Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/iFiohI2mV7rfsEa-os1IZBF05Eg.roa
File: iFiohI2mV7rfsEa-os1IZBF05Eg.roa (raw, json)
Hash identifier: 72lk8fGNrbkMovQTWlNmTxq83m9r9xTWIq4pl7sS/24=
Subject key identifier: 88:58:A8:84:8D:A6:57:BA:DF:B0:46:BE:A2:CD:48:64:11:74:E4:48
Certificate issuer: /CN=f1b15e77af4edde11192c6fecd50b21cd379d421
Certificate serial: 0185728C6DE1E44E4105E3E1D1F5EC471D91
Authority key identifier: F1:B1:5E:77:AF:4E:DD:E1:11:92:C6:FE:CD:50:B2:1C:D3:79:D4:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bFed69O3eERksb-zVCyHNN51CE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/iFiohI2mV7rfsEa-os1IZBF05Eg.roa
Signing time: Mon 02 Jan 2023 12:54:43 +0000
ROA not before: Mon 02 Jan 2023 12:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59576
IP address blocks: 176.241.252.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:6d:e1:e4:4e:41:05:e3:e1:d1:f5:ec:47:1d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b15e77af4edde11192c6fecd50b21cd379d421
Validity
Not Before: Jan 2 12:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8858a8848da657badfb046bea2cd48641174e448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6c:60:4b:b4:23:2d:0f:e6:d0:35:07:54:ea:
a2:0f:62:e1:7f:ec:6b:05:d1:b7:3c:4a:37:60:0c:
56:ea:a0:5a:5f:74:d8:59:92:78:17:25:67:c0:a9:
7d:e4:d3:c0:79:cc:7e:57:40:38:4b:23:e9:55:c0:
7b:d0:48:d8:de:fd:32:70:f7:33:67:38:a5:a3:f3:
ee:68:64:74:aa:2c:7b:6f:0d:6f:a6:74:eb:f2:88:
57:54:78:a3:8e:85:4c:de:54:5d:07:e3:f7:8d:db:
d0:da:55:07:8d:0d:c0:14:c6:9e:dd:4f:a1:9b:72:
4b:a5:51:74:d5:9a:a1:29:e1:eb:4c:47:30:15:b2:
39:b8:d5:8f:02:d4:eb:37:cf:f1:e8:9a:9d:88:7d:
2c:09:48:49:64:2f:e6:25:79:e6:56:75:f2:62:ca:
0c:08:f1:a8:f4:a2:61:51:37:8b:2e:fe:9f:c3:a6:
f0:05:56:d4:c4:10:d3:c4:3d:74:81:14:04:57:24:
a1:f2:33:cb:29:10:c1:23:a9:24:29:0a:e6:b1:31:
41:12:e9:b8:18:cc:ee:49:3b:1d:f5:f9:85:9f:79:
fb:03:44:6e:71:cf:e9:3c:a6:e7:cb:3b:3a:e2:d6:
94:fb:c3:88:5a:2d:97:59:07:cc:c7:3f:a6:75:c8:
99:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:58:A8:84:8D:A6:57:BA:DF:B0:46:BE:A2:CD:48:64:11:74:E4:48
X509v3 Authority Key Identifier:
keyid:F1:B1:5E:77:AF:4E:DD:E1:11:92:C6:FE:CD:50:B2:1C:D3:79:D4:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bFed69O3eERksb-zVCyHNN51CE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/iFiohI2mV7rfsEa-os1IZBF05Eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/8bFed69O3eERksb-zVCyHNN51CE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.241.252.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:d3:dc:d4:1c:9a:90:f5:56:90:e8:5e:a5:5a:b1:8a:b1:2a:
3b:b8:f7:93:bf:4c:b4:f5:36:37:3b:d4:15:95:ed:e2:3c:50:
95:b9:db:5d:d2:b4:4a:76:51:4c:0e:5c:3d:f5:36:5a:76:48:
04:da:1c:7c:f9:2a:44:99:51:ad:b6:55:8f:b1:f2:3f:b6:1b:
9a:03:87:8a:60:99:5a:16:96:53:db:da:d8:82:6d:b7:77:2a:
3b:06:48:22:a8:cf:66:09:c2:f2:d2:93:06:77:06:31:ea:b2:
92:06:8e:f8:bf:39:a2:c4:65:f7:ab:41:93:52:13:67:bf:52:
ac:38:09:90:8f:ee:e7:55:5f:d7:21:83:9d:e7:2b:57:3a:ee:
9b:72:90:3b:97:e4:d2:4b:24:d8:55:1a:ba:2b:08:72:71:05:
05:b3:f6:3f:16:cb:93:bc:da:61:b0:5a:5b:41:49:a5:01:74:
54:3c:c0:c0:9f:11:8b:f4:9a:b8:5e:de:ec:8f:b9:bf:0a:67:
96:16:08:6f:e0:67:e8:d2:46:bf:0c:b2:07:45:ef:b9:9a:20:
5d:63:ae:eb:40:d6:9a:49:ea:4f:20:4c:86:35:58:a7:f6:8e:
aa:f8:d7:34:5d:c9:e3:13:33:69:40:e9:c8:65:47:69:bb:62:
41:e8:52:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjG3h5E5BBePh0fXsRx2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjE1ZTc3YWY0ZWRkZTExMTkyYzZmZWNkNTBiMjFjZDM3
OWQ0MjEwHhcNMjMwMTAyMTI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODU4YTg4NDhkYTY1N2JhZGZiMDQ2YmVhMmNkNDg2NDExNzRlNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWxgS7QjLQ/m0DUHVOqiD2Lhf+xr
BdG3PEo3YAxW6qBaX3TYWZJ4FyVnwKl95NPAecx+V0A4SyPpVcB70EjY3v0ycPcz
Zzilo/PuaGR0qix7bw1vpnTr8ohXVHijjoVM3lRdB+P3jdvQ2lUHjQ3AFMae3U+h
m3JLpVF01ZqhKeHrTEcwFbI5uNWPAtTrN8/x6JqdiH0sCUhJZC/mJXnmVnXyYsoM
CPGo9KJhUTeLLv6fw6bwBVbUxBDTxD10gRQEVySh8jPLKRDBI6kkKQrmsTFBEum4
GMzuSTsd9fmFn3n7A0Rucc/pPKbnyzs64taU+8OIWi2XWQfMxz+mdciZhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhYqISNple637BGvqLNSGQRdORIMB8GA1UdIwQY
MBaAFPGxXnevTt3hEZLG/s1QshzTedQhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJGZWQ2OU8zZUVSa3NiLXpWQ3lITk41MUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy81MDBmYTktNmZiOC00NzY4LTgwZGUt
MTM0MGNjNWIzZDU3LzEvaUZpb2hJMm1WN3Jmc0VhLW9zMUlaQkYwNUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy81MDBmYTktNmZiOC00NzY4LTgwZGUtMTM0MGNjNWIzZDU3
LzEvOGJGZWQ2OU8zZUVSa3NiLXpWQ3lITk41MUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsPH8MA0G
CSqGSIb3DQEBCwUAA4IBAQCz09zUHJqQ9VaQ6F6lWrGKsSo7uPeTv0y09TY3O9QV
le3iPFCVudtd0rRKdlFMDlw99TZadkgE2hx8+SpEmVGttlWPsfI/thuaA4eKYJla
FpZT29rYgm23dyo7BkgiqM9mCcLy0pMGdwYx6rKSBo74vzmixGX3q0GTUhNnv1Ks
OAmQj+7nVV/XIYOd5ytXOu6bcpA7l+TSSyTYVRq6KwhycQUFs/Y/FsuTvNphsFpb
QUmlAXRUPMDAnxGL9Jq4Xt7sj7m/CmeWFghv4Gfo0ka/DLIHRe+5miBdY67rQNaa
SepPIEyGNVin9o6q+Nc0XcnjEzNpQOnIZUdpu2JB6FL8
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:48 2024 by rpki-client on console-fra.rpki-client.org