Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/qKs7k819FCfMVWDm6H0ev2kEiKY.roa
File: qKs7k819FCfMVWDm6H0ev2kEiKY.roa (raw, json)
Hash identifier: OPF2ZajExLwpC0b8PdsT9FcVTqxhEF1DToJ2NtWpeT4=
Subject key identifier: A8:AB:3B:93:CD:7D:14:27:CC:55:60:E6:E8:7D:1E:BF:69:04:88:A6
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01920FCCBC1A51A4C42786E124078B3E2346
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/qKs7k819FCfMVWDm6H0ev2kEiKY.roa
Signing time: Fri 20 Sep 2024 14:18:48 +0000
ROA not before: Fri 20 Sep 2024 14:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 167.160.28.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.166.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.176.0/24 maxlen: 24
203.188.177.0/24 maxlen: 24
203.188.178.0/24 maxlen: 24
203.188.179.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
203.188.181.0/24 maxlen: 24
203.188.182.0/24 maxlen: 24
203.188.183.0/24 maxlen: 24
203.188.184.0/24 maxlen: 24
203.188.185.0/24 maxlen: 24
203.188.186.0/24 maxlen: 24
203.188.187.0/24 maxlen: 24
203.188.188.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 07:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:cc:bc:1a:51:a4:c4:27:86:e1:24:07:8b:3e:23:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Sep 20 14:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8ab3b93cd7d1427cc5560e6e87d1ebf690488a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:68:94:6a:74:c1:e0:34:4d:d9:56:43:f8:b2:
6c:15:a9:35:ad:33:e2:fb:08:c5:35:65:aa:6f:c1:
76:df:f2:1b:9c:f8:53:dc:83:6d:a9:d4:62:1d:39:
c9:76:b5:56:62:93:e8:4d:30:69:26:f6:e7:55:95:
eb:cf:ec:75:51:11:e3:5d:7f:d2:a9:07:5b:df:e3:
f6:b1:7d:5f:8c:08:f8:5d:0b:33:34:f1:33:e5:f3:
d1:87:4f:92:c8:3f:3c:9b:84:dc:08:af:10:83:92:
d7:5b:64:2d:a6:42:73:c5:e9:d2:0a:48:67:51:9f:
33:9c:fa:41:e9:b6:0c:25:e0:07:5f:be:76:47:68:
ef:03:4f:90:91:61:c9:28:ea:22:4c:d8:27:f9:26:
40:07:86:c1:b1:76:c5:ff:44:da:dd:a8:22:3c:94:
cc:af:54:12:f8:56:68:ea:94:52:23:e6:ea:6c:7e:
df:ea:c0:60:6e:57:54:97:ed:71:f8:89:f4:9d:25:
74:a1:48:06:4b:dc:e0:7a:cc:5a:42:da:9c:2c:59:
3d:ab:f0:49:7e:01:c3:1b:6a:33:2d:c4:f6:11:b8:
90:e6:5c:58:14:42:85:78:a4:1d:29:5f:3b:d6:02:
e1:13:31:17:74:03:53:9e:fa:14:3b:b8:f2:f2:7a:
45:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AB:3B:93:CD:7D:14:27:CC:55:60:E6:E8:7D:1E:BF:69:04:88:A6
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/qKs7k819FCfMVWDm6H0ev2kEiKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.28.0/24
198.55.31.0/24
203.188.166.0/24
203.188.174.0-203.188.191.255
Signature Algorithm: sha256WithRSAEncryption
a1:38:fc:f7:3a:9c:5f:cd:1b:11:0a:28:1d:de:3a:a1:af:10:
9d:7c:83:5c:27:ab:bd:8b:a0:a4:4b:1a:8f:67:da:a9:04:ef:
e6:8c:dd:37:81:c8:ad:f7:3f:d1:93:b6:d6:14:8e:10:f0:4f:
85:ab:03:e8:5f:e0:94:69:01:e2:0f:ef:6e:e6:bb:8e:10:8f:
43:22:ed:0c:14:fb:90:b4:de:d4:86:58:ea:56:bd:b5:79:e8:
cb:03:ea:00:76:47:e1:41:04:b2:33:c8:57:54:4e:4c:c1:b4:
a5:83:da:36:22:7a:fc:29:26:0a:d3:e9:bf:0f:88:28:50:bf:
23:f5:10:8a:df:9e:d7:4e:cf:52:5c:66:ee:5b:ef:3b:0a:d9:
7c:3d:4b:dc:8a:7a:a7:61:89:6f:7d:99:c9:c1:25:c2:86:90:
aa:8d:9b:ce:0a:e2:80:51:dc:ec:74:b1:21:31:50:dc:49:10:
63:70:1a:08:54:52:3a:fc:3b:8e:5a:ec:96:d0:fe:55:1d:f0:
c6:15:82:51:4d:e0:1c:8f:0f:d0:c1:e9:1e:53:8a:ce:7c:d9:
9f:47:86:8a:10:da:12:9c:32:45:00:15:fc:70:c1:d9:b1:6f:
98:2b:fb:dc:54:78:fb:76:6a:20:b3:a7:44:1b:68:8f:a5:db:
64:dc:5d:60
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZIPzLwaUaTEJ4bhJAeLPiNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwOTIwMTQxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFiM2I5M2NkN2QxNDI3Y2M1NTYwZTZlODdkMWViZjY5MDQ4OGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGiUanTB4DRN2VZD+LJsFak1rTPi
+wjFNWWqb8F23/IbnPhT3INtqdRiHTnJdrVWYpPoTTBpJvbnVZXrz+x1URHjXX/S
qQdb3+P2sX1fjAj4XQszNPEz5fPRh0+SyD88m4TcCK8Qg5LXW2QtpkJzxenSCkhn
UZ8znPpB6bYMJeAHX752R2jvA0+QkWHJKOoiTNgn+SZAB4bBsXbF/0Ta3agiPJTM
r1QS+FZo6pRSI+bqbH7f6sBgbldUl+1x+In0nSV0oUgGS9zgesxaQtqcLFk9q/BJ
fgHDG2ozLcT2EbiQ5lxYFEKFeKQdKV871gLhEzEXdANTnvoUO7jy8npF8wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKirO5PNfRQnzFVg5uh9Hr9pBIimMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvcUtzN2s4MTlGQ2ZNVldEbTZIMGV2MmtFaUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAp6AcAwQA
xjcfAwQAy7ymMAwDBAHLvK4DBAbLvIAwDQYJKoZIhvcNAQELBQADggEBAKE4/Pc6
nF/NGxEKKB3eOqGvEJ18g1wnq72LoKRLGo9n2qkE7+aM3TeByK33P9GTttYUjhDw
T4WrA+hf4JRpAeIP727mu44Qj0Mi7QwU+5C03tSGWOpWvbV56MsD6gB2R+FBBLIz
yFdUTkzBtKWD2jYievwpJgrT6b8PiChQvyP1EIrfntdOz1JcZu5b7zsK2Xw9S9yK
eqdhiW99mcnBJcKGkKqNm84K4oBR3Ox0sSExUNxJEGNwGghUUjr8O45a7JbQ/lUd
8MYVglFN4ByPD9DB6R5Tis582Z9HhooQ2hKcMkUAFfxwwdmxb5gr+9xUePt2aiCz
p0QbaI+l22TcXWA=
-----END CERTIFICATE-----
Generated at Mon Sep 23 10:48:42 2024 by rpki-client on console-ams.rpki-client.org