Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/9XM2aE3t8LKujsr7EwL8n_n9HB8.roa
File: 9XM2aE3t8LKujsr7EwL8n_n9HB8.roa (raw, json)
Hash identifier: FwjKp5/eL22FPrCDSQOKSfaIFu2LznjpX4jpGVTEVLk=
Subject key identifier: F5:73:36:68:4D:ED:F0:B2:AE:8E:CA:FB:13:02:FC:9F:F9:FD:1C:1F
Certificate issuer: /CN=eaeea20bbbdb9a5d1cdc7114e2af518e76b1426e
Certificate serial: 01857070645E5BBE936B3DCEC01F0E213F5F
Authority key identifier: EA:EE:A2:0B:BB:DB:9A:5D:1C:DC:71:14:E2:AF:51:8E:76:B1:42:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6u6iC7vbml0c3HEU4q9RjnaxQm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/9XM2aE3t8LKujsr7EwL8n_n9HB8.roa
Signing time: Mon 02 Jan 2023 03:04:51 +0000
ROA not before: Mon 02 Jan 2023 03:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2.57.12.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:64:5e:5b:be:93:6b:3d:ce:c0:1f:0e:21:3f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaeea20bbbdb9a5d1cdc7114e2af518e76b1426e
Validity
Not Before: Jan 2 03:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f57336684dedf0b2ae8ecafb1302fc9ff9fd1c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fc:1d:4a:71:9d:cb:9b:b9:7c:18:14:5e:48:
ea:6f:6a:46:5d:ba:3b:51:18:51:b4:e1:61:0f:65:
74:4c:61:c7:03:7d:89:6c:bd:c7:07:84:1e:f4:a7:
7b:9a:c2:bc:25:d5:0a:3b:7c:3c:4e:ba:86:d0:8f:
62:db:c9:e9:d4:42:a0:07:40:f2:3b:18:2c:64:94:
95:e8:5e:31:8b:82:0c:8d:79:b9:6c:0a:42:2b:67:
27:5f:02:49:8c:5f:15:5c:05:dd:9c:23:69:38:82:
38:89:0c:78:48:5f:4f:d2:04:46:1e:47:34:8e:48:
ee:6f:61:f8:00:85:4d:cc:0a:33:36:34:e4:3f:0c:
66:12:30:7d:fd:1d:d1:09:18:cd:df:ec:43:50:f8:
2b:52:f9:1c:80:84:c3:db:46:de:e9:80:4f:a5:b6:
1c:89:00:44:55:20:01:0d:ed:d9:e1:0f:e2:83:e5:
5b:0d:85:d3:d9:b1:9e:da:16:7b:aa:83:d8:05:2d:
14:8f:7e:4e:aa:23:b4:c3:ca:19:f7:fe:76:75:49:
0b:32:6c:40:7c:8b:58:92:14:91:59:ba:03:03:20:
80:32:c8:65:66:5a:d3:53:43:e3:ab:c1:03:c6:7f:
a7:df:2b:6a:43:67:d6:f4:11:e2:34:63:1d:9b:10:
40:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:73:36:68:4D:ED:F0:B2:AE:8E:CA:FB:13:02:FC:9F:F9:FD:1C:1F
X509v3 Authority Key Identifier:
keyid:EA:EE:A2:0B:BB:DB:9A:5D:1C:DC:71:14:E2:AF:51:8E:76:B1:42:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6u6iC7vbml0c3HEU4q9RjnaxQm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/9XM2aE3t8LKujsr7EwL8n_n9HB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/6u6iC7vbml0c3HEU4q9RjnaxQm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.12.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:47:83:bf:7c:42:5f:8a:35:9c:a0:6d:77:37:e4:77:ae:fb:
2c:fc:2e:e6:69:0e:0c:85:f5:d9:29:c6:1d:c1:dd:7c:12:f1:
3f:1e:5e:e4:55:17:7a:66:3e:a4:e9:18:60:12:a2:8c:fc:fa:
fc:4e:fe:cd:18:d3:48:4a:93:d5:48:56:e1:05:96:a1:fb:14:
86:0f:db:89:87:2d:79:fa:80:c7:5b:67:a1:5c:28:db:c6:71:
9f:89:ff:2b:9a:5b:92:0a:77:34:0e:45:a3:49:e0:cc:13:52:
d9:a8:31:b3:7a:74:4a:55:22:8c:95:c4:ab:cd:28:36:07:26:
e3:49:47:b1:1b:00:74:de:dc:71:75:24:e1:19:9a:65:16:a4:
24:3a:25:46:92:ac:ac:2b:94:03:53:43:88:ca:63:e4:cf:19:
ab:04:e5:74:ad:7b:9f:c3:c9:6e:01:a0:44:88:3f:bd:f1:c7:
a5:46:19:d4:c7:3b:d8:f4:4f:2a:2b:c0:e8:44:a9:12:02:15:
95:ea:3c:93:8d:f2:84:a3:1d:a1:37:06:82:be:cb:14:31:4c:
36:52:e7:9c:a3:67:ff:57:53:d5:af:4e:46:1a:c3:84:55:59:
be:99:19:b8:31:13:b3:d8:a7:8c:18:ae:31:b3:9e:a7:a0:f8:
12:f2:b8:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcGReW76Taz3OwB8OIT9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZWVhMjBiYmJkYjlhNWQxY2RjNzExNGUyYWY1MThlNzZi
MTQyNmUwHhcNMjMwMTAyMDMwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTczMzY2ODRkZWRmMGIyYWU4ZWNhZmIxMzAyZmM5ZmY5ZmQxYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvwdSnGdy5u5fBgUXkjqb2pGXbo7
URhRtOFhD2V0TGHHA32JbL3HB4Qe9Kd7msK8JdUKO3w8TrqG0I9i28np1EKgB0Dy
OxgsZJSV6F4xi4IMjXm5bApCK2cnXwJJjF8VXAXdnCNpOII4iQx4SF9P0gRGHkc0
jkjub2H4AIVNzAozNjTkPwxmEjB9/R3RCRjN3+xDUPgrUvkcgITD20be6YBPpbYc
iQBEVSABDe3Z4Q/ig+VbDYXT2bGe2hZ7qoPYBS0Uj35OqiO0w8oZ9/52dUkLMmxA
fItYkhSRWboDAyCAMshlZlrTU0Pjq8EDxn+n3ytqQ2fW9BHiNGMdmxBAXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPVzNmhN7fCyro7K+xMC/J/5/RwfMB8GA1UdIwQY
MBaAFOruogu725pdHNxxFOKvUY52sUJuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnU2aUM3dmJtbDBjM0hFVTRxOVJqbmF4UW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83ZGY4NTktMjg1MS00M2MzLWEzMmIt
YWIwNDcyMDkzMGNmLzEvOVhNMmFFM3Q4TEt1anNyN0V3TDhuX245SEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83ZGY4NTktMjg1MS00M2MzLWEzMmItYWIwNDcyMDkzMGNm
LzEvNnU2aUM3dmJtbDBjM0hFVTRxOVJqbmF4UW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjkMMA0G
CSqGSIb3DQEBCwUAA4IBAQC2R4O/fEJfijWcoG13N+R3rvss/C7maQ4MhfXZKcYd
wd18EvE/Hl7kVRd6Zj6k6RhgEqKM/Pr8Tv7NGNNISpPVSFbhBZah+xSGD9uJhy15
+oDHW2ehXCjbxnGfif8rmluSCnc0DkWjSeDME1LZqDGzenRKVSKMlcSrzSg2Bybj
SUexGwB03txxdSThGZplFqQkOiVGkqysK5QDU0OIymPkzxmrBOV0rXufw8luAaBE
iD+98celRhnUxzvY9E8qK8DoRKkSAhWV6jyTjfKEox2hNwaCvssUMUw2Uueco2f/
V1PVr05GGsOEVVm+mRm4MROz2KeMGK4xs56noPgS8rgr
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:44 2024 by rpki-client on console-fra.rpki-client.org