Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/pn5F521uRs-i3dItZrR_Y3VPm3M.roa
File: pn5F521uRs-i3dItZrR_Y3VPm3M.roa (raw, json)
Hash identifier: 6LaUjU21Pr+g2fvamVcKC2eneb5+JLOjxwwAbv9Zu/g=
Subject key identifier: A6:7E:45:E7:6D:6E:46:CF:A2:DD:D2:2D:66:B4:7F:63:75:4F:9B:73
Certificate issuer: /CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Certificate serial: 0186938DBF74095073DCB340C48DBB773B98
Authority key identifier: 2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/pn5F521uRs-i3dItZrR_Y3VPm3M.roa
Signing time: Mon 27 Feb 2023 15:46:25 +0000
ROA not before: Mon 27 Feb 2023 15:46:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 141.93.16.0/24 maxlen: 24
141.93.16.0/22 maxlen: 22
141.93.17.0/24 maxlen: 24
141.93.12.0/24 maxlen: 24
141.93.18.0/24 maxlen: 24
141.93.19.0/24 maxlen: 24
141.93.32.0/24 maxlen: 24
141.93.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 09:06:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:8d:bf:74:09:50:73:dc:b3:40:c4:8d:bb:77:3b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Validity
Not Before: Feb 27 15:46:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a67e45e76d6e46cfa2ddd22d66b47f63754f9b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d6:bc:35:ba:85:cc:4b:62:61:b0:20:1b:46:
fb:8b:f4:d2:bc:c4:e8:88:ba:9c:f8:b4:04:4d:77:
e4:9d:e2:e3:6f:ad:a9:b9:34:ff:4a:6b:a0:81:f2:
95:1c:2e:7e:a0:ce:ea:3d:dd:85:94:a9:5c:92:75:
a3:8d:6b:52:ab:06:66:e7:b6:9d:be:31:0b:24:48:
f9:f4:9b:0f:07:34:c7:39:94:14:76:f8:87:8f:43:
3a:a4:46:27:d1:2a:3e:ee:ec:ce:b5:7f:d4:73:04:
a0:3b:9f:21:f2:c6:0f:3c:a7:04:0c:00:62:bd:9a:
0c:47:6a:39:2d:a9:bf:69:b9:a6:b8:2f:16:32:d4:
a4:07:a9:f0:23:51:d7:9b:06:6c:3e:e3:6a:0b:95:
10:a9:a2:10:2f:cd:c8:8c:af:08:d1:3f:38:b7:8e:
22:d1:36:35:52:2e:b4:65:6f:16:cb:9b:f1:9c:3e:
63:6c:85:b7:8b:3d:0c:39:e2:e2:2d:6e:aa:b9:e1:
e8:62:5b:4e:04:e3:66:61:9d:16:b3:7f:28:60:5b:
cb:9d:d2:16:84:75:19:9d:1c:0a:20:df:ef:a0:01:
7b:b6:22:e7:38:d2:22:b3:87:bd:03:40:f9:0d:6d:
5d:e4:87:3e:5f:1f:8a:69:79:e0:d0:ef:9e:db:f0:
7b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:7E:45:E7:6D:6E:46:CF:A2:DD:D2:2D:66:B4:7F:63:75:4F:9B:73
X509v3 Authority Key Identifier:
keyid:2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/pn5F521uRs-i3dItZrR_Y3VPm3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/LxF62jy5UVptim3MFfKwsafZvh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.93.12.0/24
141.93.16.0/22
141.93.32.0/24
141.93.35.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:17:24:75:9a:2b:ff:ff:d0:65:44:d8:62:6d:5b:f9:a1:90:
f4:1a:b6:63:fa:7d:df:a1:7e:4e:b9:92:2f:14:99:d8:22:02:
0c:97:19:11:d4:a2:7e:c5:3e:16:4e:41:47:6b:e0:bb:26:ea:
dd:d5:43:22:f6:8a:be:87:fc:62:e7:8e:e5:ef:6a:18:83:c7:
c5:ac:2b:56:b8:cc:51:1f:63:1f:13:23:f6:58:7b:40:a7:7b:
54:f3:9a:d5:59:91:82:ae:8f:c4:5d:66:bd:77:c4:ac:40:a8:
25:5b:53:59:a1:6b:42:3f:78:a0:70:41:f6:f1:4c:34:0f:e6:
22:ba:02:c6:93:12:f4:e4:1c:24:85:cd:2f:9f:8c:90:73:e7:
6e:e6:88:4e:fa:25:c9:45:ec:44:c3:84:31:0c:1e:f0:4a:c3:
15:37:5c:94:d3:76:ed:71:71:51:ce:25:7e:bb:eb:83:9a:d0:
a6:6b:e1:23:78:a9:69:25:b9:b5:2b:46:97:3b:3b:c5:df:15:
01:2f:12:3e:83:cc:41:2e:82:22:a2:28:3d:f3:2b:cd:c7:9b:
4a:92:e1:a4:6f:8c:fd:7e:0c:35:61:d9:fb:6c:40:03:18:8c:
2e:f4:27:48:51:ea:e1:1e:72:f5:5e:92:dc:86:c9:4c:73:32:
e7:5a:6a:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaTjb90CVBz3LNAxI27dzuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTE3YWRhM2NiOTUxNWE2ZDhhNmRjYzE1ZjJiMGIxYTdk
OWJlMWQwHhcNMjMwMjI3MTU0NjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjdlNDVlNzZkNmU0NmNmYTJkZGQyMmQ2NmI0N2Y2Mzc1NGY5YjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNa8NbqFzEtiYbAgG0b7i/TSvMTo
iLqc+LQETXfkneLjb62puTT/SmuggfKVHC5+oM7qPd2FlKlcknWjjWtSqwZm57ad
vjELJEj59JsPBzTHOZQUdviHj0M6pEYn0So+7uzOtX/UcwSgO58h8sYPPKcEDABi
vZoMR2o5Lam/abmmuC8WMtSkB6nwI1HXmwZsPuNqC5UQqaIQL83IjK8I0T84t44i
0TY1Ui60ZW8Wy5vxnD5jbIW3iz0MOeLiLW6queHoYltOBONmYZ0Ws38oYFvLndIW
hHUZnRwKIN/voAF7tiLnONIis4e9A0D5DW1d5Ic+Xx+KaXng0O+e2/B7hwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKZ+RedtbkbPot3SLWa0f2N1T5tzMB8GA1UdIwQY
MBaAFC8Reto8uVFabYptzBXysLGn2b4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDct
N2EwMzRkMTcwYjg1LzEvcG41RjUyMXVScy1pM2RJdFpyUl9ZM1ZQbTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDctN2EwMzRkMTcwYjg1
LzEvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjV0MAwQC
jV0QAwQAjV0gAwQAjV0jMA0GCSqGSIb3DQEBCwUAA4IBAQAvFyR1miv//9BlRNhi
bVv5oZD0GrZj+n3foX5OuZIvFJnYIgIMlxkR1KJ+xT4WTkFHa+C7Jurd1UMi9oq+
h/xi547l72oYg8fFrCtWuMxRH2MfEyP2WHtAp3tU85rVWZGCro/EXWa9d8SsQKgl
W1NZoWtCP3igcEH28Uw0D+YiugLGkxL05Bwkhc0vn4yQc+du5ohO+iXJRexEw4Qx
DB7wSsMVN1yU03btcXFRziV+u+uDmtCma+EjeKlpJbm1K0aXOzvF3xUBLxI+g8xB
LoIioig98yvNx5tKkuGkb4z9fgw1Ydn7bEADGIwu9CdIUerhHnL1XpLchslMczLn
Wmqq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:47 2024 by rpki-client on console-ams.rpki-client.org