Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/1-io_-Zov8MnHxsVYjsEdkJdaHC8.roa
File: 1-io_-Zov8MnHxsVYjsEdkJdaHC8.roa (raw, json)
Hash identifier: vPd1a6xWZRBEUuu0AFzDjCU8wqFbu4vbE+kDGGSbyKk=
Subject key identifier: FA:2A:3F:F9:9A:2F:F0:C9:C7:C6:C5:58:8E:C1:1D:90:97:5A:1C:2F
Certificate issuer: /CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Certificate serial: 018770CFA2D5187797E5C07046AECCB731F3
Authority key identifier: A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/1-io_-Zov8MnHxsVYjsEdkJdaHC8.roa
Signing time: Tue 11 Apr 2023 14:54:28 +0000
ROA not before: Tue 11 Apr 2023 14:54:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.129.28.0/23 maxlen: 23
192.129.31.0/24 maxlen: 24
192.129.26.0/23 maxlen: 23
141.39.0.0/16 maxlen: 24
192.76.176.0/24 maxlen: 24
188.1.0.0/16 maxlen: 16
195.37.0.0/16 maxlen: 16
192.108.71.0/24 maxlen: 24
192.108.67.0/24 maxlen: 24
192.108.70.0/24 maxlen: 24
192.108.69.0/24 maxlen: 24
194.94.0.0/15 maxlen: 15
193.174.0.0/15 maxlen: 15
212.201.0.0/16 maxlen: 16
2001:638::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Apr 2023 11:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:70:cf:a2:d5:18:77:97:e5:c0:70:46:ae:cc:b7:31:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Validity
Not Before: Apr 11 14:54:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa2a3ff99a2ff0c9c7c6c5588ec11d90975a1c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0e:bc:5b:7b:dc:75:56:6f:8f:04:24:f4:58:
25:36:ca:25:79:da:31:5d:4c:75:bc:c9:65:bd:36:
5a:e1:ea:c1:03:0e:d8:b8:02:3c:8d:ea:fd:48:f2:
13:5d:dd:5a:84:8a:19:fe:44:3b:46:75:be:1f:49:
67:85:20:7b:cc:28:24:ac:f3:0f:0a:f4:38:ef:f2:
d6:7b:ec:2a:0f:62:39:6c:15:aa:08:53:b7:1b:58:
ab:95:09:3d:06:93:69:48:58:91:13:f2:32:74:e4:
1d:e6:bf:5b:31:58:d6:82:94:d6:e7:9e:c4:20:8c:
5b:ff:00:46:95:36:65:6a:cd:df:9f:68:e4:0d:62:
21:02:72:fb:a0:1e:a9:41:41:30:10:4c:4d:73:02:
d2:24:33:8b:ef:1d:48:fb:46:36:b5:2e:f8:6f:29:
d1:a0:25:16:60:09:01:df:8f:60:c4:df:4e:c8:93:
cc:6c:a8:69:0e:c3:8b:50:fd:0d:e3:dc:08:80:a4:
74:c0:23:33:0e:4d:3f:f1:de:11:83:d5:86:12:7b:
cf:e1:8a:6e:d6:ea:0d:77:cb:06:7b:e8:3e:a8:0a:
08:25:55:f1:d7:16:43:76:e9:76:61:9a:ee:33:6a:
c1:f9:d9:36:30:3b:c2:ee:68:23:7b:02:b3:65:a3:
51:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2A:3F:F9:9A:2F:F0:C9:C7:C6:C5:58:8E:C1:1D:90:97:5A:1C:2F
X509v3 Authority Key Identifier:
keyid:A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/1-io_-Zov8MnHxsVYjsEdkJdaHC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.39.0.0/16
188.1.0.0/16
192.76.176.0/24
192.108.67.0/24
192.108.69.0-192.108.71.255
192.129.26.0-192.129.29.255
192.129.31.0/24
193.174.0.0/15
194.94.0.0/15
195.37.0.0/16
212.201.0.0/16
IPv6:
2001:638::/32
Signature Algorithm: sha256WithRSAEncryption
19:b5:90:90:ea:7f:9c:a7:c1:0c:46:42:ba:39:21:62:6b:6c:
fa:1a:95:6e:7d:6d:67:60:f8:d8:4e:04:e1:6c:6f:d4:95:97:
ab:16:b1:7d:a7:5b:df:3d:c6:d1:22:04:44:a4:a8:0d:c3:d1:
cb:32:92:2e:e0:b9:75:b9:0a:0a:da:0c:9e:78:b9:e1:80:cc:
ea:f8:fc:e3:4f:ea:f6:6d:0e:54:f6:d4:45:03:ac:74:5f:02:
56:f9:61:0e:92:cb:a3:20:8b:12:a4:a3:a3:4a:4f:f8:0e:69:
21:12:ed:10:2f:16:e6:e5:a0:a9:b4:06:08:9c:04:19:9a:45:
45:7d:25:8d:a3:e9:ac:b2:7d:a6:31:4c:64:74:f9:45:cc:9c:
e3:37:b9:b3:17:5c:20:d0:72:c3:d4:f6:e0:c2:9b:43:fd:74:
48:b5:fd:3f:59:ca:ff:45:c8:b4:b1:50:ef:0c:ed:47:42:9c:
25:a2:c5:d8:10:42:85:ff:ac:ec:b6:85:b6:b8:20:cd:88:34:
b0:26:9f:98:6f:51:b6:27:12:34:6d:c6:bc:26:03:61:4d:42:
4c:f1:9f:3e:6d:64:6c:19:21:27:2c:82:51:92:c8:60:f5:fc:
44:a0:75:89:91:38:84:d8:c0:2e:53:15:90:3b:ff:39:aa:1a:
f6:5c:86:8b
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYdwz6LVGHeX5cBwRq7MtzHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OTk5MDNkYWI4NWY2YTU5NzcyYjNlZGZkNGJmMGU0OTFh
ZjU3YzQwHhcNMjMwNDExMTQ1NDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJhM2ZmOTlhMmZmMGM5YzdjNmM1NTg4ZWMxMWQ5MDk3NWExYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ68W3vcdVZvjwQk9FglNsoledox
XUx1vMllvTZa4erBAw7YuAI8jer9SPITXd1ahIoZ/kQ7RnW+H0lnhSB7zCgkrPMP
CvQ47/LWe+wqD2I5bBWqCFO3G1irlQk9BpNpSFiRE/IydOQd5r9bMVjWgpTW557E
IIxb/wBGlTZlas3fn2jkDWIhAnL7oB6pQUEwEExNcwLSJDOL7x1I+0Y2tS74bynR
oCUWYAkB349gxN9OyJPMbKhpDsOLUP0N49wIgKR0wCMzDk0/8d4Rg9WGEnvP4Ypu
1uoNd8sGe+g+qAoIJVXx1xZDdul2YZruM2rB+dk2MDvC7mgjewKzZaNRFQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFPoqP/maL/DJx8bFWI7BHZCXWhwvMB8GA1UdIwQY
MBaAFKSZkD2rhfall3Kz7f1L8OSRr1fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQt
NTdlYzEyZTg2NDFlLzEvMS1pb18tWm92OE1uSHhzVllqc0Vka0pkYUhDOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvOGVkYTlhLWQxM2MtNDQzMC04Y2Y0LTU3ZWMxMmU4NjQx
ZS8xL3BKbVFQYXVGOXFXWGNyUHRfVXZ3NUpHdlY4US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB0BggrBgEFBQcBBwEB/wRlMGMwUgQCAAEwTAMDAI0nAwMA
vAEDBADATLADBADAbEMwDAMEAMBsRQMEA8BsQDAMAwQBwIEaAwQBwIEcAwQAwIEf
AwMBwa4DAwHCXgMDAMMlAwMA1MkwDQQCAAIwBwMFACABBjgwDQYJKoZIhvcNAQEL
BQADggEBABm1kJDqf5ynwQxGQro5IWJrbPoalW59bWdg+NhOBOFsb9SVl6sWsX2n
W989xtEiBESkqA3D0csyki7guXW5CgraDJ54ueGAzOr4/ONP6vZtDlT21EUDrHRf
Alb5YQ6Sy6MgixKko6NKT/gOaSES7RAvFubloKm0BgicBBmaRUV9JY2j6ayyfaYx
TGR0+UXMnOM3ubMXXCDQcsPU9uDCm0P9dEi1/T9Zyv9FyLSxUO8M7UdCnCWixdgQ
QoX/rOy2hba4IM2INLAmn5hvUbYnEjRtxrwmA2FNQkzxnz5tZGwZIScsglGSyGD1
/ESgdYmROITYwC5TFZA7/zmqGvZchos=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:45 2024 by rpki-client on console-ams.rpki-client.org