Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/c9chx9lAY7uyQKQ2B4baa0WwqBU.roa
File: c9chx9lAY7uyQKQ2B4baa0WwqBU.roa (raw, json)
Hash identifier: daqYYUlIdD1jL/QS9ETu3ucNXgLsdG3986+m8sTzxcw=
Subject key identifier: 73:D7:21:C7:D9:40:63:BB:B2:40:A4:36:07:86:DA:6B:45:B0:A8:15
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0190E9B66B6D4C8961E1ED27C3307F7CF660
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/c9chx9lAY7uyQKQ2B4baa0WwqBU.roa
Signing time: Thu 25 Jul 2024 11:46:04 +0000
ROA not before: Thu 25 Jul 2024 11:46:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 167.160.16.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jul 2024 11:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:b6:6b:6d:4c:89:61:e1:ed:27:c3:30:7f:7c:f6:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jul 25 11:46:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73d721c7d94063bbb240a4360786da6b45b0a815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:89:c8:5b:41:b8:26:95:06:3c:2b:f3:0d:58:
8f:e1:27:b6:65:87:bc:c0:a2:59:17:ea:57:0d:a4:
5b:2a:95:f8:30:f6:bd:0a:59:fb:91:90:99:7c:60:
9a:bb:3d:15:fc:f4:aa:b4:fb:a4:41:93:f7:d5:0a:
dc:72:6e:f4:50:f1:e0:af:7e:7d:c8:5b:89:b0:8d:
1a:9a:e4:78:b9:52:35:05:bd:69:5d:0b:46:75:69:
82:58:d9:6a:0d:2a:58:78:52:05:73:3b:3b:fb:14:
f0:30:24:88:03:69:d1:70:8e:ca:bd:a9:a0:47:05:
0a:b0:21:97:20:43:94:34:d5:d9:96:f5:38:a1:95:
9b:06:fc:3b:9c:81:26:8c:60:4a:9c:0f:8a:6d:ac:
de:d2:b5:2b:ed:aa:5b:26:21:6f:7a:65:7e:f6:9f:
4b:57:3a:07:bc:37:c2:5f:83:d4:02:ca:dd:fd:95:
48:05:85:1a:cc:bc:68:bb:80:b4:82:0e:5f:89:da:
3c:ef:12:08:a1:de:c8:09:af:85:b2:d2:bd:42:1f:
39:c4:60:97:25:d5:28:bb:6a:2f:38:67:60:ac:4a:
db:2b:36:6c:0f:71:b7:ad:bb:cd:41:f8:29:29:12:
c0:b5:cf:e4:aa:6c:c2:3b:1e:77:54:2d:26:c9:fd:
bc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D7:21:C7:D9:40:63:BB:B2:40:A4:36:07:86:DA:6B:45:B0:A8:15
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/c9chx9lAY7uyQKQ2B4baa0WwqBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.16.0/23
167.160.29.0/24
198.55.28.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:d3:5a:bc:71:08:31:b7:6c:eb:18:1d:9c:d7:5b:d3:43:54:
5d:e1:c6:62:13:fa:c5:46:59:b0:10:5d:9e:62:91:8f:9d:78:
d8:a4:e0:21:2a:c7:58:e4:7f:8d:a3:a7:75:f7:b1:48:60:d0:
a7:a5:d8:28:c6:96:e3:43:c1:c6:81:1b:54:f6:03:42:de:bf:
d7:8c:70:3c:d8:1f:51:aa:66:b6:39:21:27:fe:16:79:c0:2f:
fe:65:79:16:71:b7:17:71:5c:74:ad:d7:8b:14:de:89:8f:e5:
dd:3e:1b:12:de:68:d3:f3:f1:db:47:be:af:31:20:94:08:55:
07:8f:ee:4b:90:23:c0:70:7a:9f:b5:63:ea:06:b5:58:bb:34:
67:79:81:82:b7:63:d7:21:f1:d5:4d:bd:5e:ca:b6:bc:95:57:
d6:ef:71:3e:7d:eb:20:e7:4a:c2:c2:55:ae:c9:16:eb:dd:5c:
c6:ed:3a:f5:14:49:d9:e8:73:af:0a:a6:5f:d3:52:00:0b:5a:
2e:95:c3:4a:9e:7d:65:b9:a9:fd:62:90:e3:18:f8:98:c0:77:
45:34:70:78:92:fe:58:1e:b6:4c:b7:96:d6:47:a4:27:be:0d:
47:d5:89:3b:8f:92:6b:11:fd:aa:7e:6b:73:93:6a:4d:a2:bb:
47:ed:86:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDptmttTIlh4e0nwzB/fPZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwNzI1MTE0NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Q3MjFjN2Q5NDA2M2JiYjI0MGE0MzYwNzg2ZGE2YjQ1YjBhODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6InIW0G4JpUGPCvzDViP4Se2ZYe8
wKJZF+pXDaRbKpX4MPa9Cln7kZCZfGCauz0V/PSqtPukQZP31Qrccm70UPHgr359
yFuJsI0amuR4uVI1Bb1pXQtGdWmCWNlqDSpYeFIFczs7+xTwMCSIA2nRcI7Kvamg
RwUKsCGXIEOUNNXZlvU4oZWbBvw7nIEmjGBKnA+Kbaze0rUr7apbJiFvemV+9p9L
VzoHvDfCX4PUAsrd/ZVIBYUazLxou4C0gg5fido87xIIod7ICa+FstK9Qh85xGCX
JdUou2ovOGdgrErbKzZsD3G3rbvNQfgpKRLAtc/kqmzCOx53VC0myf28awIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHPXIcfZQGO7skCkNgeG2mtFsKgVMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvYzljaHg5bEFZN3V5UUtRMkI0YmFhMFd3cUJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBp6AQAwQA
p6AdAwQBxjccMA0GCSqGSIb3DQEBCwUAA4IBAQB701q8cQgxt2zrGB2c11vTQ1Rd
4cZiE/rFRlmwEF2eYpGPnXjYpOAhKsdY5H+No6d197FIYNCnpdgoxpbjQ8HGgRtU
9gNC3r/XjHA82B9Rqma2OSEn/hZ5wC/+ZXkWcbcXcVx0rdeLFN6Jj+XdPhsS3mjT
8/HbR76vMSCUCFUHj+5LkCPAcHqftWPqBrVYuzRneYGCt2PXIfHVTb1eyra8lVfW
73E+fesg50rCwlWuyRbr3VzG7Tr1FEnZ6HOvCqZf01IAC1oulcNKnn1luan9YpDj
GPiYwHdFNHB4kv5YHrZMt5bWR6Qnvg1H1Yk7j5JrEf2qfmtzk2pNortH7YZN
-----END CERTIFICATE-----
Generated at Wed Jul 31 14:18:39 2024 by rpki-client on console-ams.rpki-client.org