Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/R9whK6qi00lVAnKxkucN11mF7J0.roa
File: R9whK6qi00lVAnKxkucN11mF7J0.roa (raw, json)
Hash identifier: wtmrIVi5DRvHLajrhIihkjHo6jTIzi78FYOu/z7gDtA=
Subject key identifier: 47:DC:21:2B:AA:A2:D3:49:55:02:72:B1:92:E7:0D:D7:59:85:EC:9D
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018570F0AAF5449EFBDB8A018BB541534675
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/R9whK6qi00lVAnKxkucN11mF7J0.roa
Signing time: Mon 02 Jan 2023 05:24:58 +0000
ROA not before: Mon 02 Jan 2023 05:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 88.214.52.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:aa:f5:44:9e:fb:db:8a:01:8b:b5:41:53:46:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 2 05:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47dc212baaa2d349550272b192e70dd75985ec9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:03:08:6c:bf:de:d9:82:7b:66:5f:f5:9c:43:
54:f7:f5:9a:34:ff:bb:c2:d6:27:69:24:bf:96:b4:
42:8f:c5:5f:6f:79:42:5f:1e:80:8f:d2:65:0a:0b:
92:79:00:c0:17:af:05:8b:08:88:9f:67:15:4e:0c:
a9:1e:6b:79:e2:e9:85:65:a8:68:00:76:e6:7a:9a:
04:16:18:a5:39:a8:2d:e0:e3:04:1b:c3:6c:ca:9d:
6c:ff:e4:9b:03:9b:a4:62:94:0b:5b:c4:b0:5c:56:
a1:31:2a:07:6b:cf:6d:e6:b4:c9:ec:2e:ab:b0:5e:
f9:52:a2:b5:ea:e3:ec:bf:1b:e9:25:d1:a5:cc:38:
2d:8a:55:e9:a8:13:50:eb:f0:6c:7b:00:4c:c3:4b:
62:57:1b:6a:20:17:02:f6:a1:0d:68:d6:4e:d2:e7:
8b:f3:93:b9:c8:f3:8a:76:e6:83:d0:10:0f:43:8d:
0c:1a:4b:5f:16:2f:5f:d9:dd:5d:53:1a:a7:43:22:
2a:de:10:04:85:63:56:eb:c8:80:8d:23:52:f1:31:
2a:72:39:55:d0:bb:0f:e5:28:cb:3a:81:03:a3:8f:
8c:2a:51:35:01:21:4a:48:75:6b:bb:90:b6:89:85:
85:60:e2:14:78:56:a1:82:10:6d:7a:14:c2:d5:b8:
5c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:DC:21:2B:AA:A2:D3:49:55:02:72:B1:92:E7:0D:D7:59:85:EC:9D
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/R9whK6qi00lVAnKxkucN11mF7J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.52.0/22
Signature Algorithm: sha256WithRSAEncryption
22:20:dc:df:99:82:7c:4a:4c:90:c0:4d:43:e8:c7:a0:74:67:
66:c3:9d:c7:23:0b:aa:5c:68:b3:79:bf:17:53:c2:0e:e9:6e:
7d:4c:6f:95:2d:1d:b4:2e:2d:1c:14:4e:6c:c2:06:aa:79:fc:
92:a6:d4:ce:d0:85:42:4c:e6:a7:55:00:44:9e:42:52:cc:a8:
91:4f:c4:61:bc:7b:24:47:a7:74:6e:40:32:51:dd:64:6e:ab:
78:c1:63:8c:28:80:e1:68:16:33:b0:80:e9:c8:c9:13:c7:53:
9b:14:74:e8:dd:d6:85:c5:db:13:ff:6b:93:de:9d:28:e5:7e:
04:47:14:5b:58:8d:b4:83:d3:4e:bc:54:44:51:42:6d:96:36:
b3:75:da:cf:c4:a4:24:78:2f:5a:82:32:50:14:64:4c:3b:85:
3d:13:22:36:1e:78:58:25:12:c1:67:6b:e2:20:c1:39:db:5c:
17:fb:74:a8:79:b6:20:e2:e1:41:0c:41:a1:35:1e:6f:5f:b3:
78:9f:db:e3:44:dc:9f:36:ee:c0:f4:02:2e:73:b9:eb:f8:65:
d2:90:12:98:74:38:1e:61:74:30:64:5b:f0:eb:2e:2e:c1:4c:
7e:46:e8:ba:ff:7e:c1:1e:55:1f:c9:81:b1:92:48:81:4e:ea:
61:58:f3:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8Kr1RJ7724oBi7VBU0Z1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjMwMTAyMDUyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2RjMjEyYmFhYTJkMzQ5NTUwMjcyYjE5MmU3MGRkNzU5ODVlYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgMIbL/e2YJ7Zl/1nENU9/WaNP+7
wtYnaSS/lrRCj8Vfb3lCXx6Aj9JlCguSeQDAF68FiwiIn2cVTgypHmt54umFZaho
AHbmepoEFhilOagt4OMEG8Nsyp1s/+SbA5ukYpQLW8SwXFahMSoHa89t5rTJ7C6r
sF75UqK16uPsvxvpJdGlzDgtilXpqBNQ6/BsewBMw0tiVxtqIBcC9qENaNZO0ueL
85O5yPOKduaD0BAPQ40MGktfFi9f2d1dUxqnQyIq3hAEhWNW68iAjSNS8TEqcjlV
0LsP5SjLOoEDo4+MKlE1ASFKSHVru5C2iYWFYOIUeFahghBtehTC1bhcVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfcISuqotNJVQJysZLnDddZheydMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvUjl3aEs2cWkwMGxWQW5LeGt1Y04xMW1GN0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNY0MA0G
CSqGSIb3DQEBCwUAA4IBAQAiINzfmYJ8SkyQwE1D6MegdGdmw53HIwuqXGizeb8X
U8IO6W59TG+VLR20Li0cFE5swgaqefySptTO0IVCTOanVQBEnkJSzKiRT8RhvHsk
R6d0bkAyUd1kbqt4wWOMKIDhaBYzsIDpyMkTx1ObFHTo3daFxdsT/2uT3p0o5X4E
RxRbWI20g9NOvFREUUJtljazddrPxKQkeC9agjJQFGRMO4U9EyI2HnhYJRLBZ2vi
IME521wX+3SoebYg4uFBDEGhNR5vX7N4n9vjRNyfNu7A9AIuc7nr+GXSkBKYdDge
YXQwZFvw6y4uwUx+Rui6/37BHlUfyYGxkkiBTuphWPNO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:44 2023 by rpki-client on console-ams.rpki-client.org