Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/CdZQit1J1sDmFkv8lBz-uVfSMxI.roa
File: CdZQit1J1sDmFkv8lBz-uVfSMxI.roa (raw, json)
Hash identifier: X/gMMUPHsgVwv2hN6ApbGxYmwrkpAkysMJadg5IHcDA=
Subject key identifier: 09:D6:50:8A:DD:49:D6:C0:E6:16:4B:FC:94:1C:FE:B9:57:D2:33:12
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A4898B5E9D5B17555612FC2728934
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/CdZQit1J1sDmFkv8lBz-uVfSMxI.roa
Signing time: Sun 01 Jan 2023 03:05:08 +0000
ROA not before: Sun 01 Jan 2023 03:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210226
IP address blocks: 128.0.65.0/24 maxlen: 24
37.230.128.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:48:98:b5:e9:d5:b1:75:55:61:2f:c2:72:89:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09d6508add49d6c0e6164bfc941cfeb957d23312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f0:d3:c3:96:f0:85:9a:b6:65:de:f2:22:ef:
ba:ca:09:4c:ae:16:b2:9b:1a:a8:0e:91:8f:2a:72:
3d:c4:97:0e:dd:f3:69:cf:b2:6d:9e:23:57:6c:6c:
3e:b5:06:ad:38:14:21:ae:db:92:dc:67:6e:4f:63:
13:52:6a:8f:58:4c:b9:67:c4:56:e6:cc:c9:03:88:
c4:33:8c:17:8c:94:0b:e3:44:2c:1d:cf:ab:0b:50:
3f:24:b7:ad:01:78:14:86:3b:e8:41:41:7a:4f:6c:
56:24:f0:75:3f:8e:7a:66:fc:05:66:e6:72:54:46:
b7:b4:12:a8:1b:c0:41:90:a4:c9:f6:ee:50:ab:4a:
9e:dc:93:08:18:37:4a:e3:c3:eb:7e:49:28:c8:f6:
81:e8:a2:a5:fa:42:5b:4f:28:e9:26:e5:58:ba:31:
18:62:5c:83:2b:73:89:1e:84:c3:7b:e1:ed:72:9c:
db:df:4f:41:ff:4b:b5:da:27:36:9a:b8:a6:bc:18:
fb:98:86:ab:0a:c5:55:8e:bf:37:5e:12:f7:9b:36:
6b:f9:f9:db:73:80:b9:0c:fe:f6:c9:a0:37:dd:98:
5c:46:02:fe:e4:6b:39:fa:c6:95:67:32:5b:96:f2:
9f:55:31:4f:55:d9:f5:b9:a6:6a:fa:94:73:fe:76:
ca:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D6:50:8A:DD:49:D6:C0:E6:16:4B:FC:94:1C:FE:B9:57:D2:33:12
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/CdZQit1J1sDmFkv8lBz-uVfSMxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.128.0/23
128.0.65.0/24
Signature Algorithm: sha256WithRSAEncryption
98:ce:9f:14:0b:6c:a7:44:15:90:4b:de:f0:54:0f:dd:e6:f8:
e2:52:78:9d:1e:53:c7:eb:98:ee:f9:e0:48:ac:33:52:00:e3:
a9:2a:57:b4:cf:2e:04:0e:d9:91:85:14:90:75:a1:f2:85:1c:
14:59:b1:32:fe:f1:1e:a2:64:13:a1:bc:e7:48:70:11:cb:a4:
2a:1e:5e:aa:c5:b2:cd:97:95:f5:8d:ca:9f:d4:25:cd:d8:5d:
5b:49:f0:a7:32:0b:cf:6b:69:2d:a9:4a:3c:b3:d2:3f:a1:04:
49:6c:b5:f5:db:fb:0d:3c:0b:77:0d:4e:25:82:8e:9b:78:47:
2c:02:5b:49:67:af:4c:0b:8e:9a:47:93:2e:1e:81:d4:85:01:
f3:3d:4a:2a:3d:24:82:cb:79:b6:12:ad:ea:0c:fe:c4:80:8c:
db:1b:b4:e0:fd:8d:18:ea:66:2d:34:fe:43:ae:5e:08:ac:9c:
c1:80:82:30:1c:45:42:45:b4:53:4c:a9:c4:6d:88:49:cd:05:
1b:26:eb:40:84:ca:a7:e1:04:9a:b2:1e:cb:80:de:95:ec:b5:
1f:2e:30:5f:06:86:a1:76:30:8c:9e:0b:c5:d9:13:a0:cc:f7:
d5:4a:28:35:2c:ad:52:27:ed:22:1b:cb:af:3b:8a:26:ee:0c:
02:a6:44:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrSkiYtenVsXVVYS/Ccok0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ2NTA4YWRkNDlkNmMwZTYxNjRiZmM5NDFjZmViOTU3ZDIzMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvDTw5bwhZq2Zd7yIu+6yglMrhay
mxqoDpGPKnI9xJcO3fNpz7JtniNXbGw+tQatOBQhrtuS3GduT2MTUmqPWEy5Z8RW
5szJA4jEM4wXjJQL40QsHc+rC1A/JLetAXgUhjvoQUF6T2xWJPB1P456ZvwFZuZy
VEa3tBKoG8BBkKTJ9u5Qq0qe3JMIGDdK48PrfkkoyPaB6KKl+kJbTyjpJuVYujEY
YlyDK3OJHoTDe+Htcpzb309B/0u12ic2mrimvBj7mIarCsVVjr83XhL3mzZr+fnb
c4C5DP72yaA33ZhcRgL+5Gs5+saVZzJblvKfVTFPVdn1uaZq+pRz/nbKdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAnWUIrdSdbA5hZL/JQc/rlX0jMSMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvQ2RaUWl0MUoxc0RtRmt2OGxCei11VmZTTXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJeaAAwQA
gABBMA0GCSqGSIb3DQEBCwUAA4IBAQCYzp8UC2ynRBWQS97wVA/d5vjiUnidHlPH
65ju+eBIrDNSAOOpKle0zy4EDtmRhRSQdaHyhRwUWbEy/vEeomQTobznSHARy6Qq
Hl6qxbLNl5X1jcqf1CXN2F1bSfCnMgvPa2ktqUo8s9I/oQRJbLX12/sNPAt3DU4l
go6beEcsAltJZ69MC46aR5MuHoHUhQHzPUoqPSSCy3m2Eq3qDP7EgIzbG7Tg/Y0Y
6mYtNP5Drl4IrJzBgIIwHEVCRbRTTKnEbYhJzQUbJutAhMqn4QSash7LgN6V7LUf
LjBfBoahdjCMngvF2ROgzPfVSig1LK1SJ+0iG8uvO4om7gwCpkQX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org