Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/4rZXUXYXNE0arGDitXwCsEayRW4.roa
File: 4rZXUXYXNE0arGDitXwCsEayRW4.roa (raw, json)
Hash identifier: p3aEYUipOKyAMcKK3/7OrGUgxj8dNSCIt18Km5UEb+k=
Subject key identifier: E2:B6:57:51:76:17:34:4D:1A:AC:60:E2:B5:7C:02:B0:46:B2:45:6E
Certificate issuer: /CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Certificate serial: 01856F66E8C093EEF0D376BBC05226F64AE7
Authority key identifier: 8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/4rZXUXYXNE0arGDitXwCsEayRW4.roa
Signing time: Sun 01 Jan 2023 22:14:53 +0000
ROA not before: Sun 01 Jan 2023 22:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 192.33.88.0/24 maxlen: 24
2001:67c:2e40::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e8:c0:93:ee:f0:d3:76:bb:c0:52:26:f6:4a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Validity
Not Before: Jan 1 22:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2b657517617344d1aac60e2b57c02b046b2456e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:8e:53:b7:fd:aa:08:c5:d7:ed:b1:e4:80:0a:
58:48:4b:3a:33:fb:48:0a:3d:21:d7:ba:21:4f:94:
88:73:07:89:ff:06:0d:28:48:05:05:10:7e:23:28:
60:0f:67:e8:1d:dc:9d:61:ea:e8:92:4e:41:1b:ee:
54:2a:7a:5e:15:12:b0:d1:72:83:39:2b:45:5d:74:
71:19:95:e0:1c:ba:b6:bf:45:36:c7:83:f1:ed:7a:
b5:83:fc:f3:80:1d:c7:da:32:53:3e:da:75:2b:8a:
ee:8f:bd:e6:82:94:ff:4e:24:87:9e:10:4e:71:91:
29:e5:c2:76:86:b6:ce:9b:59:ae:0f:a4:8e:df:0a:
a5:8e:e0:d8:cc:74:72:37:8e:56:dc:77:ed:bd:e8:
ff:d3:a4:90:f4:19:8e:65:27:1f:f4:75:56:0a:30:
9b:5c:b2:b5:d6:11:2d:c4:7e:91:70:b7:eb:24:a3:
6e:e9:a3:84:21:2d:a9:24:3f:e7:fa:91:10:c4:80:
07:74:a3:fa:f4:6c:15:85:70:44:d2:74:67:b2:49:
91:89:ca:89:43:4c:c5:da:59:13:b9:97:91:e0:a9:
35:f3:ce:73:5e:be:ef:3f:31:de:dd:45:61:5e:dc:
a2:12:06:d6:47:a2:ef:06:1b:6e:ae:5c:11:c3:91:
05:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B6:57:51:76:17:34:4D:1A:AC:60:E2:B5:7C:02:B0:46:B2:45:6E
X509v3 Authority Key Identifier:
keyid:8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/4rZXUXYXNE0arGDitXwCsEayRW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.33.88.0/24
IPv6:
2001:67c:2e40::/48
Signature Algorithm: sha256WithRSAEncryption
58:88:33:db:74:0b:ef:99:c5:86:d5:8a:f3:de:d7:4a:aa:03:
9a:e1:a0:49:5e:f6:95:b9:41:da:00:02:b2:6f:09:21:3a:cc:
77:ec:85:90:0a:cd:5d:07:0e:32:7a:03:d4:08:5b:cf:f2:8f:
0b:19:1a:75:4e:ad:8a:09:5b:ef:34:21:37:e3:f8:37:ce:92:
ba:2f:65:b4:9c:9c:84:93:a4:ac:18:20:82:65:03:b1:99:22:
ec:9f:72:9b:e3:34:5e:dd:36:50:cd:9c:10:db:c1:43:35:49:
ac:17:7e:7b:2d:fe:b7:5f:6e:af:bc:39:3e:5c:70:1d:8d:a1:
20:c0:95:8d:5b:4d:2c:b9:6a:75:80:91:1a:ef:9b:7f:5c:7a:
37:b9:04:97:8d:e9:da:83:4f:3e:b2:0b:69:f3:e6:58:77:2c:
92:13:d0:d0:fd:54:d9:66:a6:0a:36:88:4b:db:04:79:cf:2f:
9b:f8:54:97:76:d2:5a:38:dd:fe:aa:86:6f:ac:9c:85:22:8b:
b8:af:ea:85:c3:29:3d:4e:1f:f0:df:61:89:42:30:42:24:11:
1b:5f:92:8f:d4:4a:45:f8:48:35:28:1c:2e:b7:49:c0:4e:93:
27:65:5e:97:64:4d:e0:e4:eb:cd:82:3f:78:3e:32:27:84:49:
eb:7c:d0:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvZujAk+7w03a7wFIm9krnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTgyNGJjNjMxY2NlZTFhZTk5ZDcxMDNhZmQyZGM3NGYx
ZTI5YzQwHhcNMjMwMTAxMjIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmI2NTc1MTc2MTczNDRkMWFhYzYwZTJiNTdjMDJiMDQ2YjI0NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8I5Tt/2qCMXX7bHkgApYSEs6M/tI
Cj0h17ohT5SIcweJ/wYNKEgFBRB+IyhgD2foHdydYerokk5BG+5UKnpeFRKw0XKD
OStFXXRxGZXgHLq2v0U2x4Px7Xq1g/zzgB3H2jJTPtp1K4ruj73mgpT/TiSHnhBO
cZEp5cJ2hrbOm1muD6SO3wqljuDYzHRyN45W3Hftvej/06SQ9BmOZScf9HVWCjCb
XLK11hEtxH6RcLfrJKNu6aOEIS2pJD/n+pEQxIAHdKP69GwVhXBE0nRnskmRicqJ
Q0zF2lkTuZeR4Kk1885zXr7vPzHe3UVhXtyiEgbWR6LvBhturlwRw5EF1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOK2V1F2FzRNGqxg4rV8ArBGskVuMB8GA1UdIwQY
MBaAFI2oJLxjHM7hrpnXEDr9LcdPHinEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUt
Mzg2YzFmOGIwNjQwLzEvNHJaWFVYWVhORTBhckdEaXRYd0NzRWF5Ulc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUtMzg2YzFmOGIwNjQw
LzEvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwCFYMA8E
AgACMAkDBwAgAQZ8LkAwDQYJKoZIhvcNAQELBQADggEBAFiIM9t0C++ZxYbVivPe
10qqA5rhoEle9pW5QdoAArJvCSE6zHfshZAKzV0HDjJ6A9QIW8/yjwsZGnVOrYoJ
W+80ITfj+DfOkrovZbScnISTpKwYIIJlA7GZIuyfcpvjNF7dNlDNnBDbwUM1SawX
fnst/rdfbq+8OT5ccB2NoSDAlY1bTSy5anWAkRrvm39ceje5BJeN6dqDTz6yC2nz
5lh3LJIT0ND9VNlmpgo2iEvbBHnPL5v4VJd20lo43f6qhm+snIUii7iv6oXDKT1O
H/DfYYlCMEIkERtfko/USkX4SDUoHC63ScBOkydlXpdkTeDk682CP3g+MieESet8
0Es=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:25 2024 by rpki-client on console-fra.rpki-client.org