Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/08XO1w7F3ATsRKKOLmGXsO5WdN8.roa
File: 08XO1w7F3ATsRKKOLmGXsO5WdN8.roa (raw, json)
Hash identifier: Gom8w2QXbeXt5tFlachFD2+VkuzMndj6xk+qf8QQYaE=
Subject key identifier: D3:C5:CE:D7:0E:C5:DC:04:EC:44:A2:8E:2E:61:97:B0:EE:56:74:DF
Certificate issuer: /CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Certificate serial: 01856FC291B8FD92392F06D69C20C9E2EE57
Authority key identifier: 83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/08XO1w7F3ATsRKKOLmGXsO5WdN8.roa
Signing time: Sun 01 Jan 2023 23:55:00 +0000
ROA not before: Sun 01 Jan 2023 23:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15169
IP address blocks: 66.22.229.0/24 maxlen: 24
66.22.228.0/24 maxlen: 24
66.22.228.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:91:b8:fd:92:39:2f:06:d6:9c:20:c9:e2:ee:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Validity
Not Before: Jan 1 23:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3c5ced70ec5dc04ec44a28e2e6197b0ee5674df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:71:22:55:39:9c:6f:50:a4:e0:9d:31:a1:33:
3c:bf:91:41:44:f8:f9:2f:38:df:29:3b:45:c4:11:
1c:07:97:2f:e6:bc:71:b4:d0:ae:bd:56:94:a5:fb:
f6:ac:fd:02:c0:3d:a9:80:2c:f4:39:d6:4d:0a:ed:
5b:7d:b1:60:fc:17:1a:2e:47:df:de:fb:89:82:65:
80:93:e3:a4:10:2c:20:06:86:e2:41:04:77:7b:8e:
b8:7f:27:cf:58:48:ad:fc:90:47:3b:19:d8:f7:9e:
b4:7c:cf:63:6c:46:16:a2:a9:6a:0e:a0:97:2b:39:
0c:a6:e0:3d:24:ad:5b:ed:7d:41:77:2f:07:57:02:
3d:a2:85:d8:f2:d6:cf:1a:e4:9e:2d:2c:b3:97:64:
5e:f9:9c:8d:32:98:e1:0c:00:11:7c:7d:a0:b3:93:
97:84:0e:1b:59:21:d7:ba:10:e4:68:b7:18:59:97:
1a:c6:3c:ee:41:e4:90:8d:fa:81:cb:a4:2c:f1:87:
3a:92:df:99:45:57:cb:d3:a0:ac:37:ac:2d:f8:06:
b4:42:af:8a:82:d0:5c:c2:52:e8:d3:4e:98:b5:be:
c2:3e:79:27:9c:9b:d5:8b:7d:16:af:cb:27:f1:16:
e4:a6:e6:43:e6:11:d7:a6:82:bb:41:53:19:e8:22:
c7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C5:CE:D7:0E:C5:DC:04:EC:44:A2:8E:2E:61:97:B0:EE:56:74:DF
X509v3 Authority Key Identifier:
keyid:83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/08XO1w7F3ATsRKKOLmGXsO5WdN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.22.228.0/23
Signature Algorithm: sha256WithRSAEncryption
be:ac:e7:11:ed:96:51:08:95:03:09:3f:90:91:73:9c:88:48:
97:a4:b5:10:9e:11:dc:65:65:7a:de:1b:1f:db:ed:bc:c5:11:
11:93:bc:53:0c:8c:d1:28:ee:de:d9:57:c6:6a:59:4a:07:d8:
ea:a8:f6:31:c8:b8:82:2d:65:0a:1a:19:00:71:b7:f0:47:b5:
c4:9b:cd:5f:e8:c4:39:77:06:f0:d0:50:9c:ea:99:e5:c8:77:
51:20:48:3d:6b:b7:b9:36:d3:d4:c2:60:94:72:4f:42:8e:39:
8c:b4:de:a4:23:59:56:fc:a7:aa:e1:f3:88:32:1e:2a:a7:41:
0f:46:07:02:77:3b:d7:40:a3:9c:93:dd:22:d9:fd:e0:ac:f8:
88:d1:1c:a0:9e:0d:04:1b:76:58:b9:56:89:f5:75:43:0e:ab:
67:08:e7:1a:c5:1c:44:06:39:bb:b7:62:f2:9f:c3:3a:56:05:
f2:a0:ea:68:fd:28:fe:2a:b7:a6:7b:1b:a4:e9:0a:6e:96:0c:
4e:02:6e:67:b8:1b:a5:17:6f:4c:e0:61:ce:a9:95:c5:b0:dc:
71:b6:43:cf:5b:35:d4:5d:ed:95:bf:49:dc:ad:43:93:b3:9d:
38:18:ed:43:03:60:06:79:fb:2b:2b:9e:2e:3b:c5:2c:de:3d:
de:b0:67:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwpG4/ZI5LwbWnCDJ4u5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzEwM2Q2NWE1NGQ2YWYxZWZiYTZhYzNlNjM3MjIwMjhh
ZjJiYjEwHhcNMjMwMTAxMjM1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2M1Y2VkNzBlYzVkYzA0ZWM0NGEyOGUyZTYxOTdiMGVlNTY3NGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nEiVTmcb1Ck4J0xoTM8v5FBRPj5
LzjfKTtFxBEcB5cv5rxxtNCuvVaUpfv2rP0CwD2pgCz0OdZNCu1bfbFg/BcaLkff
3vuJgmWAk+OkECwgBobiQQR3e464fyfPWEit/JBHOxnY9560fM9jbEYWoqlqDqCX
KzkMpuA9JK1b7X1Bdy8HVwI9ooXY8tbPGuSeLSyzl2Re+ZyNMpjhDAARfH2gs5OX
hA4bWSHXuhDkaLcYWZcaxjzuQeSQjfqBy6Qs8Yc6kt+ZRVfL06CsN6wt+Aa0Qq+K
gtBcwlLo006Ytb7CPnknnJvVi30Wr8sn8RbkpuZD5hHXpoK7QVMZ6CLHNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNPFztcOxdwE7ESiji5hl7DuVnTfMB8GA1UdIwQY
MBaAFIPBA9ZaVNavHvumrD5jciAoryuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQt
YjUwY2Y1ZjJhYTIyLzEvMDhYTzF3N0YzQVRzUktLT0xtR1hzTzVXZE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQtYjUwY2Y1ZjJhYTIy
LzEvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBQhbkMA0G
CSqGSIb3DQEBCwUAA4IBAQC+rOcR7ZZRCJUDCT+QkXOciEiXpLUQnhHcZWV63hsf
2+28xRERk7xTDIzRKO7e2VfGallKB9jqqPYxyLiCLWUKGhkAcbfwR7XEm81f6MQ5
dwbw0FCc6pnlyHdRIEg9a7e5NtPUwmCUck9CjjmMtN6kI1lW/Keq4fOIMh4qp0EP
RgcCdzvXQKOck90i2f3grPiI0Rygng0EG3ZYuVaJ9XVDDqtnCOcaxRxEBjm7t2Ly
n8M6VgXyoOpo/Sj+Kremexuk6QpulgxOAm5nuBulF29M4GHOqZXFsNxxtkPPWzXU
Xe2Vv0ncrUOTs504GO1DA2AGefsrK54uO8Us3j3esGda
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:05 2024 by rpki-client on console-ams.rpki-client.org