Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/0697c0-98ae-44ab-b4ab-b615c5c60652/1/an3jHjag00_ExKZhyZh2aEc-qMw.roa
File: an3jHjag00_ExKZhyZh2aEc-qMw.roa (raw, json)
Hash identifier: e0p3vJzwvDqYbA5MaWeg6RX+uZ7wNfj3vb2YHrai4pA=
Subject key identifier: 6A:7D:E3:1E:36:A0:D3:4F:C4:C4:A6:61:C9:98:76:68:47:3E:A8:CC
Certificate issuer: /CN=96dcebaa8cd32dc4bf1d66d0873a1b6f3d73498f
Certificate serial: 01857246C1BCB0F7E7DFB80B59BFFB61D291
Authority key identifier: 96:DC:EB:AA:8C:D3:2D:C4:BF:1D:66:D0:87:3A:1B:6F:3D:73:49:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ltzrqozTLcS_HWbQhzobbz1zSY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/0697c0-98ae-44ab-b4ab-b615c5c60652/1/an3jHjag00_ExKZhyZh2aEc-qMw.roa
Signing time: Mon 02 Jan 2023 11:38:37 +0000
ROA not before: Mon 02 Jan 2023 11:38:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209621
IP address blocks: 139.28.116.0/22 maxlen: 22
2a07:5fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c1:bc:b0:f7:e7:df:b8:0b:59:bf:fb:61:d2:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96dcebaa8cd32dc4bf1d66d0873a1b6f3d73498f
Validity
Not Before: Jan 2 11:38:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a7de31e36a0d34fc4c4a661c9987668473ea8cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fb:29:15:ac:e3:78:b3:b0:43:d9:4c:26:cd:
e7:90:80:f7:b2:2b:ab:b0:05:32:ec:07:2a:14:3e:
02:07:06:e2:8d:05:50:04:bf:f3:4e:d1:47:10:78:
f8:bc:c5:35:dd:4d:f0:72:40:d8:35:aa:8a:3d:2e:
1f:ad:f8:34:cf:20:0c:62:e6:0f:59:0f:7c:46:57:
c2:9f:d0:ac:43:85:67:00:f8:71:b7:3b:a9:b6:66:
11:3c:07:a5:ff:76:e2:39:ff:ff:f5:8e:d6:11:ef:
66:5f:1f:8f:72:a6:24:29:25:be:90:c6:74:d7:09:
60:a8:e1:8b:1f:f7:a5:ee:4e:61:81:86:1e:f8:1d:
3a:31:53:01:22:6a:7a:5e:56:f8:15:44:88:72:32:
42:8e:f2:fd:59:2e:55:59:02:66:a1:cd:4b:43:5d:
c2:eb:71:4d:d2:66:2b:17:c2:76:45:10:a8:c6:9d:
6e:9f:e5:70:1c:3a:9e:b1:3d:9b:66:7d:29:1c:0c:
7f:4f:72:7e:e2:ba:76:43:45:28:24:77:c5:1f:25:
d8:63:97:43:90:03:7a:c3:39:aa:ea:1a:0c:47:82:
15:1d:dc:49:62:2c:32:2e:55:19:ea:e1:48:20:3d:
21:77:7f:4f:49:9d:67:f1:0b:b9:8d:68:61:c3:a5:
af:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:7D:E3:1E:36:A0:D3:4F:C4:C4:A6:61:C9:98:76:68:47:3E:A8:CC
X509v3 Authority Key Identifier:
keyid:96:DC:EB:AA:8C:D3:2D:C4:BF:1D:66:D0:87:3A:1B:6F:3D:73:49:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltzrqozTLcS_HWbQhzobbz1zSY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0697c0-98ae-44ab-b4ab-b615c5c60652/1/an3jHjag00_ExKZhyZh2aEc-qMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0697c0-98ae-44ab-b4ab-b615c5c60652/1/ltzrqozTLcS_HWbQhzobbz1zSY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.116.0/22
IPv6:
2a07:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:2b:69:2d:7e:e5:d3:82:3d:69:e4:b2:25:0e:1f:52:f9:57:
36:df:68:fe:6d:ac:23:c2:7e:1a:44:ec:16:5b:d0:fc:ea:30:
6f:15:d0:fd:8d:3e:f7:33:f7:76:bc:c5:46:9a:3b:e3:9d:55:
7f:88:da:51:6d:d4:ec:26:41:75:5d:61:9b:7b:82:8c:f4:cc:
87:6a:77:01:f5:ba:e5:f5:ab:a4:7d:d1:a5:94:c6:cd:c1:26:
d1:fd:74:0b:b4:78:9f:f4:9a:e7:7d:56:01:a3:a7:0e:c4:50:
46:3a:87:4b:71:8a:24:89:ce:40:8b:cc:78:1c:0e:61:6d:5e:
6b:ee:9c:09:9d:06:96:0f:c7:1c:ed:1d:ff:25:ba:3a:62:fb:
92:88:cd:6f:78:0c:71:1d:e1:63:3a:7f:2c:d1:bb:98:49:e5:
18:12:33:83:27:5e:16:d2:f9:28:9a:80:17:01:2c:8f:b0:55:
fd:64:d6:f7:48:14:62:b9:9c:f9:0f:4e:4c:20:6c:0e:42:41:
84:8c:98:9f:e0:e6:2a:0d:6d:ac:4e:14:35:0a:7f:51:ce:f7:
47:93:60:6b:78:c3:5c:d3:17:c4:ae:00:46:f4:28:b7:e2:81:
5b:9e:46:05:e4:4b:f0:9a:fd:8d:93:0a:62:f0:42:37:3a:38:
c5:32:4d:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyRsG8sPfn37gLWb/7YdKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZGNlYmFhOGNkMzJkYzRiZjFkNjZkMDg3M2ExYjZmM2Q3
MzQ5OGYwHhcNMjMwMTAyMTEzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTdkZTMxZTM2YTBkMzRmYzRjNGE2NjFjOTk4NzY2ODQ3M2VhOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvspFazjeLOwQ9lMJs3nkID3siur
sAUy7AcqFD4CBwbijQVQBL/zTtFHEHj4vMU13U3wckDYNaqKPS4frfg0zyAMYuYP
WQ98RlfCn9CsQ4VnAPhxtzuptmYRPAel/3biOf//9Y7WEe9mXx+PcqYkKSW+kMZ0
1wlgqOGLH/el7k5hgYYe+B06MVMBImp6Xlb4FUSIcjJCjvL9WS5VWQJmoc1LQ13C
63FN0mYrF8J2RRCoxp1un+VwHDqesT2bZn0pHAx/T3J+4rp2Q0UoJHfFHyXYY5dD
kAN6wzmq6hoMR4IVHdxJYiwyLlUZ6uFIID0hd39PSZ1n8Qu5jWhhw6Wv7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGp94x42oNNPxMSmYcmYdmhHPqjMMB8GA1UdIwQY
MBaAFJbc66qM0y3Evx1m0Ic6G289c0mPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHR6cnFvelRMY1NfSFdiUWh6b2JiejF6U1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wNjk3YzAtOThhZS00NGFiLWI0YWIt
YjYxNWM1YzYwNjUyLzEvYW4zakhqYWcwMF9FeEtaaHlaaDJhRWMtcU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wNjk3YzAtOThhZS00NGFiLWI0YWItYjYxNWM1YzYwNjUy
LzEvbHR6cnFvelRMY1NfSFdiUWh6b2JiejF6U1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCixx0MA0E
AgACMAcDBQMqB1/AMA0GCSqGSIb3DQEBCwUAA4IBAQBKK2ktfuXTgj1p5LIlDh9S
+Vc232j+bawjwn4aROwWW9D86jBvFdD9jT73M/d2vMVGmjvjnVV/iNpRbdTsJkF1
XWGbe4KM9MyHancB9brl9aukfdGllMbNwSbR/XQLtHif9JrnfVYBo6cOxFBGOodL
cYokic5Ai8x4HA5hbV5r7pwJnQaWD8cc7R3/Jbo6YvuSiM1veAxxHeFjOn8s0buY
SeUYEjODJ14W0vkomoAXASyPsFX9ZNb3SBRiuZz5D05MIGwOQkGEjJif4OYqDW2s
ThQ1Cn9RzvdHk2BreMNc0xfErgBG9Ci34oFbnkYF5Evwmv2Nkwpi8EI3OjjFMk0G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:10 2024 by rpki-client on console-ams.rpki-client.org