c9:11:a7:86:10:9c:a4:52:
4e:59:ac:68:b6:35:cb:87:5c:3f:ab:07:ad:f2:da:
ac:73:f9:01:3f:c4:30:be:2d:5c:4f:09:7a:95:47:
ca:7e:8d:24:8c:83:d5:fd:88:6a:ac:7a:ec:b2:93:
86:5a:3b:56:e0:7e:10:80:df:bf:e2:0f:ab:bd:70:
5f:a8:79:a8:7f:e0:09:dc:24:b4:33:79:68:45:23:
e4:a6:69:8e:99:41:0e:00:f6:39:eb:c5:a7:bf:ee:
24:02:2e:cd:8b:58:81:14:18:77:d5:cb:30:a0:0c:
8f:b7:fa:95:36:eb:86:07:92:38:e5:ef:32:87:12:
9e:c0:8b:20:8e:ea:9c:b1:38:c8:2f:25:a7:7d:e0:
e7:44:4c:10:00:8c:34:a0:e4:bd:47:7a:76:12:53:
32:5c:d6:bc:34:67:71:8c:5e:f8:ad:b7:c5:ce:1c:
c5:6f:94:3a:84:98:42:9c:8d:1d:71:10:c6:28:ca:
6f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:2A:AF:46:A3:AF:4D:20:F7:C8:73:AA:05:E2:90:62:31:F3:A0:ED
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/vCqvRqOvTSD3yHOqBeKQYjHzoO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.191.0/24
Signature Algorithm: sha256WithRSAEncryption
43:90:6b:c4:6b:2b:9f:c1:b7:86:8d:da:4c:17:f6:c7:23:24:
a0:f9:a7:95:f7:0f:5d:89:4b:f8:c1:57:c0:da:8a:83:c0:0a:
d5:e1:85:64:d0:a1:6c:71:29:ad:12:7d:79:f1:0c:ec:56:7f:
dc:99:97:e4:8d:45:45:df:c8:56:9f:e6:70:8b:04:d8:86:20:
44:b9:28:ef:65:4d:42:80:b0:4c:ae:29:07:5d:8f:3f:14:ae:
52:5a:7b:6b:34:35:28:05:4b:6f:82:69:6f:a6:ab:48:87:d7:
55:68:c8:a1:49:f2:51:45:fb:fc:a4:10:b1:4e:f5:23:74:bd:
ac:6f:bd:85:59:21:67:93:0b:bc:a2:32:e5:6c:d6:84:f0:cb:
bb:56:b3:50:66:11:89:55:d7:dd:2d:18:b1:ff:ce:d9:01:f4:
84:c3:1f:2e:8e:d5:7f:3f:22:71:44:cb:fb:2d:82:13:c4:0d:
b0:0e:e8:87:d1:12:91:e9:88:b6:22:18:3b:b5:13:fd:b7:cb:
49:a0:46:5d:aa:df:16:5f:42:de:02:43:c0:2d:bc:f9:dd:05:
cc:96:f0:45:43:54:76:51:6f:b9:5d:ca:79:08:58:c1:65:36:
c5:c6:ac:c8:71:08:ea:76:3d:e0:78:b7:21:c5:e2:94:b7:45:
13:d3:de:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIEVnjVZ9Yz19GIwrV7gcFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjQwOTE4MDg1MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzJhYWY0NmEzYWY0ZDIwZjdjODczYWEwNWUyOTA2MjMxZjNhMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9fQgG8XqfgOSURAaO0FR1C/nLwSd
qskWDWu7/GYasUjuoiZgw8hcdbsy0YRdGQpA8c0tsOhlFPcxfM715pXZqrecyRGn
hhCcpFJOWaxotjXLh1w/qwet8tqsc/kBP8Qwvi1cTwl6lUfKfo0kjIPV/YhqrHrs
spOGWjtW4H4QgN+/4g+rvXBfqHmof+AJ3CS0M3loRSPkpmmOmUEOAPY568Wnv+4k
Ai7Ni1iBFBh31cswoAyPt/qVNuuGB5I45e8yhxKewIsgjuqcsTjILyWnfeDnREwQ
AIw0oOS9R3p2ElMyXNa8NGdxjF74rbfFzhzFb5Q6hJhCnI0dcRDGKMpv2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwqr0ajr00g98hzqgXikGIx86DtMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvdkNxdlJxT3ZUU0QzeUhPcUJlS1FZakh6b08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxa/MA0G
CSqGSIb3DQEBCwUAA4IBAQBDkGvEayufwbeGjdpMF/bHIySg+aeV9w9diUv4wVfA
2oqDwArV4YVk0KFscSmtEn158QzsVn/cmZfkjUVF38hWn+ZwiwTYhiBEuSjvZU1C
gLBMrikHXY8/FK5SWntrNDUoBUtvgmlvpqtIh9dVaMihSfJRRfv8pBCxTvUjdL2s
b72FWSFnkwu8ojLlbNaE8Mu7VrNQZhGJVdfdLRix/87ZAfSEwx8ujtV/PyJxRMv7
LYITxA2wDuiH0RKR6Yi2Ihg7tRP9t8tJoEZdqt8WX0LeAkPALbz53QXMlvBFQ1R2
UW+5Xcp5CFjBZTbFxqzIcQjqdj3geLchxeKUt0UT094+
-----END CERTIFICATE-----
Generated at Fri Oct 4 14:31:48 2024 by rpki-client on console-ams.rpki-client.org