Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/I-t8NJqpSZ9AxdIb4Fd7zhESSnI.roa
File: I-t8NJqpSZ9AxdIb4Fd7zhESSnI.roa (raw, json)
Hash identifier: /PfvFvNKobmg1AfSyfF6d4UdRKmQF9HqHUlRi/octRM=
Subject key identifier: 23:EB:7C:34:9A:A9:49:9F:40:C5:D2:1B:E0:57:7B:CE:11:12:4A:72
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 01856D2F3884C4E3E2501B22C4FF78F3867A
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/I-t8NJqpSZ9AxdIb4Fd7zhESSnI.roa
Signing time: Sun 01 Jan 2023 11:54:49 +0000
ROA not before: Sun 01 Jan 2023 11:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35638
IP address blocks: 84.239.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:38:84:c4:e3:e2:50:1b:22:c4:ff:78:f3:86:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 1 11:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23eb7c349aa9499f40c5d21be0577bce11124a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:18:3b:e0:ed:f2:09:ac:f0:b4:d1:d3:5c:88:
50:84:0e:32:32:b2:c1:f3:e2:d2:c3:b3:d4:3f:e6:
09:5d:91:c5:6f:80:70:9d:56:82:39:41:97:e1:83:
55:91:7b:86:0a:22:47:ad:67:8d:9b:6e:76:da:d9:
ce:5c:60:34:5f:45:97:c8:ae:77:a2:c2:8c:fa:67:
a9:1c:4e:35:1d:b4:7d:62:6a:21:23:0d:48:8a:88:
3c:8b:77:eb:74:e4:a6:61:2e:d2:bd:39:93:4a:65:
08:83:f1:31:ef:26:33:5d:c8:85:0e:09:0c:b2:b2:
7a:6f:dc:8f:bb:16:8e:f6:35:6f:2b:01:08:86:bf:
5d:1d:06:c2:41:0d:4d:24:8e:73:e6:e0:5e:99:58:
fc:44:6b:03:b5:73:57:d3:a5:68:35:3a:c6:b3:9b:
b1:8b:90:d2:a4:fa:bb:c4:e5:04:db:65:52:65:6a:
23:68:a0:48:05:bb:5a:9e:e1:6f:df:b9:c9:78:36:
bf:0e:1a:fe:da:37:21:00:a1:5a:1c:9e:fa:44:dd:
7b:a7:ae:28:be:14:3b:3a:dd:9a:52:f6:ea:fd:6d:
21:90:18:7e:96:55:ac:71:3e:2b:27:82:5c:56:0a:
27:ac:31:19:0e:07:d3:9f:04:ec:12:67:07:d8:f1:
74:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EB:7C:34:9A:A9:49:9F:40:C5:D2:1B:E0:57:7B:CE:11:12:4A:72
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/I-t8NJqpSZ9AxdIb4Fd7zhESSnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.21.0/24
Signature Algorithm: sha256WithRSAEncryption
78:c3:2d:ea:2a:c4:3b:f5:be:0b:41:9f:3b:81:48:fa:18:f0:
cb:23:94:3f:11:d1:19:6f:a2:b9:bb:d1:f0:1f:32:57:ad:6f:
e7:a5:7d:ee:eb:24:a0:72:31:7a:d4:93:d1:83:e7:3b:ef:0f:
38:7f:44:92:cb:8f:48:a5:30:e7:de:43:05:44:0e:fd:e0:ba:
b2:06:07:5a:a4:a3:c2:f6:49:08:ac:d6:34:a9:0c:33:cb:f4:
ed:84:c4:7a:7a:ff:f1:1e:12:1f:1b:d0:31:b3:b0:8b:65:86:
23:70:f8:7e:6e:52:da:4f:79:f1:37:db:89:aa:1d:3d:ea:68:
17:d1:73:42:e8:b7:68:99:fe:1e:45:bf:06:17:da:2d:b8:81:
10:da:7d:f4:5b:f6:c8:e7:2d:5f:c9:39:b1:17:cc:95:56:0e:
b2:17:7a:47:13:b2:cf:c1:24:0f:8b:34:37:60:09:87:7f:61:
98:c2:29:63:db:7c:67:b7:2d:9d:8b:e4:66:79:24:5d:7c:4c:
d4:3d:d8:44:23:fd:8e:0a:cd:dc:62:3d:d7:0b:aa:90:c0:28:
2e:fd:e0:19:d1:88:f3:fb:54:d6:8f:88:6d:83:9a:ca:07:17:
e8:da:df:f7:89:3e:35:1a:d6:d6:89:81:cd:09:a6:4b:8c:8a:
a8:bf:57:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLziExOPiUBsixP9484Z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjMwMTAxMTE1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2ViN2MzNDlhYTk0OTlmNDBjNWQyMWJlMDU3N2JjZTExMTI0YTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Bg74O3yCazwtNHTXIhQhA4yMrLB
8+LSw7PUP+YJXZHFb4BwnVaCOUGX4YNVkXuGCiJHrWeNm2522tnOXGA0X0WXyK53
osKM+mepHE41HbR9YmohIw1Iiog8i3frdOSmYS7SvTmTSmUIg/Ex7yYzXciFDgkM
srJ6b9yPuxaO9jVvKwEIhr9dHQbCQQ1NJI5z5uBemVj8RGsDtXNX06VoNTrGs5ux
i5DSpPq7xOUE22VSZWojaKBIBbtanuFv37nJeDa/Dhr+2jchAKFaHJ76RN17p64o
vhQ7Ot2aUvbq/W0hkBh+llWscT4rJ4JcVgonrDEZDgfTnwTsEmcH2PF04wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPrfDSaqUmfQMXSG+BXe84REkpyMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvSS10OE5KcXBTWjlBeGRJYjRGZDd6aEVTU25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVO8VMA0G
CSqGSIb3DQEBCwUAA4IBAQB4wy3qKsQ79b4LQZ87gUj6GPDLI5Q/EdEZb6K5u9Hw
HzJXrW/npX3u6ySgcjF61JPRg+c77w84f0SSy49IpTDn3kMFRA794LqyBgdapKPC
9kkIrNY0qQwzy/TthMR6ev/xHhIfG9Axs7CLZYYjcPh+blLaT3nxN9uJqh096mgX
0XNC6Ldomf4eRb8GF9otuIEQ2n30W/bI5y1fyTmxF8yVVg6yF3pHE7LPwSQPizQ3
YAmHf2GYwilj23xnty2di+RmeSRdfEzUPdhEI/2OCs3cYj3XC6qQwCgu/eAZ0Yjz
+1TWj4htg5rKBxfo2t/3iT41GtbWiYHNCaZLjIqov1ds
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:02 2024 by rpki-client on console-fra.rpki-client.org