Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/vJ_oz8RhtK78zxc4iCc599yXR9s.roa
File: vJ_oz8RhtK78zxc4iCc599yXR9s.roa (raw, json)
Hash identifier: fJ0izN61BeFEe8mfq1/MexHG8+JEbvRwElzti73x5J4=
Subject key identifier: BC:9F:E8:CF:C4:61:B4:AE:FC:CF:17:38:88:27:39:F7:DC:97:47:DB
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 0192D0D201CE75A696269DFD9890B0DD161D
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/vJ_oz8RhtK78zxc4iCc599yXR9s.roa
Signing time: Mon 28 Oct 2024 01:51:16 +0000
ROA not before: Mon 28 Oct 2024 01:51:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 137.174.0.0/17 maxlen: 22
137.174.128.0/18 maxlen: 22
137.174.192.0/19 maxlen: 22
147.123.36.0/22 maxlen: 24
147.123.44.0/22 maxlen: 24
147.123.48.0/21 maxlen: 21
155.204.64.0/20 maxlen: 20
155.204.80.0/21 maxlen: 21
155.204.88.0/21 maxlen: 21
155.204.96.0/21 maxlen: 21
155.204.104.0/21 maxlen: 21
155.204.136.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 13 Nov 2024 18:51:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d0:d2:01:ce:75:a6:96:26:9d:fd:98:90:b0:dd:16:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Oct 28 01:51:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc9fe8cfc461b4aefccf1738882739f7dc9747db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:36:1f:cb:f0:00:02:74:5c:43:8b:e4:e1:d0:
2a:06:db:51:83:28:6b:a9:cb:21:39:a6:ee:c3:d1:
91:a4:0d:31:06:88:fc:7a:64:27:39:a9:aa:d3:fd:
04:ad:72:71:c7:69:de:3e:12:d2:d0:ec:20:60:c4:
33:3f:b6:f4:6b:45:82:8b:93:57:00:3d:af:d8:d9:
7e:01:22:77:a6:e6:7c:cc:37:21:56:0d:e0:c6:37:
4f:4c:0b:34:d5:88:4f:f1:96:e6:0d:4f:73:20:39:
44:08:9e:db:7d:75:4e:2a:f9:1d:dc:02:23:1b:e0:
2e:89:72:79:35:ce:6d:2c:bf:61:4d:46:f2:7f:5a:
21:0e:41:b2:5c:f7:ed:9c:ef:1d:c0:84:94:71:7c:
bd:92:fd:66:c1:97:37:ad:0c:b7:69:c7:4f:3d:98:
e5:0f:c4:66:f7:1a:52:33:bf:a4:f1:5f:fc:dc:04:
aa:9c:62:1d:47:98:09:d7:fd:ba:1a:d6:88:ef:e1:
d7:ba:1a:a7:a4:16:e8:8b:96:fd:3c:ba:05:e2:62:
12:a4:a8:c5:36:6e:bd:70:0c:60:6a:47:4f:1f:5c:
da:f1:69:5d:01:2a:3c:6d:ea:4b:9a:cb:d1:30:da:
3f:ce:ad:a5:ba:78:5b:ff:56:cd:04:f8:11:f3:41:
47:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:9F:E8:CF:C4:61:B4:AE:FC:CF:17:38:88:27:39:F7:DC:97:47:DB
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/vJ_oz8RhtK78zxc4iCc599yXR9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.174.0.0-137.174.223.255
147.123.36.0/22
147.123.44.0-147.123.55.255
155.204.64.0-155.204.111.255
155.204.136.0/21
Signature Algorithm: sha256WithRSAEncryption
66:2a:18:d1:a5:fb:55:03:78:e1:f5:5e:aa:53:1a:66:ed:25:
78:33:82:40:f5:60:57:9e:59:5c:4d:f7:86:61:aa:aa:c0:59:
2e:e0:e3:fd:f2:4f:a0:fe:e1:3b:cd:b8:97:89:5a:c2:f7:74:
93:21:f1:d0:f5:51:4e:8e:4d:2d:37:59:45:a1:0a:8d:66:6b:
6e:6f:23:2b:71:01:f0:a6:42:59:b3:a7:db:ff:16:aa:87:50:
96:56:3d:c0:48:06:ad:79:61:59:12:d7:0d:6a:c6:e9:65:9b:
1f:21:9f:6e:8c:5c:ba:1e:27:a7:48:fc:78:ef:77:78:2b:73:
62:00:fd:67:d1:e6:6a:29:df:29:de:bb:09:73:92:63:7a:64:
86:7d:53:c4:78:26:aa:2c:05:98:92:b7:a7:13:ad:46:84:a6:
d1:c1:d0:3e:91:c8:ff:c8:6a:aa:6f:64:20:b6:e8:aa:4a:2c:
cf:69:67:d1:38:7b:e9:7c:c6:60:a8:eb:59:96:dd:ac:6f:9a:
73:df:68:39:a4:e0:12:6f:7d:33:61:c9:02:e2:ad:19:52:57:
9f:f8:fc:a4:3e:7e:fc:2c:ad:3c:b5:e9:5d:ff:97:b0:09:f4:
9b:90:af:4d:e1:a8:c1:bf:45:2f:5e:10:83:df:fb:3e:ac:41:
22:53:3f:08
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZLQ0gHOdaaWJp39mJCw3RYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjQxMDI4MDE1MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzlmZThjZmM0NjFiNGFlZmNjZjE3Mzg4ODI3MzlmN2RjOTc0N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTYfy/AAAnRcQ4vk4dAqBttRgyhr
qcshOabuw9GRpA0xBoj8emQnOamq0/0ErXJxx2nePhLS0OwgYMQzP7b0a0WCi5NX
AD2v2Nl+ASJ3puZ8zDchVg3gxjdPTAs01YhP8ZbmDU9zIDlECJ7bfXVOKvkd3AIj
G+AuiXJ5Nc5tLL9hTUbyf1ohDkGyXPftnO8dwISUcXy9kv1mwZc3rQy3acdPPZjl
D8Rm9xpSM7+k8V/83ASqnGIdR5gJ1/26GtaI7+HXuhqnpBboi5b9PLoF4mISpKjF
Nm69cAxgakdPH1za8WldASo8bepLmsvRMNo/zq2lunhb/1bNBPgR80FHmwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLyf6M/EYbSu/M8XOIgnOffcl0fbMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvdkpfb3o4Umh0Szc4enhjNGlDYzU5OXlYUjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1MAsDAwGJrgME
BYmuwAMEApN7JDAMAwQCk3ssAwQDk3swMAwDBAabzEADBASbzGADBAObzIgwDQYJ
KoZIhvcNAQELBQADggEBAGYqGNGl+1UDeOH1XqpTGmbtJXgzgkD1YFeeWVxN94Zh
qqrAWS7g4/3yT6D+4TvNuJeJWsL3dJMh8dD1UU6OTS03WUWhCo1ma25vIytxAfCm
Qlmzp9v/FqqHUJZWPcBIBq15YVkS1w1qxullmx8hn26MXLoeJ6dI/Hjvd3grc2IA
/WfR5mop3yneuwlzkmN6ZIZ9U8R4JqosBZiSt6cTrUaEptHB0D6RyP/IaqpvZCC2
6KpKLM9pZ9E4e+l8xmCo61mW3axvmnPfaDmk4BJvfTNhyQLirRlSV5/4/KQ+fvws
rTy16V3/l7AJ9JuQr03hqMG/RS9eEIPf+z6sQSJTPwg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:37 2025 by rpki-client