Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/eZGvWF643lNbivt2Obw57Di-nzk.roa
File: eZGvWF643lNbivt2Obw57Di-nzk.roa (raw, json)
Hash identifier: qsQXKLoHw+lZdB+IPnQdKBfvq3spyW8N2XWgl5oTX3A=
Subject key identifier: 79:91:AF:58:5E:B8:DE:53:5B:8A:FB:76:39:BC:39:EC:38:BE:9F:39
Certificate issuer: /CN=9af9d0d4befda09e999eabd0c8724e217364de10
Certificate serial: 018C7DC125D81B075DF91552D7D42B3D9B71
Authority key identifier: 9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/eZGvWF643lNbivt2Obw57Di-nzk.roa
Signing time: Mon 18 Dec 2023 16:27:39 +0000
ROA not before: Mon 18 Dec 2023 16:27:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208722
IP address blocks: 100.43.64.0/19 maxlen: 19
199.36.240.0/22 maxlen: 22
45.87.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:c1:25:d8:1b:07:5d:f9:15:52:d7:d4:2b:3d:9b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d0d4befda09e999eabd0c8724e217364de10
Validity
Not Before: Dec 18 16:27:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7991af585eb8de535b8afb7639bc39ec38be9f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9c:6d:ef:44:21:68:c6:b5:f5:e9:fa:47:42:
b3:6b:1d:c8:73:61:11:7a:15:43:f6:ca:4d:7e:10:
43:9e:77:b1:3b:6e:82:60:b4:32:01:9a:1d:d1:f3:
b3:8a:c9:97:c6:d5:f8:79:5b:2d:24:d1:ca:1b:d8:
52:7f:30:f7:4a:33:56:4d:df:e8:32:b6:50:0d:e8:
af:fb:2c:e8:27:5c:b9:e1:2c:b3:18:95:95:8e:a2:
ca:f8:4a:32:1c:75:95:9a:fb:c1:c7:9a:1e:ca:f8:
9e:2d:24:83:04:49:db:11:7a:e4:79:7b:8d:02:3e:
f6:fc:cb:f7:fd:e6:71:29:54:a3:b3:d7:77:36:d4:
74:4e:fb:1c:63:7c:52:39:c5:d2:ea:55:ea:b0:e0:
93:49:02:b0:ba:55:bd:5d:3c:8a:5e:86:75:7e:64:
11:ec:d7:5d:32:57:dd:d3:0d:30:d0:41:51:86:e7:
9c:95:b4:81:51:02:5f:f8:e7:ff:cd:b8:0c:d1:c3:
f3:16:cd:c0:01:4c:7a:24:13:e7:1a:02:62:9e:db:
a1:b9:16:98:3d:03:51:8b:85:d8:4c:58:9d:36:2e:
b7:95:f1:12:fb:c2:ba:32:f3:95:7e:c6:ea:8a:ee:
ca:cc:62:cf:f5:b1:3c:04:64:b1:8f:e4:f1:70:6b:
78:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:91:AF:58:5E:B8:DE:53:5B:8A:FB:76:39:BC:39:EC:38:BE:9F:39
X509v3 Authority Key Identifier:
keyid:9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/eZGvWF643lNbivt2Obw57Di-nzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.132.0/22
100.43.64.0/19
199.36.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:dc:ca:34:0f:34:b4:60:cb:f3:48:35:33:d9:f1:7b:4b:f0:
2c:5d:df:c4:92:ab:33:8b:76:74:47:c3:c2:09:80:b3:fb:07:
41:e4:c9:59:0c:01:c6:56:c0:c2:a1:5f:1a:a9:44:69:72:4d:
f7:5e:2b:d9:29:2f:15:ac:91:c3:30:e1:b2:25:40:1b:cc:75:
1c:9c:8b:fc:b8:bd:99:ad:3d:ef:98:51:16:57:ab:18:e6:22:
1a:26:e1:07:4f:68:49:41:20:11:69:10:53:55:d5:3a:39:72:
d1:63:ef:18:02:b0:b8:d2:d8:6a:64:db:71:1e:8e:a7:a7:ce:
b1:c4:de:a6:24:58:13:31:cb:ad:e1:8f:5d:6a:59:42:3b:5a:
f1:b1:20:b4:37:9b:8a:cb:f8:c9:f2:ab:ef:b7:b1:9e:b1:25:
b3:eb:6a:b5:de:72:c7:d5:a5:3b:c0:ec:7d:a3:6c:2c:64:1a:
1c:2e:2f:d1:f2:9c:ea:b9:4d:46:88:6e:33:6d:40:8c:79:30:
72:cb:ca:02:6b:5b:98:56:39:a4:5a:a8:17:9b:46:d1:fa:a4:
2d:d3:6e:2d:a7:80:b7:a8:45:73:90:54:8f:59:b2:10:dd:2e:
92:21:d3:18:d7:c9:da:19:a8:aa:8e:e9:71:b9:52:11:67:18:
de:a4:01:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx9wSXYGwdd+RVS19QrPZtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMGQ0YmVmZGEwOWU5OTllYWJkMGM4NzI0ZTIxNzM2
NGRlMTAwHhcNMjMxMjE4MTYyNzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTkxYWY1ODVlYjhkZTUzNWI4YWZiNzYzOWJjMzllYzM4YmU5ZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZxt70QhaMa19en6R0Kzax3Ic2ER
ehVD9spNfhBDnnexO26CYLQyAZod0fOzismXxtX4eVstJNHKG9hSfzD3SjNWTd/o
MrZQDeiv+yzoJ1y54SyzGJWVjqLK+EoyHHWVmvvBx5oeyvieLSSDBEnbEXrkeXuN
Aj72/Mv3/eZxKVSjs9d3NtR0TvscY3xSOcXS6lXqsOCTSQKwulW9XTyKXoZ1fmQR
7NddMlfd0w0w0EFRhueclbSBUQJf+Of/zbgM0cPzFs3AAUx6JBPnGgJintuhuRaY
PQNRi4XYTFidNi63lfES+8K6MvOVfsbqiu7KzGLP9bE8BGSxj+TxcGt4qQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHmRr1heuN5TW4r7djm8Oew4vp85MB8GA1UdIwQY
MBaAFJr50NS+/aCemZ6r0MhyTiFzZN4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgt
MjY3MDFiMTYyZmMzLzEvZVpHdldGNjQzbE5iaXZ0Mk9idzU3RGktbnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgtMjY3MDFiMTYyZmMz
LzEvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVeEAwQF
ZCtAAwQCxyTwMA0GCSqGSIb3DQEBCwUAA4IBAQCi3Mo0DzS0YMvzSDUz2fF7S/As
Xd/Ekqszi3Z0R8PCCYCz+wdB5MlZDAHGVsDCoV8aqURpck33XivZKS8VrJHDMOGy
JUAbzHUcnIv8uL2ZrT3vmFEWV6sY5iIaJuEHT2hJQSARaRBTVdU6OXLRY+8YArC4
0thqZNtxHo6np86xxN6mJFgTMcut4Y9dallCO1rxsSC0N5uKy/jJ8qvvt7GesSWz
62q13nLH1aU7wOx9o2wsZBocLi/R8pzquU1GiG4zbUCMeTByy8oCa1uYVjmkWqgX
m0bR+qQt024tp4C3qEVzkFSPWbIQ3S6SIdMY18naGaiqjulxuVIRZxjepAFu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:14 2024 by rpki-client on console-ams.rpki-client.org