Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/OMcdQNTL0pjK0VxQcNDL9ABNBz0.roa
File: OMcdQNTL0pjK0VxQcNDL9ABNBz0.roa (raw, json)
Hash identifier: KnwhkaIr6yv9IEDrqqu3fGz+UoSWC3EWS9f9/D3F4rU=
Subject key identifier: 38:C7:1D:40:D4:CB:D2:98:CA:D1:5C:50:70:D0:CB:F4:00:4D:07:3D
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019229A19782B3668D7F2BF2FB57040BD5DA
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/OMcdQNTL0pjK0VxQcNDL9ABNBz0.roa
Signing time: Wed 25 Sep 2024 14:41:48 +0000
ROA not before: Wed 25 Sep 2024 14:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23352
IP address blocks: 198.38.82.0/24 maxlen: 24
198.38.83.0/24 maxlen: 24
198.38.84.0/24 maxlen: 24
198.38.85.0/24 maxlen: 24
198.38.86.0/24 maxlen: 24
198.38.87.0/24 maxlen: 24
198.38.88.0/24 maxlen: 24
198.38.89.0/24 maxlen: 24
198.38.90.0/24 maxlen: 24
198.38.91.0/24 maxlen: 24
198.38.92.0/24 maxlen: 24
198.38.93.0/24 maxlen: 24
198.38.94.0/24 maxlen: 24
198.38.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 20:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:a1:97:82:b3:66:8d:7f:2b:f2:fb:57:04:0b:d5:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Sep 25 14:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38c71d40d4cbd298cad15c5070d0cbf4004d073d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3b:51:4b:a9:69:7c:2e:a3:c6:40:f8:60:20:
a8:f9:45:19:b9:93:28:52:44:08:87:e2:53:6e:d5:
6a:79:f2:cb:58:4e:50:e8:b5:7d:a9:27:de:cf:91:
dd:82:50:42:74:09:2a:33:87:cc:8a:d4:b4:27:d3:
c6:98:58:9a:5e:24:cc:e8:d0:ab:75:be:d0:44:f1:
54:04:b3:9e:1d:28:68:37:e4:79:71:8d:40:56:46:
41:eb:97:c5:71:ee:10:c0:be:d6:2d:04:27:c5:40:
ea:00:44:5d:77:ad:8f:18:12:01:c2:27:46:2a:9c:
b1:f9:87:d6:dc:a2:60:57:f2:f6:16:85:11:c9:df:
4d:40:bb:d9:a4:6e:03:90:2e:ab:73:60:c6:17:10:
dc:fe:70:a1:73:57:e9:92:9e:32:0c:85:39:9b:dd:
75:80:e2:ba:46:52:fe:4d:68:40:68:41:dc:b4:18:
e5:75:64:60:10:b7:31:fb:53:e0:1a:a4:4d:95:44:
0c:f3:5c:26:69:03:69:17:ee:6a:f1:a4:5c:e2:10:
38:ae:22:e5:46:39:f4:fb:ea:01:5d:da:b8:3c:0d:
42:de:d8:98:ff:12:9a:e9:05:a8:55:c8:52:d8:d2:
1e:6f:eb:e0:24:8d:f5:96:dc:7e:6f:64:cc:b6:11:
ef:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C7:1D:40:D4:CB:D2:98:CA:D1:5C:50:70:D0:CB:F4:00:4D:07:3D
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/OMcdQNTL0pjK0VxQcNDL9ABNBz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.38.82.0-198.38.95.255
Signature Algorithm: sha256WithRSAEncryption
86:e4:51:c9:22:ea:81:d7:73:0e:e8:3d:9f:73:68:be:bf:ae:
d5:ad:bd:46:61:f8:76:3a:d6:ef:1f:7b:19:6e:79:2b:59:1d:
85:43:2a:6f:8a:59:98:9c:0e:c6:4a:0c:9c:6d:50:fb:4b:d2:
de:af:42:47:78:68:eb:9a:a8:ce:d3:07:2f:cb:f3:14:31:9d:
58:75:13:0a:52:4c:f8:a4:97:ee:d1:8f:ab:c1:24:67:35:58:
b5:2e:2c:50:0d:11:34:10:12:f0:3b:10:20:40:49:91:d9:2b:
47:e0:a7:82:b3:3e:a8:68:61:07:ac:ff:00:98:97:18:31:b4:
1d:c4:92:69:77:55:f6:83:92:10:1e:aa:f2:07:a9:a0:43:41:
3b:a8:c6:14:54:56:d0:f9:73:b5:e0:44:5a:76:0b:bd:24:4a:
6d:48:39:1b:6e:27:cd:33:69:6d:6d:83:2a:ec:df:96:47:22:
99:69:1a:ad:9f:b1:49:8e:53:55:4e:c9:77:97:85:de:d5:d1:
e2:8c:ed:89:1d:b4:27:e5:5c:3b:3c:03:95:d7:76:b9:2b:0c:
73:29:af:d2:9c:8d:60:78:4e:8b:91:67:98:31:fd:74:54:b6:
75:63:8a:fe:f8:8b:f2:b7:e8:4e:3a:39:c8:2a:cf:94:2e:f0:
f5:33:11:3a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZIpoZeCs2aNfyvy+1cEC9XaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwOTI1MTQ0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGM3MWQ0MGQ0Y2JkMjk4Y2FkMTVjNTA3MGQwY2JmNDAwNGQwNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTtRS6lpfC6jxkD4YCCo+UUZuZMo
UkQIh+JTbtVqefLLWE5Q6LV9qSfez5HdglBCdAkqM4fMitS0J9PGmFiaXiTM6NCr
db7QRPFUBLOeHShoN+R5cY1AVkZB65fFce4QwL7WLQQnxUDqAERdd62PGBIBwidG
Kpyx+YfW3KJgV/L2FoURyd9NQLvZpG4DkC6rc2DGFxDc/nChc1fpkp4yDIU5m911
gOK6RlL+TWhAaEHctBjldWRgELcx+1PgGqRNlUQM81wmaQNpF+5q8aRc4hA4riLl
Rjn0++oBXdq4PA1C3tiY/xKa6QWoVchS2NIeb+vgJI31ltx+b2TMthHvIQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDjHHUDUy9KYytFcUHDQy/QATQc9MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvT01jZFFOVEwwcGpLMFZ4UWNOREw5QUJOQnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHGJlID
BAXGJkAwDQYJKoZIhvcNAQELBQADggEBAIbkUcki6oHXcw7oPZ9zaL6/rtWtvUZh
+HY61u8fexlueStZHYVDKm+KWZicDsZKDJxtUPtL0t6vQkd4aOuaqM7TBy/L8xQx
nVh1EwpSTPikl+7Rj6vBJGc1WLUuLFANETQQEvA7ECBASZHZK0fgp4KzPqhoYQes
/wCYlxgxtB3Ekml3VfaDkhAeqvIHqaBDQTuoxhRUVtD5c7XgRFp2C70kSm1IORtu
J80zaW1tgyrs35ZHIplpGq2fsUmOU1VOyXeXhd7V0eKM7YkdtCflXDs8A5XXdrkr
DHMpr9KcjWB4TouRZ5gx/XRUtnVjiv74i/K36E46Ocgqz5Qu8PUzETo=
-----END CERTIFICATE-----
Generated at Thu Oct 24 00:20:30 2024 by rpki-client on console-ams.rpki-client.org