Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/9WFCcnTAPI1lQwRSTyVY2XAJsAs.roa
File: 9WFCcnTAPI1lQwRSTyVY2XAJsAs.roa (raw, json)
Hash identifier: ONfBu1eeKfOGkOsgyWVUK1nhnKJUnkSNbuPSq5ZQgvQ=
Subject key identifier: F5:61:42:72:74:C0:3C:8D:65:43:04:52:4F:25:58:D9:70:09:B0:0B
Certificate issuer: /CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Certificate serial: 0187752196B4502C1345A7BD5B13B27F63DD
Authority key identifier: A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/9WFCcnTAPI1lQwRSTyVY2XAJsAs.roa
Signing time: Wed 12 Apr 2023 11:02:28 +0000
ROA not before: Wed 12 Apr 2023 11:02:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.129.28.0/23 maxlen: 23
192.129.31.0/24 maxlen: 24
192.129.26.0/23 maxlen: 23
141.39.0.0/16 maxlen: 16
192.76.176.0/24 maxlen: 24
188.1.0.0/16 maxlen: 16
195.37.0.0/16 maxlen: 16
192.108.71.0/24 maxlen: 24
192.108.67.0/24 maxlen: 24
192.108.70.0/24 maxlen: 24
192.108.69.0/24 maxlen: 24
194.94.0.0/15 maxlen: 15
193.174.0.0/15 maxlen: 15
212.201.0.0/16 maxlen: 16
2001:638::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:21:96:b4:50:2c:13:45:a7:bd:5b:13:b2:7f:63:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Validity
Not Before: Apr 12 11:02:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f561427274c03c8d654304524f2558d97009b00b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0e:a6:6a:f0:94:16:0f:39:0d:43:7a:f9:85:
8c:34:06:0b:e4:a4:f8:4a:f9:54:83:0b:9a:c2:4b:
c3:81:89:71:0c:b5:ac:b1:1f:a2:59:36:52:38:fe:
6f:c1:05:6a:9c:69:c2:67:b7:cb:7e:72:c0:bb:5a:
ed:99:b4:69:57:0b:72:dd:ab:05:35:b7:28:f6:e3:
04:a7:a5:53:14:ad:b5:38:6e:ad:42:21:6c:53:9f:
71:db:bd:50:2e:4d:79:bf:f4:1a:3b:f1:27:f4:e0:
70:5c:89:ff:b8:4d:e3:c2:4c:56:fd:d4:96:8e:dc:
7c:37:52:ec:42:a5:8a:de:d6:66:26:c9:78:00:d8:
e4:29:3a:73:55:81:f3:aa:92:33:df:64:34:44:7d:
be:4e:2b:c5:2e:4a:ef:b4:21:e5:b1:e4:38:7a:46:
21:17:04:58:64:7c:d1:73:6e:ff:a7:01:26:e0:9a:
3c:a7:0c:9e:55:32:bd:08:33:b6:18:e5:9b:67:3f:
07:25:e9:ad:fb:4c:0f:d8:e5:b5:73:c1:95:43:77:
56:fc:86:c9:dc:e7:6b:6e:21:af:05:3a:d1:8c:9d:
5c:8c:a6:2f:a5:b5:38:38:c1:11:ab:35:9a:3b:d6:
cb:8c:bc:46:56:18:b5:59:d3:73:29:d9:a0:be:99:
a4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:61:42:72:74:C0:3C:8D:65:43:04:52:4F:25:58:D9:70:09:B0:0B
X509v3 Authority Key Identifier:
keyid:A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/9WFCcnTAPI1lQwRSTyVY2XAJsAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.39.0.0/16
188.1.0.0/16
192.76.176.0/24
192.108.67.0/24
192.108.69.0-192.108.71.255
192.129.26.0-192.129.29.255
192.129.31.0/24
193.174.0.0/15
194.94.0.0/15
195.37.0.0/16
212.201.0.0/16
IPv6:
2001:638::/32
Signature Algorithm: sha256WithRSAEncryption
17:00:1b:16:c5:70:6d:89:7e:50:75:e5:49:40:cb:7b:e3:e9:
e0:77:e7:84:32:13:4d:81:85:60:0b:8e:f0:da:30:a7:08:bc:
eb:da:a3:7f:1e:ba:17:2c:36:9b:83:6d:5a:3e:91:f5:44:f7:
76:ba:0e:4d:7b:d5:b1:b7:b8:55:e9:fa:24:8d:a9:88:3b:99:
90:3c:13:d3:c7:25:8a:46:47:da:aa:99:f4:5b:79:9c:e7:61:
03:c1:a9:c6:fb:ab:ae:40:1a:da:47:5b:03:f6:0c:fd:90:23:
eb:67:f3:cd:a4:d8:3a:87:83:f1:f5:35:80:b1:98:13:6c:d5:
71:73:96:aa:3d:ac:ff:14:42:ae:db:fc:6d:b7:b7:41:3c:1d:
ec:cd:62:c4:28:89:b7:2c:99:1d:e6:fc:f3:60:75:89:ae:3d:
33:23:a4:22:71:8a:7b:a0:21:a3:81:1c:db:56:ec:67:b3:29:
b3:e3:81:73:3a:f6:97:ff:29:e6:f2:e7:99:9f:be:52:53:f6:
b2:59:29:3c:60:3e:c6:b9:c3:49:9a:b4:cd:d3:5a:f1:aa:45:
ad:b0:3d:19:3d:5d:b6:23:b6:6d:2e:b0:c8:08:c1:f1:31:3c:
d3:fd:05:18:94:e5:be:a0:0c:58:78:df:f2:8f:10:64:85:a8:
77:95:ab:37
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYd1IZa0UCwTRae9WxOyf2PdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OTk5MDNkYWI4NWY2YTU5NzcyYjNlZGZkNGJmMGU0OTFh
ZjU3YzQwHhcNMjMwNDEyMTEwMjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTYxNDI3Mjc0YzAzYzhkNjU0MzA0NTI0ZjI1NThkOTcwMDliMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ6mavCUFg85DUN6+YWMNAYL5KT4
SvlUgwuawkvDgYlxDLWssR+iWTZSOP5vwQVqnGnCZ7fLfnLAu1rtmbRpVwty3asF
Nbco9uMEp6VTFK21OG6tQiFsU59x271QLk15v/QaO/En9OBwXIn/uE3jwkxW/dSW
jtx8N1LsQqWK3tZmJsl4ANjkKTpzVYHzqpIz32Q0RH2+TivFLkrvtCHlseQ4ekYh
FwRYZHzRc27/pwEm4Jo8pwyeVTK9CDO2GOWbZz8HJemt+0wP2OW1c8GVQ3dW/IbJ
3OdrbiGvBTrRjJ1cjKYvpbU4OMERqzWaO9bLjLxGVhi1WdNzKdmgvpmkvwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFPVhQnJ0wDyNZUMEUk8lWNlwCbALMB8GA1UdIwQY
MBaAFKSZkD2rhfall3Kz7f1L8OSRr1fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQt
NTdlYzEyZTg2NDFlLzEvOVdGQ2NuVEFQSTFsUXdSU1R5VlkyWEFKc0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQtNTdlYzEyZTg2NDFl
LzEvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwMAjScDAwC8
AQMEAMBMsAMEAMBsQzAMAwQAwGxFAwQDwGxAMAwDBAHAgRoDBAHAgRwDBADAgR8D
AwHBrgMDAcJeAwMAwyUDAwDUyTANBAIAAjAHAwUAIAEGODANBgkqhkiG9w0BAQsF
AAOCAQEAFwAbFsVwbYl+UHXlSUDLe+Pp4HfnhDITTYGFYAuO8Nowpwi869qjfx66
Fyw2m4NtWj6R9UT3droOTXvVsbe4Ven6JI2piDuZkDwT08clikZH2qqZ9Ft5nOdh
A8GpxvurrkAa2kdbA/YM/ZAj62fzzaTYOoeD8fU1gLGYE2zVcXOWqj2s/xRCrtv8
bbe3QTwd7M1ixCiJtyyZHeb882B1ia49MyOkInGKe6Aho4Ec21bsZ7Mps+OBczr2
l/8p5vLnmZ++UlP2slkpPGA+xrnDSZq0zdNa8apFrbA9GT1dtiO2bS6wyAjB8TE8
0/0FGJTlvqAMWHjf8o8QZIWod5WrNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:45 2024 by rpki-client on console-ams.rpki-client.org