Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/a6hhKk2a8okd6uvurzoXWr137rk.roa
File: a6hhKk2a8okd6uvurzoXWr137rk.roa (raw, json)
Hash identifier: YDFOQs0hEvvBP2MxwVO/pHo9eg7rUt5eQdEawKbEx5E=
Subject key identifier: 6B:A8:61:2A:4D:9A:F2:89:1D:EA:EB:EE:AF:3A:17:5A:BD:77:EE:B9
Certificate issuer: /CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Certificate serial: 01856C0A3A17A78D0A9133CDE1A9AE34D357
Authority key identifier: CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/a6hhKk2a8okd6uvurzoXWr137rk.roa
Signing time: Sun 01 Jan 2023 06:34:47 +0000
ROA not before: Sun 01 Jan 2023 06:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23764
IP address blocks: 147.78.135.0/24 maxlen: 24
147.78.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:3a:17:a7:8d:0a:91:33:cd:e1:a9:ae:34:d3:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Validity
Not Before: Jan 1 06:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ba8612a4d9af2891deaebeeaf3a175abd77eeb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bc:e2:75:99:44:bb:52:6b:c4:19:81:cd:2d:
4d:38:de:2e:85:30:58:16:8d:c5:eb:69:7a:7c:af:
1b:db:d7:be:33:49:ea:47:17:b7:6b:7f:8e:12:bd:
74:68:6d:1c:4b:ec:c1:e7:80:b1:9a:b5:95:ae:16:
89:4c:b6:84:25:02:45:9b:00:2d:53:a5:2d:d6:b4:
e6:69:49:db:e9:10:03:06:b8:c2:7a:ae:6d:a8:97:
7a:e7:c2:a2:93:7a:a2:a1:5b:28:11:2f:19:60:d5:
31:38:a7:ad:d8:a8:0f:38:a2:4b:10:c3:71:a9:62:
66:b1:1f:19:b6:c1:f5:2b:6d:47:2d:b5:79:90:ff:
bb:ee:95:2a:d6:d9:93:00:ee:19:87:14:cc:85:2e:
34:e0:9a:23:46:f7:d7:d4:f2:fd:3c:38:a9:c7:ae:
8c:62:c8:47:d2:63:a4:62:fb:4e:d4:a9:3c:56:4b:
10:93:4a:31:e1:4a:cc:05:ad:a5:47:3d:37:cb:fb:
fe:11:20:b2:15:03:ad:af:e5:42:fd:b3:3b:9b:1f:
2b:52:07:2a:f3:32:70:6c:ca:cf:29:54:55:4e:b6:
23:aa:c4:eb:16:76:6e:24:86:0a:0d:ee:e7:8d:8b:
ba:61:b8:d0:91:b8:88:0c:c9:2e:75:b7:59:01:28:
b9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A8:61:2A:4D:9A:F2:89:1D:EA:EB:EE:AF:3A:17:5A:BD:77:EE:B9
X509v3 Authority Key Identifier:
keyid:CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/a6hhKk2a8okd6uvurzoXWr137rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.133.0/24
147.78.135.0/24
Signature Algorithm: sha256WithRSAEncryption
89:2d:f0:a2:50:b1:bb:69:da:55:f0:81:c6:7b:99:37:0f:13:
a2:09:2e:31:1c:d1:d4:5f:9c:99:71:d9:de:9b:20:51:5f:43:
2f:d5:41:e3:66:f0:8d:a7:1c:d0:75:ab:68:1a:39:f1:9d:0c:
c6:26:22:f2:ed:ab:4b:f7:3b:3b:29:c1:13:00:eb:df:9b:a4:
d9:a4:bd:24:1f:f7:69:a4:83:02:65:0f:66:e6:6e:5f:8e:e0:
d9:93:1e:74:ea:d0:96:24:19:4f:ec:78:ed:21:15:06:5c:c7:
8a:de:3a:40:57:14:3d:5e:45:0a:42:43:f3:ba:f3:43:0f:34:
7f:8e:34:fe:5d:8e:ed:7c:7d:ff:96:08:d3:62:fa:ee:25:89:
9c:58:91:25:d8:99:f2:62:1c:2f:c1:bb:ab:19:65:52:52:f7:
7c:d6:e0:55:3f:ed:79:1d:ab:cd:1e:73:70:cd:98:30:d1:04:
22:54:5b:b4:eb:55:0e:5e:b2:96:0f:a8:ae:e5:59:e4:a0:f2:
a1:74:e8:aa:b0:a2:9e:61:e4:96:e8:ff:0d:90:a7:6d:b2:2f:
6b:aa:d1:f3:a8:36:c4:60:8d:04:17:3a:3c:95:11:10:e8:7b:
d7:ef:74:96:0b:f9:6c:c7:aa:3e:54:74:2e:e8:d3:34:32:45:
2c:50:bb:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsCjoXp40KkTPN4amuNNNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjdjMjBiNTVhNDcwZGFiODkyZjRjOTFlYTAwMTBiZDFj
MzlmMzQwHhcNMjMwMTAxMDYzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmE4NjEyYTRkOWFmMjg5MWRlYWViZWVhZjNhMTc1YWJkNzdlZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7zidZlEu1JrxBmBzS1NON4uhTBY
Fo3F62l6fK8b29e+M0nqRxe3a3+OEr10aG0cS+zB54CxmrWVrhaJTLaEJQJFmwAt
U6Ut1rTmaUnb6RADBrjCeq5tqJd658Kik3qioVsoES8ZYNUxOKet2KgPOKJLEMNx
qWJmsR8ZtsH1K21HLbV5kP+77pUq1tmTAO4ZhxTMhS404JojRvfX1PL9PDipx66M
YshH0mOkYvtO1Kk8VksQk0ox4UrMBa2lRz03y/v+ESCyFQOtr+VC/bM7mx8rUgcq
8zJwbMrPKVRVTrYjqsTrFnZuJIYKDe7njYu6YbjQkbiIDMkudbdZASi59QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGuoYSpNmvKJHerr7q86F1q9d+65MB8GA1UdIwQY
MBaAFMu3wgtVpHDauJL0yR6gAQvRw580MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgt
MjU2MzM5NzM2YzJiLzEvYTZoaEtrMmE4b2tkNnV2dXJ6b1hXcjEzN3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgtMjU2MzM5NzM2YzJi
LzEveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk06FAwQA
k06HMA0GCSqGSIb3DQEBCwUAA4IBAQCJLfCiULG7adpV8IHGe5k3DxOiCS4xHNHU
X5yZcdnemyBRX0Mv1UHjZvCNpxzQdatoGjnxnQzGJiLy7atL9zs7KcETAOvfm6TZ
pL0kH/dppIMCZQ9m5m5fjuDZkx506tCWJBlP7HjtIRUGXMeK3jpAVxQ9XkUKQkPz
uvNDDzR/jjT+XY7tfH3/lgjTYvruJYmcWJEl2JnyYhwvwburGWVSUvd81uBVP+15
HavNHnNwzZgw0QQiVFu061UOXrKWD6iu5VnkoPKhdOiqsKKeYeSW6P8NkKdtsi9r
qtHzqDbEYI0EFzo8lREQ6HvX73SWC/lsx6o+VHQu6NM0MkUsULsf
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:23 2024 by rpki-client on console-fra.rpki-client.org