Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/vTEmqCCcodd7wb2LWio9IvUgIOQ.roa
File: vTEmqCCcodd7wb2LWio9IvUgIOQ.roa (raw, json)
Hash identifier: aDAHfmHZaQSB+Jtx0gpfQz1c0uNuQlXLt41LhAc+T5U=
Subject key identifier: BD:31:26:A8:20:9C:A1:D7:7B:C1:BD:8B:5A:2A:3D:22:F5:20:20:E4
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018CCA29FFA046097BB8D83EA8A1C5EBED5F
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/vTEmqCCcodd7wb2LWio9IvUgIOQ.roa
Signing time: Tue 02 Jan 2024 12:33:19 +0000
ROA not before: Tue 02 Jan 2024 12:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14670
IP address blocks: 192.250.225.0/24 maxlen: 24
65.181.111.0/24 maxlen: 24
199.103.58.0/24 maxlen: 24
192.243.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 13:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:ff:a0:46:09:7b:b8:d8:3e:a8:a1:c5:eb:ed:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jan 2 12:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd3126a8209ca1d77bc1bd8b5a2a3d22f52020e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d9:18:39:82:ec:4e:f3:7b:f7:78:03:8b:63:
29:b9:77:48:96:1c:39:f1:1b:2a:4f:21:be:c6:24:
75:84:be:1f:29:e2:35:88:34:b3:08:7c:e0:a2:e0:
bd:f4:4d:17:6d:0c:40:0d:a5:cd:8d:ec:0b:74:38:
07:48:5b:e6:a9:04:1a:f4:f9:bb:0d:d3:ef:24:a0:
fe:a2:25:2b:4e:7c:b8:ce:9f:08:7c:9e:61:22:0b:
24:e4:b5:66:f4:78:71:7b:ca:d4:80:de:53:c6:3e:
a5:c7:e0:8b:db:9a:a2:81:44:92:6d:b9:c9:60:80:
b3:00:24:c1:59:be:a0:9a:27:85:19:32:a3:b9:0d:
1b:4c:92:6e:fd:87:49:db:5e:bd:84:4f:0b:c3:24:
0a:2b:d4:5d:1e:14:99:32:26:2a:42:8b:50:b3:ae:
4b:4c:84:4c:0d:4b:23:1b:99:4a:50:07:1a:58:5c:
20:22:70:42:8e:f1:19:dd:d4:db:36:17:aa:66:31:
f4:ab:d9:60:fe:60:71:e7:bf:c8:c1:a9:3a:9e:e7:
82:f5:53:eb:e4:14:b7:e3:f3:bd:79:3f:a3:32:e8:
59:01:32:19:b7:b1:f1:5a:03:52:60:f5:a3:26:08:
9a:2d:94:bb:0c:45:c5:b4:a3:5d:35:b2:02:c4:7b:
3b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:31:26:A8:20:9C:A1:D7:7B:C1:BD:8B:5A:2A:3D:22:F5:20:20:E4
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/vTEmqCCcodd7wb2LWio9IvUgIOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.181.111.0/24
192.243.110.0/24
192.250.225.0/24
199.103.58.0/24
Signature Algorithm: sha256WithRSAEncryption
03:c2:c1:ae:ca:73:de:86:82:ff:42:39:7d:82:14:1b:87:40:
91:bd:1e:74:64:b8:1b:80:13:07:35:f6:60:af:53:ff:92:27:
e9:5a:a0:b3:de:ca:b6:26:63:ab:df:55:c3:81:5e:56:a6:c1:
30:bd:d1:67:14:70:24:54:8a:45:97:1d:4b:ef:43:94:f0:3a:
6e:5d:62:82:b1:88:5a:ee:08:c9:b4:f3:61:e9:74:6c:11:88:
06:10:49:18:d9:5f:d1:ce:eb:8a:0c:44:a7:c8:c7:6a:8a:f2:
8a:8e:d9:e9:51:06:cb:7b:de:fc:68:5a:92:c0:29:12:4a:c2:
d0:8c:35:9c:7a:a6:cd:31:1c:83:ec:0f:3a:95:a6:22:a3:6d:
ac:97:9c:0e:03:a7:21:53:f4:e8:0b:ea:c8:a9:40:a3:98:f0:
29:f6:b4:b1:19:b0:4d:0f:98:92:09:e0:51:a4:1f:49:d4:e5:
8a:57:93:91:86:82:87:ca:95:8e:e5:54:50:bf:20:8f:47:e1:
05:62:4d:94:10:0a:3b:63:19:98:5a:f1:17:13:cd:86:b5:8b:
9a:b7:a9:79:db:ca:a9:4d:4f:dd:4c:aa:15:d5:a3:3e:0c:13:
6d:05:ea:4b:29:7e:04:0b:05:a5:f6:9b:9c:73:81:ca:1b:07:
5e:96:19:e1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKf+gRgl7uNg+qKHF6+1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwMTAyMTIzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDMxMjZhODIwOWNhMWQ3N2JjMWJkOGI1YTJhM2QyMmY1MjAyMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtkYOYLsTvN793gDi2MpuXdIlhw5
8RsqTyG+xiR1hL4fKeI1iDSzCHzgouC99E0XbQxADaXNjewLdDgHSFvmqQQa9Pm7
DdPvJKD+oiUrTny4zp8IfJ5hIgsk5LVm9Hhxe8rUgN5Txj6lx+CL25qigUSSbbnJ
YICzACTBWb6gmieFGTKjuQ0bTJJu/YdJ2169hE8LwyQKK9RdHhSZMiYqQotQs65L
TIRMDUsjG5lKUAcaWFwgInBCjvEZ3dTbNheqZjH0q9lg/mBx57/Iwak6nueC9VPr
5BS34/O9eT+jMuhZATIZt7HxWgNSYPWjJgiaLZS7DEXFtKNdNbICxHs7LQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL0xJqggnKHXe8G9i1oqPSL1ICDkMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvdlRFbXFDQ2NvZGQ3d2IyTFdpbzlJdlVnSU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQbVvAwQA
wPNuAwQAwPrhAwQAx2c6MA0GCSqGSIb3DQEBCwUAA4IBAQADwsGuynPehoL/Qjl9
ghQbh0CRvR50ZLgbgBMHNfZgr1P/kifpWqCz3sq2JmOr31XDgV5WpsEwvdFnFHAk
VIpFlx1L70OU8DpuXWKCsYha7gjJtPNh6XRsEYgGEEkY2V/RzuuKDESnyMdqivKK
jtnpUQbLe978aFqSwCkSSsLQjDWceqbNMRyD7A86laYio22sl5wOA6chU/ToC+rI
qUCjmPAp9rSxGbBND5iSCeBRpB9J1OWKV5ORhoKHypWO5VRQvyCPR+EFYk2UEAo7
YxmYWvEXE82GtYuat6l528qpTU/dTKoV1aM+DBNtBepLKX4ECwWl9pucc4HKGwde
lhnh
-----END CERTIFICATE-----
Generated at Thu Feb 22 15:54:51 2024 by rpki-client on console-ams.rpki-client.org