Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/27c919-ccce-46a9-84b3-ef81fca63029/1/1-XyCHmRFIl4jFXvdIPAPX_x2nbI.roa
File: 1-XyCHmRFIl4jFXvdIPAPX_x2nbI.roa (raw, json)
Hash identifier: Je7TP0Qm21MukK3blKSkffm+Tn3wqc5nYGK5A0S6Src=
Subject key identifier: F9:7C:82:1E:64:45:22:5E:23:15:7B:DD:20:F0:0F:5F:FC:76:9D:B2
Certificate issuer: /CN=2e5664e02936cb5b5454d595c5382b7e7a0c7944
Certificate serial: 0185724C6DEE356144720EDD2F7188F5DC2D
Authority key identifier: 2E:56:64:E0:29:36:CB:5B:54:54:D5:95:C5:38:2B:7E:7A:0C:79:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LlZk4Ck2y1tUVNWVxTgrfnoMeUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/27c919-ccce-46a9-84b3-ef81fca63029/1/1-XyCHmRFIl4jFXvdIPAPX_x2nbI.roa
Signing time: Mon 02 Jan 2023 11:44:49 +0000
ROA not before: Mon 02 Jan 2023 11:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29687
IP address blocks: 128.140.188.0/24 maxlen: 24
128.140.189.0/24 maxlen: 24
128.140.188.0/22 maxlen: 22
128.140.188.0/23 maxlen: 23
128.140.191.0/24 maxlen: 24
128.140.190.0/23 maxlen: 23
128.140.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:6d:ee:35:61:44:72:0e:dd:2f:71:88:f5:dc:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e5664e02936cb5b5454d595c5382b7e7a0c7944
Validity
Not Before: Jan 2 11:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f97c821e6445225e23157bdd20f00f5ffc769db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:11:73:08:aa:84:e3:d7:a3:df:81:59:f1:62:
60:98:a4:4b:ed:ac:4f:9c:e5:ed:bb:c4:2d:5f:81:
78:cf:68:6d:cd:70:80:be:82:74:72:bd:80:55:69:
44:aa:12:bc:00:20:c5:31:16:d1:75:aa:89:1d:e4:
10:c7:dd:2e:4c:01:fc:03:66:36:37:b5:c5:cf:4e:
1d:13:bb:80:22:57:ff:2c:d4:15:a4:4d:0b:5d:e7:
11:e8:cc:3b:c0:39:1a:1c:2a:39:30:99:3d:a0:33:
e8:45:42:84:68:36:22:a7:7d:01:b0:ba:2b:ec:bc:
d7:ef:8c:56:dd:96:6d:09:b0:9d:24:27:12:05:e8:
94:37:e1:26:4c:a5:f7:d1:f7:72:5d:1b:75:8d:5e:
bb:8b:55:b3:10:10:a6:92:5e:55:ee:4d:d6:60:87:
ff:dd:27:15:25:ca:2b:69:73:f9:1c:e4:d2:dc:b8:
c5:bf:db:56:0c:40:0e:d1:5f:0d:7c:ac:78:ac:6b:
89:32:39:ce:8b:66:55:aa:59:53:3a:c9:c0:e6:61:
21:21:fe:82:ad:f7:f2:fc:44:31:34:ed:c6:9b:37:
6d:32:dd:14:38:c8:6a:17:5e:92:10:dc:39:f1:a1:
6c:d7:60:d1:98:b3:3c:2a:74:7c:57:25:b1:32:28:
2a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:7C:82:1E:64:45:22:5E:23:15:7B:DD:20:F0:0F:5F:FC:76:9D:B2
X509v3 Authority Key Identifier:
keyid:2E:56:64:E0:29:36:CB:5B:54:54:D5:95:C5:38:2B:7E:7A:0C:79:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LlZk4Ck2y1tUVNWVxTgrfnoMeUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/27c919-ccce-46a9-84b3-ef81fca63029/1/1-XyCHmRFIl4jFXvdIPAPX_x2nbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/27c919-ccce-46a9-84b3-ef81fca63029/1/LlZk4Ck2y1tUVNWVxTgrfnoMeUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.140.188.0/22
Signature Algorithm: sha256WithRSAEncryption
62:65:f6:ef:dc:3e:77:21:3b:7e:31:54:32:81:5f:fd:fb:b9:
67:39:53:25:ad:86:4b:48:0d:87:f4:6f:d6:40:8b:d5:0f:9e:
54:bc:a3:99:d3:80:73:f9:dd:a1:88:8c:04:ed:8e:cb:eb:dc:
3c:93:93:c8:21:1f:ba:a3:20:fb:93:88:8a:4c:3b:fe:aa:1b:
34:17:88:3a:b5:3e:ff:84:df:63:a3:83:de:9d:f4:a9:cc:f3:
1f:a4:ba:9c:c5:9c:59:ed:c3:7b:4c:1a:0c:9e:11:c8:c5:c6:
8c:33:03:b2:65:18:50:2f:a2:3a:96:00:d0:11:e1:15:1b:db:
8c:8a:56:35:9f:aa:fd:d0:a2:5d:93:4a:da:7e:0a:dd:9b:31:
0b:d5:89:7c:b8:cc:09:94:9f:09:fb:11:fb:da:03:40:d2:a7:
5b:d4:fa:9a:75:38:9e:0d:ee:49:d8:f3:ea:90:96:58:4c:56:
51:50:ce:7d:8e:24:a4:43:86:43:24:e9:f8:ad:a4:66:aa:5c:
0a:97:fb:24:7f:52:af:db:c8:ae:92:5e:77:8c:15:25:e5:d2:
96:4d:7d:33:5c:2d:e0:f5:28:99:1e:fe:b2:5d:a0:8e:c4:8f:
4c:f4:74:e1:4b:fb:76:f4:b3:7c:fb:fc:0d:68:63:06:14:e6:
32:e7:5a:ca
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyTG3uNWFEcg7dL3GI9dwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNTY2NGUwMjkzNmNiNWI1NDU0ZDU5NWM1MzgyYjdlN2Ew
Yzc5NDQwHhcNMjMwMTAyMTE0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTdjODIxZTY0NDUyMjVlMjMxNTdiZGQyMGYwMGY1ZmZjNzY5ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RFzCKqE49ej34FZ8WJgmKRL7axP
nOXtu8QtX4F4z2htzXCAvoJ0cr2AVWlEqhK8ACDFMRbRdaqJHeQQx90uTAH8A2Y2
N7XFz04dE7uAIlf/LNQVpE0LXecR6Mw7wDkaHCo5MJk9oDPoRUKEaDYip30BsLor
7LzX74xW3ZZtCbCdJCcSBeiUN+EmTKX30fdyXRt1jV67i1WzEBCmkl5V7k3WYIf/
3ScVJcoraXP5HOTS3LjFv9tWDEAO0V8NfKx4rGuJMjnOi2ZVqllTOsnA5mEhIf6C
rffy/EQxNO3GmzdtMt0UOMhqF16SENw58aFs12DRmLM8KnR8VyWxMigqDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPl8gh5kRSJeIxV73SDwD1/8dp2yMB8GA1UdIwQY
MBaAFC5WZOApNstbVFTVlcU4K356DHlEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGxaazRDazJ5MXRVVk5XVnhUZ3Jmbm9NZVVRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8yN2M5MTktY2NjZS00NmE5LTg0YjMt
ZWY4MWZjYTYzMDI5LzEvMS1YeUNIbVJGSWw0akZYdmRJUEFQWF94Mm5iSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDYvMjdjOTE5LWNjY2UtNDZhOS04NGIzLWVmODFmY2E2MzAy
OS8xL0xsWms0Q2syeTF0VVZOV1Z4VGdyZm5vTWVVUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoCMvDAN
BgkqhkiG9w0BAQsFAAOCAQEAYmX279w+dyE7fjFUMoFf/fu5ZzlTJa2GS0gNh/Rv
1kCL1Q+eVLyjmdOAc/ndoYiMBO2Oy+vcPJOTyCEfuqMg+5OIikw7/qobNBeIOrU+
/4TfY6OD3p30qczzH6S6nMWcWe3De0waDJ4RyMXGjDMDsmUYUC+iOpYA0BHhFRvb
jIpWNZ+q/dCiXZNK2n4K3ZsxC9WJfLjMCZSfCfsR+9oDQNKnW9T6mnU4ng3uSdjz
6pCWWExWUVDOfY4kpEOGQyTp+K2kZqpcCpf7JH9Sr9vIrpJed4wVJeXSlk19M1wt
4PUomR7+sl2gjsSPTPR04Uv7dvSzfPv8DWhjBhTmMudayg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:40 2024 by rpki-client on console-ams.rpki-client.org