Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/D_1NAA8x3qrlh1T_OQltMyJylnQ.roa
File: D_1NAA8x3qrlh1T_OQltMyJylnQ.roa (raw, json)
Hash identifier: v2Z1hxfbv0qVkCgEJ4qF3+crZhpn4h0GGfz3QJm9xCc=
Subject key identifier: 0F:FD:4D:00:0F:31:DE:AA:E5:87:54:FF:39:09:6D:33:22:72:96:74
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB830E45FF50C55F244776E83E09F22
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/D_1NAA8x3qrlh1T_OQltMyJylnQ.roa
Signing time: Sun 01 Jan 2023 09:44:48 +0000
ROA not before: Sun 01 Jan 2023 09:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2278
IP address blocks: 161.105.128.0/17 maxlen: 17
139.100.0.0/16 maxlen: 16
192.144.77.0/24 maxlen: 24
161.106.0.0/16 maxlen: 16
2a01:cf00::/42 maxlen: 48
2a01:cf00:f::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:30:e4:5f:f5:0c:55:f2:44:77:6e:83:e0:9f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ffd4d000f31deaae58754ff39096d3322729674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0e:91:94:79:e5:50:51:a3:ec:ff:01:c0:48:
05:d7:de:e9:61:51:a1:98:75:ab:18:35:ed:e8:94:
1e:ea:fa:0c:2d:f8:c0:9d:f8:ad:c4:0c:e2:fc:7a:
e6:0d:e1:df:ae:1d:45:25:22:ff:47:28:98:f6:91:
02:34:38:e0:34:cc:67:d6:b2:a5:4d:81:d2:78:30:
0d:79:44:31:43:a9:55:22:39:e3:a0:e7:a7:87:74:
2f:b0:3f:82:11:a9:80:70:af:8f:34:fd:2c:3c:67:
dc:88:c5:fd:b0:f4:c1:d9:a2:d4:6e:9e:88:48:32:
91:bd:d1:b7:a5:62:7e:d7:86:32:41:c2:66:91:08:
82:0b:8d:5e:dc:2c:6c:41:d3:69:db:42:57:79:fd:
aa:82:77:f0:cc:6a:3a:16:e1:ba:65:d7:ab:75:75:
84:9b:b6:88:57:99:e5:3e:ec:ba:50:a0:6c:b2:b5:
4e:8e:36:4a:e6:61:b3:e0:8a:09:1d:11:8d:ae:df:
86:19:7d:cb:49:43:98:55:97:32:86:7f:1f:6d:3a:
ee:5a:c2:18:78:87:69:ae:5e:ea:2d:65:31:55:2d:
cb:a4:98:8a:4f:62:c3:84:5c:9b:ba:4d:2d:63:27:
de:69:38:a1:b5:04:32:37:8e:f9:32:ed:69:9c:f6:
c9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:FD:4D:00:0F:31:DE:AA:E5:87:54:FF:39:09:6D:33:22:72:96:74
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/D_1NAA8x3qrlh1T_OQltMyJylnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.100.0.0/16
161.105.128.0-161.106.255.255
192.144.77.0/24
IPv6:
2a01:cf00::/42
Signature Algorithm: sha256WithRSAEncryption
45:3a:6d:b0:90:5a:d0:e2:c5:87:96:00:d3:fb:4a:ef:ba:dc:
14:60:d6:cb:f0:8a:0e:d2:a9:b5:a1:8e:a1:2a:45:25:32:1f:
c7:97:bb:0e:de:2e:3f:4c:e0:b4:3c:ed:c4:18:70:9b:dd:c3:
14:8b:c5:71:b4:d2:ef:6a:b3:ce:8d:13:54:59:26:ba:4d:a0:
cf:e7:8b:6a:d3:37:fa:ef:b4:0b:8c:2e:99:ae:1b:76:9e:96:
50:19:a3:35:74:41:9f:82:2b:20:53:c8:9c:f6:50:e3:6b:05:
a5:b8:82:a5:8b:d4:c6:3d:90:c0:45:9c:25:04:58:e5:7b:46:
f1:78:97:7c:ee:ae:84:4a:f4:33:84:1f:21:30:b6:2a:a1:49:
d1:d4:11:e8:71:37:89:47:66:6d:d9:b4:e8:04:f8:0a:5b:4f:
fa:bc:50:77:30:a2:48:1f:49:b0:2b:34:49:d6:cf:f1:a8:ef:
73:1a:41:ab:e9:ba:2b:0a:a5:82:40:d4:ed:be:dc:b0:f0:a6:
af:00:13:ac:e7:6c:be:14:39:8d:be:c7:8f:c7:cc:ef:d9:bf:
54:28:3b:1a:53:26:40:29:94:f9:5b:76:c3:b2:ea:8d:89:06:
72:0e:5f:97:4d:64:4f:0e:0f:e7:62:d6:2c:68:77:0f:ad:db:
0c:28:27:6f
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVsuDDkX/UMVfJEd26D4J8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmZkNGQwMDBmMzFkZWFhZTU4NzU0ZmYzOTA5NmQzMzIyNzI5Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg6RlHnlUFGj7P8BwEgF197pYVGh
mHWrGDXt6JQe6voMLfjAnfitxAzi/HrmDeHfrh1FJSL/RyiY9pECNDjgNMxn1rKl
TYHSeDANeUQxQ6lVIjnjoOenh3QvsD+CEamAcK+PNP0sPGfciMX9sPTB2aLUbp6I
SDKRvdG3pWJ+14YyQcJmkQiCC41e3CxsQdNp20JXef2qgnfwzGo6FuG6ZderdXWE
m7aIV5nlPuy6UKBssrVOjjZK5mGz4IoJHRGNrt+GGX3LSUOYVZcyhn8fbTruWsIY
eIdprl7qLWUxVS3LpJiKT2LDhFybuk0tYyfeaTihtQQyN475Mu1pnPbJ0wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFA/9TQAPMd6q5YdU/zkJbTMicpZ0MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvRF8xTkFBOHgzcXJsaDFUX09RbHRNeUp5bG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwMAi2QwCwME
B6FpgAMDAKFqAwQAwJBNMA8EAgACMAkDBwYqAc8AAAAwDQYJKoZIhvcNAQELBQAD
ggEBAEU6bbCQWtDixYeWANP7Su+63BRg1svwig7SqbWhjqEqRSUyH8eXuw7eLj9M
4LQ87cQYcJvdwxSLxXG00u9qs86NE1RZJrpNoM/ni2rTN/rvtAuMLpmuG3aellAZ
ozV0QZ+CKyBTyJz2UONrBaW4gqWL1MY9kMBFnCUEWOV7RvF4l3zuroRK9DOEHyEw
tiqhSdHUEehxN4lHZm3ZtOgE+ApbT/q8UHcwokgfSbArNEnWz/Go73MaQavpuisK
pYJA1O2+3LDwpq8AE6znbL4UOY2+x4/HzO/Zv1QoOxpTJkAplPlbdsOy6o2JBnIO
X5dNZE8OD+di1ixodw+t2wwoJ28=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org