Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/pu9U0BF6rptEo4ye_wi-nK9adA0.roa
File: pu9U0BF6rptEo4ye_wi-nK9adA0.roa (raw, json)
Hash identifier: qPda94N9fqAoiRRb6i0/Qq+nxUf3xU1wL9v3c1/HqDM=
Subject key identifier: A6:EF:54:D0:11:7A:AE:9B:44:A3:8C:9E:FF:08:BE:9C:AF:5A:74:0D
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 01856B810A1A906DF7ABFFA82545CB151B14
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/pu9U0BF6rptEo4ye_wi-nK9adA0.roa
Signing time: Sun 01 Jan 2023 04:04:56 +0000
ROA not before: Sun 01 Jan 2023 04:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62651
IP address blocks: 176.67.82.0/24 maxlen: 24
176.67.84.0/24 maxlen: 24
176.67.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:0a:1a:90:6d:f7:ab:ff:a8:25:45:cb:15:1b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Jan 1 04:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6ef54d0117aae9b44a38c9eff08be9caf5a740d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d9:7b:c8:a3:08:04:34:f7:fa:b7:51:17:99:
4a:2b:c2:06:ea:aa:df:45:0e:71:64:d6:4d:55:b6:
6e:8b:2c:e4:90:4b:0e:0e:cb:75:7d:e9:e4:ce:d5:
6e:ff:62:dc:c7:5a:1b:ab:6a:8a:cd:95:e3:c4:aa:
70:f3:82:ea:ac:35:0e:39:a3:49:0c:13:66:bf:cc:
d0:cd:83:5c:cd:25:c3:70:ad:8a:f5:b0:09:4b:38:
85:e8:09:30:5b:49:21:ae:46:da:b6:18:6a:65:a2:
5e:8f:cf:1e:3b:bc:cc:13:44:f4:c2:1b:0d:b1:50:
19:7c:48:cf:3f:44:af:ad:c1:99:89:7e:a5:79:8b:
36:c5:5f:f5:91:53:55:25:02:fe:17:24:76:1d:8d:
2f:0f:41:e3:bc:15:31:31:62:0f:d8:fd:e3:ae:7a:
c6:e0:1a:81:db:47:f0:43:58:ff:20:e3:cb:6c:49:
bf:a9:83:08:5b:0c:d8:57:48:0b:d2:09:16:87:42:
1d:36:01:04:a1:da:86:4b:a2:a7:d6:3a:3c:7f:bb:
0c:0b:6f:b8:74:17:5f:a2:cc:8b:86:67:d7:55:4e:
05:ec:2b:03:43:3c:db:9d:99:4f:82:2f:fe:57:8d:
a1:85:40:c8:31:80:99:d3:89:2e:7c:dd:8d:0d:9c:
14:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:EF:54:D0:11:7A:AE:9B:44:A3:8C:9E:FF:08:BE:9C:AF:5A:74:0D
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/pu9U0BF6rptEo4ye_wi-nK9adA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.82.0/24
176.67.84.0/24
176.67.87.0/24
Signature Algorithm: sha256WithRSAEncryption
48:dc:66:9c:24:d4:3c:a9:1b:26:14:5a:8f:ce:2e:b3:cd:b4:
4e:c3:11:ae:d8:64:72:a0:0f:50:8a:27:7b:32:bb:73:97:02:
c3:68:83:e8:b4:56:8c:a8:c6:8e:a2:7e:a1:ac:54:b0:57:0f:
8c:96:25:90:e2:7b:3c:c4:8f:a1:b1:c5:a1:67:6f:af:f7:d4:
69:6b:7d:60:97:a7:70:14:2b:f2:78:4c:bf:ad:67:c9:8e:2e:
a8:e8:2f:ca:38:79:df:3d:83:09:bb:d3:94:24:21:ba:3b:2d:
2e:1b:e8:53:80:d5:46:2b:39:d9:e0:fd:fb:ac:d6:5d:6a:c2:
f6:a7:3b:2f:d8:fa:95:4f:1a:5c:9d:8f:d5:84:de:11:8f:62:
8e:6e:91:e7:db:4d:ee:c0:fc:f1:de:39:d3:79:a4:02:21:c6:
2b:4c:78:0b:b4:0f:8a:dd:75:7d:7b:7c:25:9d:4d:8e:ae:3e:
35:c9:45:a0:15:a8:2c:a5:a0:db:85:6a:29:7a:ac:3e:da:e8:
11:27:4e:b3:1d:89:da:4a:86:8b:d0:ae:ed:f6:94:f9:23:ca:
45:87:e5:5c:ac:0d:47:7d:73:8d:b7:2c:cb:3a:47:b4:10:38:
a3:6c:33:47:37:43:c9:e9:e7:e8:df:30:20:6d:d5:6e:90:1f:
3f:06:f8:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrgQoakG33q/+oJUXLFRsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjMwMTAxMDQwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVmNTRkMDExN2FhZTliNDRhMzhjOWVmZjA4YmU5Y2FmNWE3NDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNl7yKMIBDT3+rdRF5lKK8IG6qrf
RQ5xZNZNVbZuiyzkkEsODst1fenkztVu/2Lcx1obq2qKzZXjxKpw84LqrDUOOaNJ
DBNmv8zQzYNczSXDcK2K9bAJSziF6AkwW0khrkbathhqZaJej88eO7zME0T0whsN
sVAZfEjPP0SvrcGZiX6leYs2xV/1kVNVJQL+FyR2HY0vD0HjvBUxMWIP2P3jrnrG
4BqB20fwQ1j/IOPLbEm/qYMIWwzYV0gL0gkWh0IdNgEEodqGS6Kn1jo8f7sMC2+4
dBdfosyLhmfXVU4F7CsDQzzbnZlPgi/+V42hhUDIMYCZ04kufN2NDZwUhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKbvVNAReq6bRKOMnv8IvpyvWnQNMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvcHU5VTBCRjZycHRFbzR5ZV93aS1uSzlhZEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsENSAwQA
sENUAwQAsENXMA0GCSqGSIb3DQEBCwUAA4IBAQBI3GacJNQ8qRsmFFqPzi6zzbRO
wxGu2GRyoA9Qiid7MrtzlwLDaIPotFaMqMaOon6hrFSwVw+MliWQ4ns8xI+hscWh
Z2+v99Rpa31gl6dwFCvyeEy/rWfJji6o6C/KOHnfPYMJu9OUJCG6Oy0uG+hTgNVG
KznZ4P37rNZdasL2pzsv2PqVTxpcnY/VhN4Rj2KObpHn203uwPzx3jnTeaQCIcYr
THgLtA+K3XV9e3wlnU2Orj41yUWgFagspaDbhWopeqw+2ugRJ06zHYnaSoaL0K7t
9pT5I8pFh+VcrA1HfXONtyzLOke0EDijbDNHN0PJ6efo3zAgbdVukB8/Bvhk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:13 2024 by rpki-client on console-fra.rpki-client.org