Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1_oQzGqA_sct2ooYyrLSaSEfaxw.roa
File: 1_oQzGqA_sct2ooYyrLSaSEfaxw.roa (raw, json)
Hash identifier: RDUdHVZJT/n+JbXEN2WQPpsEgA7zczAg7iXT7bAcxoQ=
Subject key identifier: D7:FA:10:CC:6A:80:FE:C7:2D:DA:8A:18:CA:B2:D2:69:21:1F:6B:1C
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018BFC5F1244ADC41087F83733F635759E7B
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1_oQzGqA_sct2ooYyrLSaSEfaxw.roa
Signing time: Thu 23 Nov 2023 13:29:30 +0000
ROA not before: Thu 23 Nov 2023 13:29:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36218
IP address blocks: 192.250.238.0/24 maxlen: 24
192.250.237.0/24 maxlen: 24
208.88.4.0/22 maxlen: 22
199.103.56.0/23 maxlen: 23
199.103.59.0/24 maxlen: 24
199.103.60.0/22 maxlen: 22
208.69.56.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:5f:12:44:ad:c4:10:87:f8:37:33:f6:35:75:9e:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Nov 23 13:29:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7fa10cc6a80fec72dda8a18cab2d269211f6b1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:32:d9:bc:fc:8b:7b:f2:73:e9:71:39:27:59:
19:c5:eb:49:52:c2:69:e6:86:ea:cd:27:69:c0:d5:
3f:82:ec:14:6b:2f:37:5e:c4:c5:fd:06:3a:1d:60:
d8:83:d9:55:dd:af:e9:ed:e8:c9:b7:8d:33:24:ea:
9d:d9:ba:da:61:02:ba:d4:14:28:5f:af:81:42:18:
aa:e4:a2:ee:1c:11:ae:ee:b6:5b:3f:e6:14:68:1d:
c3:68:b2:b3:e2:da:6c:4b:e4:59:1c:32:4c:da:51:
09:ae:e4:a2:b9:32:0d:55:f6:35:b1:8b:75:d6:3e:
8a:c4:d6:56:19:39:22:b7:54:60:d8:ac:5e:bc:ad:
38:a0:42:d1:4e:c9:5c:b3:f9:5a:05:1f:11:9c:2a:
2e:e2:32:eb:19:bd:d9:1d:9a:fb:ee:26:a4:28:1e:
4e:5b:49:c3:2e:85:8b:c4:e3:3e:6e:4e:23:a4:6b:
81:e3:f0:be:96:3c:38:11:6b:31:24:8a:3f:b7:8d:
65:7b:aa:57:42:d5:79:5c:18:38:76:ef:13:9f:75:
83:4a:f5:cf:1c:f1:77:74:9e:dc:c9:3b:c5:87:d7:
be:e1:41:c4:2b:e3:2e:a7:7f:3b:ae:24:c6:07:5c:
35:28:06:d0:2d:dc:c0:88:80:67:1e:19:20:46:65:
46:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:FA:10:CC:6A:80:FE:C7:2D:DA:8A:18:CA:B2:D2:69:21:1F:6B:1C
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1_oQzGqA_sct2ooYyrLSaSEfaxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.250.237.0-192.250.238.255
199.103.56.0/23
199.103.59.0-199.103.63.255
208.69.56.0/22
208.88.4.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:61:94:28:ad:7b:e6:e0:8e:8b:ea:6d:c4:a9:b2:6b:77:8d:
e7:7b:10:c8:10:78:ec:17:b8:7a:67:09:97:b5:5b:58:d9:6e:
07:0a:15:00:11:aa:34:1d:a9:42:f3:4a:a9:4f:17:2c:5e:56:
2b:4e:36:47:b6:95:c7:5e:5f:d3:d3:cd:f4:2a:62:a1:a6:9e:
95:df:97:96:e3:02:24:31:91:0a:2d:eb:ab:62:d0:13:ab:da:
47:8a:12:5c:da:45:ab:af:b5:ce:d0:a7:73:e1:78:b7:7e:b3:
12:ac:0d:27:66:e8:7b:cd:90:39:ec:f0:37:5e:d8:84:9e:ad:
3e:b2:14:50:21:01:5a:c4:76:2a:fd:37:51:e5:a0:f3:45:2c:
11:da:aa:12:e5:e1:5c:d6:1d:80:7f:ea:6c:1c:5b:e1:79:3a:
1e:84:cd:92:c1:8a:d2:3d:4d:cb:0d:57:a8:f0:e6:ee:43:a8:
8d:22:7e:29:f3:a5:2a:68:d6:c7:b2:72:74:36:9d:9f:dd:95:
5f:8b:43:c1:88:e8:fc:af:19:ac:24:1b:ac:00:61:05:c7:45:
af:75:ff:1c:24:3b:4f:6f:3e:0c:37:e8:de:88:48:69:20:cf:
f3:9d:34:d8:4d:5a:7f:0f:08:eb:2d:b1:c0:7e:2f:22:c7:97:
34:21:68:48
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYv8XxJErcQQh/g3M/Y1dZ57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjMxMTIzMTMyOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ZhMTBjYzZhODBmZWM3MmRkYThhMThjYWIyZDI2OTIxMWY2YjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDLZvPyLe/Jz6XE5J1kZxetJUsJp
5obqzSdpwNU/guwUay83XsTF/QY6HWDYg9lV3a/p7ejJt40zJOqd2braYQK61BQo
X6+BQhiq5KLuHBGu7rZbP+YUaB3DaLKz4tpsS+RZHDJM2lEJruSiuTINVfY1sYt1
1j6KxNZWGTkit1Rg2KxevK04oELRTslcs/laBR8RnCou4jLrGb3ZHZr77iakKB5O
W0nDLoWLxOM+bk4jpGuB4/C+ljw4EWsxJIo/t41le6pXQtV5XBg4du8Tn3WDSvXP
HPF3dJ7cyTvFh9e+4UHEK+Mup387riTGB1w1KAbQLdzAiIBnHhkgRmVGwwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNf6EMxqgP7HLdqKGMqy0mkhH2scMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvMV9vUXpHcUFfc2N0Mm9vWXlyTFNhU0VmYXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBADA+u0D
BADA+u4DBAHHZzgwDAMEAMdnOwMEBsdnAAMEAtBFOAMEAtBYBDANBgkqhkiG9w0B
AQsFAAOCAQEAjWGUKK175uCOi+ptxKmya3eN53sQyBB47Be4emcJl7VbWNluBwoV
ABGqNB2pQvNKqU8XLF5WK042R7aVx15f09PN9Cpioaaeld+XluMCJDGRCi3rq2LQ
E6vaR4oSXNpFq6+1ztCnc+F4t36zEqwNJ2boe82QOezwN17YhJ6tPrIUUCEBWsR2
Kv03UeWg80UsEdqqEuXhXNYdgH/qbBxb4Xk6HoTNksGK0j1Nyw1XqPDm7kOojSJ+
KfOlKmjWx7JydDadn92VX4tDwYjo/K8ZrCQbrABhBcdFr3X/HCQ7T28+DDfo3ohI
aSDP85002E1afw8I6y2xwH4vIseXNCFoSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:49 2024 by rpki-client on console-fra.rpki-client.org