Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Dit1OMmXmpFQuI2v9UeMq1AfGWU.roa
File: Dit1OMmXmpFQuI2v9UeMq1AfGWU.roa (raw, json)
Hash identifier: 1Rk2Y0AAOfFT0C0j3LXscUIL4H21MRSr5LRF8dXIDv0=
Subject key identifier: 0E:2B:75:38:C9:97:9A:91:50:B8:8D:AF:F5:47:8C:AB:50:1F:19:65
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018571030DABF67A406BDA3D6CA964CEB19A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Dit1OMmXmpFQuI2v9UeMq1AfGWU.roa
Signing time: Mon 02 Jan 2023 05:45:03 +0000
ROA not before: Mon 02 Jan 2023 05:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56309
IP address blocks: 203.159.92.0/22 maxlen: 22
141.98.16.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 May 2023 08:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:0d:ab:f6:7a:40:6b:da:3d:6c:a9:64:ce:b1:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e2b7538c9979a9150b88daff5478cab501f1965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e5:7f:06:f9:a6:ed:fd:9e:14:46:7b:f0:24:
90:eb:95:26:41:e2:0e:20:da:6b:d4:cf:07:f2:b0:
c4:8c:ed:d8:b7:fc:b2:c5:2b:8e:cc:78:06:6c:d6:
e7:9e:77:80:d1:39:7f:49:c0:52:52:18:ec:ec:e1:
d4:66:78:aa:19:aa:1a:30:30:1b:fa:70:fa:74:46:
d7:44:4e:3a:cb:4f:13:0a:44:94:5c:48:80:98:ef:
46:21:d4:91:23:df:86:34:13:11:db:3e:27:16:2e:
69:b0:db:63:b0:d6:4a:96:4a:9c:ef:6d:c7:1a:47:
d7:40:dc:69:c0:7a:3f:0e:f8:f5:73:c7:fe:55:58:
2f:c6:e5:d5:eb:2d:98:42:17:80:9f:12:af:86:5f:
91:c9:11:3f:b8:41:84:96:89:d8:f6:de:da:52:c6:
5d:fb:82:93:e4:01:28:cd:36:97:f6:76:99:48:7f:
23:1c:af:93:99:03:85:67:0a:40:b0:e3:9a:34:5a:
99:77:0d:3e:45:ff:f3:1e:3b:a6:bf:51:b0:e8:6f:
0f:72:aa:9b:52:35:0a:59:5c:73:4b:5d:58:0b:5b:
f8:9f:ec:60:04:d2:73:8c:78:f3:f2:34:0c:ad:9f:
62:45:0d:13:6a:e7:b4:e2:2a:94:86:42:f3:0f:4f:
8f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2B:75:38:C9:97:9A:91:50:B8:8D:AF:F5:47:8C:AB:50:1F:19:65
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Dit1OMmXmpFQuI2v9UeMq1AfGWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.16.0/22
203.159.92.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:a8:c5:9a:ee:b3:54:e9:4d:76:fd:12:2a:b3:83:15:02:62:
9f:84:c8:ca:5e:46:e9:d8:d7:14:87:fa:04:62:73:24:60:97:
d6:f8:c0:c6:24:15:1f:97:9d:26:ed:b0:e0:7b:36:45:7f:49:
0a:92:8a:de:ba:dd:6b:be:27:6f:71:20:76:66:d0:f8:93:92:
00:e2:17:78:42:ed:be:83:54:d5:44:fb:55:21:73:23:08:43:
37:47:df:7d:19:0b:52:23:62:07:81:07:10:7a:31:ff:97:0b:
76:9e:d4:90:f9:ac:61:44:4e:b4:67:1e:33:e4:73:61:3d:a3:
79:2a:f9:09:e4:9a:31:63:8b:19:1a:ba:cb:2d:4a:8a:21:d7:
f4:6e:56:a4:40:59:ff:e8:ee:a3:19:97:5a:14:0a:ac:86:4c:
fa:14:99:67:25:a8:2a:10:87:ae:6f:11:55:e8:92:4c:fc:8e:
af:59:d2:ba:41:0b:1d:ed:d7:48:b3:8e:8b:ed:5d:4f:84:69:
10:16:8b:2c:1e:5a:e3:5a:fa:4b:13:85:7a:f3:ac:06:d5:ec:
d3:1e:83:57:e7:49:0a:62:e0:9e:e3:df:b1:01:6c:a7:13:b6:
f3:aa:2a:37:dd:03:0b:05:76:e2:fb:db:4e:17:9b:50:32:c1:
06:29:24:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxAw2r9npAa9o9bKlkzrGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJiNzUzOGM5OTc5YTkxNTBiODhkYWZmNTQ3OGNhYjUwMWYxOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseV/Bvmm7f2eFEZ78CSQ65UmQeIO
INpr1M8H8rDEjO3Yt/yyxSuOzHgGbNbnnneA0Tl/ScBSUhjs7OHUZniqGaoaMDAb
+nD6dEbXRE46y08TCkSUXEiAmO9GIdSRI9+GNBMR2z4nFi5psNtjsNZKlkqc723H
GkfXQNxpwHo/Dvj1c8f+VVgvxuXV6y2YQheAnxKvhl+RyRE/uEGElonY9t7aUsZd
+4KT5AEozTaX9naZSH8jHK+TmQOFZwpAsOOaNFqZdw0+Rf/zHjumv1Gw6G8Pcqqb
UjUKWVxzS11YC1v4n+xgBNJzjHjz8jQMrZ9iRQ0Taue04iqUhkLzD0+PBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA4rdTjJl5qRULiNr/VHjKtQHxllMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRGl0MU9NbVhtcEZRdUkydjlVZU1xMUFmR1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCjWIQAwQC
y59cMA0GCSqGSIb3DQEBCwUAA4IBAQB8qMWa7rNU6U12/RIqs4MVAmKfhMjKXkbp
2NcUh/oEYnMkYJfW+MDGJBUfl50m7bDgezZFf0kKkoreut1rvidvcSB2ZtD4k5IA
4hd4Qu2+g1TVRPtVIXMjCEM3R999GQtSI2IHgQcQejH/lwt2ntSQ+axhRE60Zx4z
5HNhPaN5KvkJ5JoxY4sZGrrLLUqKIdf0blakQFn/6O6jGZdaFAqshkz6FJlnJagq
EIeubxFV6JJM/I6vWdK6QQsd7ddIs46L7V1PhGkQFossHlrjWvpLE4V686wG1ezT
HoNX50kKYuCe49+xAWynE7bzqio33QMLBXbi+9tOF5tQMsEGKSRu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org