Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/1XVvcEtqLWtqOW2iSs3Npw1xBVo.roa
File: 1XVvcEtqLWtqOW2iSs3Npw1xBVo.roa (raw, json)
Hash identifier: rINdr5AdK5bvLZrh2TYVZz661O/NYeQljRWpgDfZaTU=
Subject key identifier: D5:75:6F:70:4B:6A:2D:6B:6A:39:6D:A2:4A:CD:CD:A7:0D:71:05:5A
Certificate issuer: /CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Certificate serial: 01857169B41DAC1624D56B5F443CC75F5830
Authority key identifier: 09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/1XVvcEtqLWtqOW2iSs3Npw1xBVo.roa
Signing time: Mon 02 Jan 2023 07:37:10 +0000
ROA not before: Mon 02 Jan 2023 07:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133301
IP address blocks: 178.248.116.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:b4:1d:ac:16:24:d5:6b:5f:44:3c:c7:5f:58:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Validity
Not Before: Jan 2 07:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5756f704b6a2d6b6a396da24acdcda70d71055a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:50:fb:38:ee:e7:59:0d:75:45:25:b1:b1:a2:
ae:00:16:a6:2a:65:c6:de:bf:c7:df:18:fc:00:d9:
e4:0e:d4:c0:d0:b2:54:d0:a2:f4:82:dd:10:b1:a9:
7c:9e:7e:2c:62:40:4d:ca:b4:1e:df:f6:68:57:d4:
3c:a5:da:66:d5:20:55:86:96:69:9b:6f:cc:ac:19:
aa:0c:d8:17:4a:1d:15:84:be:dc:db:a0:88:2e:95:
21:ca:ae:69:03:58:82:7b:57:a4:1d:20:9e:6f:16:
c7:80:d1:1e:91:7a:01:95:9e:bb:06:85:c6:89:d9:
17:79:36:ca:74:08:d8:86:5a:1d:b4:a2:7e:79:44:
65:4a:b8:95:0a:b1:c8:b9:b7:4b:7e:3c:72:58:ce:
ac:ee:1a:f1:19:aa:3f:58:55:d5:74:a2:0b:a4:f7:
98:35:34:f8:23:89:01:22:b4:ea:71:1b:dc:38:40:
98:f3:d6:66:61:80:89:90:24:35:6f:88:92:42:67:
06:e3:f2:d7:59:33:10:4f:11:6f:61:d6:fb:d7:3c:
df:7d:d7:7d:a8:a7:10:f3:1c:c2:91:98:b7:39:9a:
24:bc:a6:e2:b4:99:14:a4:49:e1:a2:76:c5:17:d8:
e7:a6:bf:16:03:14:82:f0:7a:b5:4c:b4:e1:5b:c3:
d9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:75:6F:70:4B:6A:2D:6B:6A:39:6D:A2:4A:CD:CD:A7:0D:71:05:5A
X509v3 Authority Key Identifier:
keyid:09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/1XVvcEtqLWtqOW2iSs3Npw1xBVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.116.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:87:53:6b:63:03:19:76:1c:50:53:14:5c:ad:9b:f7:fd:21:
dd:4e:20:a6:5b:0b:d4:9f:aa:c9:e7:53:fd:dc:eb:9c:06:e0:
29:8b:a6:b3:17:b9:3d:3e:0a:28:aa:36:b5:eb:54:63:94:08:
d2:77:d1:99:f1:b3:e5:ac:1d:06:e0:45:b1:d1:2c:ca:bb:4b:
71:81:be:93:b9:99:75:a7:9a:0a:c1:5c:e7:6b:3f:9a:b0:5a:
09:d4:a7:3b:2a:d6:41:d8:1c:22:5e:4f:e8:08:5b:18:82:fc:
c6:29:a0:37:62:79:15:c1:fb:9d:4c:7d:86:a7:b3:51:e9:fe:
6b:0f:f2:8a:e9:2e:f1:1a:5d:5b:05:ff:4e:64:ba:f9:2a:b8:
4a:e1:c9:15:a4:68:ac:9a:74:2f:3c:ff:57:0b:d5:42:7a:1b:
f4:67:dd:9f:60:c0:cc:8f:3c:55:25:47:c1:40:3c:b5:f5:40:
45:7c:5a:88:f5:ad:e4:aa:65:92:69:d1:d2:3d:5b:39:a1:a7:
dd:a3:05:a1:10:99:93:db:4f:ac:a6:ca:51:6b:57:a2:32:6e:
3a:39:da:2b:ef:d8:8e:a9:e9:48:92:f3:b6:75:43:75:b3:a3:
d5:6c:b7:2e:fc:9f:0e:cd:53:e8:64:20:50:b7:b6:b2:68:48:
14:8d:20:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxabQdrBYk1WtfRDzHX1gwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjBkY2NlYjc0ZjExODVhY2Q5N2FlZWFhYzI1ZGRhNWU5
YjA5MzYwHhcNMjMwMTAyMDczNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTc1NmY3MDRiNmEyZDZiNmEzOTZkYTI0YWNkY2RhNzBkNzEwNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVD7OO7nWQ11RSWxsaKuABamKmXG
3r/H3xj8ANnkDtTA0LJU0KL0gt0Qsal8nn4sYkBNyrQe3/ZoV9Q8pdpm1SBVhpZp
m2/MrBmqDNgXSh0VhL7c26CILpUhyq5pA1iCe1ekHSCebxbHgNEekXoBlZ67BoXG
idkXeTbKdAjYhlodtKJ+eURlSriVCrHIubdLfjxyWM6s7hrxGao/WFXVdKILpPeY
NTT4I4kBIrTqcRvcOECY89ZmYYCJkCQ1b4iSQmcG4/LXWTMQTxFvYdb71zzffdd9
qKcQ8xzCkZi3OZokvKbitJkUpEnhonbFF9jnpr8WAxSC8Hq1TLThW8PZOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNV1b3BLai1rajltokrNzacNcQVaMB8GA1UdIwQY
MBaAFAnw3M63TxGFrNl67qrCXdpemwk2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgt
OTk2MTg5ZjljZTE0LzEvMVhWdmNFdHFMV3RxT1cyaVNzM05wdzF4QlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgtOTk2MTg5ZjljZTE0
LzEvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsvh0MA0G
CSqGSIb3DQEBCwUAA4IBAQCth1NrYwMZdhxQUxRcrZv3/SHdTiCmWwvUn6rJ51P9
3OucBuApi6azF7k9Pgooqja161RjlAjSd9GZ8bPlrB0G4EWx0SzKu0txgb6TuZl1
p5oKwVznaz+asFoJ1Kc7KtZB2BwiXk/oCFsYgvzGKaA3YnkVwfudTH2Gp7NR6f5r
D/KK6S7xGl1bBf9OZLr5KrhK4ckVpGismnQvPP9XC9VCehv0Z92fYMDMjzxVJUfB
QDy19UBFfFqI9a3kqmWSadHSPVs5oafdowWhEJmT20+spspRa1eiMm46Odor79iO
qelIkvO2dUN1s6PVbLcu/J8OzVPoZCBQt7ayaEgUjSCn
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:08 2024 by rpki-client on console-fra.rpki-client.org