Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/h_33Z8dp0XKeiaL8w7PM_umKg1s.roa
File: h_33Z8dp0XKeiaL8w7PM_umKg1s.roa (raw, json)
Hash identifier: jqino/BMq0W8en21AaIey1tDL0piAg5vPodMbnQVeNE=
Subject key identifier: 87:FD:F7:67:C7:69:D1:72:9E:89:A2:FC:C3:B3:CC:FE:E9:8A:83:5B
Certificate issuer: /CN=33622344f29e6b6420bfebc38bb67a30f4453f71
Certificate serial: 01864F21F45D9381FA824781B17A4A686432
Authority key identifier: 33:62:23:44:F2:9E:6B:64:20:BF:EB:C3:8B:B6:7A:30:F4:45:3F:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/h_33Z8dp0XKeiaL8w7PM_umKg1s.roa
Signing time: Tue 14 Feb 2023 08:54:30 +0000
ROA not before: Tue 14 Feb 2023 08:54:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 165.220.128.0/17 maxlen: 24
185.136.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:21:f4:5d:93:81:fa:82:47:81:b1:7a:4a:68:64:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33622344f29e6b6420bfebc38bb67a30f4453f71
Validity
Not Before: Feb 14 08:54:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87fdf767c769d1729e89a2fcc3b3ccfee98a835b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:67:a5:4e:1d:43:28:4f:bf:df:cc:dd:c6:c5:
46:b1:2c:ba:27:29:6e:41:7a:a6:25:35:4c:db:f0:
01:5c:90:e2:20:b9:2d:c4:7d:0a:ec:49:4a:2b:ca:
74:ed:5c:f9:e8:59:a6:8f:85:9e:94:28:66:d2:39:
41:a0:53:7a:c9:a1:41:a1:eb:80:23:1b:a1:35:d0:
cf:d9:47:e4:87:a3:56:82:38:b3:2c:93:40:13:28:
8c:50:43:59:1c:11:79:20:10:3b:ed:d1:77:0d:86:
c6:a2:a2:6b:07:56:33:39:5d:6b:1a:79:7b:c1:01:
57:8e:26:c3:57:45:43:1b:17:44:1a:74:c1:62:c6:
5f:73:4a:9a:46:56:60:ea:6d:23:a5:f0:11:e9:c5:
31:2d:7e:7b:24:7f:0f:25:f4:e7:c6:e2:ef:4f:87:
70:38:10:99:ac:e3:5f:df:96:c7:b7:f8:54:72:87:
04:30:43:bc:a4:7f:47:0b:2b:60:91:5a:80:31:3a:
ed:59:2c:36:8d:d1:df:c5:af:f0:6a:39:82:d5:93:
3a:27:11:29:24:d4:90:1a:fd:e8:18:d3:04:12:2f:
39:e7:8f:f8:c3:d4:4a:d4:c2:5f:3b:7c:c6:9f:17:
aa:b9:75:93:c5:63:30:3e:0e:33:47:32:8f:a1:2e:
63:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FD:F7:67:C7:69:D1:72:9E:89:A2:FC:C3:B3:CC:FE:E9:8A:83:5B
X509v3 Authority Key Identifier:
keyid:33:62:23:44:F2:9E:6B:64:20:BF:EB:C3:8B:B6:7A:30:F4:45:3F:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/h_33Z8dp0XKeiaL8w7PM_umKg1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
165.220.128.0/17
185.136.44.0/22
Signature Algorithm: sha256WithRSAEncryption
84:91:50:6d:42:85:69:34:b9:f1:4f:49:88:86:c0:f7:27:08:
08:71:84:cc:e6:63:57:28:dd:9f:2b:69:01:6a:67:10:e3:80:
cd:18:d2:98:d9:f1:ee:91:19:fb:13:f7:4c:1a:5d:25:04:60:
4c:72:a6:e7:c2:dc:2c:52:b0:93:20:5c:fb:b2:62:79:31:4b:
ef:7c:21:ce:3f:b4:ef:48:6b:39:b2:6b:1d:93:2e:48:65:b5:
2a:f7:14:47:e6:c1:c8:46:0b:23:e8:ce:43:33:25:cb:0e:6c:
1a:6b:b7:ef:54:85:e2:36:d1:59:e6:24:f8:67:2b:9f:72:36:
12:b7:ff:e6:b6:26:4e:e0:bd:cb:2b:c2:99:99:38:7f:66:6d:
95:59:89:15:1e:12:e8:87:73:1a:f4:46:79:9e:a2:e9:50:5e:
a3:d5:6f:36:d3:33:60:4b:af:9b:40:59:c1:c6:e4:44:c8:d6:
ae:41:bf:36:5f:c0:1a:b4:14:40:07:08:3e:dc:d8:a1:cc:8d:
aa:0f:65:2e:ac:1d:5f:f3:40:6a:32:18:98:07:37:ac:ad:16:
5b:cd:3e:f5:63:eb:7e:8f:b7:85:09:cf:b8:e6:9f:8f:e9:72:
84:6f:c5:69:8e:b2:18:3a:12:6f:3e:b8:0b:75:d1:28:5d:74:
1d:3d:7b:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZPIfRdk4H6gkeBsXpKaGQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNjIyMzQ0ZjI5ZTZiNjQyMGJmZWJjMzhiYjY3YTMwZjQ0
NTNmNzEwHhcNMjMwMjE0MDg1NDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2ZkZjc2N2M3NjlkMTcyOWU4OWEyZmNjM2IzY2NmZWU5OGE4MzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGelTh1DKE+/38zdxsVGsSy6Jylu
QXqmJTVM2/ABXJDiILktxH0K7ElKK8p07Vz56Fmmj4WelChm0jlBoFN6yaFBoeuA
IxuhNdDP2Ufkh6NWgjizLJNAEyiMUENZHBF5IBA77dF3DYbGoqJrB1YzOV1rGnl7
wQFXjibDV0VDGxdEGnTBYsZfc0qaRlZg6m0jpfAR6cUxLX57JH8PJfTnxuLvT4dw
OBCZrONf35bHt/hUcocEMEO8pH9HCytgkVqAMTrtWSw2jdHfxa/wajmC1ZM6JxEp
JNSQGv3oGNMEEi8554/4w9RK1MJfO3zGnxequXWTxWMwPg4zRzKPoS5jKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIf992fHadFynomi/MOzzP7pioNbMB8GA1UdIwQY
MBaAFDNiI0TynmtkIL/rw4u2ejD0RT9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJJalJQS2VhMlFndi12RGk3WjZNUFJGUDNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80YzY4ZTQtNGQ3MS00Njk2LTk1NTct
NmM2NjU4YmQ5NTJlLzEvaF8zM1o4ZHAwWEtlaWFMOHc3UE1fdW1LZzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80YzY4ZTQtNGQ3MS00Njk2LTk1NTctNmM2NjU4YmQ5NTJl
LzEvTTJJalJQS2VhMlFndi12RGk3WjZNUFJGUDNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHpdyAAwQC
uYgsMA0GCSqGSIb3DQEBCwUAA4IBAQCEkVBtQoVpNLnxT0mIhsD3JwgIcYTM5mNX
KN2fK2kBamcQ44DNGNKY2fHukRn7E/dMGl0lBGBMcqbnwtwsUrCTIFz7smJ5MUvv
fCHOP7TvSGs5smsdky5IZbUq9xRH5sHIRgsj6M5DMyXLDmwaa7fvVIXiNtFZ5iT4
ZyufcjYSt//mtiZO4L3LK8KZmTh/Zm2VWYkVHhLoh3Ma9EZ5nqLpUF6j1W820zNg
S6+bQFnBxuREyNauQb82X8AatBRABwg+3NihzI2qD2UurB1f80BqMhiYBzesrRZb
zT71Y+t+j7eFCc+45p+P6XKEb8VpjrIYOhJvPrgLddEoXXQdPXsT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org