Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/cT2F70_KCNe7PtIGrnzEdHlyUK8.roa
File: cT2F70_KCNe7PtIGrnzEdHlyUK8.roa (raw, json)
Hash identifier: RqVS+UYJwEZf0d/ZSZfl8swjaHY+XdubzUCIV6iQ8f0=
Subject key identifier: 71:3D:85:EF:4F:CA:08:D7:BB:3E:D2:06:AE:7C:C4:74:79:72:50:AF
Certificate issuer: /CN=4927124d9803a7de54883164a376ea72e3c63eaf
Certificate serial: 01856FDDD100BF5C7FA9A38CACEAA77265BB
Authority key identifier: 49:27:12:4D:98:03:A7:DE:54:88:31:64:A3:76:EA:72:E3:C6:3E:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SScSTZgDp95UiDFko3bqcuPGPq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/cT2F70_KCNe7PtIGrnzEdHlyUK8.roa
Signing time: Mon 02 Jan 2023 00:24:46 +0000
ROA not before: Mon 02 Jan 2023 00:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8522
IP address blocks: 139.91.0.0/16 maxlen: 16
139.91.252.0/24 maxlen: 24
192.67.249.0/24 maxlen: 24
139.91.253.0/24 maxlen: 24
139.91.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:d1:00:bf:5c:7f:a9:a3:8c:ac:ea:a7:72:65:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4927124d9803a7de54883164a376ea72e3c63eaf
Validity
Not Before: Jan 2 00:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=713d85ef4fca08d7bb3ed206ae7cc474797250af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:68:e8:9c:66:f5:6c:af:82:be:46:a3:88:1f:
ef:a2:df:0c:37:bb:1f:e4:3b:30:b0:ba:29:b9:84:
b0:8d:c8:b0:31:e0:1b:73:7a:1e:1f:22:bd:82:41:
3a:6c:d4:9b:57:48:f6:50:a6:bf:cf:1f:51:34:11:
8d:0a:69:93:3e:35:d1:45:ce:18:2c:dd:ec:a6:65:
c8:53:ec:fd:89:c0:32:37:59:e7:e1:90:b1:2c:0b:
e7:2a:e5:24:6a:f8:72:c6:f0:d1:23:63:58:d9:64:
61:27:92:55:74:f1:60:6e:b4:3d:a3:3f:80:07:31:
9e:1b:c8:9c:ee:41:59:71:85:62:5e:e8:cd:e5:31:
d0:a6:7a:94:7e:a1:47:6a:35:41:9f:00:16:25:0c:
b3:68:c6:e5:53:23:8d:9d:4b:d3:83:b4:a2:4e:6c:
77:16:76:95:e9:dc:20:62:74:cd:d7:3a:95:dc:9a:
04:32:11:3a:75:65:a1:ec:89:26:79:f9:05:ea:48:
3c:51:f5:60:c2:a0:50:75:01:3e:aa:78:3b:41:fe:
3a:46:ec:19:c7:b1:bb:4c:ae:15:1e:52:38:b4:e3:
05:eb:12:60:24:44:93:5c:82:4b:f3:e6:0a:f1:d4:
df:3b:62:2e:ac:09:0e:db:53:b3:5d:0e:f4:fd:c6:
06:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:3D:85:EF:4F:CA:08:D7:BB:3E:D2:06:AE:7C:C4:74:79:72:50:AF
X509v3 Authority Key Identifier:
keyid:49:27:12:4D:98:03:A7:DE:54:88:31:64:A3:76:EA:72:E3:C6:3E:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SScSTZgDp95UiDFko3bqcuPGPq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/cT2F70_KCNe7PtIGrnzEdHlyUK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/SScSTZgDp95UiDFko3bqcuPGPq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.91.0.0/16
192.67.249.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f1:41:3c:0d:c9:b8:a3:d8:dd:ec:d3:24:03:41:c7:52:18:
c4:3f:c4:50:09:7a:fe:c9:27:51:07:c9:0f:4e:1f:11:1c:f4:
25:47:20:44:7f:1b:39:04:d7:22:d4:44:03:9d:c7:e5:2f:6e:
fb:c1:9e:8e:d2:1f:ae:76:56:62:d9:56:a4:6e:bb:d8:ba:e9:
ee:0d:dc:97:a8:7c:d9:a0:0b:27:fa:12:f1:cb:e8:d2:4b:50:
b0:b6:25:14:43:e5:08:ae:7d:07:ad:0b:16:c6:0a:b3:23:b1:
09:26:c7:ea:ef:62:09:40:2c:6a:52:07:1b:49:71:bb:c3:1c:
b8:93:b7:d6:c8:0e:ec:fc:6b:ed:1b:a2:87:99:20:05:6f:b3:
f7:0a:e6:1a:6b:26:b5:43:fb:86:aa:6d:6e:a7:14:0f:8b:85:
6c:ba:4c:54:8e:c8:57:e2:e6:52:d0:ab:f7:9b:80:85:ea:ff:
a4:8e:c2:ff:02:f8:5f:5c:ef:9c:90:8c:31:8c:13:8b:1b:01:
3f:13:3d:78:a1:bb:8b:b0:3f:f9:b6:bd:08:8b:85:55:8a:5b:
06:a5:d5:e5:b8:e1:9e:a0:60:bb:80:a9:13:8e:ca:b4:3a:12:
b0:3d:dc:e7:cc:e3:b4:e2:0e:0c:81:62:b5:f0:e1:68:18:4b:
cf:97:0e:6e
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVv3dEAv1x/qaOMrOqncmW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjcxMjRkOTgwM2E3ZGU1NDg4MzE2NGEzNzZlYTcyZTNj
NjNlYWYwHhcNMjMwMTAyMDAyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTNkODVlZjRmY2EwOGQ3YmIzZWQyMDZhZTdjYzQ3NDc5NzI1MGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGjonGb1bK+CvkajiB/vot8MN7sf
5DswsLopuYSwjciwMeAbc3oeHyK9gkE6bNSbV0j2UKa/zx9RNBGNCmmTPjXRRc4Y
LN3spmXIU+z9icAyN1nn4ZCxLAvnKuUkavhyxvDRI2NY2WRhJ5JVdPFgbrQ9oz+A
BzGeG8ic7kFZcYViXujN5THQpnqUfqFHajVBnwAWJQyzaMblUyONnUvTg7SiTmx3
FnaV6dwgYnTN1zqV3JoEMhE6dWWh7IkmefkF6kg8UfVgwqBQdQE+qng7Qf46RuwZ
x7G7TK4VHlI4tOMF6xJgJESTXIJL8+YK8dTfO2IurAkO21OzXQ70/cYG9QIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFHE9he9PygjXuz7SBq58xHR5clCvMB8GA1UdIwQY
MBaAFEknEk2YA6feVIgxZKN26nLjxj6vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NjU1RaZ0RwOTVVaURGa28zYnFjdVBHUHE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zZTJjMzgtZjk2Zi00MGRmLWFlYWMt
ZjAxNTBjODFhY2Y1LzEvY1QyRjcwX0tDTmU3UHRJR3JuekVkSGx5VUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zZTJjMzgtZjk2Zi00MGRmLWFlYWMtZjAxNTBjODFhY2Y1
LzEvU1NjU1RaZ0RwOTVVaURGa28zYnFjdVBHUHE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAi1sDBADA
Q/kwDQYJKoZIhvcNAQELBQADggEBAK3xQTwNybij2N3s0yQDQcdSGMQ/xFAJev7J
J1EHyQ9OHxEc9CVHIER/GzkE1yLURAOdx+UvbvvBno7SH652VmLZVqRuu9i66e4N
3JeofNmgCyf6EvHL6NJLULC2JRRD5QiufQetCxbGCrMjsQkmx+rvYglALGpSBxtJ
cbvDHLiTt9bIDuz8a+0booeZIAVvs/cK5hprJrVD+4aqbW6nFA+LhWy6TFSOyFfi
5lLQq/ebgIXq/6SOwv8C+F9c75yQjDGME4sbAT8TPXihu4uwP/m2vQiLhVWKWwal
1eW44Z6gYLuAqROOyrQ6ErA93OfM47TiDgyBYrXw4WgYS8+XDm4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:23 2024 by rpki-client on console-ams.rpki-client.org