Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/jn5Xs81wUU3uYKQn_TyWZDn1xw4.roa
File: jn5Xs81wUU3uYKQn_TyWZDn1xw4.roa (raw, json)
Hash identifier: VBQ9hBY/98jr4DVH2d77QSMB/1GABlpxtfKKzaTAya0=
Subject key identifier: 8E:7E:57:B3:CD:70:51:4D:EE:60:A4:27:FD:3C:96:64:39:F5:C7:0E
Certificate issuer: /CN=f9356a96e74ea2d72b6545c87c79d212d72a7bde
Certificate serial: 0185708CD164142382872BB2786B93CB5689
Authority key identifier: F9:35:6A:96:E7:4E:A2:D7:2B:65:45:C8:7C:79:D2:12:D7:2A:7B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/jn5Xs81wUU3uYKQn_TyWZDn1xw4.roa
Signing time: Mon 02 Jan 2023 03:35:54 +0000
ROA not before: Mon 02 Jan 2023 03:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42810
IP address blocks: 87.237.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d1:64:14:23:82:87:2b:b2:78:6b:93:cb:56:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9356a96e74ea2d72b6545c87c79d212d72a7bde
Validity
Not Before: Jan 2 03:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e7e57b3cd70514dee60a427fd3c966439f5c70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5c:7c:ad:35:c6:eb:cf:e0:0b:30:e8:1f:34:
d4:76:0a:20:6e:b7:a8:6f:57:2b:e0:da:dd:1f:8d:
eb:3d:11:e7:92:21:74:ea:b5:a7:19:5e:93:ce:31:
4e:12:49:9d:44:86:19:8f:81:83:7d:2f:6e:fe:9f:
2f:cd:ff:1f:83:e7:51:80:ca:99:91:19:81:81:72:
f0:ea:83:1a:12:4e:03:b1:de:7f:de:fe:13:13:4e:
95:49:d5:ef:07:8f:25:3d:5f:be:1a:bf:ef:69:45:
b9:50:d5:a1:6b:e5:fb:1c:59:17:a2:86:06:e4:f0:
a1:18:ae:2e:90:4e:95:21:b8:1d:4b:8e:77:58:4a:
1a:95:bc:a5:e2:51:cc:4a:ed:f1:90:83:a0:b3:22:
68:ed:2f:55:5f:3a:f6:d1:23:5c:f2:f0:66:70:ed:
ad:b6:b3:b1:53:01:52:82:46:20:ea:90:44:ec:e2:
3d:f3:e9:bd:d7:b4:9b:b5:f9:56:14:eb:00:61:e7:
7f:01:23:7c:fa:38:de:83:07:af:f9:a7:a3:5d:15:
70:71:4b:4b:0d:0a:03:f7:91:6b:83:9a:34:95:73:
e7:17:f6:33:69:31:87:38:70:ba:1c:f9:9b:8d:65:
75:14:c6:4d:99:e4:7c:5f:71:ba:d7:6a:0b:93:15:
69:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7E:57:B3:CD:70:51:4D:EE:60:A4:27:FD:3C:96:64:39:F5:C7:0E
X509v3 Authority Key Identifier:
keyid:F9:35:6A:96:E7:4E:A2:D7:2B:65:45:C8:7C:79:D2:12:D7:2A:7B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/jn5Xs81wUU3uYKQn_TyWZDn1xw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/1-TVqludOotcrZUXIfHnSEtcqe94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.168.0/22
Signature Algorithm: sha256WithRSAEncryption
16:66:81:8b:b1:b3:df:56:91:da:04:45:19:ae:3d:51:28:58:
c6:49:5d:57:bd:c8:f7:9f:2a:77:86:ed:52:e1:e2:6c:f7:c1:
f5:a4:5e:46:87:f6:00:71:62:54:ae:3c:30:64:b7:85:31:09:
b2:3b:af:1d:4f:2f:18:57:5a:a6:61:37:00:23:36:03:55:5a:
ff:a1:a2:93:d1:a7:09:f5:77:1e:c0:5a:99:df:43:f1:78:67:
ae:79:ea:ee:c9:40:c4:7f:50:75:08:ea:06:f3:d1:61:18:16:
20:9e:b7:46:1b:fe:28:32:d2:6d:8c:1d:a9:5f:d7:90:1f:ff:
23:c6:ff:d5:96:19:93:2f:86:57:a3:5e:cf:06:75:6d:65:c2:
13:dc:83:53:22:d7:e3:2e:65:04:76:ef:ed:a6:d0:78:9f:05:
03:8e:ef:22:aa:47:7e:bb:be:e5:0b:29:74:62:5d:83:e9:4e:
f5:ec:a6:e6:b5:63:06:b7:c9:97:80:43:d9:32:db:9e:a7:79:
f3:4b:97:1e:05:e3:be:b9:79:8a:67:9a:6a:1a:26:ce:5a:83:
65:9b:6d:4d:07:36:38:5c:78:5b:c7:f4:e5:f5:4e:87:7a:89:
df:51:ad:7f:39:fc:fe:d1:26:d5:ce:ba:ff:bc:c8:8c:b1:c3:
0c:4c:34:1a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwjNFkFCOChyuyeGuTy1aJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MzU2YTk2ZTc0ZWEyZDcyYjY1NDVjODdjNzlkMjEyZDcy
YTdiZGUwHhcNMjMwMTAyMDMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTdlNTdiM2NkNzA1MTRkZWU2MGE0MjdmZDNjOTY2NDM5ZjVjNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFx8rTXG68/gCzDoHzTUdgogbreo
b1cr4NrdH43rPRHnkiF06rWnGV6TzjFOEkmdRIYZj4GDfS9u/p8vzf8fg+dRgMqZ
kRmBgXLw6oMaEk4Dsd5/3v4TE06VSdXvB48lPV++Gr/vaUW5UNWha+X7HFkXooYG
5PChGK4ukE6VIbgdS453WEoalbyl4lHMSu3xkIOgsyJo7S9VXzr20SNc8vBmcO2t
trOxUwFSgkYg6pBE7OI98+m917SbtflWFOsAYed/ASN8+jjegwev+aejXRVwcUtL
DQoD95Frg5o0lXPnF/YzaTGHOHC6HPmbjWV1FMZNmeR8X3G612oLkxVpxQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFI5+V7PNcFFN7mCkJ/08lmQ59ccOMB8GA1UdIwQY
MBaAFPk1apbnTqLXK2VFyHx50hLXKnveMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1UVnFsdWRPb3RjclpVWElmSG5TRXRjcWU5NC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvOWY0NTlmLTI2NGQtNDZjZS04N2Iw
LWNiYjdkMmJmNmZhMS8xL2puNVhzODF3VVUzdVlLUW5fVHlXWkRuMXh3NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvOWY0NTlmLTI2NGQtNDZjZS04N2IwLWNiYjdkMmJmNmZh
MS8xLzEtVFZxbHVkT290Y3JaVVhJZkhuU0V0Y3FlOTQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJX7agw
DQYJKoZIhvcNAQELBQADggEBABZmgYuxs99WkdoERRmuPVEoWMZJXVe9yPefKneG
7VLh4mz3wfWkXkaH9gBxYlSuPDBkt4UxCbI7rx1PLxhXWqZhNwAjNgNVWv+hopPR
pwn1dx7AWpnfQ/F4Z6556u7JQMR/UHUI6gbz0WEYFiCet0Yb/igy0m2MHalf15Af
/yPG/9WWGZMvhlejXs8GdW1lwhPcg1Mi1+MuZQR27+2m0HifBQOO7yKqR367vuUL
KXRiXYPpTvXspua1Ywa3yZeAQ9ky256nefNLlx4F4765eYpnmmoaJs5ag2WbbU0H
NjhceFvH9OX1Tod6id9RrX85/P7RJtXOuv+8yIyxwwxMNBo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:09 2024 by rpki-client on console-ams.rpki-client.org