Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/tYr47OESsNA3SFhYFvGQ_T5PG_g.roa
File: tYr47OESsNA3SFhYFvGQ_T5PG_g.roa (raw, json)
Hash identifier: e82XMyooaQDPKRIghOS7zUe9/PFpc4Qc/VMynSEYQxw=
Subject key identifier: B5:8A:F8:EC:E1:12:B0:D0:37:48:58:58:16:F1:90:FD:3E:4F:1B:F8
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 018CC7935A0F24D3557344DBA3CBA7B6B066
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/tYr47OESsNA3SFhYFvGQ_T5PG_g.roa
Signing time: Tue 02 Jan 2024 00:29:32 +0000
ROA not before: Tue 02 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9087
IP address blocks: 37.143.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Aug 2024 20:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:5a:0f:24:d3:55:73:44:db:a3:cb:a7:b6:b0:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Jan 2 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b58af8ece112b0d03748585816f190fd3e4f1bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:67:c8:22:11:1e:46:33:a0:2c:cb:1f:b0:d4:
86:3b:89:60:ec:91:85:d5:fe:9a:15:52:75:ee:56:
ce:0c:b7:01:a0:da:39:67:43:9c:ab:28:f2:91:cc:
2d:7f:ec:61:fb:84:04:16:8d:04:37:9b:97:d0:0d:
00:67:8b:e6:7e:55:f4:90:b6:46:57:fb:3e:2c:2b:
42:e4:89:54:2b:4f:49:35:d6:c1:b0:f6:14:1c:28:
23:fd:65:a8:1b:90:ab:31:8a:a4:2b:47:55:1f:9b:
8c:38:70:86:29:40:4f:56:e6:ec:d6:06:45:be:6b:
8a:51:8a:4a:2d:5c:f0:4e:66:89:cc:0e:ac:90:75:
3f:b9:e2:e2:53:da:ab:c8:19:af:65:b7:ef:02:b7:
cd:e7:a4:cb:48:85:2a:03:04:ec:a0:62:b0:56:de:
4f:73:8a:6a:03:60:72:da:40:bf:cf:98:a0:6d:2a:
cd:d7:aa:d4:de:de:aa:ae:07:d5:e4:f2:ef:ca:f2:
f7:6e:16:55:e5:58:8e:30:3a:c0:43:93:21:4f:07:
87:1d:a9:df:5d:29:9f:84:46:f6:c4:88:24:b8:c1:
eb:1f:2d:4f:c0:4c:e4:4e:1c:2d:17:ab:17:2c:d0:
fd:20:02:0d:2b:30:eb:c3:4c:be:da:25:66:f5:be:
24:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8A:F8:EC:E1:12:B0:D0:37:48:58:58:16:F1:90:FD:3E:4F:1B:F8
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/tYr47OESsNA3SFhYFvGQ_T5PG_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.4.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:fa:f2:43:3e:5a:f3:3f:aa:1e:31:8e:7f:a4:4b:e9:69:b8:
80:55:62:68:52:c0:3b:96:cb:c7:bf:d3:b2:4f:29:4f:f7:c3:
5b:6f:45:0b:67:4f:a8:b7:77:9c:12:b9:dd:dc:d5:77:28:68:
0c:9f:0d:fb:cb:0f:8d:da:72:81:1d:bd:ce:ac:d6:b7:4e:59:
7c:9a:4c:ea:37:30:2b:03:37:02:44:42:c6:95:20:82:1d:da:
14:08:88:3d:7e:84:c6:a1:3d:05:c0:01:22:aa:6f:c5:5e:f9:
29:a5:7e:54:d8:7c:64:47:57:f3:1f:3d:4f:b3:21:b2:97:ae:
a7:40:68:d4:a4:23:bc:89:88:8c:17:7c:b4:18:bf:99:41:84:
d8:e3:cb:1d:6b:37:fa:b6:71:13:f6:b3:fc:36:23:16:b9:0d:
18:90:f0:0b:73:0f:7c:4d:39:a7:71:59:8c:c9:3f:8b:e1:ed:
2a:d8:c4:76:a0:a8:3b:3b:71:06:b7:ff:99:7d:35:ad:ce:56:
9c:82:0e:63:0e:d9:f7:8b:cd:5f:f2:35:62:7c:6d:49:3c:5d:
93:0a:2c:7f:58:de:f8:05:9f:00:26:70:fd:67:f1:f4:9b:53:
08:4f:c2:c3:e7:66:44:64:46:d2:49:ca:98:7b:14:10:3c:62:
c6:a0:45:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk1oPJNNVc0Tbo8untrBmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjQwMTAyMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNThhZjhlY2UxMTJiMGQwMzc0ODU4NTgxNmYxOTBmZDNlNGYxYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGfIIhEeRjOgLMsfsNSGO4lg7JGF
1f6aFVJ17lbODLcBoNo5Z0Ocqyjykcwtf+xh+4QEFo0EN5uX0A0AZ4vmflX0kLZG
V/s+LCtC5IlUK09JNdbBsPYUHCgj/WWoG5CrMYqkK0dVH5uMOHCGKUBPVubs1gZF
vmuKUYpKLVzwTmaJzA6skHU/ueLiU9qryBmvZbfvArfN56TLSIUqAwTsoGKwVt5P
c4pqA2By2kC/z5igbSrN16rU3t6qrgfV5PLvyvL3bhZV5ViOMDrAQ5MhTweHHanf
XSmfhEb2xIgkuMHrHy1PwEzkThwtF6sXLND9IAINKzDrw0y+2iVm9b4khQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWK+OzhErDQN0hYWBbxkP0+Txv4MB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvdFlyNDdPRVNzTkEzU0ZoWUZ2R1FfVDVQR19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJY8EMA0G
CSqGSIb3DQEBCwUAA4IBAQDL+vJDPlrzP6oeMY5/pEvpabiAVWJoUsA7lsvHv9Oy
TylP98Nbb0ULZ0+ot3ecErnd3NV3KGgMnw37yw+N2nKBHb3OrNa3Tll8mkzqNzAr
AzcCRELGlSCCHdoUCIg9foTGoT0FwAEiqm/FXvkppX5U2HxkR1fzHz1PsyGyl66n
QGjUpCO8iYiMF3y0GL+ZQYTY48sdazf6tnET9rP8NiMWuQ0YkPALcw98TTmncVmM
yT+L4e0q2MR2oKg7O3EGt/+ZfTWtzlacgg5jDtn3i81f8jVifG1JPF2TCix/WN74
BZ8AJnD9Z/H0m1MIT8LD52ZEZEbSScqYexQQPGLGoEWh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:01 2025 by rpki-client