Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/0gWCNMVEygODh8Gp21OPM9RP8bk.roa
File: 0gWCNMVEygODh8Gp21OPM9RP8bk.roa (raw, json)
Hash identifier: 0cl/rniP2s4Qa8aeD9fLuiL/VcHGdPcqUElUbAtj9Oo=
Subject key identifier: D2:05:82:34:C5:44:CA:03:83:87:C1:A9:DB:53:8F:33:D4:4F:F1:B9
Certificate issuer: /CN=956866562d9f25831ec0ace8a9d8cd0e594d71fc
Certificate serial: 01856FA6F7ABEE52B8BDFB7EA2E6D2E85854
Authority key identifier: 95:68:66:56:2D:9F:25:83:1E:C0:AC:E8:A9:D8:CD:0E:59:4D:71:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWhmVi2fJYMewKzoqdjNDllNcfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/0gWCNMVEygODh8Gp21OPM9RP8bk.roa
Signing time: Sun 01 Jan 2023 23:24:51 +0000
ROA not before: Sun 01 Jan 2023 23:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 164.10.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:f7:ab:ee:52:b8:bd:fb:7e:a2:e6:d2:e8:58:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=956866562d9f25831ec0ace8a9d8cd0e594d71fc
Validity
Not Before: Jan 1 23:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2058234c544ca038387c1a9db538f33d44ff1b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b9:bc:75:9c:6c:61:ac:f8:50:f3:65:35:a0:
dd:be:c4:58:43:53:01:d4:22:0c:47:ea:26:82:ab:
6c:77:c4:32:04:fa:ac:51:c9:2c:39:9b:75:a6:b1:
6e:9c:f9:5e:60:eb:89:9c:2b:e9:8e:84:d9:37:7c:
6f:e6:49:b4:24:be:74:73:73:b9:fe:f8:11:bd:a4:
4b:7e:96:2e:e1:30:dc:bf:0e:99:da:fb:26:36:fc:
9d:e9:bf:ec:9a:8e:a3:e4:f3:34:5c:bb:61:a0:7e:
d5:0b:94:71:9d:95:42:42:f6:38:03:12:3c:91:14:
27:07:4b:50:c3:53:58:8a:e7:37:16:ca:db:8b:c6:
eb:cd:ba:09:58:ab:5a:c4:d7:24:75:92:99:90:5b:
4a:80:3e:7b:11:8d:ed:5b:93:d3:db:c9:0e:f5:c2:
ac:07:37:d3:ce:14:3d:9c:5c:b5:96:ac:f1:13:48:
6c:65:b0:d9:20:1b:ba:f2:df:6e:5a:b1:94:7c:ef:
0e:27:56:94:0a:f0:b6:2a:e3:1f:77:0a:c2:b2:61:
e4:4c:e5:55:10:ec:3f:79:99:4c:2a:84:19:86:49:
8e:70:ad:e9:a5:d6:99:d4:51:83:c8:05:4b:c4:2a:
5b:cc:64:f1:17:76:49:0f:e7:96:d1:b4:73:8e:19:
b5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:05:82:34:C5:44:CA:03:83:87:C1:A9:DB:53:8F:33:D4:4F:F1:B9
X509v3 Authority Key Identifier:
keyid:95:68:66:56:2D:9F:25:83:1E:C0:AC:E8:A9:D8:CD:0E:59:4D:71:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWhmVi2fJYMewKzoqdjNDllNcfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/0gWCNMVEygODh8Gp21OPM9RP8bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/lWhmVi2fJYMewKzoqdjNDllNcfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.10.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:08:b6:27:60:bf:bc:98:a6:8f:d3:ba:f3:67:37:96:fc:b6:
a3:75:c2:2e:84:7a:cb:88:0f:d0:e7:75:56:ac:88:d6:bf:6b:
7a:83:0a:aa:45:76:80:20:3f:e5:d2:0e:c8:ed:0a:92:fc:93:
05:32:70:b2:58:31:71:ba:fe:49:0f:16:ca:93:38:22:ea:39:
0c:74:a2:e7:17:59:d8:c6:b0:bb:d9:8b:42:49:96:39:c1:79:
9f:3d:d8:78:dc:99:5b:68:5b:06:77:8f:68:79:b8:ae:f5:65:
d6:ba:ba:2f:d2:66:93:89:68:45:57:2e:75:f8:e5:18:bb:37:
77:0d:bf:5e:6f:8c:3e:e1:b5:bb:22:8e:c5:83:d8:a4:00:ce:
44:f2:f2:bc:35:55:8b:21:de:88:a0:f9:e3:e6:4d:36:cd:ec:
7d:c8:9e:92:ee:b9:9d:3b:03:5c:28:7d:b7:c4:b3:86:f2:ab:
2a:1b:31:78:b0:f5:a2:92:e9:37:b2:3f:f5:4c:d9:0a:24:6b:
4b:23:df:60:59:31:00:b8:1e:c5:4a:b8:c6:cf:56:62:2c:bc:
4e:ed:2d:ee:55:01:4e:f6:c7:e3:5c:ad:70:74:5d:fb:94:3d:
8d:16:73:84:c2:ce:c8:91:a5:15:f8:ec:e1:4b:f6:b9:dd:f6:
84:44:ba:d5
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVvpver7lK4vft+oubS6FhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Njg2NjU2MmQ5ZjI1ODMxZWMwYWNlOGE5ZDhjZDBlNTk0
ZDcxZmMwHhcNMjMwMTAxMjMyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjA1ODIzNGM1NDRjYTAzODM4N2MxYTlkYjUzOGYzM2Q0NGZmMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7m8dZxsYaz4UPNlNaDdvsRYQ1MB
1CIMR+omgqtsd8QyBPqsUcksOZt1prFunPleYOuJnCvpjoTZN3xv5km0JL50c3O5
/vgRvaRLfpYu4TDcvw6Z2vsmNvyd6b/smo6j5PM0XLthoH7VC5RxnZVCQvY4AxI8
kRQnB0tQw1NYiuc3Fsrbi8brzboJWKtaxNckdZKZkFtKgD57EY3tW5PT28kO9cKs
BzfTzhQ9nFy1lqzxE0hsZbDZIBu68t9uWrGUfO8OJ1aUCvC2KuMfdwrCsmHkTOVV
EOw/eZlMKoQZhkmOcK3ppdaZ1FGDyAVLxCpbzGTxF3ZJD+eW0bRzjhm1TwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNIFgjTFRMoDg4fBqdtTjzPUT/G5MB8GA1UdIwQY
MBaAFJVoZlYtnyWDHsCs6KnYzQ5ZTXH8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFdobVZpMmZKWU1ld0t6b3Fkak5EbGxOY2Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jYjJlZTgtODc4Mi00YWY0LThmNmIt
OWQ3Zjg2ZjBkNDc3LzEvMGdXQ05NVkV5Z09EaDhHcDIxT1BNOVJQOGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jYjJlZTgtODc4Mi00YWY0LThmNmItOWQ3Zjg2ZjBkNDc3
LzEvbFdobVZpMmZKWU1ld0t6b3Fkak5EbGxOY2Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMApAowDQYJ
KoZIhvcNAQELBQADggEBAFIItidgv7yYpo/TuvNnN5b8tqN1wi6EesuID9DndVas
iNa/a3qDCqpFdoAgP+XSDsjtCpL8kwUycLJYMXG6/kkPFsqTOCLqOQx0oucXWdjG
sLvZi0JJljnBeZ892HjcmVtoWwZ3j2h5uK71Zda6ui/SZpOJaEVXLnX45Ri7N3cN
v15vjD7htbsijsWD2KQAzkTy8rw1VYsh3oig+ePmTTbN7H3InpLuuZ07A1wofbfE
s4byqyobMXiw9aKS6TeyP/VM2Qoka0sj32BZMQC4HsVKuMbPVmIsvE7tLe5VAU72
x+NcrXB0XfuUPY0Wc4TCzsiRpRX47OFL9rnd9oREutU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:07 2024 by rpki-client on console-fra.rpki-client.org