Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/aACG5s3k31cjFG12oVRVnBKCOO4.roa
File: aACG5s3k31cjFG12oVRVnBKCOO4.roa (raw, json)
Hash identifier: OJJ3uCngFhSXm+3aGqat9x7oM2po2/UpUmcdXqM5zk4=
Subject key identifier: 68:00:86:E6:CD:E4:DF:57:23:14:6D:76:A1:54:55:9C:12:82:38:EE
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0188E2C76066A0E650C103F0721A8F94CBD4
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/aACG5s3k31cjFG12oVRVnBKCOO4.roa
Signing time: Thu 22 Jun 2023 11:04:57 +0000
ROA not before: Thu 22 Jun 2023 11:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48066
IP address blocks: 147.78.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e2:c7:60:66:a0:e6:50:c1:03:f0:72:1a:8f:94:cb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jun 22 11:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=680086e6cde4df5723146d76a154559c128238ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c3:e6:fe:a8:4e:8f:11:d8:c4:66:49:7d:13:
15:7a:b1:f4:1c:02:84:32:40:58:e8:2c:e4:50:ea:
7d:5b:e2:e1:3f:3d:cd:29:e7:df:44:d5:b1:20:4c:
11:59:29:bf:42:76:5c:51:50:dc:4a:16:85:44:81:
ee:ba:c0:0c:47:64:e4:f5:62:87:66:af:14:46:ca:
03:7a:64:94:67:5f:f7:02:79:83:85:e4:c6:47:dd:
c2:57:93:b4:45:62:4b:d8:d0:2c:89:18:96:77:73:
87:8b:90:12:24:0d:2a:74:eb:3c:e4:0a:80:81:76:
94:85:e5:01:d9:9c:6b:0f:89:7c:4c:7a:6d:0a:7b:
44:66:a3:92:40:37:6d:d8:15:fd:84:b7:48:b6:1b:
1e:78:e3:48:51:b1:b2:dc:6c:61:e4:79:b1:62:6b:
82:70:1c:f0:5b:a0:59:c3:fd:a1:f6:bc:0d:15:cc:
15:c8:db:f1:a8:06:bd:bf:29:a0:f4:a7:bf:1c:80:
9e:b5:73:19:bb:ab:18:6b:01:7f:39:9e:db:46:97:
6d:f6:44:e6:c3:a7:af:fd:2c:3d:42:71:a5:7d:32:
e5:e9:6d:73:d8:ae:58:d9:82:45:fa:7f:b3:3b:ef:
08:90:4a:98:a2:dc:42:0b:9e:98:de:6a:64:44:e4:
da:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:00:86:E6:CD:E4:DF:57:23:14:6D:76:A1:54:55:9C:12:82:38:EE
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/aACG5s3k31cjFG12oVRVnBKCOO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.84.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:db:2e:95:73:70:8f:2e:a0:aa:85:48:4b:a2:ac:78:e1:cb:
25:87:38:33:c4:d8:73:01:fd:c6:2a:3a:69:82:b8:4d:77:ac:
dc:d0:e7:87:96:65:54:44:d3:df:aa:fa:29:8c:a8:76:93:ab:
06:f3:6a:18:74:79:db:68:11:a0:ce:ba:68:4a:14:b8:8a:d4:
f1:6d:de:f4:dd:23:88:69:50:b1:09:ee:f3:fe:a3:04:1d:01:
5c:3b:9f:ca:ae:5c:2f:12:2b:29:e7:69:d9:e1:de:e3:24:df:
96:1e:4a:ab:f1:02:b4:66:90:00:af:3e:00:b7:da:9b:7c:d5:
04:3c:26:ef:d8:d8:ed:3c:4f:dd:24:49:db:a3:7e:2c:e2:3c:
f2:b2:ff:d6:db:35:c1:3c:13:88:49:32:a3:62:2f:b4:fa:22:
dd:e2:cf:12:74:a4:6a:08:e2:dc:8a:74:27:9d:07:25:29:51:
76:74:c7:21:49:46:11:9e:63:e3:5c:79:9c:b6:63:fe:4f:db:
18:e4:3a:bd:30:b3:58:47:6c:78:1f:c2:49:38:fc:fb:ef:dc:
7a:af:e6:6d:2c:8d:d3:ec:6f:d0:f3:e0:02:28:ba:1a:f8:8c:
4e:8d:92:f0:35:f4:63:0f:92:42:6a:8f:48:6f:53:43:be:4d:
2a:08:c6:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjix2BmoOZQwQPwchqPlMvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwNjIyMTEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODAwODZlNmNkZTRkZjU3MjMxNDZkNzZhMTU0NTU5YzEyODIzOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMPm/qhOjxHYxGZJfRMVerH0HAKE
MkBY6CzkUOp9W+LhPz3NKeffRNWxIEwRWSm/QnZcUVDcShaFRIHuusAMR2Tk9WKH
Zq8URsoDemSUZ1/3AnmDheTGR93CV5O0RWJL2NAsiRiWd3OHi5ASJA0qdOs85AqA
gXaUheUB2ZxrD4l8THptCntEZqOSQDdt2BX9hLdIthseeONIUbGy3Gxh5HmxYmuC
cBzwW6BZw/2h9rwNFcwVyNvxqAa9vymg9Ke/HICetXMZu6sYawF/OZ7bRpdt9kTm
w6ev/Sw9QnGlfTLl6W1z2K5Y2YJF+n+zO+8IkEqYotxCC56Y3mpkROTasQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgAhubN5N9XIxRtdqFUVZwSgjjuMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvYUFDRzVzM2szMWNqRkcxMm9WUlZuQktDT080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk05UMA0G
CSqGSIb3DQEBCwUAA4IBAQBu2y6Vc3CPLqCqhUhLoqx44cslhzgzxNhzAf3GKjpp
grhNd6zc0OeHlmVURNPfqvopjKh2k6sG82oYdHnbaBGgzrpoShS4itTxbd703SOI
aVCxCe7z/qMEHQFcO5/KrlwvEisp52nZ4d7jJN+WHkqr8QK0ZpAArz4At9qbfNUE
PCbv2NjtPE/dJEnbo34s4jzysv/W2zXBPBOISTKjYi+0+iLd4s8SdKRqCOLcinQn
nQclKVF2dMchSUYRnmPjXHmctmP+T9sY5Dq9MLNYR2x4H8JJOPz779x6r+ZtLI3T
7G/Q8+ACKLoa+IxOjZLwNfRjD5JCao9Ib1NDvk0qCMb/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org