Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1AhczBh0_duH14rZmt_oJ4PXqYc.roa
File: 1AhczBh0_duH14rZmt_oJ4PXqYc.roa (raw, json)
Hash identifier: M3F53L65sxvHHsIQG8IYeSzwXBPAtSkat9ccyAdT1xI=
Subject key identifier: D4:08:5C:CC:18:74:FD:DB:87:D7:8A:D9:9A:DF:E8:27:83:D7:A9:87
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01857102FD95D78C12315C97FDC1A777D91C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1AhczBh0_duH14rZmt_oJ4PXqYc.roa
Signing time: Mon 02 Jan 2023 05:44:59 +0000
ROA not before: Mon 02 Jan 2023 05:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9335
IP address blocks: 141.98.16.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 May 2023 08:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:fd:95:d7:8c:12:31:5c:97:fd:c1:a7:77:d9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4085ccc1874fddb87d78ad99adfe82783d7a987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:90:e6:d1:79:71:54:46:35:a2:61:f9:85:da:
26:50:b9:a9:08:3f:3b:f3:76:07:3c:07:ff:3d:12:
e4:df:8d:4b:7e:96:9d:45:5e:7c:00:81:8b:47:77:
f5:ae:84:49:31:5c:79:d0:b2:53:e3:fe:cd:e3:4a:
8e:b2:5e:8d:d0:fc:1f:3e:a8:55:42:70:14:62:d2:
ec:19:94:84:b0:2f:53:6e:63:72:32:82:e9:87:f2:
2f:57:e1:7d:d9:ef:2d:60:22:aa:ac:63:fb:ee:56:
70:a7:7b:ba:a4:51:63:06:e9:c1:2e:a5:a3:ab:40:
2a:73:41:dd:5d:35:f6:b2:bf:69:13:41:81:08:f4:
75:23:75:f6:cb:d4:25:79:d4:f4:87:b1:0f:39:1c:
c9:2e:2d:72:c9:71:1b:16:5e:ce:22:05:4a:03:a1:
d9:73:11:2f:27:32:ab:d2:7a:6d:6a:85:86:ff:eb:
aa:b4:07:c0:b9:f3:00:23:ff:50:27:3f:73:97:8e:
b4:a5:2d:b8:27:2f:81:72:f3:c6:c4:51:6e:78:51:
83:c8:87:81:14:bf:a3:e6:2c:d5:26:87:bc:31:58:
fc:68:b9:80:ad:8e:4c:c1:83:06:72:95:b2:5b:24:
1e:6b:53:5e:99:12:9c:e8:89:66:ce:0c:8a:1a:5b:
0d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:08:5C:CC:18:74:FD:DB:87:D7:8A:D9:9A:DF:E8:27:83:D7:A9:87
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1AhczBh0_duH14rZmt_oJ4PXqYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.16.0/22
Signature Algorithm: sha256WithRSAEncryption
40:3e:c9:fa:bd:e3:88:1f:fd:f6:b5:34:9c:f9:9b:c5:81:30:
7b:b2:9a:6d:8e:38:46:d9:d1:cd:c6:0b:38:69:d3:22:a9:55:
89:a9:04:6f:a9:54:c7:ff:cb:69:ff:e5:2f:e2:1d:88:d0:29:
86:a1:b4:1e:a6:6b:6b:4d:86:4a:ac:39:b3:92:e3:4d:a9:7e:
59:78:b4:41:54:99:7f:f3:2e:73:62:d1:ac:77:5d:ef:8e:a2:
30:b6:45:b2:4f:43:04:8e:25:81:f3:aa:60:21:ff:6e:3f:5a:
44:d1:ab:07:6c:fa:87:0d:9f:c7:b6:2e:b1:65:62:65:8a:80:
a5:b3:e4:71:09:19:58:07:af:a5:42:7a:cd:3d:9d:c5:ac:11:
89:d2:12:38:72:93:aa:aa:3f:bb:a1:10:17:15:1d:5d:a3:88:
41:94:53:d7:76:58:8b:8c:ec:a7:0d:c4:2c:dc:5d:34:71:16:
91:8f:50:93:e5:11:11:ce:95:44:c8:65:f8:43:d9:35:c9:15:
3a:a1:a8:44:04:68:2e:a2:b2:20:63:01:1d:ac:28:e2:53:05:
aa:96:31:46:3b:f5:ab:1d:e9:d0:4a:b6:74:6b:1a:8f:c7:78:
8b:c7:47:9c:cd:f2:f5:b7:bb:8b:5f:0c:d0:45:47:9c:40:4e:
c2:f0:6c:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAv2V14wSMVyX/cGnd9kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDA4NWNjYzE4NzRmZGRiODdkNzhhZDk5YWRmZTgyNzgzZDdhOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipDm0XlxVEY1omH5hdomULmpCD87
83YHPAf/PRLk341LfpadRV58AIGLR3f1roRJMVx50LJT4/7N40qOsl6N0PwfPqhV
QnAUYtLsGZSEsC9TbmNyMoLph/IvV+F92e8tYCKqrGP77lZwp3u6pFFjBunBLqWj
q0Aqc0HdXTX2sr9pE0GBCPR1I3X2y9QledT0h7EPORzJLi1yyXEbFl7OIgVKA6HZ
cxEvJzKr0nptaoWG/+uqtAfAufMAI/9QJz9zl460pS24Jy+BcvPGxFFueFGDyIeB
FL+j5izVJoe8MVj8aLmArY5MwYMGcpWyWyQea1NemRKc6IlmzgyKGlsNpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQIXMwYdP3bh9eK2Zrf6CeD16mHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMUFoY3pCaDBfZHVIMTRyWm10X29KNFBYcVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjWIQMA0G
CSqGSIb3DQEBCwUAA4IBAQBAPsn6veOIH/32tTSc+ZvFgTB7spptjjhG2dHNxgs4
adMiqVWJqQRvqVTH/8tp/+Uv4h2I0CmGobQepmtrTYZKrDmzkuNNqX5ZeLRBVJl/
8y5zYtGsd13vjqIwtkWyT0MEjiWB86pgIf9uP1pE0asHbPqHDZ/Hti6xZWJlioCl
s+RxCRlYB6+lQnrNPZ3FrBGJ0hI4cpOqqj+7oRAXFR1do4hBlFPXdliLjOynDcQs
3F00cRaRj1CT5RERzpVEyGX4Q9k1yRU6oahEBGguorIgYwEdrCjiUwWqljFGO/Wr
HenQSrZ0axqPx3iLx0eczfL1t7uLXwzQRUecQE7C8GyE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org