Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/I0C_it0oigP9KrfCk-X9dsyAvIs.roa
File: I0C_it0oigP9KrfCk-X9dsyAvIs.roa (raw, json)
Hash identifier: dhE+jrLTScr+ePGgnjTWEuWjC+9L96PXh55KnR+zdXQ=
Subject key identifier: 23:40:BF:8A:DD:28:8A:03:FD:2A:B7:C2:93:E5:FD:76:CC:80:BC:8B
Certificate issuer: /CN=1954e32570bbfb9af11c2381e81c797c2f40087c
Certificate serial: 01856CAF38420A33D8982B77D66F0EB259D5
Authority key identifier: 19:54:E3:25:70:BB:FB:9A:F1:1C:23:81:E8:1C:79:7C:2F:40:08:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/I0C_it0oigP9KrfCk-X9dsyAvIs.roa
Signing time: Sun 01 Jan 2023 09:35:00 +0000
ROA not before: Sun 01 Jan 2023 09:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 144.2.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:38:42:0a:33:d8:98:2b:77:d6:6f:0e:b2:59:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1954e32570bbfb9af11c2381e81c797c2f40087c
Validity
Not Before: Jan 1 09:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2340bf8add288a03fd2ab7c293e5fd76cc80bc8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4d:35:37:ec:f0:7b:14:e7:00:e5:9d:95:69:
bf:f6:2b:cd:73:97:d3:f5:55:6f:58:e2:2d:fe:65:
bf:a8:ab:20:7f:15:e7:26:83:fc:43:d7:e2:51:e4:
3c:13:f7:05:e3:38:0f:5e:22:4b:7d:2e:d2:63:41:
64:e5:a3:e2:76:73:20:d9:26:c1:b0:c8:84:02:5c:
9a:b5:3d:c9:5e:b6:b4:da:56:93:7d:49:de:0b:4a:
96:cd:87:60:44:0b:1d:91:06:4b:69:4e:14:83:9e:
25:5a:c3:03:bd:9b:1f:4e:f3:5a:51:cc:70:a1:57:
36:89:0a:84:2f:29:3e:e0:13:8d:1e:fc:11:a3:53:
9a:da:83:78:74:c5:7b:dd:c6:90:ca:13:3a:69:56:
ff:e9:fe:e1:84:0b:ec:ee:e6:6a:77:f3:6e:71:e8:
bf:b0:61:f6:ae:98:6c:60:0a:bd:15:ac:eb:04:7d:
dc:28:69:dd:e6:e8:15:de:00:62:37:d0:4b:ca:a6:
3c:bb:a9:4a:33:b1:d7:67:71:fb:af:be:0b:e2:76:
bc:1d:f2:81:14:15:41:8c:fb:f5:42:96:35:80:53:
9a:ee:42:cf:25:da:c8:fb:70:82:e1:4e:b5:5f:0b:
e2:31:e6:6d:29:57:a6:98:54:2a:1b:83:ab:ca:b9:
9a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:40:BF:8A:DD:28:8A:03:FD:2A:B7:C2:93:E5:FD:76:CC:80:BC:8B
X509v3 Authority Key Identifier:
keyid:19:54:E3:25:70:BB:FB:9A:F1:1C:23:81:E8:1C:79:7C:2F:40:08:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/I0C_it0oigP9KrfCk-X9dsyAvIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.170.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:e6:7a:71:5e:3a:c2:98:9d:f4:e1:bb:b1:9e:42:06:68:c9:
5c:6e:32:ba:63:b7:08:18:6f:a0:65:4d:5e:b6:2c:eb:02:35:
91:86:b4:0d:cc:57:01:e7:5c:2f:57:b2:5d:4f:cf:3f:99:f7:
6e:f5:fe:6c:9f:1d:0c:eb:9b:38:70:71:dc:f9:81:e9:9c:0f:
c5:ea:b7:de:54:2c:b0:c3:89:76:ef:18:03:88:f5:3c:ec:0e:
01:56:b9:87:51:cf:7c:8b:5b:f5:2e:64:1b:a9:07:66:e7:9b:
43:3b:07:d4:f2:06:f8:a7:94:f3:35:80:3f:54:c7:cd:7a:44:
fc:fe:9e:0f:d2:84:70:f5:d7:00:02:81:83:c3:d5:14:ab:ba:
8c:54:41:ea:5c:86:9b:e1:2e:2d:e9:de:38:e3:48:7a:28:81:
70:e5:17:43:36:e9:09:54:5d:c9:fc:ac:0b:0c:9f:1e:8f:36:
57:40:88:f7:1d:e5:e6:7b:ec:6a:c8:4d:5d:09:80:43:c8:1b:
67:e2:34:2f:ee:6b:0d:da:de:71:91:01:0f:0b:c7:af:28:0f:
d0:75:4a:32:db:65:08:cc:a2:aa:d7:9d:dd:4f:54:3a:0b:d5:
a8:a0:ce:51:42:46:ad:58:95:df:a8:e9:91:bb:b6:65:31:46:
46:62:75:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrzhCCjPYmCt31m8OslnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NTRlMzI1NzBiYmZiOWFmMTFjMjM4MWU4MWM3OTdjMmY0
MDA4N2MwHhcNMjMwMTAxMDkzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQwYmY4YWRkMjg4YTAzZmQyYWI3YzI5M2U1ZmQ3NmNjODBiYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhE01N+zwexTnAOWdlWm/9ivNc5fT
9VVvWOIt/mW/qKsgfxXnJoP8Q9fiUeQ8E/cF4zgPXiJLfS7SY0Fk5aPidnMg2SbB
sMiEAlyatT3JXra02laTfUneC0qWzYdgRAsdkQZLaU4Ug54lWsMDvZsfTvNaUcxw
oVc2iQqELyk+4BONHvwRo1Oa2oN4dMV73caQyhM6aVb/6f7hhAvs7uZqd/Nucei/
sGH2rphsYAq9FazrBH3cKGnd5ugV3gBiN9BLyqY8u6lKM7HXZ3H7r74L4na8HfKB
FBVBjPv1QpY1gFOa7kLPJdrI+3CC4U61XwviMeZtKVemmFQqG4Oryrma4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNAv4rdKIoD/Sq3wpPl/XbMgLyLMB8GA1UdIwQY
MBaAFBlU4yVwu/ua8RwjgegceXwvQAh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1ZUakpYQzctNXJ4SENPQjZCeDVmQzlBQ0h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81YzdjN2QtNGQyZS00ODNjLTg5Y2Qt
MjY4MTZjYTkyY2EwLzEvSTBDX2l0MG9pZ1A5S3JmQ2stWDlkc3lBdklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81YzdjN2QtNGQyZS00ODNjLTg5Y2QtMjY4MTZjYTkyY2Ew
LzEvR1ZUakpYQzctNXJ4SENPQjZCeDVmQzlBQ0h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkAKqMA0G
CSqGSIb3DQEBCwUAA4IBAQBu5npxXjrCmJ304buxnkIGaMlcbjK6Y7cIGG+gZU1e
tizrAjWRhrQNzFcB51wvV7JdT88/mfdu9f5snx0M65s4cHHc+YHpnA/F6rfeVCyw
w4l27xgDiPU87A4BVrmHUc98i1v1LmQbqQdm55tDOwfU8gb4p5TzNYA/VMfNekT8
/p4P0oRw9dcAAoGDw9UUq7qMVEHqXIab4S4t6d4440h6KIFw5RdDNukJVF3J/KwL
DJ8ejzZXQIj3HeXme+xqyE1dCYBDyBtn4jQv7msN2t5xkQEPC8evKA/QdUoy22UI
zKKq153dT1Q6C9WooM5RQkatWJXfqOmRu7ZlMUZGYnWW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:55 2024 by rpki-client on console-fra.rpki-client.org