Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/tN9H8uyFmYCSX3T3TINH6zA9lrY.roa
File: tN9H8uyFmYCSX3T3TINH6zA9lrY.roa (raw, json)
Hash identifier: cindPQmm/jvmedgfkZWZv3x3z33l0yMXv+WuiOrraPs=
Subject key identifier: B4:DF:47:F2:EC:85:99:80:92:5F:74:F7:4C:83:47:EB:30:3D:96:B6
Certificate issuer: /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial: 01857102D81EB992132F3E18EB3DCE08D4B5
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/tN9H8uyFmYCSX3T3TINH6zA9lrY.roa
Signing time: Mon 02 Jan 2023 05:44:49 +0000
ROA not before: Mon 02 Jan 2023 05:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 147.161.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:d8:1e:b9:92:13:2f:3e:18:eb:3d:ce:08:d4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Validity
Not Before: Jan 2 05:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4df47f2ec859980925f74f74c8347eb303d96b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:be:24:34:84:ef:92:30:34:d5:6d:4d:69:ee:
e9:6d:ce:43:b1:06:4a:e0:09:ee:cb:5d:2f:57:73:
5a:a5:07:18:11:13:77:8d:ad:bf:63:a7:a6:ff:f8:
5d:8f:a4:5f:55:64:2f:5a:26:c4:9d:e3:fa:d7:6f:
a5:cb:7a:5c:68:a0:a6:b0:0d:5b:0d:8c:4b:0b:c9:
59:86:24:64:b0:ed:f7:2d:4b:1c:80:88:dd:57:e8:
a7:06:15:95:13:54:eb:1a:ad:6c:c2:07:bd:41:b5:
ba:7a:8d:ed:98:16:20:3e:e3:2b:a3:a9:01:6e:b4:
b2:b4:e5:1d:bd:20:e2:d5:07:c0:f7:8b:47:ea:c3:
e7:1b:48:ad:6b:c9:29:6a:c4:e0:73:00:9c:dc:cd:
8c:f3:4a:7f:4f:b2:62:19:b4:ce:bf:ac:d1:01:15:
8b:14:3d:97:28:0d:17:06:1f:b5:8b:8c:e5:52:ab:
ba:eb:2b:86:1d:77:a4:9a:4c:fb:38:9f:c3:eb:f5:
89:61:90:7e:6c:e2:8e:36:26:2c:1c:bf:85:cd:7f:
41:00:0e:b6:90:8c:0c:b4:77:96:ce:ab:8b:de:a7:
82:84:a0:a9:85:5c:c3:8f:f0:c8:c9:7b:4b:93:7c:
1d:97:4d:04:8f:8e:fb:c1:fa:e2:a6:15:a1:e0:1c:
4e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:DF:47:F2:EC:85:99:80:92:5F:74:F7:4C:83:47:EB:30:3D:96:B6
X509v3 Authority Key Identifier:
keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/tN9H8uyFmYCSX3T3TINH6zA9lrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.2.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:12:61:74:e1:96:4f:6e:e3:b8:15:ae:d9:96:8a:4c:5d:36:
99:8f:bd:10:d2:5d:3a:c0:f9:c5:1c:26:cb:c7:9c:b0:ba:4f:
37:3a:1b:d4:9e:ea:c6:f5:46:28:c3:b7:6e:d1:c2:23:f2:d3:
04:2a:19:1f:25:72:04:90:b7:e5:16:82:44:f5:ea:ff:4d:5d:
4d:9a:3d:51:fa:a7:81:ad:de:42:c5:ef:11:67:46:b3:f3:14:
af:ec:e0:b3:ed:5a:23:55:b3:01:04:3b:d4:fa:04:c9:3e:b7:
a2:d7:a8:a8:72:bb:b4:2f:e9:2e:63:a9:2f:3e:2e:2a:d9:5f:
93:c1:67:ba:10:eb:65:45:89:83:c0:bb:70:78:4c:03:6e:79:
ce:e2:73:47:81:c6:07:a6:3e:96:64:e0:7c:ef:5b:5c:d6:df:
27:c1:e8:71:7b:a5:cc:d5:e8:56:57:4e:8d:a5:1d:ff:ca:22:
5b:78:64:9f:3e:b6:1f:4d:63:2c:24:50:63:3d:81:d8:ea:25:
87:a8:7f:14:54:8c:68:be:3d:6d:1d:16:28:47:1b:cf:7a:74:
c3:d8:fb:6a:01:d9:25:67:a1:cc:62:10:5d:4f:8b:7d:09:bf:
18:ce:66:ba:d6:f2:69:77:62:9b:10:a2:2a:d0:38:69:bf:08:
6b:b0:c6:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAtgeuZITLz4Y6z3OCNS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5
ZTUwNTUwHhcNMjMwMTAyMDU0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGRmNDdmMmVjODU5OTgwOTI1Zjc0Zjc0YzgzNDdlYjMwM2Q5NmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh74kNITvkjA01W1Nae7pbc5DsQZK
4Anuy10vV3NapQcYERN3ja2/Y6em//hdj6RfVWQvWibEneP612+ly3pcaKCmsA1b
DYxLC8lZhiRksO33LUscgIjdV+inBhWVE1TrGq1swge9QbW6eo3tmBYgPuMro6kB
brSytOUdvSDi1QfA94tH6sPnG0ita8kpasTgcwCc3M2M80p/T7JiGbTOv6zRARWL
FD2XKA0XBh+1i4zlUqu66yuGHXekmkz7OJ/D6/WJYZB+bOKONiYsHL+FzX9BAA62
kIwMtHeWzquL3qeChKCphVzDj/DIyXtLk3wdl00Ej477wfriphWh4BxOBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTfR/LshZmAkl9090yDR+swPZa2MB8GA1UdIwQY
MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt
OTA5NmUxNjc0ZTIyLzEvdE45SDh1eUZtWUNTWDNUM1RJTkg2ekE5bHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy
LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk6ECMA0G
CSqGSIb3DQEBCwUAA4IBAQAcEmF04ZZPbuO4Fa7ZlopMXTaZj70Q0l06wPnFHCbL
x5ywuk83OhvUnurG9UYow7du0cIj8tMEKhkfJXIEkLflFoJE9er/TV1Nmj1R+qeB
rd5Cxe8RZ0az8xSv7OCz7VojVbMBBDvU+gTJPrei16iocru0L+kuY6kvPi4q2V+T
wWe6EOtlRYmDwLtweEwDbnnO4nNHgcYHpj6WZOB871tc1t8nwehxe6XM1ehWV06N
pR3/yiJbeGSfPrYfTWMsJFBjPYHY6iWHqH8UVIxovj1tHRYoRxvPenTD2PtqAdkl
Z6HMYhBdT4t9Cb8Yzma61vJpd2KbEKIq0DhpvwhrsMaZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:19 2024 by rpki-client on console-ams.rpki-client.org