Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/y1Q7EVcG879clErziKX40zeMmPM.roa
File: y1Q7EVcG879clErziKX40zeMmPM.roa (raw, json)
Hash identifier: fLUWHYHDkbXbkAw5UTAf1r4hGBWkyfsVysuHGQ7rolY=
Subject key identifier: CB:54:3B:11:57:06:F3:BF:5C:94:4A:F3:88:A5:F8:D3:37:8C:98:F3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01882D2588B19460C4DF6FEA4A5488AE3AB0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/y1Q7EVcG879clErziKX40zeMmPM.roa
Signing time: Thu 18 May 2023 04:36:54 +0000
ROA not before: Thu 18 May 2023 04:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206804
IP address blocks: 192.159.100.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2d:25:88:b1:94:60:c4:df:6f:ea:4a:54:88:ae:3a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 18 04:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb543b115706f3bf5c944af388a5f8d3378c98f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:95:25:78:97:ae:be:44:09:05:81:91:aa:bb:
2b:bf:e8:45:2d:40:90:48:b2:15:02:46:66:0a:e3:
7e:fe:1f:9a:f8:b5:f1:a9:0b:c8:24:49:6e:f3:24:
fc:7b:b2:5b:8d:b2:50:3b:02:ff:6b:07:fc:6f:d5:
92:c9:ec:0a:ed:b4:e1:52:3a:bf:00:d3:c3:68:a7:
a0:53:30:df:59:17:22:1d:e8:0c:54:f3:39:50:e8:
2e:a8:9c:a0:b3:2a:0b:94:ba:62:fa:fa:77:91:eb:
77:76:90:16:33:c2:c0:f8:fe:a0:be:93:7c:ba:ef:
2a:7c:d7:12:f3:ab:35:7a:84:f8:f2:b7:09:6d:e7:
67:55:ff:16:31:e4:f9:55:36:ea:c6:11:6d:1b:6e:
2f:3c:96:9a:95:91:eb:20:06:e2:20:06:67:10:88:
71:4f:c2:67:05:08:82:37:e1:d9:72:76:9d:78:ea:
14:f8:16:cf:09:4a:fa:27:bf:64:22:b0:b6:17:a6:
4f:18:d6:ed:c0:ec:14:b2:20:70:89:53:84:28:53:
ef:72:59:fc:3b:70:6d:f1:3f:65:3c:d5:4c:71:4b:
d2:12:c4:65:96:61:3f:2f:d5:a0:45:ad:e1:d2:9c:
08:3f:e6:2e:21:0c:55:ed:d9:b3:5c:54:ff:52:99:
cc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:54:3B:11:57:06:F3:BF:5C:94:4A:F3:88:A5:F8:D3:37:8C:98:F3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/y1Q7EVcG879clErziKX40zeMmPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.159.100.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:0d:68:ad:fc:98:ed:31:af:b0:24:19:6c:f7:1f:a7:00:69:
c1:ac:05:9e:d7:ee:de:7c:0c:ab:f7:a8:39:e3:61:4d:b5:3e:
19:26:c3:33:ed:63:dd:2e:cf:9f:e1:bc:80:95:79:7d:37:88:
05:93:de:c2:7c:a7:0c:51:03:e2:28:3c:5a:df:d5:40:31:7c:
fd:45:e9:04:a1:1a:42:d0:c0:bb:cc:c6:16:df:ed:74:11:f4:
0f:68:03:f4:90:ee:f0:d5:51:c3:50:99:d2:23:bb:9e:6a:07:
88:fd:5f:f0:61:3c:65:9f:68:e3:cf:6a:b0:bd:11:47:86:14:
3b:23:1e:78:77:6e:1b:3c:8e:22:2e:63:b4:5c:5a:6d:63:88:
69:d5:c8:5b:9c:f6:d3:0f:4f:5c:48:de:62:14:a7:e1:79:a0:
63:38:95:78:36:aa:cc:7b:6b:6b:e6:ef:50:e7:67:40:b3:f8:
d8:2f:01:29:d0:92:ea:6f:2a:57:0b:98:e0:49:ce:68:99:13:
d1:29:1e:62:89:22:9f:c3:66:e1:17:c6:f3:de:de:26:03:dd:
47:e0:5c:19:29:b5:d0:0e:f0:5b:74:d2:89:ff:8b:de:9d:5f:
b8:ad:79:ec:ee:c2:03:e2:7e:94:16:0c:22:61:a8:62:33:b1:
96:33:f8:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgtJYixlGDE32/qSlSIrjqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTE4MDQzNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjU0M2IxMTU3MDZmM2JmNWM5NDRhZjM4OGE1ZjhkMzM3OGM5OGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZUleJeuvkQJBYGRqrsrv+hFLUCQ
SLIVAkZmCuN+/h+a+LXxqQvIJElu8yT8e7JbjbJQOwL/awf8b9WSyewK7bThUjq/
ANPDaKegUzDfWRciHegMVPM5UOguqJygsyoLlLpi+vp3ket3dpAWM8LA+P6gvpN8
uu8qfNcS86s1eoT48rcJbednVf8WMeT5VTbqxhFtG24vPJaalZHrIAbiIAZnEIhx
T8JnBQiCN+HZcnadeOoU+BbPCUr6J79kIrC2F6ZPGNbtwOwUsiBwiVOEKFPvcln8
O3Bt8T9lPNVMcUvSEsRllmE/L9WgRa3h0pwIP+YuIQxV7dmzXFT/UpnMpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMtUOxFXBvO/XJRK84il+NM3jJjzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveTFRN0VWY0c4NzljbEVyemlLWDQwemVNbVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwJ9kMA0G
CSqGSIb3DQEBCwUAA4IBAQBdDWit/JjtMa+wJBls9x+nAGnBrAWe1+7efAyr96g5
42FNtT4ZJsMz7WPdLs+f4byAlXl9N4gFk97CfKcMUQPiKDxa39VAMXz9RekEoRpC
0MC7zMYW3+10EfQPaAP0kO7w1VHDUJnSI7ueageI/V/wYTxln2jjz2qwvRFHhhQ7
Ix54d24bPI4iLmO0XFptY4hp1chbnPbTD09cSN5iFKfheaBjOJV4NqrMe2tr5u9Q
52dAs/jYLwEp0JLqbypXC5jgSc5omRPRKR5iiSKfw2bhF8bz3t4mA91H4FwZKbXQ
DvBbdNKJ/4venV+4rXns7sID4n6UFgwiYahiM7GWM/gX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org