Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/jfhNqLQEZ0pXBd_qlcG7iR9U2Rg.roa
File: jfhNqLQEZ0pXBd_qlcG7iR9U2Rg.roa (raw, json)
Hash identifier: RF1DaxjZTxfniubCviN8zpxKhgcx29QaFcoBuz6Etr0=
Subject key identifier: 8D:F8:4D:A8:B4:04:67:4A:57:05:DF:EA:95:C1:BB:89:1F:54:D9:18
Certificate issuer: /CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Certificate serial: 01856FC292BC8F983D272CDB2C124D9710AD
Authority key identifier: 83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/jfhNqLQEZ0pXBd_qlcG7iR9U2Rg.roa
Signing time: Sun 01 Jan 2023 23:55:00 +0000
ROA not before: Sun 01 Jan 2023 23:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19527
IP address blocks: 66.22.229.0/24 maxlen: 24
66.22.228.0/24 maxlen: 24
66.22.228.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:92:bc:8f:98:3d:27:2c:db:2c:12:4d:97:10:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Validity
Not Before: Jan 1 23:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8df84da8b404674a5705dfea95c1bb891f54d918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:af:06:62:89:ae:8b:ba:c1:be:41:4b:b1:a3:
dd:99:50:36:fa:8b:d2:f6:bf:33:2b:4a:27:df:68:
22:f1:d4:32:61:e4:4a:1c:29:f5:67:58:29:46:84:
96:de:73:cc:b1:0f:84:e5:06:7f:90:16:eb:6a:57:
0b:50:af:6d:0a:62:33:fd:d1:ac:cd:29:8b:f8:a4:
73:85:6f:84:0f:4d:a2:e4:aa:14:06:05:f0:0b:31:
92:14:1b:69:24:f5:2e:5f:6d:3f:f9:22:2c:a7:1c:
c6:9a:f4:c7:90:b1:9e:ee:bb:34:a1:0c:39:f7:7a:
51:75:f9:8d:e9:61:01:8b:f9:0f:e9:f1:eb:ce:ef:
84:25:a7:f8:a4:82:81:7d:b6:2e:c0:38:62:c2:93:
c4:1f:48:b4:f1:2e:18:35:b3:ed:6a:db:e1:48:1b:
cc:61:98:18:0d:56:08:76:69:d9:1b:12:16:af:12:
ee:37:81:68:3d:b0:be:10:f2:b5:84:ad:e6:83:50:
db:06:79:45:30:11:22:ea:53:ee:ea:92:e1:ce:e6:
03:c6:a6:2e:b8:27:c3:df:38:99:94:20:d6:db:c2:
b8:54:6b:bb:9e:c4:6a:b3:e4:61:9a:07:7b:c5:b0:
1c:97:47:68:bc:cc:e0:70:f6:51:84:a4:18:c6:a1:
fb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F8:4D:A8:B4:04:67:4A:57:05:DF:EA:95:C1:BB:89:1F:54:D9:18
X509v3 Authority Key Identifier:
keyid:83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/jfhNqLQEZ0pXBd_qlcG7iR9U2Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.22.228.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:5a:da:2e:29:56:d0:88:e5:43:ea:b8:85:cc:a4:87:69:bb:
ff:e9:c6:3a:23:53:93:9a:b7:9c:cc:a5:33:d8:18:9b:33:0c:
e5:4a:4f:41:27:bc:85:c7:4e:f8:a2:82:29:3b:1e:88:e8:c0:
21:43:1c:5c:bc:9f:a8:af:bf:e6:98:38:78:5c:2f:59:d0:d2:
0b:62:f8:bb:e8:d5:fc:52:b3:c3:ca:4b:a4:ee:81:ba:32:4e:
83:2e:31:6f:b2:de:35:25:45:f2:d8:6c:75:3f:89:7f:01:af:
87:de:5b:bf:5e:80:a7:db:72:d9:20:8d:54:76:7f:09:80:b2:
98:88:70:65:92:48:8a:7d:fb:ac:f5:77:ae:d8:e9:cc:f9:da:
62:91:da:df:1f:96:16:0e:12:c5:bd:1f:a6:e8:a3:00:ae:34:
45:ad:b4:2d:cb:37:88:7e:4b:4d:1c:ae:e5:ca:55:b2:ea:bc:
0b:69:14:20:ae:83:04:d8:ac:3c:ff:2b:76:9c:82:e6:88:f1:
db:55:03:f3:1f:20:49:c3:dd:a9:f6:78:a1:f6:fe:2f:7c:16:
c5:cf:ce:b8:17:5f:38:a0:28:d2:69:07:15:69:18:b7:cd:2f:
a5:a8:91:c5:fa:f1:de:b1:2c:11:07:ce:d6:f8:3f:a0:f4:71:
73:0f:30:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwpK8j5g9JyzbLBJNlxCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzEwM2Q2NWE1NGQ2YWYxZWZiYTZhYzNlNjM3MjIwMjhh
ZjJiYjEwHhcNMjMwMTAxMjM1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGY4NGRhOGI0MDQ2NzRhNTcwNWRmZWE5NWMxYmI4OTFmNTRkOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq68GYomui7rBvkFLsaPdmVA2+ovS
9r8zK0on32gi8dQyYeRKHCn1Z1gpRoSW3nPMsQ+E5QZ/kBbralcLUK9tCmIz/dGs
zSmL+KRzhW+ED02i5KoUBgXwCzGSFBtpJPUuX20/+SIspxzGmvTHkLGe7rs0oQw5
93pRdfmN6WEBi/kP6fHrzu+EJaf4pIKBfbYuwDhiwpPEH0i08S4YNbPtatvhSBvM
YZgYDVYIdmnZGxIWrxLuN4FoPbC+EPK1hK3mg1DbBnlFMBEi6lPu6pLhzuYDxqYu
uCfD3ziZlCDW28K4VGu7nsRqs+Rhmgd7xbAcl0dovMzgcPZRhKQYxqH7sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI34Tai0BGdKVwXf6pXBu4kfVNkYMB8GA1UdIwQY
MBaAFIPBA9ZaVNavHvumrD5jciAoryuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQt
YjUwY2Y1ZjJhYTIyLzEvamZoTnFMUUVaMHBYQmRfcWxjRzdpUjlVMlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQtYjUwY2Y1ZjJhYTIy
LzEvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBQhbkMA0G
CSqGSIb3DQEBCwUAA4IBAQCOWtouKVbQiOVD6riFzKSHabv/6cY6I1OTmreczKUz
2BibMwzlSk9BJ7yFx074ooIpOx6I6MAhQxxcvJ+or7/mmDh4XC9Z0NILYvi76NX8
UrPDykuk7oG6Mk6DLjFvst41JUXy2Gx1P4l/Aa+H3lu/XoCn23LZII1Udn8JgLKY
iHBlkkiKffus9Xeu2OnM+dpikdrfH5YWDhLFvR+m6KMArjRFrbQtyzeIfktNHK7l
ylWy6rwLaRQgroME2Kw8/yt2nILmiPHbVQPzHyBJw92p9nih9v4vfBbFz864F184
oCjSaQcVaRi3zS+lqJHF+vHesSwRB87W+D+g9HFzDzCF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:05 2024 by rpki-client on console-ams.rpki-client.org