Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/925259-2527-45eb-b916-5f2650c9012d/1/digVXQH7WbMAYENJvKaXpm1Mrrs.roa
File: digVXQH7WbMAYENJvKaXpm1Mrrs.roa (raw, json)
Hash identifier: v7tgpA5bXmB9sNv+TO73oARl4UUWZf9XPphNBvNNOac=
Subject key identifier: 76:28:15:5D:01:FB:59:B3:00:60:43:49:BC:A6:97:A6:6D:4C:AE:BB
Certificate issuer: /CN=1734db5c41e711b73d8f29dac12e9b8364cd1fbd
Certificate serial: 01856DCAD85BF7829463BBFF6F0B9FF14452
Authority key identifier: 17:34:DB:5C:41:E7:11:B7:3D:8F:29:DA:C1:2E:9B:83:64:CD:1F:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FzTbXEHnEbc9jynawS6bg2TNH70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/925259-2527-45eb-b916-5f2650c9012d/1/digVXQH7WbMAYENJvKaXpm1Mrrs.roa
Signing time: Sun 01 Jan 2023 14:44:48 +0000
ROA not before: Sun 01 Jan 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1945
IP address blocks: 192.33.153.0/24 maxlen: 24
192.33.162.0/24 maxlen: 24
140.77.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:d8:5b:f7:82:94:63:bb:ff:6f:0b:9f:f1:44:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1734db5c41e711b73d8f29dac12e9b8364cd1fbd
Validity
Not Before: Jan 1 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7628155d01fb59b300604349bca697a66d4caebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8d:4a:f2:f3:69:33:81:49:a3:48:7d:27:f3:
5f:56:bc:1c:55:5c:0d:32:20:a9:f6:d6:8f:09:ab:
fa:4b:29:7b:f3:62:d6:45:01:f3:bf:59:d9:de:1a:
03:59:8c:87:cc:39:8d:2c:f9:48:b1:fb:c3:b8:ec:
eb:3c:87:01:af:4f:bc:a5:aa:e5:b9:ac:18:f0:94:
2b:3b:ce:b1:66:03:f6:2c:eb:5a:71:2f:1b:cb:bf:
ac:a3:1a:82:3c:5e:a7:63:c9:14:ce:94:63:b4:7c:
44:ad:0b:62:28:d7:fc:b6:48:ec:b8:c0:d0:f8:b1:
c3:d3:8f:9d:ae:5d:3a:6b:39:70:11:fc:1f:11:d3:
9e:1e:23:74:24:f0:2e:34:82:63:e7:38:99:61:83:
de:ab:39:96:75:53:09:ff:cc:1f:6d:4e:42:59:20:
98:7e:84:16:82:1c:d7:a1:35:8e:21:b8:0b:85:4a:
85:3f:1e:f6:cb:fc:9d:9e:1e:21:76:41:ce:e6:60:
c9:ed:ca:36:33:82:8c:52:25:ab:d5:42:39:71:af:
8b:f9:0f:26:f0:12:6d:6c:7f:35:08:6c:d1:13:50:
71:17:af:23:07:c9:b7:f7:43:1b:25:28:34:61:a7:
69:6e:60:0a:c6:ed:bd:ba:4b:08:c6:ea:3b:11:1c:
ca:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:28:15:5D:01:FB:59:B3:00:60:43:49:BC:A6:97:A6:6D:4C:AE:BB
X509v3 Authority Key Identifier:
keyid:17:34:DB:5C:41:E7:11:B7:3D:8F:29:DA:C1:2E:9B:83:64:CD:1F:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FzTbXEHnEbc9jynawS6bg2TNH70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/925259-2527-45eb-b916-5f2650c9012d/1/digVXQH7WbMAYENJvKaXpm1Mrrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/925259-2527-45eb-b916-5f2650c9012d/1/FzTbXEHnEbc9jynawS6bg2TNH70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.77.0.0/16
192.33.153.0/24
192.33.162.0/24
Signature Algorithm: sha256WithRSAEncryption
33:5e:d1:41:6c:78:21:91:f9:ae:80:b6:92:a2:27:aa:c9:3e:
5a:dd:e0:d0:fc:11:5f:a8:5f:62:f1:ca:2e:21:25:3c:48:f1:
eb:b7:e4:28:9b:26:08:53:03:64:ef:79:0c:c9:32:b8:27:ef:
fc:73:49:95:95:70:04:2c:7e:6f:d4:bc:48:ad:ca:86:d5:8d:
b7:47:26:95:b8:77:d3:56:9c:cc:37:e9:5c:b4:fb:ce:4a:3a:
d7:0f:21:8d:45:69:33:25:75:63:87:d7:29:11:47:7f:43:cd:
ae:22:a0:5d:53:30:32:53:49:4a:ac:d1:5e:15:b4:8f:8e:b7:
10:c9:21:0e:34:ac:a5:6d:40:b5:5d:da:46:49:a4:b4:2a:3d:
93:23:0f:43:74:4a:a5:b2:0c:9c:94:70:e5:af:7b:ec:71:71:
a8:ba:ab:f1:35:7b:f4:5e:7e:20:66:27:d0:cc:c6:0a:d8:43:
28:ab:b6:f1:9a:6f:71:b6:57:3f:a4:6e:41:3d:05:04:c9:6c:
c9:79:6e:2b:1d:a9:51:2d:3b:bc:80:11:f8:90:d7:7a:19:c3:
cd:ae:1b:8c:12:1d:08:b8:c4:00:7b:43:1e:e9:0d:d8:45:70:
1c:f5:4c:c0:0e:e9:34:f9:5b:2d:11:a4:d0:ec:16:59:f3:00:
92:71:33:68
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVtythb94KUY7v/bwuf8URSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MzRkYjVjNDFlNzExYjczZDhmMjlkYWMxMmU5YjgzNjRj
ZDFmYmQwHhcNMjMwMTAxMTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjI4MTU1ZDAxZmI1OWIzMDA2MDQzNDliY2E2OTdhNjZkNGNhZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgY1K8vNpM4FJo0h9J/NfVrwcVVwN
MiCp9taPCav6Syl782LWRQHzv1nZ3hoDWYyHzDmNLPlIsfvDuOzrPIcBr0+8parl
uawY8JQrO86xZgP2LOtacS8by7+soxqCPF6nY8kUzpRjtHxErQtiKNf8tkjsuMDQ
+LHD04+drl06azlwEfwfEdOeHiN0JPAuNIJj5ziZYYPeqzmWdVMJ/8wfbU5CWSCY
foQWghzXoTWOIbgLhUqFPx72y/ydnh4hdkHO5mDJ7co2M4KMUiWr1UI5ca+L+Q8m
8BJtbH81CGzRE1BxF68jB8m390MbJSg0YadpbmAKxu29uksIxuo7ERzKTQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFHYoFV0B+1mzAGBDSbyml6ZtTK67MB8GA1UdIwQY
MBaAFBc021xB5xG3PY8p2sEum4NkzR+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnpUYlhFSG5FYmM5anluYXdTNmJnMlROSDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MjUyNTktMjUyNy00NWViLWI5MTYt
NWYyNjUwYzkwMTJkLzEvZGlnVlhRSDdXYk1BWUVOSnZLYVhwbTFNcnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MjUyNTktMjUyNy00NWViLWI5MTYtNWYyNjUwYzkwMTJk
LzEvRnpUYlhFSG5FYmM5anluYXdTNmJnMlROSDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAjE0DBADA
IZkDBADAIaIwDQYJKoZIhvcNAQELBQADggEBADNe0UFseCGR+a6AtpKiJ6rJPlrd
4ND8EV+oX2Lxyi4hJTxI8eu35CibJghTA2TveQzJMrgn7/xzSZWVcAQsfm/UvEit
yobVjbdHJpW4d9NWnMw36Vy0+85KOtcPIY1FaTMldWOH1ykRR39Dza4ioF1TMDJT
SUqs0V4VtI+OtxDJIQ40rKVtQLVd2kZJpLQqPZMjD0N0SqWyDJyUcOWve+xxcai6
q/E1e/RefiBmJ9DMxgrYQyirtvGab3G2Vz+kbkE9BQTJbMl5bisdqVEtO7yAEfiQ
13oZw82uG4wSHQi4xAB7Qx7pDdhFcBz1TMAO6TT5Wy0RpNDsFlnzAJJxM2g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:09 2024 by rpki-client on console-ams.rpki-client.org