Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/c9Zx7rhsydPqqSNnJnceyuD9cwM.roa
File: c9Zx7rhsydPqqSNnJnceyuD9cwM.roa (raw, json)
Hash identifier: XyN83ElIMe0d4OGFvkHPvJhNgodvQ6sIKu1zaXDRvjg=
Subject key identifier: 73:D6:71:EE:B8:6C:C9:D3:EA:A9:23:67:26:77:1E:CA:E0:FD:73:03
Certificate issuer: /CN=c7485e29f118c01be86c19e668facfa485de718c
Certificate serial: 01876CEDD1D5084021C2DD6DD6CF8EAD2B9C
Authority key identifier: C7:48:5E:29:F1:18:C0:1B:E8:6C:19:E6:68:FA:CF:A4:85:DE:71:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/c9Zx7rhsydPqqSNnJnceyuD9cwM.roa
Signing time: Mon 10 Apr 2023 20:48:57 +0000
ROA not before: Mon 10 Apr 2023 20:48:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44472
IP address blocks: 185.43.147.0/24 maxlen: 24
86.111.52.0/23 maxlen: 24
2a12:c440::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6c:ed:d1:d5:08:40:21:c2:dd:6d:d6:cf:8e:ad:2b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7485e29f118c01be86c19e668facfa485de718c
Validity
Not Before: Apr 10 20:48:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73d671eeb86cc9d3eaa9236726771ecae0fd7303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a3:84:6f:3b:bf:50:74:cc:6a:36:18:0a:2e:
ac:3a:2e:b8:87:2a:c2:10:d0:3d:76:1d:c3:75:13:
84:2f:54:97:6d:66:cf:08:67:68:f3:71:1a:85:d1:
14:91:bc:ce:ba:33:72:1f:a1:a5:67:97:2d:04:e2:
c7:b2:6d:7d:b1:38:01:a9:84:b0:b9:b1:e8:b6:6a:
81:51:f4:b2:73:28:3d:c5:c3:01:5d:32:b9:25:4f:
5c:7e:5a:7b:5e:17:ad:2f:37:9e:2b:fb:ce:ae:b8:
b3:02:2e:11:e6:68:2f:24:b9:b0:04:e6:de:36:b9:
65:65:b1:ef:52:8d:89:6b:e8:78:de:ee:e4:4f:f2:
26:02:c0:1c:e3:10:5a:0e:35:d2:7f:8f:11:9e:fc:
3e:07:04:20:58:f7:47:8f:76:3a:1f:70:5d:f8:59:
89:33:3f:ec:fc:71:70:55:24:99:a0:32:25:18:f8:
ac:2d:db:c7:e9:04:e2:df:8c:88:3a:18:7f:be:03:
92:dd:8f:2f:04:50:e8:ee:33:98:22:08:aa:37:b8:
5f:77:9e:f8:08:4d:f9:bb:87:55:ba:de:0d:94:69:
bc:4b:32:0d:bf:f7:2d:9d:ea:d5:02:88:1b:b7:63:
18:ac:ef:56:82:60:c1:63:11:63:5d:c3:ec:25:32:
ae:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D6:71:EE:B8:6C:C9:D3:EA:A9:23:67:26:77:1E:CA:E0:FD:73:03
X509v3 Authority Key Identifier:
keyid:C7:48:5E:29:F1:18:C0:1B:E8:6C:19:E6:68:FA:CF:A4:85:DE:71:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/c9Zx7rhsydPqqSNnJnceyuD9cwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.52.0/23
185.43.147.0/24
IPv6:
2a12:c440::/29
Signature Algorithm: sha256WithRSAEncryption
10:27:d9:96:1a:9d:53:aa:88:a2:29:ee:32:0f:fc:b1:5a:f5:
61:fc:ca:18:9e:1c:60:eb:03:0f:40:fd:f5:c0:1d:75:c0:d9:
62:a6:9e:6c:7a:4d:f5:ee:54:f4:a1:0c:78:d4:8d:96:17:dc:
4c:c1:e2:5b:51:04:85:06:81:ce:da:d8:cf:44:5f:6e:c3:5b:
4f:cc:5d:48:77:8f:0d:81:66:72:00:b3:12:5c:8c:73:b5:b7:
00:97:78:6a:8b:b2:ca:b8:16:a8:a1:08:1f:49:bb:39:43:6d:
ba:be:f3:b6:68:b4:41:a9:15:02:84:36:d4:64:b2:51:2a:1e:
94:18:d1:b4:a0:f9:68:45:f9:4c:15:b2:3f:b2:d9:11:20:d3:
56:9c:e9:79:33:95:f6:3b:e1:a7:3b:ac:7c:6b:c7:26:51:34:
5b:15:16:e1:be:00:05:72:5e:ff:36:1d:4b:17:39:d3:fd:cc:
37:b2:1a:06:c3:4f:19:dc:58:bc:49:97:76:9b:7f:ab:23:2f:
71:d9:f8:0f:13:ff:ef:c1:78:2e:b8:96:44:bc:57:ae:08:68:
e4:3c:b3:42:24:66:aa:8f:a5:bd:f3:fb:8b:58:9f:57:a1:98:
d7:69:f7:72:4d:dd:9b:05:b8:4d:a6:a5:7e:51:06:05:14:77:
f3:6b:a5:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYds7dHVCEAhwt1t1s+OrSucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NDg1ZTI5ZjExOGMwMWJlODZjMTllNjY4ZmFjZmE0ODVk
ZTcxOGMwHhcNMjMwNDEwMjA0ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Q2NzFlZWI4NmNjOWQzZWFhOTIzNjcyNjc3MWVjYWUwZmQ3MzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06OEbzu/UHTMajYYCi6sOi64hyrC
ENA9dh3DdROEL1SXbWbPCGdo83EahdEUkbzOujNyH6GlZ5ctBOLHsm19sTgBqYSw
ubHotmqBUfSycyg9xcMBXTK5JU9cflp7XhetLzeeK/vOrrizAi4R5mgvJLmwBObe
NrllZbHvUo2Ja+h43u7kT/ImAsAc4xBaDjXSf48Rnvw+BwQgWPdHj3Y6H3Bd+FmJ
Mz/s/HFwVSSZoDIlGPisLdvH6QTi34yIOhh/vgOS3Y8vBFDo7jOYIgiqN7hfd574
CE35u4dVut4NlGm8SzINv/ctnerVAogbt2MYrO9WgmDBYxFjXcPsJTKutQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHPWce64bMnT6qkjZyZ3Hsrg/XMDMB8GA1UdIwQY
MBaAFMdIXinxGMAb6GwZ5mj6z6SF3nGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81MzkxNzEtNTc0Yi00NDUxLWI2ZDQt
NTdmOWJjNmE1YzMwLzEvYzlaeDdyaHN5ZFBxcVNObkpuY2V5dUQ5Y3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81MzkxNzEtNTc0Yi00NDUxLWI2ZDQtNTdmOWJjNmE1YzMw
LzEveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBVm80AwQA
uSuTMA0EAgACMAcDBQMqEsRAMA0GCSqGSIb3DQEBCwUAA4IBAQAQJ9mWGp1Tqoii
Ke4yD/yxWvVh/MoYnhxg6wMPQP31wB11wNlipp5sek317lT0oQx41I2WF9xMweJb
UQSFBoHO2tjPRF9uw1tPzF1Id48NgWZyALMSXIxztbcAl3hqi7LKuBaooQgfSbs5
Q226vvO2aLRBqRUChDbUZLJRKh6UGNG0oPloRflMFbI/stkRINNWnOl5M5X2O+Gn
O6x8a8cmUTRbFRbhvgAFcl7/Nh1LFznT/cw3shoGw08Z3Fi8SZd2m3+rIy9x2fgP
E//vwXguuJZEvFeuCGjkPLNCJGaqj6W98/uLWJ9XoZjXafdyTd2bBbhNpqV+UQYF
FHfza6WC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:58 2024 by rpki-client on console-ams.rpki-client.org