Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/2-_9NFl8rYsEnuR0LlvLYg0WHkk.roa
File: 2-_9NFl8rYsEnuR0LlvLYg0WHkk.roa (raw, json)
Hash identifier: ZiiUZIJyA0EHdZOkvsysl0bURbTWUK2o1bx3ZcgDKDg=
Subject key identifier: DB:EF:FD:34:59:7C:AD:8B:04:9E:E4:74:2E:5B:CB:62:0D:16:1E:49
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018F77B11AE79EF67AEDC658C413C58A183F
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/2-_9NFl8rYsEnuR0LlvLYg0WHkk.roa
Signing time: Tue 14 May 2024 15:20:46 +0000
ROA not before: Tue 14 May 2024 15:20:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216134
IP address blocks: 149.238.0.0/16 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.32.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
149.238.159.0/24 maxlen: 24
149.238.160.0/19 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
192.77.114.0/23 maxlen: 24
192.112.208.0/24 maxlen: 24
193.33.52.0/23 maxlen: 24
2a13:cb40::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 Aug 2024 15:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:b1:1a:e7:9e:f6:7a:ed:c6:58:c4:13:c5:8a:18:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: May 14 15:20:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbeffd34597cad8b049ee4742e5bcb620d161e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d9:11:7a:1c:90:5e:a1:81:8a:c2:dc:9c:6c:
66:a4:4d:65:2b:43:58:32:06:8d:e8:c4:50:8c:c0:
74:53:df:83:82:2e:cf:4b:c6:42:f4:48:65:d4:7d:
6b:97:08:75:8a:f2:ee:d0:7a:db:85:c8:9b:1e:43:
7b:14:0e:bb:ac:1b:1d:c6:e4:8f:51:a3:8c:dc:e1:
77:fd:f5:f8:ca:c9:36:79:81:ed:5a:1f:9a:5b:de:
f7:25:0f:3b:03:79:6f:ab:ec:16:f0:90:5d:4d:8e:
80:a4:a7:a1:ba:f1:11:6f:04:23:ac:84:fa:14:a5:
29:ec:dc:c2:e7:c1:dd:d9:b1:1b:b1:95:ad:e0:ef:
36:ef:28:2e:f1:1e:3e:d9:aa:59:8e:b1:3b:15:fd:
9d:9a:2b:f5:5d:48:b1:21:28:b9:86:f6:90:68:b3:
09:b1:b5:0f:15:bc:3e:df:61:0a:00:ee:00:a9:c0:
8a:73:a8:bf:19:06:de:b1:59:25:2f:44:6c:e8:31:
fc:3e:8d:8a:f6:04:ef:1b:64:db:a4:9f:a8:bd:50:
19:06:58:ef:96:a4:d5:15:d9:7b:20:b4:39:da:00:
9b:2e:aa:5c:cb:4b:45:83:88:f6:45:d2:02:34:b7:
63:ea:bf:ae:6d:73:2d:31:a3:54:a3:8d:83:86:cb:
af:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:EF:FD:34:59:7C:AD:8B:04:9E:E4:74:2E:5B:CB:62:0D:16:1E:49
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/2-_9NFl8rYsEnuR0LlvLYg0WHkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/16
192.77.114.0/23
192.112.208.0/24
193.33.52.0/23
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
9a:a9:cf:78:46:84:55:9f:42:cb:56:c2:41:4d:e2:c3:8f:6b:
21:8a:16:26:44:11:57:55:68:a2:24:23:01:bd:3c:f7:4f:35:
ee:ec:3c:3f:9a:b7:e6:03:64:fd:1c:92:2f:e7:44:a7:02:b9:
15:c9:78:5d:c4:9c:d3:5d:58:7f:b9:62:c3:34:94:69:16:85:
05:36:dc:8e:90:e8:8e:1f:19:13:46:fd:b1:6a:ff:3b:ae:56:
b4:03:17:ee:b5:f5:5a:22:86:3f:c9:b3:32:64:81:75:2e:f6:
48:e5:2d:8c:ee:ed:5e:fc:d9:87:2f:93:2d:24:1f:70:9d:6a:
61:08:4f:1a:b8:2f:27:ea:02:4b:42:aa:31:6a:ec:a9:36:31:
ce:7e:1b:c0:01:76:c1:7f:d3:2f:0e:a1:36:74:85:18:53:32:
3b:f4:92:37:56:e0:e9:5d:98:e7:dc:89:5d:4f:7a:4b:45:47:
80:56:40:e5:00:46:de:72:be:99:5b:74:81:58:51:3b:e1:1d:
cc:82:85:a9:66:17:9f:e3:10:2f:bf:45:e6:ed:fb:0a:28:f6:
61:3e:0d:51:14:c7:36:19:9e:40:2c:81:c4:84:24:eb:dc:f9:
30:99:e7:12:60:79:4f:cf:35:f8:94:a5:99:94:4b:2f:11:15:
6a:7c:22:3c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY93sRrnnvZ67cZYxBPFihg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjQwNTE0MTUyMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmVmZmQzNDU5N2NhZDhiMDQ5ZWU0NzQyZTViY2I2MjBkMTYxZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtkRehyQXqGBisLcnGxmpE1lK0NY
MgaN6MRQjMB0U9+Dgi7PS8ZC9Ehl1H1rlwh1ivLu0HrbhcibHkN7FA67rBsdxuSP
UaOM3OF3/fX4ysk2eYHtWh+aW973JQ87A3lvq+wW8JBdTY6ApKehuvERbwQjrIT6
FKUp7NzC58Hd2bEbsZWt4O827ygu8R4+2apZjrE7Ff2dmiv1XUixISi5hvaQaLMJ
sbUPFbw+32EKAO4AqcCKc6i/GQbesVklL0Rs6DH8Po2K9gTvG2TbpJ+ovVAZBljv
lqTVFdl7ILQ52gCbLqpcy0tFg4j2RdICNLdj6r+ubXMtMaNUo42DhsuvVwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNvv/TRZfK2LBJ7kdC5by2INFh5JMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvMi1fOU5GbDhyWXNFbnVSMExsdkxZZzBXSGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAle4DBAHA
TXIDBADAcNADBAHBITQwDQQCAAIwBwMFAyoTy0AwDQYJKoZIhvcNAQELBQADggEB
AJqpz3hGhFWfQstWwkFN4sOPayGKFiZEEVdVaKIkIwG9PPdPNe7sPD+at+YDZP0c
ki/nRKcCuRXJeF3EnNNdWH+5YsM0lGkWhQU23I6Q6I4fGRNG/bFq/zuuVrQDF+61
9Voihj/JszJkgXUu9kjlLYzu7V782Ycvky0kH3CdamEITxq4LyfqAktCqjFq7Kk2
Mc5+G8ABdsF/0y8OoTZ0hRhTMjv0kjdW4OldmOfciV1PektFR4BWQOUARt5yvplb
dIFYUTvhHcyChalmF5/jEC+/Rebt+woo9mE+DVEUxzYZnkAsgcSEJOvc+TCZ5xJg
eU/PNfiUpZmUSy8RFWp8Ijw=
-----END CERTIFICATE-----
Generated at Tue Aug 20 19:03:39 2024 by rpki-client on console-ams.rpki-client.org