Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/kPutA7cN7Pn1Y9MHf_oj1g41GmU.roa
File: kPutA7cN7Pn1Y9MHf_oj1g41GmU.roa (raw, json)
Hash identifier: yn8hP8b6ZVdsvjpUcSgvfqnSicoBXe94agtQxp4XX7c=
Subject key identifier: 90:FB:AD:03:B7:0D:EC:F9:F5:63:D3:07:7F:FA:23:D6:0E:35:1A:65
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018CC3493F0069CDC0E92BE2F6DC065AC097
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/kPutA7cN7Pn1Y9MHf_oj1g41GmU.roa
Signing time: Mon 01 Jan 2024 04:30:06 +0000
ROA not before: Mon 01 Jan 2024 04:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216134
IP address blocks: 149.238.159.0/24 maxlen: 24
149.238.160.0/19 maxlen: 24
193.33.52.0/23 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
149.238.32.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
192.77.114.0/23 maxlen: 24
192.112.208.0/24 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
2a13:cb40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 20 Feb 2024 06:44:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:3f:00:69:cd:c0:e9:2b:e2:f6:dc:06:5a:c0:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Jan 1 04:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90fbad03b70decf9f563d3077ffa23d60e351a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:de:c3:53:a5:8d:84:52:8e:df:7e:ee:e3:55:
7f:08:6d:8b:41:cd:6f:9e:38:0e:e1:d7:86:7d:51:
70:55:15:c2:13:ff:3b:b6:a5:81:92:4b:d3:98:ce:
26:fd:f2:d5:6d:70:ad:54:99:64:46:12:da:b8:48:
37:7b:d7:c0:fd:7e:42:16:88:50:56:14:6d:cd:28:
56:6a:79:40:46:fd:43:42:f4:a2:e2:84:05:51:6e:
8e:40:ab:82:ee:45:09:5c:6a:63:8b:9f:89:b7:bd:
95:8f:9d:7b:72:d2:89:92:34:98:51:a6:42:6e:b8:
d7:c7:88:a0:b1:f4:85:25:d4:b7:8c:f9:1d:f8:05:
c3:c1:4b:9c:e5:3a:d5:3b:58:59:6b:7e:ed:b3:7d:
5d:b8:a3:e3:fc:ff:cd:83:7b:d3:10:84:95:a9:3d:
58:de:20:82:b0:02:ca:17:09:6f:af:c6:46:4e:d3:
d5:95:72:7c:79:29:59:b4:a8:a4:ca:82:59:bb:b6:
d2:4f:1b:a6:8f:83:0b:4b:db:99:2e:85:4b:90:18:
23:6c:9d:22:4d:50:cf:50:60:79:58:45:4a:13:10:
80:44:a6:6c:ac:59:06:70:d1:ff:71:00:18:1e:c0:
dc:e4:97:0b:06:df:91:b3:12:38:89:df:9c:37:44:
83:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FB:AD:03:B7:0D:EC:F9:F5:63:D3:07:7F:FA:23:D6:0E:35:1A:65
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/kPutA7cN7Pn1Y9MHf_oj1g41GmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/16
192.77.114.0/23
192.112.208.0/24
193.33.52.0/23
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
cf:66:10:a2:76:7f:5a:19:e6:ff:5c:a4:48:43:7f:d3:a1:4d:
2d:7e:10:71:91:b5:39:26:74:9e:12:2c:74:f4:b6:14:ed:e8:
6b:1f:6a:be:22:bb:ac:46:8a:b7:3c:18:30:35:7b:3a:b1:f3:
a6:68:17:38:8e:e0:6f:8a:24:20:47:64:a9:07:29:06:33:f9:
67:6a:60:ad:d6:ab:1f:db:15:d0:c7:b1:f5:4d:32:aa:ed:aa:
14:84:f0:aa:32:3e:02:2f:24:8a:64:34:06:5e:7f:2e:40:dc:
f7:0c:3b:e5:89:f1:d2:1d:3d:44:56:48:5a:2f:08:07:14:1b:
2c:7b:4b:9d:e0:e2:67:19:0e:05:29:15:ea:b2:3a:42:25:39:
da:73:ce:37:90:90:5e:36:2e:78:e6:a7:59:19:fb:b3:e4:1c:
39:3b:b4:e1:ef:1f:be:1d:6a:af:a2:d6:98:7d:78:91:8b:12:
e1:cd:c1:c6:6b:94:87:ad:4d:82:d0:2f:11:87:8e:6d:0a:e8:
08:f7:6e:aa:8e:fb:e2:61:a7:70:fb:46:4e:d5:e4:56:e5:98:
72:ac:f5:3b:7d:5e:f9:6b:0c:8b:32:be:b2:1b:ea:bc:e4:74:
8c:50:08:77:ac:5b:d2:9a:d1:bf:49:ee:1d:11:ba:54:3b:03:
56:43:55:81
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDST8Aac3A6Svi9twGWsCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjQwMTAxMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGZiYWQwM2I3MGRlY2Y5ZjU2M2QzMDc3ZmZhMjNkNjBlMzUxYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN7DU6WNhFKO337u41V/CG2LQc1v
njgO4deGfVFwVRXCE/87tqWBkkvTmM4m/fLVbXCtVJlkRhLauEg3e9fA/X5CFohQ
VhRtzShWanlARv1DQvSi4oQFUW6OQKuC7kUJXGpji5+Jt72Vj517ctKJkjSYUaZC
brjXx4igsfSFJdS3jPkd+AXDwUuc5TrVO1hZa37ts31duKPj/P/Ng3vTEISVqT1Y
3iCCsALKFwlvr8ZGTtPVlXJ8eSlZtKikyoJZu7bSTxumj4MLS9uZLoVLkBgjbJ0i
TVDPUGB5WEVKExCARKZsrFkGcNH/cQAYHsDc5JcLBt+RsxI4id+cN0SDswIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJD7rQO3Dez59WPTB3/6I9YONRplMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEva1B1dEE3Y043UG4xWTlNSGZfb2oxZzQxR21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAle4DBAHA
TXIDBADAcNADBAHBITQwDQQCAAIwBwMFAyoTy0AwDQYJKoZIhvcNAQELBQADggEB
AM9mEKJ2f1oZ5v9cpEhDf9OhTS1+EHGRtTkmdJ4SLHT0thTt6Gsfar4iu6xGirc8
GDA1ezqx86ZoFziO4G+KJCBHZKkHKQYz+WdqYK3Wqx/bFdDHsfVNMqrtqhSE8Koy
PgIvJIpkNAZefy5A3PcMO+WJ8dIdPURWSFovCAcUGyx7S53g4mcZDgUpFeqyOkIl
OdpzzjeQkF42Lnjmp1kZ+7PkHDk7tOHvH74daq+i1ph9eJGLEuHNwcZrlIetTYLQ
LxGHjm0K6Aj3bqqO++Jhp3D7Rk7V5FblmHKs9Tt9XvlrDIsyvrIb6rzkdIxQCHes
W9Ka0b9J7h0RulQ7A1ZDVYE=
-----END CERTIFICATE-----
Generated at Tue Feb 20 09:36:47 2024 by rpki-client on console-ams.rpki-client.org