Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/8f573b-dc8d-4876-bca2-3b02c99c733b/1/thpLDaEFF7MOsZna9fIRFAscZIM.roa
File: thpLDaEFF7MOsZna9fIRFAscZIM.roa (raw, json)
Hash identifier: Arzk9jZE1OGb0BelQCytE9MPMx3vElM9ieRACyZQDV8=
Subject key identifier: B6:1A:4B:0D:A1:05:17:B3:0E:B1:99:DA:F5:F2:11:14:0B:1C:64:83
Certificate issuer: /CN=43e045d021d48ae861a0ce67d38d15a067653a31
Certificate serial: 01856CF82CB8727D17DD323F8F5D75549CFA
Authority key identifier: 43:E0:45:D0:21:D4:8A:E8:61:A0:CE:67:D3:8D:15:A0:67:65:3A:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q-BF0CHUiuhhoM5n040VoGdlOjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/8f573b-dc8d-4876-bca2-3b02c99c733b/1/thpLDaEFF7MOsZna9fIRFAscZIM.roa
Signing time: Sun 01 Jan 2023 10:54:41 +0000
ROA not before: Sun 01 Jan 2023 10:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197877
IP address blocks: 91.228.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:2c:b8:72:7d:17:dd:32:3f:8f:5d:75:54:9c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43e045d021d48ae861a0ce67d38d15a067653a31
Validity
Not Before: Jan 1 10:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b61a4b0da10517b30eb199daf5f211140b1c6483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:49:ab:23:74:ff:f4:8c:0d:13:43:96:43:c3:
fb:f2:6e:5e:64:81:eb:be:f6:18:12:34:e9:7f:bf:
bb:8f:b0:bf:4a:a4:e2:46:d3:44:5e:9a:e9:17:e7:
fb:0a:6d:91:4b:c4:ed:68:bc:26:1a:5d:0a:49:71:
0b:cf:cb:88:1e:79:e0:5c:16:78:81:3a:6b:1f:04:
d8:58:b8:1c:3f:05:3a:a2:8c:c4:1e:cd:71:bc:a7:
88:fa:f6:dc:8c:2e:32:a9:2c:1c:48:e8:f7:ad:de:
0a:35:1e:f1:01:e3:0b:75:ea:de:10:c9:87:81:af:
7c:9d:37:7b:d2:bb:a0:e7:6f:00:7b:62:50:4a:60:
af:7c:32:c2:7a:60:36:c3:2e:4e:c7:f3:cf:5e:7d:
5c:54:f2:41:e0:be:6d:1d:e2:3d:d9:f8:1b:bf:26:
27:da:fa:a8:20:07:3a:18:0e:73:9c:2d:91:92:01:
df:8b:9f:b7:e7:ff:1c:f3:05:82:5a:7f:6d:74:96:
2e:d1:14:96:64:f5:b6:8c:c4:7d:37:1f:d6:5a:ab:
98:54:09:74:98:08:87:6c:26:52:3c:98:44:a4:06:
c1:04:c4:87:54:be:46:69:32:9c:25:b7:ae:0c:0f:
70:6c:bd:30:7f:21:a6:8a:c5:cb:9a:6b:06:94:74:
ee:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:1A:4B:0D:A1:05:17:B3:0E:B1:99:DA:F5:F2:11:14:0B:1C:64:83
X509v3 Authority Key Identifier:
keyid:43:E0:45:D0:21:D4:8A:E8:61:A0:CE:67:D3:8D:15:A0:67:65:3A:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-BF0CHUiuhhoM5n040VoGdlOjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8f573b-dc8d-4876-bca2-3b02c99c733b/1/thpLDaEFF7MOsZna9fIRFAscZIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8f573b-dc8d-4876-bca2-3b02c99c733b/1/Q-BF0CHUiuhhoM5n040VoGdlOjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.207.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:fa:68:dd:cd:00:09:fc:0a:5c:93:99:22:9e:ad:87:3a:d1:
be:84:a5:94:45:7d:ed:06:28:c8:2a:fc:48:72:87:ac:6c:34:
1e:b7:5f:cc:11:a5:ba:11:48:c7:9d:6e:11:ec:97:85:26:5a:
de:68:86:09:c1:87:77:31:55:85:59:51:f3:6e:8c:83:00:dc:
cc:9a:57:7d:29:6d:31:a9:92:69:b8:97:1a:7f:e0:82:93:d0:
d1:0f:15:1b:0c:e5:0a:dc:55:12:ba:4c:e4:17:fd:2d:9f:da:
a1:2a:dd:c2:46:19:f3:ff:88:ff:7d:02:e1:22:75:0a:40:96:
70:b7:9b:c8:b6:00:f1:df:41:0a:61:bb:83:3a:ca:eb:c8:7d:
14:49:48:35:8c:de:36:91:80:da:c8:1a:4e:9a:22:40:ef:e2:
5b:e4:ed:d4:7a:07:9c:d5:e9:2f:fb:50:af:b0:8d:a5:e9:bd:
f1:5a:1c:ce:88:b8:69:4e:c6:67:0c:fe:3b:d5:a7:2a:d7:6b:
ec:cf:55:08:ee:44:ab:78:5b:5b:96:da:25:31:75:b6:6e:99:
af:3d:d7:84:24:2d:b0:d5:10:ac:2d:73:7e:a7:b4:09:c6:4a:
16:0a:37:c7:98:89:42:2d:05:4b:d3:1e:42:d0:14:2a:6a:0c:
28:59:b9:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+Cy4cn0X3TI/j111VJz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZTA0NWQwMjFkNDhhZTg2MWEwY2U2N2QzOGQxNWEwNjc2
NTNhMzEwHhcNMjMwMTAxMTA1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjFhNGIwZGExMDUxN2IzMGViMTk5ZGFmNWYyMTExNDBiMWM2NDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUmrI3T/9IwNE0OWQ8P78m5eZIHr
vvYYEjTpf7+7j7C/SqTiRtNEXprpF+f7Cm2RS8TtaLwmGl0KSXELz8uIHnngXBZ4
gTprHwTYWLgcPwU6oozEHs1xvKeI+vbcjC4yqSwcSOj3rd4KNR7xAeMLdereEMmH
ga98nTd70rug528Ae2JQSmCvfDLCemA2wy5Ox/PPXn1cVPJB4L5tHeI92fgbvyYn
2vqoIAc6GA5znC2RkgHfi5+35/8c8wWCWn9tdJYu0RSWZPW2jMR9Nx/WWquYVAl0
mAiHbCZSPJhEpAbBBMSHVL5GaTKcJbeuDA9wbL0wfyGmisXLmmsGlHTu4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYaSw2hBRezDrGZ2vXyERQLHGSDMB8GA1UdIwQY
MBaAFEPgRdAh1IroYaDOZ9ONFaBnZToxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUS1CRjBDSFVpdWhob001bjA0MFZvR2RsT2pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84ZjU3M2ItZGM4ZC00ODc2LWJjYTIt
M2IwMmM5OWM3MzNiLzEvdGhwTERhRUZGN01Pc1puYTlmSVJGQXNjWklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84ZjU3M2ItZGM4ZC00ODc2LWJjYTItM2IwMmM5OWM3MzNi
LzEvUS1CRjBDSFVpdWhob001bjA0MFZvR2RsT2pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+TPMA0G
CSqGSIb3DQEBCwUAA4IBAQBL+mjdzQAJ/Apck5kinq2HOtG+hKWURX3tBijIKvxI
coesbDQet1/MEaW6EUjHnW4R7JeFJlreaIYJwYd3MVWFWVHzboyDANzMmld9KW0x
qZJpuJcaf+CCk9DRDxUbDOUK3FUSukzkF/0tn9qhKt3CRhnz/4j/fQLhInUKQJZw
t5vItgDx30EKYbuDOsrryH0USUg1jN42kYDayBpOmiJA7+Jb5O3Uegec1ekv+1Cv
sI2l6b3xWhzOiLhpTsZnDP471acq12vsz1UI7kSreFtbltolMXW2bpmvPdeEJC2w
1RCsLXN+p7QJxkoWCjfHmIlCLQVL0x5C0BQqagwoWbl2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:31 2024 by rpki-client on console-fra.rpki-client.org