Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aPTCk-cUva5Iwsa99estW9yFSBU.roa
File: aPTCk-cUva5Iwsa99estW9yFSBU.roa (raw, json)
Hash identifier: eD4gLFpQDcLCpn8MbKiaGyvSsc5DRvlCOa17MqHHShM=
Subject key identifier: 68:F4:C2:93:E7:14:BD:AE:48:C2:C6:BD:F5:EB:2D:5B:DC:85:48:15
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01869434612B8D19250D6F3DEBB8B125183D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aPTCk-cUva5Iwsa99estW9yFSBU.roa
Signing time: Mon 27 Feb 2023 18:48:25 +0000
ROA not before: Mon 27 Feb 2023 18:48:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 171.22.100.0/24 maxlen: 24
171.22.102.0/24 maxlen: 24
171.22.101.0/24 maxlen: 24
171.22.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Mar 2023 06:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:94:34:61:2b:8d:19:25:0d:6f:3d:eb:b8:b1:25:18:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 27 18:48:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68f4c293e714bdae48c2c6bdf5eb2d5bdc854815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2c:a0:dd:aa:b8:6e:69:41:8b:5e:3c:c0:f1:
d5:9a:a1:ba:c7:46:46:58:42:82:ce:c9:c2:18:c3:
b3:19:e8:9f:9f:a2:8e:a7:4b:a8:b9:1e:5d:82:4d:
4c:c2:6d:18:75:a3:9f:95:d7:3a:2c:46:01:d9:8b:
6b:ca:ac:0c:19:b4:ce:b0:33:86:eb:02:3c:95:05:
8f:dc:56:23:ee:df:30:0a:43:20:d2:db:71:ad:40:
40:9f:b8:69:23:d1:ab:31:65:6b:5a:30:46:13:da:
48:fe:86:6a:a0:bf:3e:48:a9:29:cb:67:72:a5:13:
c1:22:64:0a:19:ad:3d:a4:cb:73:72:eb:51:a2:cb:
81:ca:dc:97:c2:66:50:44:25:a1:f1:db:9f:43:16:
2c:ab:69:6d:86:b8:14:75:68:8c:bf:97:c1:9f:94:
f9:8b:c6:59:08:4c:f5:3c:d2:98:5e:47:e6:87:b3:
ce:35:87:da:71:21:c6:97:c5:42:41:18:fd:ef:fe:
50:9e:d1:d5:a9:9a:24:c2:86:eb:49:14:e4:77:90:
b6:6e:8a:ea:7c:f6:0e:b9:6f:d8:49:af:5d:ff:f2:
3b:61:7f:80:3f:f5:c4:9f:39:7a:f9:b7:30:51:6f:
bc:d8:45:01:5d:a3:70:dd:df:a0:51:1f:c1:ae:71:
05:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F4:C2:93:E7:14:BD:AE:48:C2:C6:BD:F5:EB:2D:5B:DC:85:48:15
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aPTCk-cUva5Iwsa99estW9yFSBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:ca:10:c4:96:9a:0d:54:fa:84:c7:c0:33:8a:a3:6e:75:be:
f0:ba:6d:9a:39:d5:55:4e:d5:44:27:f4:15:cc:28:a3:76:2d:
ef:cd:0e:17:9b:c4:fc:1d:05:d7:24:1d:98:64:f1:f2:62:0b:
08:88:97:f1:29:6e:2f:60:38:d0:f9:b0:e6:30:8a:3f:37:3f:
6b:14:3d:95:ff:2f:b0:d7:2d:56:7f:7f:5c:ca:34:f4:8a:91:
f4:9f:8d:5a:53:03:23:56:e2:39:6b:de:c0:7e:57:2a:94:d3:
92:f2:95:54:f0:1e:ab:b0:0d:f1:09:36:6d:ba:42:6c:01:23:
de:5d:82:ed:8f:ca:fb:30:f3:23:12:19:6f:75:a4:16:3e:b7:
07:69:56:d4:8c:e6:d6:be:4c:3a:6d:64:2f:d6:f2:b8:5e:0d:
31:91:9d:98:da:b4:91:3a:e6:ad:82:5c:50:ed:ab:56:a8:41:
c2:80:ca:b7:51:2a:25:1f:b6:c8:d1:37:be:ff:ac:86:cf:be:
ee:a3:46:28:75:82:89:23:ef:3a:25:54:40:1b:e1:ae:61:95:
e8:f6:d2:c3:38:41:cd:7e:56:91:be:bf:14:ad:21:68:cb:df:
03:a0:c3:ea:35:a0:c8:af:6c:4a:1a:ec:0d:20:d2:8e:57:95:
d2:83:c7:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaUNGErjRklDW8967ixJRg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjI3MTg0ODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGY0YzI5M2U3MTRiZGFlNDhjMmM2YmRmNWViMmQ1YmRjODU0ODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSyg3aq4bmlBi148wPHVmqG6x0ZG
WEKCzsnCGMOzGeifn6KOp0uouR5dgk1Mwm0YdaOfldc6LEYB2YtryqwMGbTOsDOG
6wI8lQWP3FYj7t8wCkMg0ttxrUBAn7hpI9GrMWVrWjBGE9pI/oZqoL8+SKkpy2dy
pRPBImQKGa09pMtzcutRosuBytyXwmZQRCWh8dufQxYsq2lthrgUdWiMv5fBn5T5
i8ZZCEz1PNKYXkfmh7PONYfacSHGl8VCQRj97/5QntHVqZokwobrSRTkd5C2borq
fPYOuW/YSa9d//I7YX+AP/XEnzl6+bcwUW+82EUBXaNw3d+gUR/BrnEFhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGj0wpPnFL2uSMLGvfXrLVvchUgVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYVBUQ2stY1V2YTVJd3NhOTllc3RXOXlGU0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqxZkMA0G
CSqGSIb3DQEBCwUAA4IBAQAcyhDElpoNVPqEx8AziqNudb7wum2aOdVVTtVEJ/QV
zCijdi3vzQ4Xm8T8HQXXJB2YZPHyYgsIiJfxKW4vYDjQ+bDmMIo/Nz9rFD2V/y+w
1y1Wf39cyjT0ipH0n41aUwMjVuI5a97AflcqlNOS8pVU8B6rsA3xCTZtukJsASPe
XYLtj8r7MPMjEhlvdaQWPrcHaVbUjObWvkw6bWQv1vK4Xg0xkZ2Y2rSROuatglxQ
7atWqEHCgMq3USolH7bI0Te+/6yGz77uo0YodYKJI+86JVRAG+GuYZXo9tLDOEHN
flaRvr8UrSFoy98DoMPqNaDIr2xKGuwNINKOV5XSg8fa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org