Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/mT4GKj4uRaeMwGBDFe7a7ed3oQU.roa
File: mT4GKj4uRaeMwGBDFe7a7ed3oQU.roa (raw, json)
Hash identifier: 1KO/kIGF/T2RhUWkoUWcpX8wTkQUMe4M5mFjwJwasVY=
Subject key identifier: 99:3E:06:2A:3E:2E:45:A7:8C:C0:60:43:15:EE:DA:ED:E7:77:A1:05
Certificate issuer: /CN=29db7ca4eee1e453d26fab99c8201adf894612be
Certificate serial: 018572CCC1A7EDB7EF42176116F7E8B6F094
Authority key identifier: 29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/mT4GKj4uRaeMwGBDFe7a7ed3oQU.roa
Signing time: Mon 02 Jan 2023 14:04:59 +0000
ROA not before: Mon 02 Jan 2023 14:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207339
IP address blocks: 37.123.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:c1:a7:ed:b7:ef:42:17:61:16:f7:e8:b6:f0:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29db7ca4eee1e453d26fab99c8201adf894612be
Validity
Not Before: Jan 2 14:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=993e062a3e2e45a78cc0604315eedaede777a105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:24:51:69:7e:ca:5d:9a:85:d8:83:c6:55:c3:
c7:34:dc:88:0f:a8:dc:85:4f:0e:c8:ab:03:db:09:
df:4d:13:8b:80:73:12:9e:b9:b0:1d:5e:2d:03:8b:
ca:27:a7:d4:29:3e:ec:55:3a:fd:05:64:cb:2a:e0:
5a:23:93:0e:6c:70:0e:2e:8c:3b:e0:3c:c6:29:26:
ec:f4:bd:26:ca:59:d0:04:c8:9f:5b:51:5e:c4:c6:
a8:1e:fb:32:63:d0:96:d4:2e:c6:2a:17:a2:d2:3e:
7b:78:94:b8:b5:50:aa:c6:97:66:7a:d3:ef:da:30:
5f:4b:e2:69:c5:9c:86:c4:be:3c:8e:0f:ed:48:51:
50:9a:06:ed:75:88:a8:47:a6:1d:e5:e7:bc:14:d3:
06:1c:dc:8b:fd:13:f1:0f:e7:88:f0:57:c5:3f:92:
3c:22:6d:64:74:49:92:1f:fa:07:e9:fb:e1:b6:aa:
d0:c8:bd:af:ae:8b:d1:6c:10:ba:31:c7:59:78:22:
80:ff:d3:6c:32:8c:d3:e9:b0:6d:42:57:05:91:76:
6c:f7:9d:17:84:ad:16:20:fa:c9:26:8e:01:58:d2:
3c:f0:80:c4:7f:c0:9c:6e:5f:dd:9a:80:e7:37:d8:
ee:c6:3c:01:6a:4b:07:4f:45:2d:28:ab:eb:38:cf:
a5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:3E:06:2A:3E:2E:45:A7:8C:C0:60:43:15:EE:DA:ED:E7:77:A1:05
X509v3 Authority Key Identifier:
keyid:29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/mT4GKj4uRaeMwGBDFe7a7ed3oQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/Kdt8pO7h5FPSb6uZyCAa34lGEr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.254.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:50:79:fe:20:2f:c6:c2:3c:8d:0d:15:7c:fc:08:1b:06:da:
a3:dc:a0:08:97:12:38:57:34:5b:cb:62:ae:5e:f8:5d:4e:a1:
95:7c:b9:8d:a0:5f:45:ff:14:9b:54:a7:94:84:8b:e6:c7:84:
89:fd:b0:ea:c2:9e:cf:35:6c:89:c0:e8:c3:45:0a:4b:61:d4:
0b:b6:37:ca:5f:9e:b7:fb:a4:22:fc:63:8a:ca:8d:f1:32:5c:
64:92:7b:ef:e0:60:b9:b4:7e:cb:2e:4e:56:81:db:cb:7a:3a:
50:76:17:c1:47:e2:64:50:ca:a8:a3:90:0a:28:ce:0a:f6:0a:
c4:00:8b:41:d1:1b:cf:a7:12:4e:c7:8d:78:22:d7:44:ea:18:
88:5d:3f:a8:dc:98:37:a8:a0:5f:b6:59:a0:b4:e1:94:3c:98:
ea:55:96:ed:e5:cc:ed:53:6d:ae:36:e8:43:58:f3:03:bc:49:
8b:fd:5b:a4:0f:cf:8d:27:77:30:dd:93:08:f8:a6:24:03:b0:
4e:b7:d2:38:48:65:5c:b7:14:2e:0f:07:d2:b7:2f:ed:63:ca:
41:e5:5a:e9:04:95:ef:84:5a:55:b7:41:76:4a:00:93:8f:96:
68:e9:78:c6:01:c1:1c:3c:9d:a9:c8:1c:a1:ab:a4:61:ca:d4:
8c:8b:10:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzMGn7bfvQhdhFvfotvCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZGI3Y2E0ZWVlMWU0NTNkMjZmYWI5OWM4MjAxYWRmODk0
NjEyYmUwHhcNMjMwMTAyMTQwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTNlMDYyYTNlMmU0NWE3OGNjMDYwNDMxNWVlZGFlZGU3NzdhMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSRRaX7KXZqF2IPGVcPHNNyID6jc
hU8OyKsD2wnfTROLgHMSnrmwHV4tA4vKJ6fUKT7sVTr9BWTLKuBaI5MObHAOLow7
4DzGKSbs9L0mylnQBMifW1FexMaoHvsyY9CW1C7GKhei0j57eJS4tVCqxpdmetPv
2jBfS+JpxZyGxL48jg/tSFFQmgbtdYioR6Yd5ee8FNMGHNyL/RPxD+eI8FfFP5I8
Im1kdEmSH/oH6fvhtqrQyL2vrovRbBC6McdZeCKA/9NsMozT6bBtQlcFkXZs950X
hK0WIPrJJo4BWNI88IDEf8Ccbl/dmoDnN9juxjwBaksHT0UtKKvrOM+l3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJk+Bio+LkWnjMBgQxXu2u3nd6EFMB8GA1UdIwQY
MBaAFCnbfKTu4eRT0m+rmcggGt+JRhK+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2R0OHBPN2g1RlBTYjZ1WnlDQWEzNGxHRXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy83ZjI5MGItODFjNy00MmI3LTk0N2Yt
ZDMzZmExNjA1YWUxLzEvbVQ0R0tqNHVSYWVNd0dCREZlN2E3ZWQzb1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy83ZjI5MGItODFjNy00MmI3LTk0N2YtZDMzZmExNjA1YWUx
LzEvS2R0OHBPN2g1RlBTYjZ1WnlDQWEzNGxHRXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJXv+MA0G
CSqGSIb3DQEBCwUAA4IBAQC7UHn+IC/GwjyNDRV8/AgbBtqj3KAIlxI4VzRby2Ku
XvhdTqGVfLmNoF9F/xSbVKeUhIvmx4SJ/bDqwp7PNWyJwOjDRQpLYdQLtjfKX563
+6Qi/GOKyo3xMlxkknvv4GC5tH7LLk5WgdvLejpQdhfBR+JkUMqoo5AKKM4K9grE
AItB0RvPpxJOx414ItdE6hiIXT+o3Jg3qKBftlmgtOGUPJjqVZbt5cztU22uNuhD
WPMDvEmL/VukD8+NJ3cw3ZMI+KYkA7BOt9I4SGVctxQuDwfSty/tY8pB5VrpBJXv
hFpVt0F2SgCTj5Zo6XjGAcEcPJ2pyByhq6RhytSMixCG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:19 2024 by rpki-client on console-fra.rpki-client.org