Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/e88oA5Cwvz7Vj-p_z8L9v_EhlpM.roa
File: e88oA5Cwvz7Vj-p_z8L9v_EhlpM.roa (raw, json)
Hash identifier: bhWyrxzYWIxW2zIbHsExRDs1LeXkKH5ap5C1rNoKGmE=
Subject key identifier: 7B:CF:28:03:90:B0:BF:3E:D5:8F:EA:7F:CF:C2:FD:BF:F1:21:96:93
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 01856ED4C76ED700623391FE8F5D41E29F9F
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/e88oA5Cwvz7Vj-p_z8L9v_EhlpM.roa
Signing time: Sun 01 Jan 2023 19:35:16 +0000
ROA not before: Sun 01 Jan 2023 19:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 168.199.128.0/17 maxlen: 24
168.199.64.0/19 maxlen: 24
185.170.68.0/22 maxlen: 24
185.171.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Jan 2023 04:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c7:6e:d7:00:62:33:91:fe:8f:5d:41:e2:9f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 19:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bcf280390b0bf3ed58fea7fcfc2fdbff1219693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3e:7a:6c:26:2b:0b:51:fc:5f:87:b6:4d:54:
f4:e7:a2:a1:b3:dd:1c:82:9d:9e:c3:3f:47:19:ec:
83:7e:1c:3a:7b:9d:3a:16:60:8a:79:48:1c:6c:db:
80:1b:51:01:2a:72:53:aa:40:46:44:ba:a5:4d:38:
05:ee:93:31:0f:87:80:54:2d:4a:67:92:71:c8:9c:
51:a1:77:b7:98:89:d6:15:b4:5c:64:b5:42:89:c0:
58:f7:48:10:ee:0b:7b:d7:1d:a5:70:4c:e2:e7:d6:
0f:82:d6:61:7f:5d:fc:d7:02:dc:92:a3:f8:9a:ae:
f4:1a:41:00:46:e9:fe:74:8a:b7:42:18:ca:b4:1f:
80:30:87:c5:69:14:32:76:7a:79:8f:9c:6e:bd:b5:
a8:75:fe:fa:2d:ca:12:64:dc:3c:5b:f6:11:05:fb:
b9:f8:a8:25:38:1e:9f:02:61:73:77:81:27:02:64:
72:fc:83:c1:dd:c5:86:37:a1:ab:d3:d5:56:de:a0:
8b:65:d2:ae:f5:0a:12:ba:f1:d7:ad:87:35:03:be:
32:08:19:66:ae:87:3c:96:ff:e0:6e:72:e1:75:8d:
f7:18:bc:92:2b:52:ee:cb:bd:8c:31:37:c8:ae:01:
dc:3c:00:12:63:c0:89:f3:b1:88:13:a1:d2:b7:8c:
95:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:CF:28:03:90:B0:BF:3E:D5:8F:EA:7F:CF:C2:FD:BF:F1:21:96:93
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/e88oA5Cwvz7Vj-p_z8L9v_EhlpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.64.0/19
168.199.128.0/17
185.170.68.0/22
185.171.252.0/22
Signature Algorithm: sha256WithRSAEncryption
98:bf:6a:af:92:fc:5b:f9:11:29:e4:af:b1:26:b5:d6:fe:66:
d3:79:de:0c:d5:d0:1d:03:5d:15:c7:c6:4c:1c:cd:c2:8b:c0:
a6:d4:5e:e6:f4:24:47:d2:27:10:0c:29:37:35:4c:34:8a:46:
1b:ba:05:5b:5f:43:b2:d8:6a:e0:37:1a:b5:af:f9:6c:24:bf:
f8:e9:f5:a0:f0:f6:e4:c5:f0:83:25:53:0b:33:8e:cb:53:82:
66:71:e5:8d:b1:68:49:eb:31:70:c6:cf:62:ca:01:65:1d:07:
72:77:e8:a5:77:f2:2c:e5:72:88:eb:f4:fe:1f:bf:8e:80:88:
22:4d:d7:0a:f8:6b:f6:3d:e3:e9:e0:8b:72:82:64:35:d1:90:
20:17:bc:09:06:ab:94:fd:39:91:0f:74:22:59:77:a4:13:05:
f8:d5:0e:0c:07:3a:80:e2:46:45:8e:d8:53:d2:37:11:4a:5c:
47:1e:9d:6e:2b:b1:f1:c4:36:b0:71:39:12:a0:b3:22:d7:aa:
31:14:1d:4a:df:5b:f8:4e:0a:f3:01:62:04:a5:ec:f8:c7:d3:
e0:22:6f:ed:83:51:93:68:3e:1e:88:47:4a:7e:8f:ff:33:c3:
89:87:43:c5:56:92:da:e2:03:8b:a1:25:d4:36:53:a6:2f:6c:
e4:51:6f:3b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVu1Mdu1wBiM5H+j11B4p+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjMwMTAxMTkzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmNmMjgwMzkwYjBiZjNlZDU4ZmVhN2ZjZmMyZmRiZmYxMjE5NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT56bCYrC1H8X4e2TVT056Khs90c
gp2ewz9HGeyDfhw6e506FmCKeUgcbNuAG1EBKnJTqkBGRLqlTTgF7pMxD4eAVC1K
Z5JxyJxRoXe3mInWFbRcZLVCicBY90gQ7gt71x2lcEzi59YPgtZhf1381wLckqP4
mq70GkEARun+dIq3QhjKtB+AMIfFaRQydnp5j5xuvbWodf76LcoSZNw8W/YRBfu5
+KglOB6fAmFzd4EnAmRy/IPB3cWGN6Gr09VW3qCLZdKu9QoSuvHXrYc1A74yCBlm
roc8lv/gbnLhdY33GLySK1Luy72MMTfIrgHcPAASY8CJ87GIE6HSt4yVsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHvPKAOQsL8+1Y/qf8/C/b/xIZaTMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvZTg4b0E1Q3d2ejdWai1wX3o4TDl2X0VobHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFqMdAAwQH
qMeAAwQCuapEAwQCuav8MA0GCSqGSIb3DQEBCwUAA4IBAQCYv2qvkvxb+REp5K+x
JrXW/mbTed4M1dAdA10Vx8ZMHM3Ci8Cm1F7m9CRH0icQDCk3NUw0ikYbugVbX0Oy
2GrgNxq1r/lsJL/46fWg8PbkxfCDJVMLM47LU4JmceWNsWhJ6zFwxs9iygFlHQdy
d+ild/Is5XKI6/T+H7+OgIgiTdcK+Gv2PePp4ItygmQ10ZAgF7wJBquU/TmRD3Qi
WXekEwX41Q4MBzqA4kZFjthT0jcRSlxHHp1uK7HxxDawcTkSoLMi16oxFB1K31v4
TgrzAWIEpez4x9PgIm/tg1GTaD4eiEdKfo//M8OJh0PFVpLa4gOLoSXUNlOmL2zk
UW87
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:50 2024 by rpki-client on console-ams.rpki-client.org