Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/dcNHttrKADwwmBrKuANm5qOXV1k.roa
File: dcNHttrKADwwmBrKuANm5qOXV1k.roa (raw, json)
Hash identifier: t7rKWkiBtfPP9IEN7iOXOs7CUG32RFXdSnowJ9rJi/I=
Subject key identifier: 75:C3:47:B6:DA:CA:00:3C:30:98:1A:CA:B8:03:66:E6:A3:97:57:59
Certificate issuer: /CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Certificate serial: 018B8187DF90B04A68D7B32C23A46DA81076
Authority key identifier: 4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/dcNHttrKADwwmBrKuANm5qOXV1k.roa
Signing time: Mon 30 Oct 2023 17:00:47 +0000
ROA not before: Mon 30 Oct 2023 17:00:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 123.100.227.0/24 maxlen: 24
64.225.244.0/23 maxlen: 23
148.222.40.0/22 maxlen: 22
104.225.253.0/24 maxlen: 24
216.183.120.0/24 maxlen: 24
167.234.38.0/24 maxlen: 24
63.251.117.0/24 maxlen: 24
216.203.15.0/24 maxlen: 24
198.49.103.0/24 maxlen: 24
91.198.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Oct 2023 17:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:87:df:90:b0:4a:68:d7:b3:2c:23:a4:6d:a8:10:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Validity
Not Before: Oct 30 17:00:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75c347b6daca003c30981acab80366e6a3975759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bf:6b:8e:ce:2c:7f:33:06:f4:d8:f0:d0:b8:
2d:1b:61:9c:2c:17:da:15:88:2d:a7:ac:24:ad:87:
1e:80:2e:e1:4d:b0:30:39:a1:c7:0a:db:a6:1b:f2:
cf:10:01:a1:aa:8c:f0:8a:dc:b4:ac:88:eb:94:b4:
08:ab:75:97:2d:57:d8:ab:cf:06:8a:f4:e4:ce:bb:
9b:95:c4:24:9b:0a:2b:9d:88:7a:37:a8:25:a0:c1:
01:08:e0:43:08:d4:36:47:c3:c7:8e:0f:b1:8c:8e:
38:f6:29:71:89:df:4b:25:69:54:49:d9:9e:61:aa:
f9:2f:a9:32:66:66:99:00:5f:0a:3a:e4:a1:42:28:
d5:ba:fe:b6:03:e0:37:08:a4:9a:b2:3a:1e:f2:b9:
2d:81:c4:9d:d2:23:2b:58:2d:2b:51:1a:e3:d1:8d:
90:3c:d0:e8:98:f1:12:ca:ed:d9:61:45:ca:df:2f:
52:cf:19:c3:dc:8a:30:25:6d:c0:36:f5:7f:11:b5:
58:8b:3a:f2:04:31:d7:8c:7d:5b:62:39:bb:f5:df:
64:93:3a:a5:9b:53:2c:57:4c:cd:c1:48:a2:2a:89:
de:0a:2d:5d:04:60:06:12:6d:c1:cd:69:17:9e:50:
3f:69:53:e9:7d:de:aa:91:57:29:4a:66:f8:1b:a2:
cf:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C3:47:B6:DA:CA:00:3C:30:98:1A:CA:B8:03:66:E6:A3:97:57:59
X509v3 Authority Key Identifier:
keyid:4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/dcNHttrKADwwmBrKuANm5qOXV1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
63.251.117.0/24
64.225.244.0/23
91.198.19.0/24
104.225.253.0/24
123.100.227.0/24
148.222.40.0/22
167.234.38.0/24
198.49.103.0/24
216.183.120.0/24
216.203.15.0/24
Signature Algorithm: sha256WithRSAEncryption
44:73:f6:27:c6:87:c0:ac:31:da:34:fd:26:ef:93:73:3e:73:
51:9f:d1:b1:62:0c:1a:27:27:00:3e:51:70:c9:53:fa:bf:15:
84:30:c1:71:12:8f:90:07:c4:72:e6:35:5e:f3:e3:9c:c2:60:
f1:4e:fd:71:81:7a:4d:c2:98:5f:9a:22:58:e1:a5:6c:3b:50:
72:b4:25:2d:fd:bc:42:c7:22:79:de:f5:b4:c7:f2:7f:2e:a8:
a3:ed:b6:fe:67:23:8d:e2:cf:c6:3e:7a:e2:23:1b:c7:39:da:
a6:69:5b:23:ee:95:18:49:e5:6e:b8:87:fe:d5:85:40:cc:ea:
00:c1:99:74:1c:81:01:b8:f3:56:f7:cb:da:0b:9f:29:10:de:
0d:03:db:1a:32:6e:a1:57:b7:96:3c:17:52:1f:82:48:bd:b5:
c8:09:21:b2:8f:10:b2:f9:db:1e:0f:74:fc:b5:d8:bc:3b:d0:
7e:1c:ff:d3:3d:5a:df:91:dd:d3:e6:84:a6:4e:85:05:3a:8b:
ec:07:02:55:ea:6a:ed:ad:8f:b4:17:f9:ad:33:80:65:aa:79:
48:41:0b:bb:8a:3c:1b:f0:28:5f:3d:f9:e6:f3:9a:d8:65:ad:
bc:21:5f:46:4a:69:5f:4e:60:f4:49:8e:32:f6:4e:0b:e5:e6:
e7:e5:be:8d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYuBh9+QsEpo17MsI6RtqBB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTEzMTc3NWIzMjYwYjExYTE2MjQwZDFkOGU3Njg5MWQ3
ZjM3MzIwHhcNMjMxMDMwMTcwMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWMzNDdiNmRhY2EwMDNjMzA5ODFhY2FiODAzNjZlNmEzOTc1NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu79rjs4sfzMG9Njw0LgtG2GcLBfa
FYgtp6wkrYcegC7hTbAwOaHHCtumG/LPEAGhqozwity0rIjrlLQIq3WXLVfYq88G
ivTkzrublcQkmwornYh6N6gloMEBCOBDCNQ2R8PHjg+xjI449ilxid9LJWlUSdme
Yar5L6kyZmaZAF8KOuShQijVuv62A+A3CKSasjoe8rktgcSd0iMrWC0rURrj0Y2Q
PNDomPESyu3ZYUXK3y9SzxnD3IowJW3ANvV/EbVYizryBDHXjH1bYjm79d9kkzql
m1MsV0zNwUiiKoneCi1dBGAGEm3BzWkXnlA/aVPpfd6qkVcpSmb4G6LPQQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHXDR7baygA8MJgayrgDZuajl1dZMB8GA1UdIwQY
MBaAFE+RMXdbMmCxGhYkDR2OdokdfzcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMt
YWI2M2Q0NWY0YjZhLzEvZGNOSHR0cktBRHd3bUJyS3VBTm01cU9YVjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMtYWI2M2Q0NWY0YjZh
LzEvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAP/t1AwQB
QOH0AwQAW8YTAwQAaOH9AwQAe2TjAwQClN4oAwQAp+omAwQAxjFnAwQA2Ld4AwQA
2MsPMA0GCSqGSIb3DQEBCwUAA4IBAQBEc/YnxofArDHaNP0m75NzPnNRn9GxYgwa
JycAPlFwyVP6vxWEMMFxEo+QB8Ry5jVe8+OcwmDxTv1xgXpNwphfmiJY4aVsO1By
tCUt/bxCxyJ53vW0x/J/Lqij7bb+ZyON4s/GPnriIxvHOdqmaVsj7pUYSeVuuIf+
1YVAzOoAwZl0HIEBuPNW98vaC58pEN4NA9saMm6hV7eWPBdSH4JIvbXICSGyjxCy
+dseD3T8tdi8O9B+HP/TPVrfkd3T5oSmToUFOovsBwJV6mrtrY+0F/mtM4BlqnlI
QQu7ijwb8ChfPfnm85rYZa28IV9GSmlfTmD0SY4y9k4L5ebn5b6N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:08 2024 by rpki-client on console-ams.rpki-client.org