Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/8pnAPshLw66NlUo2L7sK8IzAiUQ.roa
File: 8pnAPshLw66NlUo2L7sK8IzAiUQ.roa (raw, json)
Hash identifier: bwrieOZRQDxISJJ3AiKaiaoMPGqEBGXapndT02xZp8Q=
Subject key identifier: F2:99:C0:3E:C8:4B:C3:AE:8D:95:4A:36:2F:BB:0A:F0:8C:C0:89:44
Certificate issuer: /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial: 01856FD4F8F8AAC5F01441D139F8B70FC81A
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/8pnAPshLw66NlUo2L7sK8IzAiUQ.roa
Signing time: Mon 02 Jan 2023 00:15:06 +0000
ROA not before: Mon 02 Jan 2023 00:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48024
IP address blocks: 192.169.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:f8:f8:aa:c5:f0:14:41:d1:39:f8:b7:0f:c8:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Validity
Not Before: Jan 2 00:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f299c03ec84bc3ae8d954a362fbb0af08cc08944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f2:04:4b:a9:d5:f9:30:9a:67:d2:90:ad:1d:
e8:81:90:79:54:81:c6:89:7d:c8:3d:87:b1:4e:af:
0b:82:78:0d:35:2c:fd:dd:1d:8e:6b:36:02:f1:0b:
ca:4d:3f:4d:f9:fb:19:c9:fe:4b:c8:3a:e4:c5:8f:
1a:20:25:f7:c0:26:1b:a2:b6:42:fa:84:2e:3b:81:
82:3a:27:fe:9b:26:c6:fb:3d:89:06:21:1e:2a:40:
17:fb:47:89:ec:9e:f3:a3:e8:27:7f:6a:1d:8e:0d:
c4:01:b8:a2:00:4b:03:5b:48:c6:1e:21:dd:83:5c:
cf:e4:5c:b8:3b:21:ed:b3:72:62:27:ca:88:d7:81:
c6:e4:d1:08:31:02:58:e0:e5:26:a2:ae:28:e1:b7:
f5:81:69:ae:3e:00:11:99:98:0b:fe:4f:05:0d:c4:
a6:15:79:6e:8d:ce:17:a0:bd:ea:b7:8b:c7:6b:f3:
20:c8:dd:dc:17:1b:ec:6d:24:9f:8a:0a:d9:99:5d:
37:0b:67:69:89:8c:a9:df:d1:5c:fd:fa:32:5b:b7:
97:1b:54:a9:ad:1f:70:ac:4e:06:24:61:18:ae:8f:
83:d5:4e:0c:df:3f:74:5e:a7:ea:cd:c1:7b:b9:ef:
79:bb:dc:0a:0b:92:55:3c:e3:ed:53:d8:cb:7d:03:
0b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:99:C0:3E:C8:4B:C3:AE:8D:95:4A:36:2F:BB:0A:F0:8C:C0:89:44
X509v3 Authority Key Identifier:
keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/8pnAPshLw66NlUo2L7sK8IzAiUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.169.96.0/24
Signature Algorithm: sha256WithRSAEncryption
17:fb:b0:dc:93:df:7e:94:15:51:b7:23:c8:63:ae:6a:d8:6a:
86:02:df:ae:c7:9e:27:e4:8b:d6:89:1b:2c:b6:0b:e8:c2:ed:
ed:b1:73:a2:ee:fb:77:75:77:58:ac:73:0d:63:d6:62:4c:b2:
e3:37:fa:e9:b0:37:c8:a0:d4:d9:30:cf:5f:83:20:00:7e:17:
79:39:e7:e2:e3:af:80:11:d6:77:7b:c6:c8:89:b6:16:e6:76:
1b:89:4b:46:78:9d:ae:4a:7c:2f:bc:a3:33:90:9d:d4:f5:35:
e4:44:f7:f6:0a:5d:b0:b9:0f:ea:28:2c:cd:f5:28:d3:c0:d6:
78:5f:9d:72:af:2a:4b:79:24:0c:c3:0f:58:5b:19:d2:da:c6:
38:89:24:e0:7f:b9:9b:c8:93:49:0d:8a:e0:c1:87:ff:cb:43:
ea:06:13:7c:cb:e7:90:a2:05:fa:e7:7e:4f:33:66:be:d2:66:
72:a7:ce:97:e5:c7:ce:b5:b3:49:b3:d7:7e:48:89:a0:1a:be:
cf:0e:fa:39:3f:4f:5a:ac:2d:7a:d8:15:0f:d2:2b:9a:64:43:
c7:6c:26:c9:bd:00:a0:60:ff:fc:c1:ec:e9:61:d5:45:50:d9:
fe:64:a5:96:93:4e:f7:66:0a:a5:d7:6f:3d:dd:94:3d:9d:af:
c1:c4:53:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1Pj4qsXwFEHROfi3D8gaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Nzc2Yzc3ZjhlYmU3MDk0Y2EwMDdhY2UxYTljMGJmZGMy
YjNhZWMwHhcNMjMwMTAyMDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjk5YzAzZWM4NGJjM2FlOGQ5NTRhMzYyZmJiMGFmMDhjYzA4OTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPIES6nV+TCaZ9KQrR3ogZB5VIHG
iX3IPYexTq8LgngNNSz93R2OazYC8QvKTT9N+fsZyf5LyDrkxY8aICX3wCYborZC
+oQuO4GCOif+mybG+z2JBiEeKkAX+0eJ7J7zo+gnf2odjg3EAbiiAEsDW0jGHiHd
g1zP5Fy4OyHts3JiJ8qI14HG5NEIMQJY4OUmoq4o4bf1gWmuPgARmZgL/k8FDcSm
FXlujc4XoL3qt4vHa/MgyN3cFxvsbSSfigrZmV03C2dpiYyp39Fc/foyW7eXG1Sp
rR9wrE4GJGEYro+D1U4M3z90XqfqzcF7ue95u9wKC5JVPOPtU9jLfQMLdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKZwD7IS8OujZVKNi+7CvCMwIlEMB8GA1UdIwQY
MBaAFCV3bHf46+cJTKAHrOGpwL/cKzrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQt
ZTdkYWVjMTk0YTY5LzEvOHBuQVBzaEx3NjZObFVvMkw3c0s4SXpBaVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQtZTdkYWVjMTk0YTY5
LzEvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKlgMA0G
CSqGSIb3DQEBCwUAA4IBAQAX+7Dck99+lBVRtyPIY65q2GqGAt+ux54n5IvWiRss
tgvowu3tsXOi7vt3dXdYrHMNY9ZiTLLjN/rpsDfIoNTZMM9fgyAAfhd5Oefi46+A
EdZ3e8bIibYW5nYbiUtGeJ2uSnwvvKMzkJ3U9TXkRPf2Cl2wuQ/qKCzN9SjTwNZ4
X51yrypLeSQMww9YWxnS2sY4iSTgf7mbyJNJDYrgwYf/y0PqBhN8y+eQogX6535P
M2a+0mZyp86X5cfOtbNJs9d+SImgGr7PDvo5P09arC162BUP0iuaZEPHbCbJvQCg
YP/8wezpYdVFUNn+ZKWWk073Zgql12893ZQ9na/BxFOo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:50 2024 by rpki-client on console-ams.rpki-client.org