Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/pCmWzpQ0JRdx_lL0qXFI7ckiGsI.roa
File: pCmWzpQ0JRdx_lL0qXFI7ckiGsI.roa (raw, json)
Hash identifier: Bg5rAwKh1Xbyh51FmQQOaPC97aS7Wydlb40kjk8R/2E=
Subject key identifier: A4:29:96:CE:94:34:25:17:71:FE:52:F4:A9:71:48:ED:C9:22:1A:C2
Certificate issuer: /CN=953ac97a81c7794e62080e35b9e87b41d4b1868f
Certificate serial: 018571F0FA7B50920814F37D8CDA443E7B99
Authority key identifier: 95:3A:C9:7A:81:C7:79:4E:62:08:0E:35:B9:E8:7B:41:D4:B1:86:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lTrJeoHHeU5iCA41ueh7QdSxho8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/pCmWzpQ0JRdx_lL0qXFI7ckiGsI.roa
Signing time: Mon 02 Jan 2023 10:04:56 +0000
ROA not before: Mon 02 Jan 2023 10:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 553
IP address blocks: 192.52.0.0/19 maxlen: 19
192.52.32.0/20 maxlen: 20
192.52.50.0/24 maxlen: 24
192.52.48.0/23 maxlen: 23
132.230.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:fa:7b:50:92:08:14:f3:7d:8c:da:44:3e:7b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=953ac97a81c7794e62080e35b9e87b41d4b1868f
Validity
Not Before: Jan 2 10:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a42996ce9434251771fe52f4a97148edc9221ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:96:3d:ad:07:43:a8:d6:18:93:75:d0:d8:3d:
22:f7:e0:42:02:5f:4e:90:03:ab:93:66:a4:61:cd:
db:a3:8c:f2:6c:fc:36:c8:4e:1d:88:4e:42:06:29:
3b:15:61:74:8c:16:09:c9:5c:80:4a:b3:ba:6d:f4:
2b:44:9f:e8:be:d5:16:7f:a8:09:e4:54:e4:1b:22:
84:85:28:6e:dd:02:60:99:51:62:fc:1c:6d:52:c5:
a8:c4:e2:d5:14:8e:91:e1:dd:3e:d4:ad:a2:1b:5c:
c1:aa:8c:95:b0:00:e7:1b:1c:cf:f2:4b:a9:e3:61:
1e:f0:8b:c2:18:9e:65:07:d6:8f:cd:f7:e3:ee:e1:
fe:a8:f9:fe:f7:5a:01:f4:bc:6a:5f:06:d8:9c:3e:
cc:57:5b:de:44:ab:96:16:b3:71:63:37:f1:ea:70:
52:fc:90:26:e4:25:ff:a1:b8:cc:3d:1b:47:07:a6:
82:59:83:4e:9c:d9:b5:c9:8b:57:9c:63:7e:7b:cc:
65:54:c0:f2:90:e0:fb:ae:13:fe:d3:24:69:51:d9:
2d:78:58:58:6f:35:ca:67:47:ba:d6:fd:30:24:2d:
8d:e5:9e:ba:65:da:94:f1:b5:63:ad:76:b9:6a:e7:
dd:87:65:01:49:28:54:4f:6f:e5:5b:6d:a8:16:f7:
c0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:29:96:CE:94:34:25:17:71:FE:52:F4:A9:71:48:ED:C9:22:1A:C2
X509v3 Authority Key Identifier:
keyid:95:3A:C9:7A:81:C7:79:4E:62:08:0E:35:B9:E8:7B:41:D4:B1:86:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lTrJeoHHeU5iCA41ueh7QdSxho8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/pCmWzpQ0JRdx_lL0qXFI7ckiGsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/lTrJeoHHeU5iCA41ueh7QdSxho8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.230.0.0/16
192.52.0.0-192.52.50.255
Signature Algorithm: sha256WithRSAEncryption
a5:a0:3e:3f:ea:12:c4:47:b5:4d:89:e8:ad:8e:92:68:d7:9a:
78:34:3c:fb:d5:18:8b:89:a3:85:31:3c:2b:36:53:26:5d:39:
4f:8d:ec:5a:89:b5:4c:0a:54:b1:3d:60:d0:55:a2:78:ab:8f:
76:b5:be:44:a8:b3:21:dc:1d:b6:8d:5b:ac:a5:00:4c:c5:ad:
24:7a:b6:41:28:55:7e:f9:8f:f2:fb:87:e1:21:73:f1:d0:ff:
66:72:7f:a0:6c:4e:b9:4e:65:f6:97:01:0a:7c:29:69:e4:9e:
da:73:80:11:51:28:05:e4:f3:cc:1c:3b:c6:44:54:4c:5c:a1:
47:44:0f:d4:23:ab:19:d9:6e:8e:9a:29:b8:dd:c1:cb:1d:db:
2f:ef:72:56:72:16:c5:7a:23:d6:02:b2:27:5a:c5:c5:ac:61:
cb:7e:55:16:ab:c2:6a:66:4d:18:c3:2a:aa:c0:5b:b6:e3:f7:
f3:21:1f:22:29:6f:cf:ac:f9:ec:56:cd:da:be:e4:bf:18:40:
8b:60:d4:87:85:e1:8c:42:17:e3:a4:34:5a:b2:09:4b:de:ac:
cb:e2:eb:fc:f7:f6:2f:bd:f9:b7:ee:79:9c:ef:f4:7e:f1:de:
26:be:e3:81:37:af:ad:5b:2a:bc:10:38:c5:ab:42:5f:33:36:
5d:ef:cd:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx8Pp7UJIIFPN9jNpEPnuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1M2FjOTdhODFjNzc5NGU2MjA4MGUzNWI5ZTg3YjQxZDRi
MTg2OGYwHhcNMjMwMTAyMTAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDI5OTZjZTk0MzQyNTE3NzFmZTUyZjRhOTcxNDhlZGM5MjIxYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZY9rQdDqNYYk3XQ2D0i9+BCAl9O
kAOrk2akYc3bo4zybPw2yE4diE5CBik7FWF0jBYJyVyASrO6bfQrRJ/ovtUWf6gJ
5FTkGyKEhShu3QJgmVFi/BxtUsWoxOLVFI6R4d0+1K2iG1zBqoyVsADnGxzP8kup
42Ee8IvCGJ5lB9aPzffj7uH+qPn+91oB9LxqXwbYnD7MV1veRKuWFrNxYzfx6nBS
/JAm5CX/objMPRtHB6aCWYNOnNm1yYtXnGN+e8xlVMDykOD7rhP+0yRpUdkteFhY
bzXKZ0e61v0wJC2N5Z66ZdqU8bVjrXa5aufdh2UBSShUT2/lW22oFvfAhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKQpls6UNCUXcf5S9KlxSO3JIhrCMB8GA1UdIwQY
MBaAFJU6yXqBx3lOYggONbnoe0HUsYaPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFRySmVvSEhlVTVpQ0E0MXVlaDdRZFN4aG84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9lZGQ5MzktZjE4YS00MTY1LWI3Mjgt
OTFhMzJlZmY2Y2NkLzEvcENtV3pwUTBKUmR4X2xMMHFYRkk3Y2tpR3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9lZGQ5MzktZjE4YS00MTY1LWI3MjgtOTFhMzJlZmY2Y2Nk
LzEvbFRySmVvSEhlVTVpQ0E0MXVlaDdRZFN4aG84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwMAhOYwCwMD
AsA0AwQAwDQyMA0GCSqGSIb3DQEBCwUAA4IBAQCloD4/6hLER7VNieitjpJo15p4
NDz71RiLiaOFMTwrNlMmXTlPjexaibVMClSxPWDQVaJ4q492tb5EqLMh3B22jVus
pQBMxa0kerZBKFV++Y/y+4fhIXPx0P9mcn+gbE65TmX2lwEKfClp5J7ac4ARUSgF
5PPMHDvGRFRMXKFHRA/UI6sZ2W6Omim43cHLHdsv73JWchbFeiPWArInWsXFrGHL
flUWq8JqZk0YwyqqwFu24/fzIR8iKW/PrPnsVs3avuS/GECLYNSHheGMQhfjpDRa
sglL3qzL4uv89/Yvvfm37nmc7/R+8d4mvuOBN6+tWyq8EDjFq0JfMzZd782f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:07 2024 by rpki-client on console-ams.rpki-client.org