Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/Uq526nq5Kg95O4gB0JLwPpfdRSQ.roa
File: Uq526nq5Kg95O4gB0JLwPpfdRSQ.roa (raw, json)
Hash identifier: bQBM6N1mzCHBmus89hU3d2WyaCN4aWnQajleaO8HEbw=
Subject key identifier: 52:AE:76:EA:7A:B9:2A:0F:79:3B:88:01:D0:92:F0:3E:97:DD:45:24
Certificate issuer: /CN=6ddd8f1e38c91f5b17c3d1a7234e49c9c70dc324
Certificate serial: 018A64BE9BDFE3D70BABE56A84D170AE5155
Authority key identifier: 6D:DD:8F:1E:38:C9:1F:5B:17:C3:D1:A7:23:4E:49:C9:C7:0D:C3:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bd2PHjjJH1sXw9GnI05JyccNwyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/Uq526nq5Kg95O4gB0JLwPpfdRSQ.roa
Signing time: Tue 05 Sep 2023 09:48:47 +0000
ROA not before: Tue 05 Sep 2023 09:48:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1835
IP address blocks: 192.38.32.0/19 maxlen: 24
130.226.0.0/16 maxlen: 24
192.38.64.0/18 maxlen: 24
192.38.0.0/17 maxlen: 24
192.38.4.0/22 maxlen: 24
192.38.8.0/21 maxlen: 24
192.38.16.0/20 maxlen: 24
130.225.0.0/16 maxlen: 24
2001:878::/30 maxlen: 48
2001:7f8:1f::/48 maxlen: 64
2001:878::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:be:9b:df:e3:d7:0b:ab:e5:6a:84:d1:70:ae:51:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddd8f1e38c91f5b17c3d1a7234e49c9c70dc324
Validity
Not Before: Sep 5 09:48:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52ae76ea7ab92a0f793b8801d092f03e97dd4524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:51:b7:18:47:3f:90:69:54:d5:57:63:db:7b:
b4:1b:d3:b7:8e:d4:b5:37:ac:00:06:92:83:72:33:
d6:f6:3d:0b:1c:1f:12:4e:df:a4:0a:d7:45:b2:f4:
84:f0:80:45:fd:84:25:f6:08:08:7c:88:9f:ee:f8:
fd:db:17:2c:fd:58:d4:3a:3d:5c:c6:dd:7d:82:fb:
b7:a0:40:31:0f:f8:fa:f7:a6:f6:c9:d9:19:b6:79:
2d:4f:1e:2a:e7:aa:0a:a7:1d:6e:09:ff:95:d5:63:
58:ed:05:33:db:d9:67:32:02:e6:86:39:f5:35:8a:
1a:4c:e8:de:64:f8:30:64:d3:17:65:a0:71:f7:37:
4b:26:c5:da:02:56:a5:43:df:1b:09:91:b2:62:a5:
76:77:f9:72:e6:e1:c9:e9:75:82:c5:8e:be:f7:d5:
82:9e:68:db:6c:b2:af:f0:08:cf:85:9f:78:bf:54:
ea:3a:0a:53:7b:fb:67:30:c1:21:fb:1d:1e:82:54:
4a:d9:33:02:03:79:e3:33:3a:66:c5:1e:d4:ba:85:
37:ee:b3:d1:55:bc:12:e7:dd:9d:29:15:b1:80:ea:
91:ad:f2:e4:9f:bc:26:4c:36:84:47:63:27:ac:55:
e9:85:41:73:5c:d9:e6:ef:c9:e8:00:41:52:22:13:
24:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AE:76:EA:7A:B9:2A:0F:79:3B:88:01:D0:92:F0:3E:97:DD:45:24
X509v3 Authority Key Identifier:
keyid:6D:DD:8F:1E:38:C9:1F:5B:17:C3:D1:A7:23:4E:49:C9:C7:0D:C3:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd2PHjjJH1sXw9GnI05JyccNwyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/Uq526nq5Kg95O4gB0JLwPpfdRSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/bd2PHjjJH1sXw9GnI05JyccNwyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.225.0.0-130.226.255.255
192.38.0.0/17
IPv6:
2001:7f8:1f::/48
2001:878::/29
Signature Algorithm: sha256WithRSAEncryption
60:2d:3b:3b:de:91:df:fd:8d:64:c3:b4:82:1b:49:a1:12:9a:
cc:e8:1f:bf:6b:2c:57:4e:37:9f:67:6d:0d:40:ee:29:7f:4a:
80:d2:08:af:fb:eb:f2:ce:05:c7:ef:f5:b2:b5:56:6e:4b:00:
6f:a2:d9:65:6e:ef:70:ab:62:1c:42:31:64:23:a7:2b:d8:d0:
39:a6:4c:45:62:91:9c:85:f7:df:f6:69:5e:10:bd:d6:0d:c5:
a7:e4:dd:31:f7:97:ac:92:78:a6:7a:d5:8c:e0:0b:fc:ad:94:
7a:f7:e2:d4:c7:5c:10:b3:00:34:fa:75:2a:85:9e:a0:20:7b:
8e:f9:0b:ab:35:e7:e6:27:8d:ae:fa:c3:6e:59:9e:6a:bf:75:
46:e6:6b:b9:fc:19:6a:ee:60:1f:15:c7:42:b8:ce:03:18:92:
97:d8:c1:1b:0a:4f:64:5a:84:9f:8d:84:1f:3f:f0:b0:72:de:
13:78:e6:5e:00:4d:35:70:e2:bd:7a:55:ca:19:37:3a:b0:44:
46:b1:19:b3:66:1f:98:42:41:5d:9a:19:94:83:c6:7b:73:85:
6e:9d:43:63:00:10:a7:65:bd:98:d6:ce:fc:f3:7b:dc:c4:11:
44:c2:6f:7f:4a:47:63:e5:07:c5:7e:fc:9b:75:49:65:6f:df:
f0:12:8a:ef
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYpkvpvf49cLq+VqhNFwrlFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGQ4ZjFlMzhjOTFmNWIxN2MzZDFhNzIzNGU0OWM5Yzcw
ZGMzMjQwHhcNMjMwOTA1MDk0ODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFlNzZlYTdhYjkyYTBmNzkzYjg4MDFkMDkyZjAzZTk3ZGQ0NTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1G3GEc/kGlU1Vdj23u0G9O3jtS1
N6wABpKDcjPW9j0LHB8STt+kCtdFsvSE8IBF/YQl9ggIfIif7vj92xcs/VjUOj1c
xt19gvu3oEAxD/j696b2ydkZtnktTx4q56oKpx1uCf+V1WNY7QUz29lnMgLmhjn1
NYoaTOjeZPgwZNMXZaBx9zdLJsXaAlalQ98bCZGyYqV2d/ly5uHJ6XWCxY6+99WC
nmjbbLKv8AjPhZ94v1TqOgpTe/tnMMEh+x0eglRK2TMCA3njMzpmxR7UuoU37rPR
VbwS592dKRWxgOqRrfLkn7wmTDaER2MnrFXphUFzXNnm78noAEFSIhMk9QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFKudup6uSoPeTuIAdCS8D6X3UUkMB8GA1UdIwQY
MBaAFG3djx44yR9bF8PRpyNOScnHDcMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmQyUEhqakpIMXNYdzlHbkkwNUp5Y2NOd3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMTZjOGYtNWUzNi00NzFmLTk1NTUt
ZjYyOTdhNzdhMzdiLzEvVXE1MjZucTVLZzk1TzRnQjBKTHdQcGZkUlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMTZjOGYtNWUzNi00NzFmLTk1NTUtZjYyOTdhNzdhMzdi
LzEvYmQyUEhqakpIMXNYdzlHbkkwNUp5Y2NOd3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASMAoDAwCC4QMD
AILiAwQHwCYAMBYEAgACMBADBwAgAQf4AB8DBQMgAQh4MA0GCSqGSIb3DQEBCwUA
A4IBAQBgLTs73pHf/Y1kw7SCG0mhEprM6B+/ayxXTjefZ20NQO4pf0qA0giv++vy
zgXH7/WytVZuSwBvotllbu9wq2IcQjFkI6cr2NA5pkxFYpGchfff9mleEL3WDcWn
5N0x95esknimetWM4Av8rZR69+LUx1wQswA0+nUqhZ6gIHuO+QurNefmJ42u+sNu
WZ5qv3VG5mu5/Blq7mAfFcdCuM4DGJKX2MEbCk9kWoSfjYQfP/Cwct4TeOZeAE01
cOK9elXKGTc6sERGsRmzZh+YQkFdmhmUg8Z7c4VunUNjABCnZb2Y1s7883vcxBFE
wm9/Skdj5QfFfvybdUllb9/wEorv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:45 2024 by rpki-client on console-ams.rpki-client.org