Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/8UaziYy2xg189DOfNKZz6Ycu91E.roa
File: 8UaziYy2xg189DOfNKZz6Ycu91E.roa (raw, json)
Hash identifier: KN/7nEEeWBamiGYOuxP/Nh6GgTo5lahNkn9HZvt8nlk=
Subject key identifier: F1:46:B3:89:8C:B6:C6:0D:7C:F4:33:9F:34:A6:73:E9:87:2E:F7:51
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 018C8C21DB9F43DC835F7B3757CC01199A1D
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/8UaziYy2xg189DOfNKZz6Ycu91E.roa
Signing time: Thu 21 Dec 2023 11:27:58 +0000
ROA not before: Thu 21 Dec 2023 11:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 209.35.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:21:db:9f:43:dc:83:5f:7b:37:57:cc:01:19:9a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Dec 21 11:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f146b3898cb6c60d7cf4339f34a673e9872ef751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6a:8e:85:d8:2f:65:80:d4:0a:d7:65:67:1a:
f3:80:61:e1:07:e1:f8:76:66:d0:2d:0f:16:87:e9:
96:64:04:ba:27:aa:26:3b:fb:f7:3b:08:6f:17:bc:
4b:78:46:aa:69:a7:1f:f0:44:44:8c:ec:be:81:11:
7f:bf:c2:e0:c7:57:f0:ac:e6:c3:c8:08:14:a4:b1:
fe:f5:d2:a1:96:80:33:72:55:61:99:ee:d7:1f:77:
9f:e0:27:12:c6:4a:d9:31:59:8a:35:04:3e:aa:14:
88:3b:5c:08:e0:c9:cc:eb:3a:1f:44:e3:2b:82:ff:
39:6a:80:bd:bc:ae:77:1b:d3:9a:96:f0:6a:b6:fa:
17:1c:c5:d6:73:28:de:63:4b:dc:30:0a:29:07:f1:
47:a7:96:e9:d9:34:1c:9d:fb:13:e8:d1:9e:a4:e2:
1d:13:ab:3d:90:f8:70:cd:e4:29:7c:5e:14:be:10:
df:49:ef:45:82:1a:db:bf:18:08:b2:ef:fa:dd:d7:
37:8b:a3:1a:dd:b5:38:d6:a8:1e:5b:d6:59:2a:3e:
30:d6:c6:89:05:41:67:62:5c:f3:a2:c7:c3:8f:24:
43:09:ee:d5:da:65:fe:17:a9:ee:f3:94:ee:2c:3c:
89:85:2d:2e:13:ed:af:7b:9f:6b:32:81:7d:b6:89:
2a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:46:B3:89:8C:B6:C6:0D:7C:F4:33:9F:34:A6:73:E9:87:2E:F7:51
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/8UaziYy2xg189DOfNKZz6Ycu91E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.232.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:20:f8:33:50:c2:01:21:09:17:8c:bd:d4:d5:4c:49:77:b0:
ea:04:29:0a:eb:b8:3f:f5:e1:6a:58:22:bf:6e:9c:4f:70:34:
66:12:3c:05:75:af:77:97:a3:e7:75:f5:74:fb:b3:5e:cd:d9:
40:4c:bc:a2:18:22:f2:1a:9c:bb:d9:4a:a9:5f:e8:7e:5a:42:
2e:34:e6:6b:29:96:e9:53:b5:42:14:04:62:ce:3b:22:36:73:
f3:e8:da:7e:f4:28:28:60:94:0a:98:64:90:aa:34:ce:2e:82:
b0:3a:2b:43:d1:72:95:ac:a6:bf:bc:b9:8e:ec:01:32:72:70:
ca:0d:02:94:30:be:15:36:3d:e2:51:b6:b3:c4:c8:07:91:6d:
13:c2:fb:2e:7e:2e:6c:50:96:c4:51:2d:09:09:6a:49:92:d1:
79:ad:85:ff:c7:df:5c:63:c7:64:5b:c2:da:a9:35:0e:52:2c:
f2:bf:a6:c1:d4:41:27:ef:9d:12:49:3b:ef:fa:5a:cf:c6:94:
bd:19:3d:d6:e6:ba:15:c2:21:82:63:5f:01:43:e3:b0:28:ce:
84:f6:ce:08:26:9b:bb:cf:b6:12:a4:ae:5c:56:b9:73:ea:e5:
22:d6:7a:ab:e8:bd:79:90:a4:1c:74:0d:bc:14:59:f9:71:4b:
b3:fa:7c:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyMIdufQ9yDX3s3V8wBGZodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjMxMjIxMTEyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTQ2YjM4OThjYjZjNjBkN2NmNDMzOWYzNGE2NzNlOTg3MmVmNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWqOhdgvZYDUCtdlZxrzgGHhB+H4
dmbQLQ8Wh+mWZAS6J6omO/v3OwhvF7xLeEaqaacf8EREjOy+gRF/v8Lgx1fwrObD
yAgUpLH+9dKhloAzclVhme7XH3ef4CcSxkrZMVmKNQQ+qhSIO1wI4MnM6zofROMr
gv85aoC9vK53G9OalvBqtvoXHMXWcyjeY0vcMAopB/FHp5bp2TQcnfsT6NGepOId
E6s9kPhwzeQpfF4UvhDfSe9FghrbvxgIsu/63dc3i6Ma3bU41qgeW9ZZKj4w1saJ
BUFnYlzzosfDjyRDCe7V2mX+F6nu85TuLDyJhS0uE+2ve59rMoF9tokq8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPFGs4mMtsYNfPQznzSmc+mHLvdRMB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvOFVhemlZeTJ4ZzE4OURPZk5LWno2WWN1OTFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0SPoMA0G
CSqGSIb3DQEBCwUAA4IBAQB+IPgzUMIBIQkXjL3U1UxJd7DqBCkK67g/9eFqWCK/
bpxPcDRmEjwFda93l6PndfV0+7NezdlATLyiGCLyGpy72UqpX+h+WkIuNOZrKZbp
U7VCFARizjsiNnPz6Np+9CgoYJQKmGSQqjTOLoKwOitD0XKVrKa/vLmO7AEycnDK
DQKUML4VNj3iUbazxMgHkW0Twvsufi5sUJbEUS0JCWpJktF5rYX/x99cY8dkW8La
qTUOUizyv6bB1EEn750SSTvv+lrPxpS9GT3W5roVwiGCY18BQ+OwKM6E9s4IJpu7
z7YSpK5cVrlz6uUi1nqr6L15kKQcdA28FFn5cUuz+nxU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:11 2024 by rpki-client on console-ams.rpki-client.org