Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/USLxvBTX73vNGvT9ZOjMi85E13M.roa
File: USLxvBTX73vNGvT9ZOjMi85E13M.roa (raw, json)
Hash identifier: L1ofsSFzmjsu6NMjjN3cTrg2XuyjpjOXCKDI0CjOixY=
Subject key identifier: 51:22:F1:BC:14:D7:EF:7B:CD:1A:F4:FD:64:E8:CC:8B:CE:44:D7:73
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01909E6149D3A5A705F9B5A2C63D29B3DC57
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/USLxvBTX73vNGvT9ZOjMi85E13M.roa
Signing time: Wed 10 Jul 2024 20:41:34 +0000
ROA not before: Wed 10 Jul 2024 20:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 62.164.224.0/20 maxlen: 20
62.164.240.0/20 maxlen: 24
66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
88.135.96.0/20 maxlen: 24
93.119.184.0/21 maxlen: 24
94.101.103.0/24 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
176.222.48.0/22 maxlen: 24
192.200.192.0/19 maxlen: 24
198.145.112.0/22 maxlen: 24
212.32.96.0/20 maxlen: 24
212.32.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 08:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9e:61:49:d3:a5:a7:05:f9:b5:a2:c6:3d:29:b3:dc:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 10 20:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5122f1bc14d7ef7bcd1af4fd64e8cc8bce44d773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:40:52:cb:99:72:09:0d:1e:c3:15:e2:1e:6f:
68:cf:c9:d9:09:7b:d4:d1:38:e8:4e:4c:cc:17:75:
54:07:13:4a:90:9a:26:82:70:43:0c:f6:80:cb:c4:
43:cf:9c:07:0b:24:df:ca:d2:fd:5e:f3:b9:f4:5c:
ac:89:4a:35:cf:72:2a:d3:e6:b3:7a:09:da:da:ad:
a4:5b:aa:0d:d9:b1:40:83:d3:79:46:7c:50:8f:45:
65:04:1d:10:4e:cb:17:9c:c2:f7:50:a7:e8:29:ec:
4e:43:81:b9:dd:66:51:15:d4:ad:0a:cd:b1:4b:53:
fd:93:21:d2:5a:8e:08:d7:7b:7d:89:8a:4c:41:f9:
47:f3:c8:0a:16:46:1d:06:ee:5b:d1:80:62:c2:8e:
3b:cd:39:c4:b0:19:6d:52:c1:6c:59:43:14:90:ff:
a5:67:4d:da:8d:af:d5:ab:d6:83:9c:22:ef:45:e9:
02:3f:20:9c:0f:f0:0c:02:70:63:6a:40:6d:51:cf:
25:54:d8:5e:09:0d:b7:7a:17:32:50:c8:15:b9:f3:
94:44:91:4d:93:7f:0b:05:fc:39:fc:f0:8a:26:21:
72:66:15:0c:86:52:c7:3f:22:ce:3b:94:50:85:85:
d8:b1:c1:b4:21:f3:c1:ab:b2:90:be:18:f7:89:66:
d8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:22:F1:BC:14:D7:EF:7B:CD:1A:F4:FD:64:E8:CC:8B:CE:44:D7:73
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/USLxvBTX73vNGvT9ZOjMi85E13M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.224.0/19
66.9.96.0/20
66.117.8.0/22
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
88.135.96.0/20
93.119.184.0/21
94.101.103.0/24
95.178.8.0/21
116.50.16.0/21
121.127.56.0/21
176.222.48.0/22
192.200.192.0/19
198.145.112.0/22
212.32.96.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:d9:60:57:59:11:fb:de:d8:95:30:4a:bb:21:36:0a:a0:bc:
27:83:1d:c6:b2:db:cf:0a:36:0b:1c:cb:e0:41:fe:e5:05:b0:
78:69:17:81:24:4a:dd:1d:53:c7:73:d5:2a:9b:65:86:2f:44:
2b:20:39:cf:71:c2:fe:cf:7e:d8:6b:9a:2d:d1:be:87:b1:66:
6c:eb:be:dc:68:83:48:59:07:ef:a2:75:79:90:e4:61:07:a7:
e6:4a:18:a4:d5:87:f6:12:71:f3:50:95:8b:37:6b:b9:40:91:
fe:ba:b7:bc:f1:29:59:e1:48:4e:d5:17:82:47:b7:63:71:ec:
13:9a:95:32:83:66:41:c4:5c:bb:ef:e5:a3:41:d1:c4:32:13:
4b:f6:b1:ee:d7:0a:32:7f:f2:a4:83:08:0f:14:c1:97:f5:31:
7b:6b:bb:e0:7c:8e:23:24:e0:eb:5e:f9:3b:22:1d:7f:46:ac:
0d:24:32:ed:8c:18:ed:21:8a:b1:0d:8f:b9:7c:2b:3d:ee:56:
b0:ea:4f:6b:20:a8:0d:2d:b8:8f:72:ae:56:4f:41:ed:2c:a0:
72:65:18:c1:d9:dd:dd:34:4a:3d:82:21:0b:08:ff:3f:f7:ca:
aa:9b:c2:57:83:cc:ee:e9:38:2f:24:37:89:62:4c:69:d3:21:
70:e9:7b:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZCeYUnTpacF+bWixj0ps9xXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNzEwMjA0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTIyZjFiYzE0ZDdlZjdiY2QxYWY0ZmQ2NGU4Y2M4YmNlNDRkNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0BSy5lyCQ0ewxXiHm9oz8nZCXvU
0TjoTkzMF3VUBxNKkJomgnBDDPaAy8RDz5wHCyTfytL9XvO59FysiUo1z3Iq0+az
egna2q2kW6oN2bFAg9N5RnxQj0VlBB0QTssXnML3UKfoKexOQ4G53WZRFdStCs2x
S1P9kyHSWo4I13t9iYpMQflH88gKFkYdBu5b0YBiwo47zTnEsBltUsFsWUMUkP+l
Z03aja/Vq9aDnCLvRekCPyCcD/AMAnBjakBtUc8lVNheCQ23ehcyUMgVufOURJFN
k38LBfw5/PCKJiFyZhUMhlLHPyLOO5RQhYXYscG0IfPBq7KQvhj3iWbYHwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFFEi8bwU1+97zRr0/WTozIvORNdzMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvVVNMeHZCVFg3M3ZOR3ZUOVpPak1pODVFMTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEBT6k4AME
BEIJYAMEAkJ1CDAMAwQGTd/AAwQBTd/IAwQBT4tAAwQDU47IAwQEWIdgAwQDXXe4
AwQAXmVnAwQDX7IIAwQDdDIQAwQDeX84AwQCsN4wAwQFwMjAAwQCxpFwAwQF1CBg
MA0GCSqGSIb3DQEBCwUAA4IBAQCO2WBXWRH73tiVMEq7ITYKoLwngx3GstvPCjYL
HMvgQf7lBbB4aReBJErdHVPHc9Uqm2WGL0QrIDnPccL+z37Ya5ot0b6HsWZs677c
aINIWQfvonV5kORhB6fmShik1Yf2EnHzUJWLN2u5QJH+ure88SlZ4UhO1ReCR7dj
cewTmpUyg2ZBxFy77+WjQdHEMhNL9rHu1woyf/KkgwgPFMGX9TF7a7vgfI4jJODr
Xvk7Ih1/RqwNJDLtjBjtIYqxDY+5fCs97law6k9rIKgNLbiPcq5WT0HtLKByZRjB
2d3dNEo9giELCP8/98qqm8JXg8zu6TgvJDeJYkxp0yFw6XtA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:22 2025 by rpki-client