Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/avGYD7mwJ7HWBbWDje-7OHQsnVI.roa
File: avGYD7mwJ7HWBbWDje-7OHQsnVI.roa (raw, json)
Hash identifier: LOPVi8lUbqKlV+O0jWU8SiWR7pBhPRBOZb61w3VGFUk=
Subject key identifier: 6A:F1:98:0F:B9:B0:27:B1:D6:05:B5:83:8D:EF:BB:38:74:2C:9D:52
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01856EAFF3B6D03DCFBA91EBF21450AD04B0
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/avGYD7mwJ7HWBbWDje-7OHQsnVI.roa
Signing time: Sun 01 Jan 2023 18:55:03 +0000
ROA not before: Sun 01 Jan 2023 18:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56769
IP address blocks: 192.162.67.0/24 maxlen: 24
192.162.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f3:b6:d0:3d:cf:ba:91:eb:f2:14:50:ad:04:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 18:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6af1980fb9b027b1d605b5838defbb38742c9d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:97:d2:2b:00:0c:62:e9:48:bf:8b:23:8a:7a:
5e:7c:ff:1b:6e:db:5a:94:7d:24:80:1a:a4:88:de:
bd:c6:72:01:ee:a7:03:43:5e:4c:76:cf:81:3b:7c:
93:31:8f:46:b2:dc:9e:c4:97:55:3f:dc:1a:67:74:
8b:88:15:1a:bd:ed:56:28:ce:ae:0d:a4:10:37:af:
3d:a4:82:b9:f1:aa:a2:23:60:70:42:3e:fe:66:7e:
9f:49:c4:99:c1:d2:7e:72:2f:e2:5b:7e:b6:a3:4b:
07:78:c2:19:b7:ce:80:dd:46:c5:73:ec:4a:b7:c6:
b7:a6:be:44:b5:63:a9:2c:72:ea:ae:ee:91:46:cb:
e5:1d:c6:2c:15:47:6a:b2:6e:87:e9:bb:56:a6:b3:
4a:62:9c:8f:c2:c3:73:25:bf:3d:37:be:79:9e:2d:
db:ec:38:97:3a:09:2a:5f:f6:94:9d:b3:57:47:2c:
db:87:f1:5a:bb:ca:68:07:3d:4f:83:97:b5:de:4a:
6c:f8:5c:6c:45:df:72:db:52:ab:0f:ac:6f:dd:3d:
b5:a9:0a:5d:f7:9c:99:5a:d2:65:11:0c:1d:fd:3b:
93:b4:8f:89:bb:d3:31:97:6b:f5:fa:f7:09:f0:2b:
00:92:03:4a:b7:19:de:cb:f0:21:1b:0e:c1:e4:11:
48:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F1:98:0F:B9:B0:27:B1:D6:05:B5:83:8D:EF:BB:38:74:2C:9D:52
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/avGYD7mwJ7HWBbWDje-7OHQsnVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.66.0/23
Signature Algorithm: sha256WithRSAEncryption
cd:c0:38:80:ee:e9:ce:1b:f1:00:13:64:3b:53:e6:5b:3c:b0:
51:61:69:0e:e3:d5:d9:9a:0a:a6:35:ec:88:6e:90:d9:6b:7f:
be:75:bd:95:01:e2:1f:99:76:7b:0d:68:a6:cd:02:ea:f0:56:
25:ba:af:78:5d:7e:87:c4:f2:da:d9:4a:3e:8f:71:a6:0d:b3:
10:30:98:f5:6f:29:4d:1b:75:f2:f3:ec:6c:60:32:a2:bc:53:
9a:5e:62:0f:2e:57:c5:ff:19:f3:ad:23:85:f9:ec:76:69:6b:
cc:84:37:b9:36:cc:01:40:f3:ae:f6:b6:19:28:4a:77:fc:0c:
6c:22:9e:ce:39:a2:a6:c1:fd:6e:65:fe:06:83:7d:cc:ea:f7:
f9:76:1d:e6:49:a0:a0:c9:8c:c6:f6:4a:c9:19:69:ae:e2:93:
5d:e5:89:f3:fc:7d:c5:e8:75:1a:69:82:28:d6:a3:43:80:16:
91:06:85:0a:56:2d:fe:a9:e2:b2:76:a8:06:5d:9a:15:bb:7c:
53:bf:79:8f:cc:4d:f0:c6:e1:88:59:b0:63:8f:9f:b9:30:63:
41:fc:4e:a2:46:47:65:0b:38:6a:7c:cd:b3:17:a0:a8:ac:d4:
e2:ad:8d:2d:7b:85:08:68:3a:13:e8:37:e2:4f:0a:63:bc:9e:
34:8c:bf:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur/O20D3PupHr8hRQrQSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMTAxMTg1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWYxOTgwZmI5YjAyN2IxZDYwNWI1ODM4ZGVmYmIzODc0MmM5ZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopfSKwAMYulIv4sjinpefP8bbtta
lH0kgBqkiN69xnIB7qcDQ15Mds+BO3yTMY9GstyexJdVP9waZ3SLiBUave1WKM6u
DaQQN689pIK58aqiI2BwQj7+Zn6fScSZwdJ+ci/iW362o0sHeMIZt86A3UbFc+xK
t8a3pr5EtWOpLHLqru6RRsvlHcYsFUdqsm6H6btWprNKYpyPwsNzJb89N755ni3b
7DiXOgkqX/aUnbNXRyzbh/Fau8poBz1Pg5e13kps+FxsRd9y21KrD6xv3T21qQpd
95yZWtJlEQwd/TuTtI+Ju9Mxl2v1+vcJ8CsAkgNKtxney/AhGw7B5BFI4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrxmA+5sCex1gW1g43vuzh0LJ1SMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvYXZHWUQ3bXdKN0hXQmJXRGplLTdPSFFzblZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwKJCMA0G
CSqGSIb3DQEBCwUAA4IBAQDNwDiA7unOG/EAE2Q7U+ZbPLBRYWkO49XZmgqmNeyI
bpDZa3++db2VAeIfmXZ7DWimzQLq8FYluq94XX6HxPLa2Uo+j3GmDbMQMJj1bylN
G3Xy8+xsYDKivFOaXmIPLlfF/xnzrSOF+ex2aWvMhDe5NswBQPOu9rYZKEp3/Axs
Ip7OOaKmwf1uZf4Gg33M6vf5dh3mSaCgyYzG9krJGWmu4pNd5Ynz/H3F6HUaaYIo
1qNDgBaRBoUKVi3+qeKydqgGXZoVu3xTv3mPzE3wxuGIWbBjj5+5MGNB/E6iRkdl
CzhqfM2zF6CorNTirY0te4UIaDoT6DfiTwpjvJ40jL8L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:33 2024 by rpki-client on console-ams.rpki-client.org