Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/67w5W2d7LnyTpBJhD8jc-Qu4bHg.roa
File: 67w5W2d7LnyTpBJhD8jc-Qu4bHg.roa (raw, json)
Hash identifier: 1mIsA81MMGCh/tGl4kSYNAUZ/gmfv6D3lpzJF0HbAbE=
Subject key identifier: EB:BC:39:5B:67:7B:2E:7C:93:A4:12:61:0F:C8:DC:F9:0B:B8:6C:78
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 01856ED4CD187011ACA4EC887429B5614AC5
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/67w5W2d7LnyTpBJhD8jc-Qu4bHg.roa
Signing time: Sun 01 Jan 2023 19:35:17 +0000
ROA not before: Sun 01 Jan 2023 19:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 168.199.0.0/20 maxlen: 24
168.199.112.0/20 maxlen: 24
168.199.16.0/23 maxlen: 24
168.199.22.0/23 maxlen: 24
168.199.48.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:cd:18:70:11:ac:a4:ec:88:74:29:b5:61:4a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 19:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebbc395b677b2e7c93a412610fc8dcf90bb86c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:30:b3:a6:ea:d3:3c:3f:36:59:b3:f6:6d:
5c:9e:65:c4:c7:26:9d:c6:7d:d9:64:63:ec:00:86:
01:98:7e:7f:d8:d2:8e:11:ac:f9:a0:1a:12:e2:03:
5c:6e:e6:89:42:65:ca:1d:cc:48:2b:f7:74:33:d2:
40:fe:4f:13:cf:a1:b8:8d:f8:52:b1:d8:05:a1:7d:
40:20:da:3f:7e:4a:81:40:ce:7d:d0:91:e0:3e:ca:
ce:47:48:18:17:ad:f3:ff:4c:0b:97:cc:fb:c2:9b:
65:ce:5b:19:18:10:5a:fb:c0:38:b1:9c:33:eb:b7:
ad:e7:be:ab:d0:5f:61:be:85:11:6f:31:44:c1:3c:
2a:91:93:76:87:0f:47:3d:c4:55:e7:fb:33:8d:a9:
f2:6f:2c:7c:2a:fc:2d:77:00:b1:45:25:b1:33:f0:
32:70:de:ff:77:7b:ed:01:87:59:3a:05:33:d0:b1:
ec:39:a1:f4:28:4a:2a:7c:33:96:f3:08:91:94:9a:
4c:f5:8d:d6:24:55:c8:ff:1e:db:20:5f:86:23:b3:
34:03:0c:c4:66:cf:7d:2f:ba:0a:8f:bf:6d:5a:70:
14:59:2d:86:e0:b2:c6:c6:21:6a:e1:ca:63:3c:f3:
9c:21:41:fa:29:18:94:38:92:f9:93:71:bb:9d:6c:
34:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:BC:39:5B:67:7B:2E:7C:93:A4:12:61:0F:C8:DC:F9:0B:B8:6C:78
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/67w5W2d7LnyTpBJhD8jc-Qu4bHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.0.0-168.199.17.255
168.199.22.0/23
168.199.48.0/20
168.199.112.0/20
Signature Algorithm: sha256WithRSAEncryption
84:b2:53:74:61:25:43:89:1a:ad:97:f5:f1:46:b5:6d:74:37:
cc:5c:38:96:6d:3e:8e:c5:27:71:3d:3d:bc:dd:00:93:fa:c2:
55:10:8f:d6:34:30:6b:2f:33:83:9d:8b:2d:14:d9:1b:9c:a8:
1d:1f:86:21:23:67:ce:3c:d6:cb:70:5b:bf:a0:3b:02:71:bd:
5c:f9:21:9a:70:6c:34:b0:04:98:2b:60:3d:a6:bf:ce:a2:e2:
dd:5d:06:50:5e:c6:fd:7c:f1:c1:4b:23:ba:12:d3:72:87:6a:
d9:2b:59:a6:4b:6b:b7:96:2f:71:5c:29:4a:86:c4:47:09:a1:
34:9c:f7:a2:a1:3b:55:53:93:74:4d:a7:99:69:78:43:f4:d3:
1d:ac:6b:f0:de:d4:87:0b:d8:38:52:ac:9f:45:85:18:fa:78:
81:f2:f0:92:ed:c5:5e:50:45:3d:4e:c5:44:bf:19:02:2b:12:
cd:1a:cb:c9:47:24:c6:4d:ab:9c:77:a8:71:3c:87:40:20:45:
c5:97:15:59:df:c8:cd:5f:d9:bc:32:25:71:5b:f0:2f:58:e5:
53:8e:f4:21:8b:a5:e5:14:61:2b:a1:61:63:8c:a7:b0:dd:ca:
77:98:bf:6d:e5:87:bb:88:22:9c:72:4b:f1:5b:c7:a0:67:fd:
9b:0b:c0:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVu1M0YcBGspOyIdCm1YUrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjMwMTAxMTkzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmJjMzk1YjY3N2IyZTdjOTNhNDEyNjEwZmM4ZGNmOTBiYjg2Yzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl14ws6bq0zw/Nlmz9m1cnmXExyad
xn3ZZGPsAIYBmH5/2NKOEaz5oBoS4gNcbuaJQmXKHcxIK/d0M9JA/k8Tz6G4jfhS
sdgFoX1AINo/fkqBQM590JHgPsrOR0gYF63z/0wLl8z7wptlzlsZGBBa+8A4sZwz
67et576r0F9hvoURbzFEwTwqkZN2hw9HPcRV5/szjanybyx8KvwtdwCxRSWxM/Ay
cN7/d3vtAYdZOgUz0LHsOaH0KEoqfDOW8wiRlJpM9Y3WJFXI/x7bIF+GI7M0AwzE
Zs99L7oKj79tWnAUWS2G4LLGxiFq4cpjPPOcIUH6KRiUOJL5k3G7nWw0awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOu8OVtney58k6QSYQ/I3PkLuGx4MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvNjd3NVcyZDdMbnlUcEJKaEQ4amMtUXU0YkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfMAsDAwCoxwME
AajHEAMEAajHFgMEBKjHMAMEBKjHcDANBgkqhkiG9w0BAQsFAAOCAQEAhLJTdGEl
Q4karZf18Ua1bXQ3zFw4lm0+jsUncT09vN0Ak/rCVRCP1jQway8zg52LLRTZG5yo
HR+GISNnzjzWy3Bbv6A7AnG9XPkhmnBsNLAEmCtgPaa/zqLi3V0GUF7G/XzxwUsj
uhLTcodq2StZpktrt5YvcVwpSobERwmhNJz3oqE7VVOTdE2nmWl4Q/TTHaxr8N7U
hwvYOFKsn0WFGPp4gfLwku3FXlBFPU7FRL8ZAisSzRrLyUckxk2rnHeocTyHQCBF
xZcVWd/IzV/ZvDIlcVvwL1jlU470IYul5RRhK6FhY4ynsN3Kd5i/beWHu4ginHJL
8VvHoGf9mwvAJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org