Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/rxdp6rEEcEH7s4W2NICFDNa308Q.roa
File: rxdp6rEEcEH7s4W2NICFDNa308Q.roa (raw, json)
Hash identifier: n1B5mBw//SrkX4DmT69cQJaiLfvHcaqQTiERZ8LMgb4=
Subject key identifier: AF:17:69:EA:B1:04:70:41:FB:B3:85:B6:34:80:85:0C:D6:B7:D3:C4
Certificate issuer: /CN=836528e152b6dcba1571241ac55be5bce01118b7
Certificate serial: 018571553FD3CF74FEC9E72C88328C249631
Authority key identifier: 83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/rxdp6rEEcEH7s4W2NICFDNa308Q.roa
Signing time: Mon 02 Jan 2023 07:14:50 +0000
ROA not before: Mon 02 Jan 2023 07:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197991
IP address blocks: 149.126.32.0/20 maxlen: 24
178.132.58.0/23 maxlen: 24
178.132.60.0/22 maxlen: 24
5.144.144.0/21 maxlen: 24
2a0d:a5c0::/29 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:3f:d3:cf:74:fe:c9:e7:2c:88:32:8c:24:96:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836528e152b6dcba1571241ac55be5bce01118b7
Validity
Not Before: Jan 2 07:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af1769eab1047041fbb385b63480850cd6b7d3c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:25:32:70:b4:3e:28:6e:e8:b6:3e:f3:0f:40:
70:f1:b0:1a:5e:ff:2d:4e:82:58:ee:0c:11:be:3b:
6f:cc:88:81:a1:a5:2f:06:81:1b:e4:4c:8c:39:9d:
30:56:2d:15:c2:45:a4:6a:38:84:fb:25:df:ff:8b:
0a:0b:9f:a9:d3:65:ab:d6:af:cf:6d:d4:df:0b:d2:
30:ef:43:9c:5d:ae:90:a7:20:4f:78:0c:5a:fd:02:
8f:47:96:82:cd:22:0c:49:e2:62:06:51:c1:ef:57:
66:3c:7a:c9:87:9b:cc:81:a7:17:2a:e1:64:6f:61:
5a:c3:59:9c:56:dd:f1:38:61:67:5c:b0:bf:a0:40:
4f:6b:07:e5:23:e0:0e:32:37:be:75:b4:72:02:5c:
3b:52:ae:8c:d7:85:92:15:9e:5d:70:c6:49:cc:40:
10:b5:c7:32:8e:8b:49:18:7d:f2:2c:ff:28:76:85:
ec:af:df:04:8d:d3:bd:91:de:a7:33:87:cd:9e:10:
a1:9f:85:8f:8e:1f:c8:b9:d8:f3:c0:2d:65:9c:ad:
95:4c:6c:28:29:9b:42:fb:5d:6b:de:f0:cd:4c:7a:
58:49:f3:f1:d6:f2:7b:03:d4:28:2e:80:53:46:fc:
4e:0c:b0:9d:8a:23:43:02:d4:9b:04:23:aa:7a:18:
9b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:17:69:EA:B1:04:70:41:FB:B3:85:B6:34:80:85:0C:D6:B7:D3:C4
X509v3 Authority Key Identifier:
keyid:83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/rxdp6rEEcEH7s4W2NICFDNa308Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.144.0/21
149.126.32.0/20
178.132.58.0-178.132.63.255
IPv6:
2a0d:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:6a:1b:a4:ab:6a:d6:d3:22:92:16:01:a7:b8:aa:30:97:ef:
28:b0:c4:4a:48:31:55:64:f2:c2:7e:0d:ad:45:f4:61:e3:0d:
00:c7:01:41:63:5d:ef:77:4b:42:12:8c:ee:09:af:7b:18:cc:
8c:56:3b:b9:65:45:a7:49:86:70:e8:72:e7:1e:88:31:5b:00:
12:9c:a1:e6:78:5b:56:58:21:af:01:f5:93:66:f3:65:54:62:
f6:96:6d:b5:77:72:43:a5:b3:97:fa:81:cc:d9:5c:90:22:d3:
10:97:a6:1f:e9:5f:65:94:0e:2a:cc:e9:7a:38:58:64:93:92:
0f:29:ff:6f:8e:c0:5b:56:19:26:58:50:56:84:8e:02:18:66:
29:fc:e6:63:ba:a5:a8:19:1d:4d:7b:cf:cf:c5:d0:6e:35:e1:
18:ee:ce:cc:32:a2:06:df:b9:0d:3a:49:18:fc:1a:9b:d1:93:
5a:ba:c3:ec:dc:20:d0:27:f0:35:0d:f6:ba:39:47:0c:9c:b0:
fc:50:d9:fb:c2:49:64:49:5c:d2:82:ed:b5:c7:f2:b8:34:ea:
f5:cc:73:1e:75:97:f0:58:b0:b0:55:cf:f6:cb:df:11:58:f2:
f3:6b:79:ce:d6:60:63:f6:fc:d9:45:8e:b9:a1:7b:af:07:ff:
e2:14:2c:f2
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVxVT/Tz3T+yecsiDKMJJYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjUyOGUxNTJiNmRjYmExNTcxMjQxYWM1NWJlNWJjZTAx
MTE4YjcwHhcNMjMwMTAyMDcxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjE3NjllYWIxMDQ3MDQxZmJiMzg1YjYzNDgwODUwY2Q2YjdkM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCUycLQ+KG7otj7zD0Bw8bAaXv8t
ToJY7gwRvjtvzIiBoaUvBoEb5EyMOZ0wVi0VwkWkajiE+yXf/4sKC5+p02Wr1q/P
bdTfC9Iw70OcXa6QpyBPeAxa/QKPR5aCzSIMSeJiBlHB71dmPHrJh5vMgacXKuFk
b2Faw1mcVt3xOGFnXLC/oEBPawflI+AOMje+dbRyAlw7Uq6M14WSFZ5dcMZJzEAQ
tccyjotJGH3yLP8odoXsr98EjdO9kd6nM4fNnhChn4WPjh/IudjzwC1lnK2VTGwo
KZtC+11r3vDNTHpYSfPx1vJ7A9QoLoBTRvxODLCdiiNDAtSbBCOqehibjwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFK8XaeqxBHBB+7OFtjSAhQzWt9PEMB8GA1UdIwQY
MBaAFINlKOFStty6FXEkGsVb5bzgERi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2Mt
ZWI5NDE1ZWM1NDhhLzEvcnhkcDZyRUVjRUg3czRXMk5JQ0ZETmEzMDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2MtZWI5NDE1ZWM1NDhh
LzEvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDBZCQAwQE
lX4gMAwDBAGyhDoDBAayhAAwDQQCAAIwBwMFAyoNpcAwDQYJKoZIhvcNAQELBQAD
ggEBAFJqG6SratbTIpIWAae4qjCX7yiwxEpIMVVk8sJ+Da1F9GHjDQDHAUFjXe93
S0ISjO4Jr3sYzIxWO7llRadJhnDocuceiDFbABKcoeZ4W1ZYIa8B9ZNm82VUYvaW
bbV3ckOls5f6gczZXJAi0xCXph/pX2WUDirM6Xo4WGSTkg8p/2+OwFtWGSZYUFaE
jgIYZin85mO6pagZHU17z8/F0G414RjuzswyogbfuQ06SRj8GpvRk1q6w+zcINAn
8DUN9ro5RwycsPxQ2fvCSWRJXNKC7bXH8rg06vXMcx51l/BYsLBVz/bL3xFY8vNr
ec7WYGP2/NlFjrmhe68H/+IULPI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:57 2024 by rpki-client on console-ams.rpki-client.org