Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e3b27b-d4d3-4904-9fb5-442b18aaf56f/1/ZQSIDI0-w3ndKoTkjbE2T4Ws-Hk.roa
File: ZQSIDI0-w3ndKoTkjbE2T4Ws-Hk.roa (raw, json)
Hash identifier: VuDRvoUtDZbvUyQyFuZhXzTaj29ZV9SZ0mYXIxuhGaE=
Subject key identifier: 65:04:88:0C:8D:3E:C3:79:DD:2A:84:E4:8D:B1:36:4F:85:AC:F8:79
Certificate issuer: /CN=d47cce8a97e202a8b44b26f57f4f70950218e52c
Certificate serial: 01856D6F65F35558C2F52517FF3E504BDC76
Authority key identifier: D4:7C:CE:8A:97:E2:02:A8:B4:4B:26:F5:7F:4F:70:95:02:18:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HzOipfiAqi0Syb1f09wlQIY5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e3b27b-d4d3-4904-9fb5-442b18aaf56f/1/ZQSIDI0-w3ndKoTkjbE2T4Ws-Hk.roa
Signing time: Sun 01 Jan 2023 13:04:55 +0000
ROA not before: Sun 01 Jan 2023 13:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24904
IP address blocks: 171.22.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:65:f3:55:58:c2:f5:25:17:ff:3e:50:4b:dc:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d47cce8a97e202a8b44b26f57f4f70950218e52c
Validity
Not Before: Jan 1 13:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6504880c8d3ec379dd2a84e48db1364f85acf879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bc:e7:82:0e:c7:3e:92:9a:de:38:3e:9d:3f:
6e:e9:42:45:d9:24:36:4d:b5:fe:0a:68:06:05:bb:
a9:64:83:fa:f8:46:b2:4a:95:c0:b8:67:a9:35:48:
ce:b4:24:c4:78:cc:75:de:1f:b1:7b:e1:44:86:80:
55:fc:59:e6:ee:f8:cd:90:5d:1f:52:fc:9c:7d:6a:
01:38:c5:8a:7f:e4:a8:63:f2:e7:4c:cf:b4:9a:e0:
08:87:d5:41:d6:dc:17:a3:3f:a0:17:14:17:4c:3f:
56:c2:dc:29:73:97:ab:cb:09:d2:f2:24:86:e8:ca:
d9:46:29:4d:aa:5a:71:ba:b5:d9:6f:59:f0:66:71:
f1:05:36:0e:e7:3e:93:bb:22:32:aa:b9:77:b4:7c:
1d:7a:e2:20:f1:64:c4:e6:00:90:3a:9a:ee:52:55:
21:c0:6e:2d:95:0b:b9:7d:d3:14:23:62:f5:c9:03:
83:bd:a4:39:e1:03:0d:7e:70:b0:04:0e:9f:a2:80:
b7:2c:6a:9e:17:1e:fc:7b:c6:f3:85:f9:19:b3:34:
b4:af:1e:1e:5c:82:e1:c8:5d:9b:ef:3f:42:b8:33:
29:41:79:c2:bb:ee:b6:89:22:b7:3c:50:2a:90:c7:
c3:85:9d:d6:3d:8c:3c:43:ea:f9:3a:fc:c9:2e:2c:
52:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:04:88:0C:8D:3E:C3:79:DD:2A:84:E4:8D:B1:36:4F:85:AC:F8:79
X509v3 Authority Key Identifier:
keyid:D4:7C:CE:8A:97:E2:02:A8:B4:4B:26:F5:7F:4F:70:95:02:18:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HzOipfiAqi0Syb1f09wlQIY5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e3b27b-d4d3-4904-9fb5-442b18aaf56f/1/ZQSIDI0-w3ndKoTkjbE2T4Ws-Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e3b27b-d4d3-4904-9fb5-442b18aaf56f/1/1HzOipfiAqi0Syb1f09wlQIY5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.0.0/22
Signature Algorithm: sha256WithRSAEncryption
78:d9:5c:65:81:79:a2:05:6d:dc:2f:dd:eb:fb:bb:6f:0f:9d:
49:b5:a6:45:ff:5f:84:a4:12:4b:ab:26:0f:d1:f3:1a:95:85:
cf:d0:8c:94:21:b6:bf:80:a9:1f:f9:9e:f8:39:db:89:d3:5c:
0d:0e:cc:58:7c:77:33:60:17:7e:b4:aa:34:87:17:de:3a:0f:
a0:92:99:e6:b3:55:36:77:c7:98:36:84:46:dc:9c:6e:e3:ea:
da:1c:4b:90:0e:c4:65:d0:46:25:29:53:f8:02:72:c8:c6:24:
45:58:2c:60:4f:17:14:68:31:c3:47:b9:69:ac:f1:14:8d:6f:
6b:d4:3a:80:cf:97:ea:56:dd:23:80:fd:dc:51:ef:8a:2f:50:
08:50:13:66:c4:f0:f6:b8:27:43:5a:4d:55:2e:b3:3f:1f:68:
cf:b9:57:22:2f:b3:81:5a:e8:d7:2b:9a:1e:ec:69:a4:f8:29:
1c:3f:c2:a7:a9:bf:6e:e9:9b:9c:8a:4b:37:bb:a3:da:c6:ed:
87:e2:fe:00:d8:ca:88:9c:31:f8:ed:c1:e5:ba:06:a5:43:28:
5a:49:c9:db:54:f7:fc:99:c3:1b:4b:64:ee:58:10:33:33:54:
d4:1f:43:b6:62:9c:24:08:66:01:f4:3c:6c:d8:71:19:73:8b:
bc:75:42:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb2XzVVjC9SUX/z5QS9x2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0N2NjZThhOTdlMjAyYThiNDRiMjZmNTdmNGY3MDk1MDIx
OGU1MmMwHhcNMjMwMTAxMTMwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTA0ODgwYzhkM2VjMzc5ZGQyYTg0ZTQ4ZGIxMzY0Zjg1YWNmODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbzngg7HPpKa3jg+nT9u6UJF2SQ2
TbX+CmgGBbupZIP6+EaySpXAuGepNUjOtCTEeMx13h+xe+FEhoBV/Fnm7vjNkF0f
UvycfWoBOMWKf+SoY/LnTM+0muAIh9VB1twXoz+gFxQXTD9Wwtwpc5erywnS8iSG
6MrZRilNqlpxurXZb1nwZnHxBTYO5z6TuyIyqrl3tHwdeuIg8WTE5gCQOpruUlUh
wG4tlQu5fdMUI2L1yQODvaQ54QMNfnCwBA6fooC3LGqeFx78e8bzhfkZszS0rx4e
XILhyF2b7z9CuDMpQXnCu+62iSK3PFAqkMfDhZ3WPYw8Q+r5OvzJLixSmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGUEiAyNPsN53SqE5I2xNk+FrPh5MB8GA1UdIwQY
MBaAFNR8zoqX4gKotEsm9X9PcJUCGOUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUh6T2lwZmlBcWkwU3liMWYwOXdsUUlZNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lM2IyN2ItZDRkMy00OTA0LTlmYjUt
NDQyYjE4YWFmNTZmLzEvWlFTSURJMC13M25kS29Ua2piRTJUNFdzLUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lM2IyN2ItZDRkMy00OTA0LTlmYjUtNDQyYjE4YWFmNTZm
LzEvMUh6T2lwZmlBcWkwU3liMWYwOXdsUUlZNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqxYAMA0G
CSqGSIb3DQEBCwUAA4IBAQB42VxlgXmiBW3cL93r+7tvD51JtaZF/1+EpBJLqyYP
0fMalYXP0IyUIba/gKkf+Z74OduJ01wNDsxYfHczYBd+tKo0hxfeOg+gkpnms1U2
d8eYNoRG3Jxu4+raHEuQDsRl0EYlKVP4AnLIxiRFWCxgTxcUaDHDR7lprPEUjW9r
1DqAz5fqVt0jgP3cUe+KL1AIUBNmxPD2uCdDWk1VLrM/H2jPuVciL7OBWujXK5oe
7Gmk+CkcP8Knqb9u6Zuciks3u6Paxu2H4v4A2MqInDH47cHlugalQyhaScnbVPf8
mcMbS2TuWBAzM1TUH0O2YpwkCGYB9Dxs2HEZc4u8dUJG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:14 2024 by rpki-client on console-ams.rpki-client.org