Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/S78qJ-fCyUXCl9gXHgh1iZNYZAc.roa
File: S78qJ-fCyUXCl9gXHgh1iZNYZAc.roa (raw, json)
Hash identifier: jXis8/RmMCyvEmLxG4gAbGxkn6x9qTgtBaw8xAclp1A=
Subject key identifier: 4B:BF:2A:27:E7:C2:C9:45:C2:97:D8:17:1E:08:75:89:93:58:64:07
Certificate issuer: /CN=9daa9f14f97d4dad8c004c253a5e1ce7c7dd7c4b
Certificate serial: 018AEF8893A755E7C5CC343DC4B39D78E2CF
Authority key identifier: 9D:AA:9F:14:F9:7D:4D:AD:8C:00:4C:25:3A:5E:1C:E7:C7:DD:7C:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naqfFPl9Ta2MAEwlOl4c58fdfEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/S78qJ-fCyUXCl9gXHgh1iZNYZAc.roa
Signing time: Mon 02 Oct 2023 08:36:59 +0000
ROA not before: Mon 02 Oct 2023 08:36:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 176.118.161.0/24 maxlen: 24
176.118.162.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:88:93:a7:55:e7:c5:cc:34:3d:c4:b3:9d:78:e2:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9daa9f14f97d4dad8c004c253a5e1ce7c7dd7c4b
Validity
Not Before: Oct 2 08:36:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bbf2a27e7c2c945c297d8171e08758993586407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8a:c2:59:13:fe:84:1d:25:ab:3a:b5:18:fd:
33:8c:78:c2:89:ce:cb:b1:60:82:ee:86:e7:e8:6b:
21:cf:3c:89:3f:7c:65:00:2e:84:f3:c8:c0:57:e1:
40:28:a7:25:1f:db:7a:20:3f:b1:be:df:c6:b6:d0:
ce:5d:88:a5:a6:2e:ee:0f:32:d1:0b:66:90:a8:ca:
88:eb:66:8f:bb:75:eb:50:b0:33:9d:87:27:f8:92:
05:49:4e:8e:03:92:82:ba:83:07:f7:70:6b:98:42:
ab:8b:19:92:45:f2:fb:57:a5:0b:00:d2:55:de:a7:
a6:94:2a:a9:cd:fc:32:41:17:82:a2:f4:cd:eb:db:
e3:9d:d0:b3:8e:23:f2:61:cf:4e:65:85:e8:b7:c7:
a2:54:1d:bd:d1:d5:0e:3d:8d:78:85:ef:ac:2c:f5:
20:7d:a1:5c:be:37:ce:a0:1d:3b:0a:82:48:be:db:
9e:d8:1e:fd:2a:1f:6f:4d:af:1b:75:2a:e5:47:1e:
af:09:8f:54:b9:a8:71:14:f0:cc:46:ea:62:bd:a7:
60:99:dc:81:7f:4c:d6:32:ad:ed:73:b9:8e:6a:ca:
a2:31:19:55:3c:91:38:49:ae:dc:2f:0d:a9:55:fd:
5d:44:72:dd:e9:e7:24:e2:7e:2e:34:6b:2a:3c:53:
c9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:BF:2A:27:E7:C2:C9:45:C2:97:D8:17:1E:08:75:89:93:58:64:07
X509v3 Authority Key Identifier:
keyid:9D:AA:9F:14:F9:7D:4D:AD:8C:00:4C:25:3A:5E:1C:E7:C7:DD:7C:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naqfFPl9Ta2MAEwlOl4c58fdfEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/S78qJ-fCyUXCl9gXHgh1iZNYZAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/naqfFPl9Ta2MAEwlOl4c58fdfEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.161.0-176.118.162.255
Signature Algorithm: sha256WithRSAEncryption
92:e7:05:5e:ba:b5:27:dc:b2:3d:01:13:ba:38:76:a0:53:c4:
2a:86:6c:93:1b:cb:b0:41:42:a4:e6:65:46:b8:cf:22:44:1e:
6b:c7:65:42:90:a2:2d:d3:66:bb:da:f3:08:67:b1:4f:e2:9c:
31:e4:9f:fa:61:23:af:7c:31:81:2c:1c:0c:69:4c:d3:9c:1d:
77:73:0d:ba:8b:f4:f6:68:88:5e:4e:3f:9c:24:a8:24:bb:34:
e2:8a:ca:99:7a:a8:57:cf:27:e8:8a:54:28:13:5e:5d:24:3c:
a8:d8:1a:98:67:ef:af:ca:df:43:7c:4c:a7:f5:f8:28:38:d7:
41:3d:88:08:39:4d:c7:62:c8:f9:c5:0b:15:69:fb:50:46:04:
3a:92:e1:36:20:e0:60:2c:22:0c:12:a4:96:59:56:d6:02:02:
eb:3f:3e:8a:47:58:1e:ec:96:00:1d:4a:87:24:12:aa:77:ef:
a0:48:e7:28:37:1c:a2:76:08:b8:0a:69:9a:80:9e:2c:2e:8e:
77:3b:55:ef:15:1e:b9:8d:1e:08:1e:9d:10:e8:0a:da:7f:43:
f5:f2:27:18:15:5f:65:3f:fa:39:52:5c:85:3f:2c:2d:c6:91:
73:c5:e0:4c:cb:5e:76:4c:e4:9c:bf:49:ed:54:29:ab:a3:89:
5a:73:4a:f7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYrviJOnVefFzDQ9xLOdeOLPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYWE5ZjE0Zjk3ZDRkYWQ4YzAwNGMyNTNhNWUxY2U3Yzdk
ZDdjNGIwHhcNMjMxMDAyMDgzNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmJmMmEyN2U3YzJjOTQ1YzI5N2Q4MTcxZTA4NzU4OTkzNTg2NDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYrCWRP+hB0lqzq1GP0zjHjCic7L
sWCC7obn6GshzzyJP3xlAC6E88jAV+FAKKclH9t6ID+xvt/GttDOXYilpi7uDzLR
C2aQqMqI62aPu3XrULAznYcn+JIFSU6OA5KCuoMH93BrmEKrixmSRfL7V6ULANJV
3qemlCqpzfwyQReCovTN69vjndCzjiPyYc9OZYXot8eiVB290dUOPY14he+sLPUg
faFcvjfOoB07CoJIvtue2B79Kh9vTa8bdSrlRx6vCY9UuahxFPDMRupivadgmdyB
f0zWMq3tc7mOasqiMRlVPJE4Sa7cLw2pVf1dRHLd6eck4n4uNGsqPFPJlQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEu/KifnwslFwpfYFx4IdYmTWGQHMB8GA1UdIwQY
MBaAFJ2qnxT5fU2tjABMJTpeHOfH3XxLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFxZkZQbDlUYTJNQUV3bE9sNGM1OGZkZkVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kZmQ2MDUtMTBkYS00NmEyLTk2Nzct
NDE0MDEwMDhhNzBjLzEvUzc4cUotZkN5VVhDbDlnWEhnaDFpWk5ZWkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kZmQ2MDUtMTBkYS00NmEyLTk2NzctNDE0MDEwMDhhNzBj
LzEvbmFxZkZQbDlUYTJNQUV3bE9sNGM1OGZkZkVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACwdqED
BACwdqIwDQYJKoZIhvcNAQELBQADggEBAJLnBV66tSfcsj0BE7o4dqBTxCqGbJMb
y7BBQqTmZUa4zyJEHmvHZUKQoi3TZrva8whnsU/inDHkn/phI698MYEsHAxpTNOc
HXdzDbqL9PZoiF5OP5wkqCS7NOKKypl6qFfPJ+iKVCgTXl0kPKjYGphn76/K30N8
TKf1+Cg410E9iAg5TcdiyPnFCxVp+1BGBDqS4TYg4GAsIgwSpJZZVtYCAus/PopH
WB7slgAdSockEqp376BI5yg3HKJ2CLgKaZqAniwujnc7Ve8VHrmNHggenRDoCtp/
Q/XyJxgVX2U/+jlSXIU/LC3GkXPF4EzLXnZM5Jy/Se1UKaujiVpzSvc=
-----END CERTIFICATE-----
Generated at Tue Oct 3 08:53:26 2023 by rpki-client on console-fra.rpki-client.org