Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/J6dIcSjTj2Su_FdBdxwEeuWpKw4.roa
File: J6dIcSjTj2Su_FdBdxwEeuWpKw4.roa (raw, json)
Hash identifier: R/O9kjLBJSHs4efbhhlfP8mUKWFdpYLCqAQgyDivtfs=
Subject key identifier: 27:A7:48:71:28:D3:8F:64:AE:FC:57:41:77:1C:04:7A:E5:A9:2B:0E
Certificate issuer: /CN=70b4da0f1013acdb61c2f7a26d14c4f0de8222ec
Certificate serial: 01857082B7B6F1643304864CC36596A4C5E7
Authority key identifier: 70:B4:DA:0F:10:13:AC:DB:61:C2:F7:A2:6D:14:C4:F0:DE:82:22:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/J6dIcSjTj2Su_FdBdxwEeuWpKw4.roa
Signing time: Mon 02 Jan 2023 03:24:52 +0000
ROA not before: Mon 02 Jan 2023 03:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 559
IP address blocks: 129.194.0.0/15 maxlen: 16
192.33.212.0/22 maxlen: 22
192.33.216.0/22 maxlen: 22
192.33.222.0/23 maxlen: 23
192.33.220.0/24 maxlen: 24
192.33.224.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:b7:b6:f1:64:33:04:86:4c:c3:65:96:a4:c5:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70b4da0f1013acdb61c2f7a26d14c4f0de8222ec
Validity
Not Before: Jan 2 03:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27a7487128d38f64aefc5741771c047ae5a92b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ae:bd:8e:14:86:71:cf:bf:ca:ec:11:0f:f5:
3a:d3:9c:b2:d3:63:c5:4c:a9:0b:98:17:83:d3:2d:
9a:a2:63:e9:84:be:a7:a2:9d:57:66:50:7f:1b:64:
60:87:4d:6e:ab:2d:c2:fc:85:2c:8b:c2:f7:a8:5f:
be:0e:1f:be:5e:7a:52:7e:c4:7e:cc:ef:23:f4:ec:
28:57:e2:d4:f2:30:84:bb:e7:e7:ae:f9:ec:f1:12:
bb:58:ce:97:4e:d1:3b:fd:18:7e:a4:ef:b1:9a:ff:
70:b3:34:8e:d6:18:5f:3f:48:27:2e:98:0d:f0:4b:
ca:2f:0f:64:76:bc:96:cd:88:94:39:0e:c3:77:ae:
b1:fc:d1:78:71:18:95:3b:ca:55:b4:cb:99:7c:87:
37:2f:89:75:64:20:0a:9c:8c:6b:85:bd:b4:3a:aa:
5d:71:1f:ec:ed:47:90:6f:64:e5:7a:c3:78:94:11:
c7:02:2a:88:36:35:ae:2a:a2:04:37:4f:2a:e3:89:
08:71:06:6f:04:95:14:8d:3c:ee:e0:1b:91:85:1a:
ca:1e:d8:0a:b9:fc:ff:5e:09:94:94:d8:2a:88:b2:
b4:56:da:94:f1:84:a1:fe:17:ac:7b:95:27:0c:c4:
8d:9f:34:7e:d2:5c:b9:d4:57:e3:c8:12:02:3a:09:
38:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A7:48:71:28:D3:8F:64:AE:FC:57:41:77:1C:04:7A:E5:A9:2B:0E
X509v3 Authority Key Identifier:
keyid:70:B4:DA:0F:10:13:AC:DB:61:C2:F7:A2:6D:14:C4:F0:DE:82:22:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/J6dIcSjTj2Su_FdBdxwEeuWpKw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/cLTaDxATrNthwveibRTE8N6CIuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.194.0.0/15
192.33.212.0-192.33.220.255
192.33.222.0-192.33.231.255
Signature Algorithm: sha256WithRSAEncryption
35:94:8b:8b:cd:c9:92:8f:5a:83:9e:7c:bc:f7:27:56:34:7d:
8c:9f:db:12:5a:6d:3f:43:23:fa:18:fa:9a:f2:fa:a3:88:b3:
ab:ce:52:cf:50:31:11:2e:af:0d:08:bd:04:ba:f0:15:69:1f:
19:72:bf:8b:07:e1:9c:d7:5c:ed:52:8e:db:69:4a:31:e6:da:
ec:3d:39:4b:c6:da:c3:dd:cf:fe:75:a5:19:3b:01:45:45:05:
e5:a5:3c:5e:a1:20:f2:66:73:9f:04:0b:6c:4a:fc:3d:f3:8e:
dc:3a:93:2e:6d:31:8c:60:97:65:55:e7:3f:e4:ad:eb:02:62:
22:62:41:bb:10:fe:b6:89:05:f1:15:f0:39:63:59:2c:da:88:
33:9e:0c:66:ed:ec:06:1a:bd:43:ac:ea:47:2b:4b:26:0e:31:
ce:29:95:20:de:d5:b7:fa:e1:8e:80:42:9b:a6:5c:a7:35:1a:
a6:a4:0a:5f:ef:b5:e3:b4:bb:51:ce:74:c8:1e:fb:2d:0d:48:
29:54:1c:e7:dc:82:a7:75:1d:eb:20:33:1b:01:f7:24:65:d1:
d8:d7:64:5e:3b:9f:a8:28:b9:31:c0:3b:bc:67:62:dd:35:68:
0e:d0:37:ef:a1:73:9b:36:e5:50:95:d0:de:69:8e:33:c9:90:
93:8b:30:ea
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwgre28WQzBIZMw2WWpMXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjRkYTBmMTAxM2FjZGI2MWMyZjdhMjZkMTRjNGYwZGU4
MjIyZWMwHhcNMjMwMTAyMDMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2E3NDg3MTI4ZDM4ZjY0YWVmYzU3NDE3NzFjMDQ3YWU1YTkyYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq69jhSGcc+/yuwRD/U605yy02PF
TKkLmBeD0y2aomPphL6nop1XZlB/G2Rgh01uqy3C/IUsi8L3qF++Dh++XnpSfsR+
zO8j9OwoV+LU8jCEu+fnrvns8RK7WM6XTtE7/Rh+pO+xmv9wszSO1hhfP0gnLpgN
8EvKLw9kdryWzYiUOQ7Dd66x/NF4cRiVO8pVtMuZfIc3L4l1ZCAKnIxrhb20Oqpd
cR/s7UeQb2TlesN4lBHHAiqINjWuKqIEN08q44kIcQZvBJUUjTzu4BuRhRrKHtgK
ufz/XgmUlNgqiLK0VtqU8YSh/hese5UnDMSNnzR+0ly51FfjyBICOgk4JwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCenSHEo049krvxXQXccBHrlqSsOMB8GA1UdIwQY
MBaAFHC02g8QE6zbYcL3om0UxPDegiLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xUYUR4QVRyTnRod3ZlaWJSVEU4TjZDSXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC84ODNmZDYtYzZiNi00YWUxLWExODct
ZjMwNjllZTU5MGRhLzEvSjZkSWNTalRqMlN1X0ZkQmR4d0VldVdwS3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC84ODNmZDYtYzZiNi00YWUxLWExODctZjMwNjllZTU5MGRh
LzEvY0xUYUR4QVRyTnRod3ZlaWJSVEU4TjZDSXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwMBgcIwDAME
AsAh1AMEAMAh3DAMAwQBwCHeAwQDwCHgMA0GCSqGSIb3DQEBCwUAA4IBAQA1lIuL
zcmSj1qDnny89ydWNH2Mn9sSWm0/QyP6GPqa8vqjiLOrzlLPUDERLq8NCL0EuvAV
aR8Zcr+LB+Gc11ztUo7baUox5trsPTlLxtrD3c/+daUZOwFFRQXlpTxeoSDyZnOf
BAtsSvw9847cOpMubTGMYJdlVec/5K3rAmIiYkG7EP62iQXxFfA5Y1ks2ogzngxm
7ewGGr1DrOpHK0smDjHOKZUg3tW3+uGOgEKbplynNRqmpApf77XjtLtRznTIHvst
DUgpVBzn3IKndR3rIDMbAfckZdHY12ReO5+oKLkxwDu8Z2LdNWgO0DfvoXObNuVQ
ldDeaY4zyZCTizDq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:26 2024 by rpki-client on console-ams.rpki-client.org