Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_9qrjO5mnprOIU0kuT_tsG2GD3Y.roa
File: _9qrjO5mnprOIU0kuT_tsG2GD3Y.roa (raw, json)
Hash identifier: OdgBRzWH4LDxVTmDQjmA1Mgr8f+qY5mxq4fLv/xpiFw=
Subject key identifier: FF:DA:AB:8C:EE:66:9E:9A:CE:21:4D:24:B9:3F:ED:B0:6D:86:0F:76
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A688172CDB3904FA85A2C5EE4D467
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_9qrjO5mnprOIU0kuT_tsG2GD3Y.roa
Signing time: Tue 02 Jan 2024 12:33:46 +0000
ROA not before: Tue 02 Jan 2024 12:33:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 159.255.32.0/21 maxlen: 24
188.253.12.0/22 maxlen: 22
82.115.4.0/22 maxlen: 24
188.214.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 11:05:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:68:81:72:cd:b3:90:4f:a8:5a:2c:5e:e4:d4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffdaab8cee669e9ace214d24b93fedb06d860f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1c:b3:26:f9:70:1e:73:18:18:3e:c5:d1:ee:
33:3a:b8:23:a4:07:1b:f3:3c:c8:b0:6f:d9:2f:6a:
6d:fb:7f:39:74:35:3a:01:6f:44:7f:56:1f:dd:ae:
56:99:0c:8f:5f:23:7a:e6:63:87:05:c1:b7:03:3a:
c4:18:da:f4:e0:5f:7d:63:83:7b:8b:a8:1b:51:bd:
6c:ea:5e:83:5f:84:ff:db:20:b3:54:49:d8:31:da:
3c:e4:25:ab:2d:42:da:55:fb:e6:1d:81:bc:a7:4e:
4a:4d:84:7c:ce:1b:a9:7f:9d:bf:55:2b:39:a7:59:
b9:87:f6:13:ec:c6:71:e8:a0:8f:d7:04:1a:4d:7d:
af:01:4f:0b:c6:57:97:36:98:56:c3:4c:f8:ba:bb:
91:1f:18:e3:ca:57:ab:da:e0:03:b7:dc:3c:4b:c9:
bd:cd:51:5b:4c:5d:b2:27:bb:d5:84:56:d6:91:2d:
bb:fa:af:37:e8:17:8f:c7:86:f8:a9:49:92:e4:5c:
65:04:48:8a:62:ac:4b:1f:67:69:3f:cf:cc:c3:34:
ca:f5:3a:6e:68:68:b6:21:65:58:0e:b6:2d:50:32:
66:05:fe:21:9c:dd:b6:2f:6e:08:7e:a4:93:8d:69:
6c:4d:cc:08:a0:17:74:18:3e:87:59:1e:40:8b:68:
d7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DA:AB:8C:EE:66:9E:9A:CE:21:4D:24:B9:3F:ED:B0:6D:86:0F:76
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_9qrjO5mnprOIU0kuT_tsG2GD3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.4.0/22
159.255.32.0/21
188.214.236.0/22
188.253.12.0/22
Signature Algorithm: sha256WithRSAEncryption
d4:a9:ae:43:7f:07:98:7f:04:fc:b8:b2:89:45:1a:95:88:95:
51:6c:f1:56:e3:53:ff:09:8f:53:00:62:d3:b2:10:89:6d:1a:
16:8c:be:66:34:b7:43:38:fb:3a:99:12:65:b8:fb:e3:e4:83:
8f:dd:ad:75:54:12:b6:a1:0e:32:fd:74:9a:e2:80:a2:b7:88:
54:61:37:18:f7:fc:45:f0:7c:dd:ff:01:d8:9b:a4:0d:21:45:
5c:67:06:b1:8b:24:ca:f7:42:63:2f:a8:75:2f:a2:d8:8a:c9:
9a:88:9d:59:6e:96:46:f3:51:65:61:d7:16:bf:58:f9:d5:8c:
c2:14:51:0d:c0:b7:e8:35:b5:18:c8:76:37:65:4b:66:9c:07:
a7:24:de:b4:cf:5c:00:1a:17:9b:30:a8:9c:0f:24:e1:22:fb:
4c:ec:84:6a:21:db:2f:2b:e6:61:51:92:ab:48:b0:b4:fd:23:
db:70:85:13:75:1a:ab:12:3c:42:0b:11:86:ba:e6:90:6b:b3:
29:85:92:f8:3f:11:c0:88:2a:70:2c:6f:61:c9:e8:cf:b4:d7:
c1:f8:13:5d:df:50:a6:4e:3c:69:83:9c:84:d1:78:ff:eb:b6:
87:7a:78:76:f4:d2:fd:69:72:66:ff:60:1d:da:bf:bf:00:ad:
6f:8e:a0:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKmiBcs2zkE+oWixe5NRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRhYWI4Y2VlNjY5ZTlhY2UyMTRkMjRiOTNmZWRiMDZkODYwZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxyzJvlwHnMYGD7F0e4zOrgjpAcb
8zzIsG/ZL2pt+385dDU6AW9Ef1Yf3a5WmQyPXyN65mOHBcG3AzrEGNr04F99Y4N7
i6gbUb1s6l6DX4T/2yCzVEnYMdo85CWrLULaVfvmHYG8p05KTYR8zhupf52/VSs5
p1m5h/YT7MZx6KCP1wQaTX2vAU8LxleXNphWw0z4uruRHxjjyler2uADt9w8S8m9
zVFbTF2yJ7vVhFbWkS27+q836BePx4b4qUmS5FxlBEiKYqxLH2dpP8/MwzTK9Tpu
aGi2IWVYDrYtUDJmBf4hnN22L24IfqSTjWlsTcwIoBd0GD6HWR5Ai2jXKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP/aq4zuZp6aziFNJLk/7bBthg92MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvXzlxcmpPNW1ucHJPSVUwa3VUX3RzRzJHRDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUnMEAwQD
n/8gAwQCvNbsAwQCvP0MMA0GCSqGSIb3DQEBCwUAA4IBAQDUqa5DfweYfwT8uLKJ
RRqViJVRbPFW41P/CY9TAGLTshCJbRoWjL5mNLdDOPs6mRJluPvj5IOP3a11VBK2
oQ4y/XSa4oCit4hUYTcY9/xF8Hzd/wHYm6QNIUVcZwaxiyTK90JjL6h1L6LYisma
iJ1ZbpZG81FlYdcWv1j51YzCFFENwLfoNbUYyHY3ZUtmnAenJN60z1wAGhebMKic
DyThIvtM7IRqIdsvK+ZhUZKrSLC0/SPbcIUTdRqrEjxCCxGGuuaQa7MphZL4PxHA
iCpwLG9hyejPtNfB+BNd31CmTjxpg5yE0Xj/67aHenh29NL9aXJm/2Ad2r+/AK1v
jqBY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org