Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/4ecKWHvV5hlsw_T8HPvj2Mh9XFw.roa
File: 4ecKWHvV5hlsw_T8HPvj2Mh9XFw.roa (raw, json)
Hash identifier: +6/j8NO+vnKpunA7tgyH/7VcMN0a0KwtJezLl+nVjg8=
Subject key identifier: E1:E7:0A:58:7B:D5:E6:19:6C:C3:F4:FC:1C:FB:E3:D8:C8:7D:5C:5C
Certificate issuer: /CN=0b1870c96ef09723811fb89250eea6eba963c0df
Certificate serial: 01902F3E5CF231EB2A00AA5139257B248520
Authority key identifier: 0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/4ecKWHvV5hlsw_T8HPvj2Mh9XFw.roa
Signing time: Wed 19 Jun 2024 06:45:34 +0000
ROA not before: Wed 19 Jun 2024 06:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 378
IP address blocks: 132.64.0.0/15 maxlen: 15
132.64.0.0/16 maxlen: 16
132.64.1.0/24 maxlen: 24
132.64.2.0/24 maxlen: 24
132.64.5.0/24 maxlen: 24
132.64.6.0/24 maxlen: 24
132.64.16.0/24 maxlen: 24
132.64.40.0/24 maxlen: 24
132.64.43.0/24 maxlen: 24
132.64.44.0/24 maxlen: 24
132.64.254.0/24 maxlen: 24
132.65.0.0/16 maxlen: 16
192.114.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 11 Aug 2024 11:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2f:3e:5c:f2:31:eb:2a:00:aa:51:39:25:7b:24:85:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1870c96ef09723811fb89250eea6eba963c0df
Validity
Not Before: Jun 19 06:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1e70a587bd5e6196cc3f4fc1cfbe3d8c87d5c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b9:c3:0f:10:bc:10:ee:06:ff:92:9e:54:c0:
c5:cd:8d:bd:4a:bc:dc:54:68:79:03:d2:b0:09:47:
34:65:bf:7c:54:62:19:7e:79:91:62:35:92:45:23:
c6:2c:84:83:b6:6d:f4:10:51:98:fd:01:16:16:b7:
93:b7:f9:14:4c:33:58:20:85:66:ae:51:9a:97:be:
17:5a:12:76:21:58:a5:5c:71:33:c9:c5:3a:ba:c2:
50:cc:ca:94:a0:70:4a:68:03:0f:6a:ec:96:cc:a2:
b2:0f:e5:39:75:95:78:fd:41:87:99:39:f5:14:07:
57:06:00:78:98:e4:44:86:ac:28:ca:38:dc:89:fe:
70:77:72:e6:d3:6e:58:f7:c4:06:ed:2c:94:42:81:
9f:7d:34:84:a9:48:d3:2a:39:ea:58:e7:e0:59:a8:
4a:2e:ff:96:62:d2:00:08:7e:c5:a2:ca:2c:2f:ce:
92:25:e1:c0:a5:07:53:ae:60:62:02:55:af:e8:cb:
60:d1:bd:d2:66:5f:71:14:1a:cd:b6:01:a6:08:97:
14:48:2f:d0:2e:99:3b:8f:c0:03:57:b8:19:f2:17:
9b:27:e8:44:be:a9:5d:bb:36:ca:74:27:21:d4:b8:
6c:14:a6:40:24:50:35:1d:28:93:04:a6:08:df:a7:
9e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E7:0A:58:7B:D5:E6:19:6C:C3:F4:FC:1C:FB:E3:D8:C8:7D:5C:5C
X509v3 Authority Key Identifier:
keyid:0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/4ecKWHvV5hlsw_T8HPvj2Mh9XFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CxhwyW7wlyOBH7iSUO6m66ljwN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.64.0.0/15
192.114.88.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:5d:ba:b1:cf:ee:92:a0:05:c1:cb:b9:96:8e:d9:01:75:09:
01:87:fc:4d:d8:84:8c:5c:da:e1:b5:6c:d8:3b:6d:6e:48:1b:
9b:c4:84:31:d6:ea:7e:21:5a:a2:a2:d7:f1:39:af:5e:99:4b:
b8:c3:96:a4:ea:00:a8:3d:22:03:c6:cb:b2:fd:2d:aa:21:ce:
94:82:05:a1:b9:0e:57:96:0e:44:c2:9f:b3:bc:71:7f:06:dc:
d0:4c:06:e2:ba:93:e9:68:b6:27:33:97:b8:02:88:1b:33:77:
9b:df:6d:1a:a7:e7:f6:f5:52:61:46:ea:10:44:07:dc:ea:91:
b7:a6:31:4c:8f:05:d0:52:c2:20:55:1f:bc:a4:f4:db:e2:9f:
3f:e3:7f:05:eb:62:c7:72:4b:33:9e:da:aa:04:3f:32:67:6f:
15:71:8a:ae:78:06:5b:f2:47:b8:ca:87:c6:6e:52:eb:9e:8e:
f0:38:b7:8d:04:7a:b1:db:6f:61:3a:39:5d:34:8e:b7:d6:89:
24:07:8a:dc:0a:1f:9a:29:cd:6f:de:c9:c1:6b:51:b2:b3:0f:
51:b7:f0:80:24:c8:f9:59:69:e8:47:d6:7b:8c:5b:38:94:ae:
2c:fd:22:49:69:db:90:c9:de:8f:1d:bc:27:a3:33:9d:df:ce:
59:54:56:81
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZAvPlzyMesqAKpROSV7JIUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMTg3MGM5NmVmMDk3MjM4MTFmYjg5MjUwZWVhNmViYTk2
M2MwZGYwHhcNMjQwNjE5MDY0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWU3MGE1ODdiZDVlNjE5NmNjM2Y0ZmMxY2ZiZTNkOGM4N2Q1YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7nDDxC8EO4G/5KeVMDFzY29Srzc
VGh5A9KwCUc0Zb98VGIZfnmRYjWSRSPGLISDtm30EFGY/QEWFreTt/kUTDNYIIVm
rlGal74XWhJ2IVilXHEzycU6usJQzMqUoHBKaAMPauyWzKKyD+U5dZV4/UGHmTn1
FAdXBgB4mOREhqwoyjjcif5wd3Lm025Y98QG7SyUQoGffTSEqUjTKjnqWOfgWahK
Lv+WYtIACH7FososL86SJeHApQdTrmBiAlWv6Mtg0b3SZl9xFBrNtgGmCJcUSC/Q
Lpk7j8ADV7gZ8hebJ+hEvqlduzbKdCch1LhsFKZAJFA1HSiTBKYI36eeXwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFOHnClh71eYZbMP0/Bz749jIfVxcMB8GA1UdIwQY
MBaAFAsYcMlu8JcjgR+4klDupuupY8DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMt
YTJlMjRmOTgwYjNmLzEvNGVjS1dIdlY1aGxzd19UOEhQdmoyTWg5WEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMtYTJlMjRmOTgwYjNm
LzEvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMBhEADBALA
clgwDQYJKoZIhvcNAQELBQADggEBAJpdurHP7pKgBcHLuZaO2QF1CQGH/E3YhIxc
2uG1bNg7bW5IG5vEhDHW6n4hWqKi1/E5r16ZS7jDlqTqAKg9IgPGy7L9LaohzpSC
BaG5DleWDkTCn7O8cX8G3NBMBuK6k+loticzl7gCiBszd5vfbRqn5/b1UmFG6hBE
B9zqkbemMUyPBdBSwiBVH7yk9Nvinz/jfwXrYsdySzOe2qoEPzJnbxVxiq54Blvy
R7jKh8ZuUuuejvA4t40EerHbb2E6OV00jrfWiSQHitwKH5opzW/eycFrUbKzD1G3
8IAkyPlZaehH1nuMWziUriz9Iklp25DJ3o8dvCejM53fzllUVoE=
-----END CERTIFICATE-----
Generated at Sun Aug 11 15:25:48 2024 by rpki-client on console-ams.rpki-client.org