Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/u5HZz44NIQ2W-s3bKAn4u7bOArg.roa
File: u5HZz44NIQ2W-s3bKAn4u7bOArg.roa (raw, json)
Hash identifier: TeQk/D9ojBPp4nPG3lWplk3MLyNgQL9606ump5f+7yA=
Subject key identifier: BB:91:D9:CF:8E:0D:21:0D:96:FA:CD:DB:28:09:F8:BB:B6:CE:02:B8
Certificate issuer: /CN=6ff362c0765afb7b9804b6d819470007b01f262e
Certificate serial: 0185738FF33D094EDDBCA2089FD9DABDBADE
Authority key identifier: 6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/u5HZz44NIQ2W-s3bKAn4u7bOArg.roa
Signing time: Mon 02 Jan 2023 17:38:11 +0000
ROA not before: Mon 02 Jan 2023 17:38:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32611
IP address blocks: 141.113.144.0/21 maxlen: 21
141.113.152.0/21 maxlen: 21
141.113.160.0/21 maxlen: 21
141.113.168.0/21 maxlen: 21
141.113.176.0/21 maxlen: 21
141.113.184.0/21 maxlen: 21
2a03:9e41::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:f3:3d:09:4e:dd:bc:a2:08:9f:d9:da:bd:ba:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ff362c0765afb7b9804b6d819470007b01f262e
Validity
Not Before: Jan 2 17:38:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb91d9cf8e0d210d96facddb2809f8bbb6ce02b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1c:53:77:78:e4:e7:14:ff:be:2b:5f:c1:0f:
63:70:bb:8d:34:21:b3:b4:79:fb:4c:99:c9:61:15:
0d:f1:c9:88:a3:d9:e9:9a:0e:8e:2c:e1:cd:d0:0e:
1e:b9:43:d1:a8:7b:a6:4d:03:c3:25:21:c0:7c:d8:
4d:ef:39:ec:3e:c3:ba:67:2a:48:bb:b3:c7:8e:e5:
d7:b1:7b:d7:34:75:97:3a:3f:98:7d:2b:2e:bc:3d:
6b:a1:17:29:88:a1:43:3b:d5:94:b6:96:d5:e0:c5:
fe:e7:9c:79:e6:e5:6a:47:2c:e9:29:b0:6f:5d:56:
02:09:f3:af:55:77:a4:50:db:44:81:c4:72:18:74:
ed:23:77:34:d1:41:7b:02:dd:71:5d:24:09:ec:26:
33:be:23:0b:01:b7:7e:6f:e6:79:55:78:43:a1:49:
0a:dc:ce:3b:7d:79:4a:e3:b2:79:c3:d0:dd:c4:c2:
26:dd:d2:40:2e:f1:a9:f8:3f:8d:89:4b:46:cf:53:
d0:d0:44:f6:8d:8d:05:3d:ba:d9:2b:a1:67:3e:bf:
66:12:5e:aa:48:42:6d:cf:4f:56:86:92:a5:6e:78:
1c:ee:86:1a:71:d8:bd:76:a7:00:9a:d7:70:6b:e0:
30:3c:5a:23:0f:0b:86:b6:f7:92:57:e5:7c:30:15:
bb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:91:D9:CF:8E:0D:21:0D:96:FA:CD:DB:28:09:F8:BB:B6:CE:02:B8
X509v3 Authority Key Identifier:
keyid:6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/u5HZz44NIQ2W-s3bKAn4u7bOArg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.113.144.0-141.113.191.255
IPv6:
2a03:9e41::/32
Signature Algorithm: sha256WithRSAEncryption
8d:34:c5:a1:18:51:ae:ba:9f:68:64:71:89:aa:21:e4:de:41:
58:04:9e:c2:bc:49:53:f5:70:7f:ff:54:34:ab:6f:1c:90:e0:
5a:eb:bd:9c:b3:55:ad:8f:a0:40:7f:d1:46:b4:0c:43:c0:4b:
60:24:3e:0e:f5:69:1e:72:0c:e4:27:ae:a0:52:73:ea:3d:80:
38:65:8a:0e:cb:49:9a:a9:c2:e3:01:88:6e:bd:ba:30:96:9b:
a7:b6:0c:ca:d2:09:58:d6:6d:e2:6a:48:52:d9:0d:45:65:a8:
d4:e8:8d:4b:2a:33:b7:ac:00:c2:02:2c:c7:d9:80:95:25:00:
ea:a3:33:dd:1d:82:34:e1:dd:19:1b:04:c8:ee:1f:0e:65:50:
85:0d:69:8d:b2:b2:9e:36:8f:d5:aa:80:b5:4b:1c:54:bb:27:
c0:a0:52:14:5b:8e:f8:56:f4:20:51:66:cc:9b:0f:5b:64:98:
7b:11:ab:19:cc:72:eb:bf:b5:77:4d:96:ea:bf:bd:50:56:1c:
c7:5e:f4:bc:e4:f5:8c:bb:29:94:16:97:b6:ee:b1:fa:40:63:
65:e3:0f:dd:03:04:74:e8:ca:fa:25:e6:0a:f7:04:8f:f7:33:
20:f2:44:eb:a9:39:b1:94:37:67:71:d8:cd:58:dc:fa:e7:16:
f1:f5:60:27
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVzj/M9CU7dvKIIn9navbreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZjM2MmMwNzY1YWZiN2I5ODA0YjZkODE5NDcwMDA3YjAx
ZjI2MmUwHhcNMjMwMTAyMTczODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjkxZDljZjhlMGQyMTBkOTZmYWNkZGIyODA5ZjhiYmI2Y2UwMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxxTd3jk5xT/vitfwQ9jcLuNNCGz
tHn7TJnJYRUN8cmIo9npmg6OLOHN0A4euUPRqHumTQPDJSHAfNhN7znsPsO6ZypI
u7PHjuXXsXvXNHWXOj+YfSsuvD1roRcpiKFDO9WUtpbV4MX+55x55uVqRyzpKbBv
XVYCCfOvVXekUNtEgcRyGHTtI3c00UF7At1xXSQJ7CYzviMLAbd+b+Z5VXhDoUkK
3M47fXlK47J5w9DdxMIm3dJALvGp+D+NiUtGz1PQ0ET2jY0FPbrZK6FnPr9mEl6q
SEJtz09WhpKlbngc7oYacdi9dqcAmtdwa+AwPFojDwuGtveSV+V8MBW7xQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLuR2c+ODSENlvrN2ygJ+Lu2zgK4MB8GA1UdIwQY
MBaAFG/zYsB2Wvt7mAS22BlHAAewHyYuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEt
ZGFmZDc0NzYzZDIzLzEvdTVIWno0NE5JUTJXLXMzYktBbjR1N2JPQXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEtZGFmZDc0NzYzZDIz
LzEvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBASNcZAD
BAaNcYAwDQQCAAIwBwMFACoDnkEwDQYJKoZIhvcNAQELBQADggEBAI00xaEYUa66
n2hkcYmqIeTeQVgEnsK8SVP1cH//VDSrbxyQ4FrrvZyzVa2PoEB/0Ua0DEPAS2Ak
Pg71aR5yDOQnrqBSc+o9gDhlig7LSZqpwuMBiG69ujCWm6e2DMrSCVjWbeJqSFLZ
DUVlqNTojUsqM7esAMICLMfZgJUlAOqjM90dgjTh3RkbBMjuHw5lUIUNaY2ysp42
j9WqgLVLHFS7J8CgUhRbjvhW9CBRZsybD1tkmHsRqxnMcuu/tXdNluq/vVBWHMde
9Lzk9Yy7KZQWl7busfpAY2XjD90DBHToyvol5gr3BI/3MyDyROupObGUN2dx2M1Y
3PrnFvH1YCc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:14 2024 by rpki-client on console-ams.rpki-client.org