Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/POkG9vTbPoYknb3SFKnrDb2ajMk.roa
File: POkG9vTbPoYknb3SFKnrDb2ajMk.roa (raw, json)
Hash identifier: VEazD09W+WquXlrwbOyYORzWmuew3+/10ABupmtIdb8=
Subject key identifier: 3C:E9:06:F6:F4:DB:3E:86:24:9D:BD:D2:14:A9:EB:0D:BD:9A:8C:C9
Certificate issuer: /CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Certificate serial: 01856C4126E8A478D995B3A5B6E752975807
Authority key identifier: D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/POkG9vTbPoYknb3SFKnrDb2ajMk.roa
Signing time: Sun 01 Jan 2023 07:34:47 +0000
ROA not before: Sun 01 Jan 2023 07:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1942
IP address blocks: 152.77.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:26:e8:a4:78:d9:95:b3:a5:b6:e7:52:97:58:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Validity
Not Before: Jan 1 07:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ce906f6f4db3e86249dbdd214a9eb0dbd9a8cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:af:4d:e2:05:64:42:79:0e:6e:f3:e2:4d:75:
76:51:29:ed:e0:d4:ce:a1:cc:ce:e5:b5:9a:6c:af:
9e:8a:15:d1:0f:cc:66:53:9a:8a:b9:f8:a2:79:e7:
79:77:bc:82:28:30:f0:b6:fd:55:90:f2:5b:b3:5b:
a1:c2:91:01:b7:ca:5d:c1:ab:ed:d2:d4:4b:4d:ae:
52:d9:53:42:2a:d5:e7:3f:3f:1d:c3:15:70:fe:3f:
da:19:df:00:55:ed:b8:89:e2:d4:36:56:66:0c:7f:
54:5f:ac:2f:8d:61:96:85:45:2f:c9:11:00:ee:86:
eb:6b:36:24:bf:98:18:82:35:79:21:32:f0:ef:2a:
b3:0b:ed:d3:cb:8b:84:0f:e4:31:b6:45:8c:94:c9:
64:f1:be:03:85:f5:d6:65:de:3f:20:25:6d:45:56:
dd:1a:a0:ca:eb:b3:aa:c4:66:58:1c:cf:51:b9:67:
5e:1e:70:45:94:3c:e4:ca:ae:52:54:ec:4b:fc:cb:
46:74:9f:fa:85:ab:1c:37:c0:91:9e:00:23:6d:e9:
6a:6a:0b:c6:10:9b:3a:dd:f6:9f:0f:cb:ab:0e:e8:
74:3a:e9:fb:3b:91:f3:ae:ed:88:36:78:4d:76:18:
18:1a:02:75:ef:da:c2:d1:69:8e:5a:b3:a9:83:92:
53:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E9:06:F6:F4:DB:3E:86:24:9D:BD:D2:14:A9:EB:0D:BD:9A:8C:C9
X509v3 Authority Key Identifier:
keyid:D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/POkG9vTbPoYknb3SFKnrDb2ajMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/156keuFhy7Pa75d4lzDXDEy6idA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.77.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:3b:41:ef:92:c0:93:f3:63:1d:62:c4:f0:df:99:7f:73:86:
02:4f:f8:49:bf:2e:38:98:a6:6d:b3:e8:08:60:e9:2e:b4:aa:
df:1b:e2:cc:67:b5:50:8d:a7:f9:80:5a:3d:2b:ce:c5:ca:b8:
bd:dc:ef:62:17:6a:3a:d2:81:20:7c:0a:40:7b:5f:cd:b6:7d:
65:14:ce:83:3f:f4:cc:5b:7a:ef:f8:82:e8:82:64:ec:92:93:
9b:04:5b:4e:9f:c1:27:d5:6e:6b:ec:6b:81:93:d0:78:e1:66:
ea:a9:2d:c1:a9:8f:cd:ad:e5:5f:7e:90:7e:73:36:b2:fe:89:
88:5b:b0:42:62:d2:38:c3:80:02:ac:ae:fd:5c:59:ef:df:2d:
a9:a3:17:bd:86:87:19:da:9a:20:e8:fb:74:3e:6c:a5:b1:98:
48:f2:9d:b7:0a:a1:e7:0d:0a:7f:8f:5f:cb:8b:59:f3:d1:65:
64:19:7f:21:43:17:f9:65:66:dc:c6:25:36:e0:1e:e1:32:7c:
0a:85:8a:0e:39:95:42:c4:9b:f5:5a:f5:57:c6:3d:ba:6d:a1:
18:50:b0:c4:14:f3:57:a6:a1:91:79:dd:67:79:40:cd:c5:27:
db:0e:1c:5f:17:60:d7:f7:8e:44:d4:04:1b:e2:9a:a8:5a:b2:
cf:26:2d:8e
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVsQSbopHjZlbOltudSl1gHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWVhNDdhZTE2MWNiYjNkYWVmOTc3ODk3MzBkNzBjNGNi
YTg5ZDAwHhcNMjMwMTAxMDczNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2U5MDZmNmY0ZGIzZTg2MjQ5ZGJkZDIxNGE5ZWIwZGJkOWE4Y2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta9N4gVkQnkObvPiTXV2USnt4NTO
oczO5bWabK+eihXRD8xmU5qKufiieed5d7yCKDDwtv1VkPJbs1uhwpEBt8pdwavt
0tRLTa5S2VNCKtXnPz8dwxVw/j/aGd8AVe24ieLUNlZmDH9UX6wvjWGWhUUvyREA
7obrazYkv5gYgjV5ITLw7yqzC+3Ty4uED+QxtkWMlMlk8b4DhfXWZd4/ICVtRVbd
GqDK67OqxGZYHM9RuWdeHnBFlDzkyq5SVOxL/MtGdJ/6hascN8CRngAjbelqagvG
EJs63fafD8urDuh0Oun7O5Hzru2INnhNdhgYGgJ179rC0WmOWrOpg5JTmQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDzpBvb02z6GJJ290hSp6w29mozJMB8GA1UdIwQY
MBaAFNeepHrhYcuz2u+XeJcw1wxMuonQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMt
M2MzZTUwZGRhNmNjLzEvUE9rRzl2VGJQb1lrbmIzU0ZLbnJEYjJhak1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMtM2MzZTUwZGRhNmNj
LzEvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmE0wDQYJ
KoZIhvcNAQELBQADggEBADI7Qe+SwJPzYx1ixPDfmX9zhgJP+Em/LjiYpm2z6Ahg
6S60qt8b4sxntVCNp/mAWj0rzsXKuL3c72IXajrSgSB8CkB7X822fWUUzoM/9Mxb
eu/4guiCZOySk5sEW06fwSfVbmvsa4GT0HjhZuqpLcGpj82t5V9+kH5zNrL+iYhb
sEJi0jjDgAKsrv1cWe/fLamjF72GhxnamiDo+3Q+bKWxmEjynbcKoecNCn+PX8uL
WfPRZWQZfyFDF/llZtzGJTbgHuEyfAqFig45lULEm/Va9VfGPbptoRhQsMQU81em
oZF53Wd5QM3FJ9sOHF8XYNf3jkTUBBvimqhass8mLY4=
-----END CERTIFICATE-----
Generated at Mon Sep 4 10:15:34 2023 by rpki-client on console-ams.rpki-client.org