Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/172c4e-6f5d-475e-9be9-c4073c13ff7c/1/p49PrEG_CJx4EQHDTNppQwSqfgw.roa
File: p49PrEG_CJx4EQHDTNppQwSqfgw.roa (raw, json)
Hash identifier: yDaR+mYbGOpDs1qfxDlSnCUR+qJHGiy0tHxXpWrGf8k=
Subject key identifier: A7:8F:4F:AC:41:BF:08:9C:78:11:01:C3:4C:DA:69:43:04:AA:7E:0C
Certificate issuer: /CN=4f32b9eff9f02c7cabe1995a2db509d8258d35fc
Certificate serial: 0187B48F9598E04C45496390CA35E4FB2CC0
Authority key identifier: 4F:32:B9:EF:F9:F0:2C:7C:AB:E1:99:5A:2D:B5:09:D8:25:8D:35:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzK57_nwLHyr4ZlaLbUJ2CWNNfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/172c4e-6f5d-475e-9be9-c4073c13ff7c/1/p49PrEG_CJx4EQHDTNppQwSqfgw.roa
Signing time: Mon 24 Apr 2023 18:38:41 +0000
ROA not before: Mon 24 Apr 2023 18:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35280
IP address blocks: 132.76.0.0/16 maxlen: 16
132.77.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:8f:95:98:e0:4c:45:49:63:90:ca:35:e4:fb:2c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f32b9eff9f02c7cabe1995a2db509d8258d35fc
Validity
Not Before: Apr 24 18:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a78f4fac41bf089c781101c34cda694304aa7e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:74:3f:52:e6:91:6f:f2:e6:77:74:5f:d3:2a:
33:ae:03:b7:36:e8:ec:8c:8c:ff:f6:f7:9e:72:e7:
71:3e:a5:2d:ac:a7:e8:93:b3:99:a7:b8:ea:ff:ab:
2d:00:a7:9c:40:8b:ce:d6:6a:85:e8:88:cd:fe:50:
15:29:79:75:02:ce:f1:f1:43:c7:d7:85:9c:18:89:
8d:99:13:69:d4:92:8d:6b:d0:21:0f:5a:1e:81:4b:
33:04:20:ae:6b:11:e3:1f:57:ef:24:cc:e5:3e:2d:
a6:e4:49:52:1a:68:ef:63:a0:b4:03:ac:24:b0:4e:
df:03:a2:2d:19:f4:a1:4f:74:6a:0c:bd:20:12:4a:
6f:7c:22:9b:67:50:b1:48:e1:b0:4c:36:52:d6:8b:
6f:12:12:26:41:01:f8:f9:90:b5:69:52:1e:c6:63:
b9:5a:9b:a5:ea:99:3d:60:5a:b5:04:18:89:20:f7:
7c:6e:b2:80:ef:71:d4:53:3a:d2:5d:b2:55:9d:24:
27:1f:9e:35:0e:d1:d3:c2:78:36:67:f0:58:09:12:
0a:06:ff:d1:6c:e6:88:04:36:3c:17:24:86:c9:75:
ac:ea:7d:bc:9a:8d:60:0f:c8:68:b0:b3:3f:c4:28:
9c:08:fc:5f:52:a8:55:53:60:c5:82:87:1e:34:a2:
13:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8F:4F:AC:41:BF:08:9C:78:11:01:C3:4C:DA:69:43:04:AA:7E:0C
X509v3 Authority Key Identifier:
keyid:4F:32:B9:EF:F9:F0:2C:7C:AB:E1:99:5A:2D:B5:09:D8:25:8D:35:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzK57_nwLHyr4ZlaLbUJ2CWNNfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/172c4e-6f5d-475e-9be9-c4073c13ff7c/1/p49PrEG_CJx4EQHDTNppQwSqfgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/172c4e-6f5d-475e-9be9-c4073c13ff7c/1/TzK57_nwLHyr4ZlaLbUJ2CWNNfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.76.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a1:25:a1:68:eb:68:5a:67:18:37:98:fd:65:f8:d7:69:b7:a5:
d8:21:0c:71:20:8d:99:a0:ff:3e:fc:57:61:f8:30:e8:e3:81:
6d:fd:49:83:e8:e2:07:01:b3:b3:ae:fa:d4:02:05:b4:aa:3e:
49:ee:25:97:d1:a6:88:32:c6:d6:5f:89:1d:4b:74:f5:b2:74:
27:69:8f:99:09:a7:74:38:b3:71:47:9b:77:48:58:cc:b7:35:
e5:fa:0f:ba:7b:d1:e0:89:f5:c2:34:38:4a:e5:2e:e1:b8:f7:
68:8b:0e:03:1b:35:45:97:30:b2:df:c6:a4:a2:88:45:cc:0a:
c7:6e:d6:88:bf:dd:31:d2:ce:aa:d0:7c:f7:2f:b2:8e:d2:1d:
ed:94:1b:11:8c:43:aa:bb:b3:bc:7a:4d:e5:4e:9b:ed:d4:14:
f9:28:45:dc:90:b1:3e:49:0f:dc:c1:5d:e9:f0:14:d4:50:e4:
6d:54:ac:25:13:98:3b:be:10:ec:52:58:7a:d1:13:8b:0f:fd:
ae:bf:1b:21:9c:8d:fc:6c:28:62:9e:2b:3c:37:7a:f2:a0:57:
ad:b6:70:a9:d9:e9:b4:07:22:af:44:a1:60:31:34:39:d3:36:
45:8a:86:1f:92:35:6a:cf:74:a7:a3:44:d5:40:6c:10:7a:6c:
e0:db:3d:83
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYe0j5WY4ExFSWOQyjXk+yzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzJiOWVmZjlmMDJjN2NhYmUxOTk1YTJkYjUwOWQ4MjU4
ZDM1ZmMwHhcNMjMwNDI0MTgzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhmNGZhYzQxYmYwODljNzgxMTAxYzM0Y2RhNjk0MzA0YWE3ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3Q/UuaRb/Lmd3Rf0yozrgO3Nujs
jIz/9veecudxPqUtrKfok7OZp7jq/6stAKecQIvO1mqF6IjN/lAVKXl1As7x8UPH
14WcGImNmRNp1JKNa9AhD1oegUszBCCuaxHjH1fvJMzlPi2m5ElSGmjvY6C0A6wk
sE7fA6ItGfShT3RqDL0gEkpvfCKbZ1CxSOGwTDZS1otvEhImQQH4+ZC1aVIexmO5
Wpul6pk9YFq1BBiJIPd8brKA73HUUzrSXbJVnSQnH541DtHTwng2Z/BYCRIKBv/R
bOaIBDY8FySGyXWs6n28mo1gD8hosLM/xCicCPxfUqhVU2DFgoceNKITjQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKePT6xBvwiceBEBw0zaaUMEqn4MMB8GA1UdIwQY
MBaAFE8yue/58Cx8q+GZWi21CdgljTX8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpLNTdfbndMSHlyNFpsYUxiVUoyQ1dOTmZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xNzJjNGUtNmY1ZC00NzVlLTliZTkt
YzQwNzNjMTNmZjdjLzEvcDQ5UHJFR19DSng0RVFIRFROcHBRd1NxZmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xNzJjNGUtNmY1ZC00NzVlLTliZTktYzQwNzNjMTNmZjdj
LzEvVHpLNTdfbndMSHlyNFpsYUxiVUoyQ1dOTmZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEwwDQYJ
KoZIhvcNAQELBQADggEBAKEloWjraFpnGDeY/WX412m3pdghDHEgjZmg/z78V2H4
MOjjgW39SYPo4gcBs7Ou+tQCBbSqPknuJZfRpogyxtZfiR1LdPWydCdpj5kJp3Q4
s3FHm3dIWMy3NeX6D7p70eCJ9cI0OErlLuG492iLDgMbNUWXMLLfxqSiiEXMCsdu
1oi/3THSzqrQfPcvso7SHe2UGxGMQ6q7s7x6TeVOm+3UFPkoRdyQsT5JD9zBXenw
FNRQ5G1UrCUTmDu+EOxSWHrRE4sP/a6/GyGcjfxsKGKeKzw3evKgV622cKnZ6bQH
Iq9EoWAxNDnTNkWKhh+SNWrPdKejRNVAbBB6bODbPYM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:05 2024 by rpki-client on console-ams.rpki-client.org