Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/THA8fYCntrbN53_lYEd_QGFVc7U.roa
File: THA8fYCntrbN53_lYEd_QGFVc7U.roa (raw, json)
Hash identifier: OmdCC9RBH5ID7q+IRhD0ZSZY7IXf2NCV/Do0wSoRcec=
Subject key identifier: 4C:70:3C:7D:80:A7:B6:B6:CD:E7:7F:E5:60:47:7F:40:61:55:73:B5
Certificate issuer: /CN=29db7ca4eee1e453d26fab99c8201adf894612be
Certificate serial: 018572CCBF1C5CF1E79312E2A16879FA3998
Authority key identifier: 29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/THA8fYCntrbN53_lYEd_QGFVc7U.roa
Signing time: Mon 02 Jan 2023 14:04:58 +0000
ROA not before: Mon 02 Jan 2023 14:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203
IP address blocks: 37.123.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:bf:1c:5c:f1:e7:93:12:e2:a1:68:79:fa:39:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29db7ca4eee1e453d26fab99c8201adf894612be
Validity
Not Before: Jan 2 14:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c703c7d80a7b6b6cde77fe560477f40615573b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7c:42:68:b4:d0:1f:01:db:ad:e8:e6:7b:97:
90:b2:78:f9:b2:90:e2:eb:be:71:8e:51:40:d4:40:
c2:95:82:67:08:02:37:bb:01:1d:6e:ef:cc:16:4c:
93:0d:9d:8d:10:2a:44:5b:3e:2a:4a:c6:ff:5d:53:
89:63:1d:3e:45:fd:e8:91:b5:d9:c3:5f:bd:df:55:
d4:4c:a5:f6:70:e7:7f:44:ac:0f:f8:6e:5e:14:c2:
aa:bb:43:84:97:7a:de:86:f7:02:09:71:4a:0a:fe:
5d:e9:98:d9:ae:df:9e:ad:9d:0e:97:87:e6:2e:e0:
f1:98:45:43:80:13:ca:bb:32:1f:95:bd:b5:54:bf:
f0:c5:5c:53:7b:b3:58:7b:d3:6e:e1:32:42:2e:0c:
c8:2e:0c:a2:9e:ea:6b:45:18:81:7b:7b:18:d6:69:
f0:51:0e:9f:a7:68:ac:58:0d:c6:3f:fb:ac:9e:8e:
5b:d0:2b:d7:90:9d:3e:87:f8:22:af:d5:69:73:56:
a8:c3:cc:48:eb:0f:a5:23:89:0c:ef:f6:10:f4:5f:
42:a9:b2:e7:f2:b9:5c:ec:fe:91:88:75:da:30:59:
95:64:f0:db:4e:0f:8f:3d:ff:72:17:6d:7a:35:64:
6e:ab:34:81:dc:e5:88:3a:15:66:a6:39:5d:2a:52:
9a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:70:3C:7D:80:A7:B6:B6:CD:E7:7F:E5:60:47:7F:40:61:55:73:B5
X509v3 Authority Key Identifier:
keyid:29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/THA8fYCntrbN53_lYEd_QGFVc7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/Kdt8pO7h5FPSb6uZyCAa34lGEr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.254.0/24
Signature Algorithm: sha256WithRSAEncryption
48:fd:a6:c0:ed:c7:2c:2b:54:8c:a2:5e:14:c7:fb:0d:27:f5:
3d:67:88:5e:1e:28:b9:ed:85:3e:a7:d0:52:cb:e6:97:e7:34:
48:87:04:c7:38:c3:1c:5a:13:0e:70:70:7c:08:43:9a:9e:35:
be:3a:e9:d4:e4:da:62:66:d0:4e:ba:68:c0:f9:52:c9:71:43:
46:36:2f:a4:c5:f1:49:44:24:ca:9a:a6:9b:d8:cf:f0:a1:9f:
52:bf:e3:73:70:62:8b:21:0a:3b:a7:fe:84:0a:42:1b:ed:c3:
d3:3f:7e:d5:ae:ea:0f:5d:c7:54:0b:1a:95:6b:49:e2:85:af:
5f:ab:59:27:31:d9:54:a6:e9:5d:93:d9:35:51:12:a2:9d:86:
68:9f:2b:92:a0:65:c3:4a:1a:37:07:a0:2c:6d:e7:85:37:4e:
05:e3:9e:54:29:7a:ba:c4:4f:e1:6f:9b:7b:c2:26:4c:dc:61:
f2:74:ba:20:5b:55:03:e4:14:73:61:89:38:88:cc:64:4a:c0:
cd:19:4d:f1:26:13:14:54:72:2c:27:da:fe:f3:10:94:1e:a3:
28:aa:70:47:36:a5:2b:4d:fa:c3:8e:0d:f0:3a:d3:4d:62:ca:
b5:f7:f9:4f:e5:e2:ef:cb:e3:46:71:ed:ca:3e:19:b6:f7:1a:
3b:2d:aa:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzL8cXPHnkxLioWh5+jmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZGI3Y2E0ZWVlMWU0NTNkMjZmYWI5OWM4MjAxYWRmODk0
NjEyYmUwHhcNMjMwMTAyMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzcwM2M3ZDgwYTdiNmI2Y2RlNzdmZTU2MDQ3N2Y0MDYxNTU3M2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonxCaLTQHwHbrejme5eQsnj5spDi
675xjlFA1EDClYJnCAI3uwEdbu/MFkyTDZ2NECpEWz4qSsb/XVOJYx0+Rf3okbXZ
w1+931XUTKX2cOd/RKwP+G5eFMKqu0OEl3rehvcCCXFKCv5d6ZjZrt+erZ0Ol4fm
LuDxmEVDgBPKuzIflb21VL/wxVxTe7NYe9Nu4TJCLgzILgyinuprRRiBe3sY1mnw
UQ6fp2isWA3GP/usno5b0CvXkJ0+h/gir9Vpc1aow8xI6w+lI4kM7/YQ9F9CqbLn
8rlc7P6RiHXaMFmVZPDbTg+PPf9yF216NWRuqzSB3OWIOhVmpjldKlKaAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExwPH2Ap7a2zed/5WBHf0BhVXO1MB8GA1UdIwQY
MBaAFCnbfKTu4eRT0m+rmcggGt+JRhK+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2R0OHBPN2g1RlBTYjZ1WnlDQWEzNGxHRXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy83ZjI5MGItODFjNy00MmI3LTk0N2Yt
ZDMzZmExNjA1YWUxLzEvVEhBOGZZQ250cmJONTNfbFlFZF9RR0ZWYzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy83ZjI5MGItODFjNy00MmI3LTk0N2YtZDMzZmExNjA1YWUx
LzEvS2R0OHBPN2g1RlBTYjZ1WnlDQWEzNGxHRXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJXv+MA0G
CSqGSIb3DQEBCwUAA4IBAQBI/abA7ccsK1SMol4Ux/sNJ/U9Z4heHii57YU+p9BS
y+aX5zRIhwTHOMMcWhMOcHB8CEOanjW+OunU5NpiZtBOumjA+VLJcUNGNi+kxfFJ
RCTKmqab2M/woZ9Sv+NzcGKLIQo7p/6ECkIb7cPTP37VruoPXcdUCxqVa0niha9f
q1knMdlUpuldk9k1URKinYZonyuSoGXDSho3B6AsbeeFN04F455UKXq6xE/hb5t7
wiZM3GHydLogW1UD5BRzYYk4iMxkSsDNGU3xJhMUVHIsJ9r+8xCUHqMoqnBHNqUr
TfrDjg3wOtNNYsq19/lP5eLvy+NGce3KPhm29xo7LapX
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:49 2024 by rpki-client on console-fra.rpki-client.org