Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/lrqteR3X0v92ZUemPIEtVh8jpgg.roa
File: lrqteR3X0v92ZUemPIEtVh8jpgg.roa (raw, json)
Hash identifier: jSw0Oo94RrPZgDMh7dOSBI6WRYThb7Ock4z8IyhUcbg=
Subject key identifier: 96:BA:AD:79:1D:D7:D2:FF:76:65:47:A6:3C:81:2D:56:1F:23:A6:08
Certificate issuer: /CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Certificate serial: 01856FC293E01C0F4781029ABC8C06F35BFD
Authority key identifier: 83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/lrqteR3X0v92ZUemPIEtVh8jpgg.roa
Signing time: Sun 01 Jan 2023 23:55:00 +0000
ROA not before: Sun 01 Jan 2023 23:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139070
IP address blocks: 66.22.229.0/24 maxlen: 24
66.22.228.0/24 maxlen: 24
66.22.228.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:93:e0:1c:0f:47:81:02:9a:bc:8c:06:f3:5b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Validity
Not Before: Jan 1 23:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96baad791dd7d2ff766547a63c812d561f23a608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9e:03:1b:f0:c9:89:f2:1c:33:81:d8:a4:ad:
3c:d3:b3:21:36:92:74:2c:70:f1:41:ab:f7:99:ce:
62:07:9a:4d:13:bc:c2:83:c2:0e:1d:ec:a7:55:12:
7f:60:d1:c4:bb:74:d2:6c:1c:13:65:b7:4b:73:89:
10:f3:2e:c3:16:a1:1c:5b:66:5e:16:01:b7:aa:3c:
3f:94:ce:f0:69:24:ee:ef:36:63:a7:c1:04:3c:ff:
d0:7e:21:3c:a5:63:b9:3e:b6:c9:6b:5a:b2:a2:6f:
7f:88:9c:5c:73:28:5c:e4:84:b4:89:68:e6:40:98:
fb:28:28:de:53:7c:b8:58:d4:56:d4:30:14:38:96:
cd:3c:49:9b:8a:b0:b1:8e:a6:b9:14:af:b6:43:19:
64:e9:71:6a:41:70:ba:aa:60:63:0e:ed:21:1a:f1:
be:65:c9:86:dd:fd:42:eb:40:1c:68:65:45:13:15:
77:05:01:ff:f8:8d:4a:d5:ea:32:d8:65:d6:30:06:
e3:4b:ee:ce:a5:3f:e6:84:71:db:90:98:51:1d:56:
09:5a:25:b6:eb:bb:3c:d1:df:ed:eb:a7:48:3a:e9:
47:43:6d:6f:fa:e6:0c:a9:0e:17:e7:fe:a2:2b:f8:
9b:de:86:de:4c:59:bc:29:9a:7d:1e:b3:cd:30:0b:
4a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BA:AD:79:1D:D7:D2:FF:76:65:47:A6:3C:81:2D:56:1F:23:A6:08
X509v3 Authority Key Identifier:
keyid:83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/lrqteR3X0v92ZUemPIEtVh8jpgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.22.228.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:12:bb:b7:ce:b2:c9:18:b7:ff:31:75:d3:36:14:1e:47:38:
35:e9:73:df:ed:0e:d0:24:d8:58:10:f8:4b:4f:62:cd:bb:29:
90:a9:39:79:fa:79:f2:66:64:ac:7d:bc:d4:56:18:62:19:9f:
e6:e3:39:db:83:19:e2:34:17:a0:b5:2f:d5:89:79:51:29:81:
e5:f8:05:51:9a:da:73:b1:3f:2e:44:08:75:94:8c:43:1c:e4:
20:46:51:10:06:1d:6a:cb:ec:ae:02:51:a9:c5:57:87:d0:10:
64:fa:6e:e9:98:ef:02:60:13:cc:ac:48:bc:5f:3a:35:c0:40:
c4:c3:76:63:06:f4:0c:af:e2:62:8e:54:ff:99:cc:01:22:b8:
ad:22:f6:1e:25:87:d4:e2:f4:11:c3:30:4d:ff:cc:10:a8:55:
14:d4:3a:16:46:3b:3a:a1:46:c5:b5:51:e0:0e:a7:f5:0d:f8:
32:22:b5:64:49:c8:8d:bc:41:c4:49:88:bb:50:a0:7f:fb:94:
79:8a:78:e9:ed:f7:9e:19:30:7f:f4:bc:bd:5b:92:16:fd:10:
de:48:e8:ea:03:c9:ed:87:f6:e4:3b:a4:7c:13:36:f2:fe:dc:
48:b3:09:e7:65:b2:f1:16:31:3d:d8:94:a0:2d:2e:29:c6:ee:
25:95:91:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwpPgHA9HgQKavIwG81v9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzEwM2Q2NWE1NGQ2YWYxZWZiYTZhYzNlNjM3MjIwMjhh
ZjJiYjEwHhcNMjMwMTAxMjM1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmJhYWQ3OTFkZDdkMmZmNzY2NTQ3YTYzYzgxMmQ1NjFmMjNhNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup4DG/DJifIcM4HYpK0807MhNpJ0
LHDxQav3mc5iB5pNE7zCg8IOHeynVRJ/YNHEu3TSbBwTZbdLc4kQ8y7DFqEcW2Ze
FgG3qjw/lM7waSTu7zZjp8EEPP/QfiE8pWO5PrbJa1qyom9/iJxccyhc5IS0iWjm
QJj7KCjeU3y4WNRW1DAUOJbNPEmbirCxjqa5FK+2Qxlk6XFqQXC6qmBjDu0hGvG+
ZcmG3f1C60AcaGVFExV3BQH/+I1K1eoy2GXWMAbjS+7OpT/mhHHbkJhRHVYJWiW2
67s80d/t66dIOulHQ21v+uYMqQ4X5/6iK/ib3obeTFm8KZp9HrPNMAtKRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJa6rXkd19L/dmVHpjyBLVYfI6YIMB8GA1UdIwQY
MBaAFIPBA9ZaVNavHvumrD5jciAoryuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQt
YjUwY2Y1ZjJhYTIyLzEvbHJxdGVSM1gwdjkyWlVlbVBJRXRWaDhqcGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQtYjUwY2Y1ZjJhYTIy
LzEvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBQhbkMA0G
CSqGSIb3DQEBCwUAA4IBAQAfEru3zrLJGLf/MXXTNhQeRzg16XPf7Q7QJNhYEPhL
T2LNuymQqTl5+nnyZmSsfbzUVhhiGZ/m4znbgxniNBegtS/ViXlRKYHl+AVRmtpz
sT8uRAh1lIxDHOQgRlEQBh1qy+yuAlGpxVeH0BBk+m7pmO8CYBPMrEi8Xzo1wEDE
w3ZjBvQMr+JijlT/mcwBIritIvYeJYfU4vQRwzBN/8wQqFUU1DoWRjs6oUbFtVHg
Dqf1DfgyIrVkSciNvEHESYi7UKB/+5R5injp7feeGTB/9Ly9W5IW/RDeSOjqA8nt
h/bkO6R8Ezby/txIswnnZbLxFjE92JSgLS4pxu4llZHe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:36 2024 by rpki-client on console-fra.rpki-client.org