Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/9SocllXSbMjwcwkPler8zd8IjdY.roa
File: 9SocllXSbMjwcwkPler8zd8IjdY.roa (raw, json)
Hash identifier: JcvDceQYlCutm8sDEOVqyKILvxRKf4XLygtZwbkEfpg=
Subject key identifier: F5:2A:1C:96:55:D2:6C:C8:F0:73:09:0F:95:EA:FC:CD:DF:08:8D:D6
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018BB011CAFD8FC028F0C366414888D4CA75
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/9SocllXSbMjwcwkPler8zd8IjdY.roa
Signing time: Wed 08 Nov 2023 17:53:57 +0000
ROA not before: Wed 08 Nov 2023 17:53:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44947
IP address blocks: 128.65.173.0/24 maxlen: 24
128.65.174.0/24 maxlen: 24
128.65.175.0/24 maxlen: 24
194.26.2.0/24 maxlen: 24
194.26.3.0/24 maxlen: 24
128.65.165.0/24 maxlen: 24
128.65.166.0/24 maxlen: 24
128.65.167.0/24 maxlen: 24
128.65.168.0/24 maxlen: 24
128.65.169.0/24 maxlen: 24
128.65.170.0/24 maxlen: 24
128.65.171.0/24 maxlen: 24
128.65.172.0/24 maxlen: 24
194.26.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Dec 2023 23:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:11:ca:fd:8f:c0:28:f0:c3:66:41:48:88:d4:ca:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Nov 8 17:53:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f52a1c9655d26cc8f073090f95eafccddf088dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:20:e5:66:e9:f4:07:aa:cf:9b:31:75:e3:ab:
f3:5b:cd:6d:0c:e6:c4:7e:78:05:ca:a6:81:f8:fa:
69:b0:38:d0:2f:89:c0:e6:56:44:74:58:51:34:a2:
cd:59:e8:31:25:76:0e:96:ca:d3:ed:4c:87:70:a4:
2e:54:27:ce:76:44:e0:dd:c9:b8:d8:e1:15:7b:88:
57:0d:17:6e:ff:7f:73:2f:7c:8f:1a:21:6c:12:63:
53:2f:7b:36:a1:ee:ae:c4:6f:b9:91:aa:6b:d6:6b:
ee:da:1a:d3:9f:38:46:b8:d2:0e:db:ff:bd:84:e2:
d3:22:98:aa:02:14:e5:c5:1a:3b:67:b4:06:d6:2c:
b5:a2:1a:ac:09:31:83:99:59:3d:04:e2:8c:48:d3:
89:dd:d7:9c:66:c2:57:a4:8b:61:36:14:3e:8b:26:
14:51:af:29:e6:fb:cd:d8:b2:b9:9a:87:4c:25:8f:
e3:8a:e1:24:52:48:02:6e:97:2e:b5:c7:29:4c:a3:
ac:ee:5b:43:9b:29:21:78:e4:27:f2:88:cb:af:f6:
3c:a9:f0:5b:0b:3b:0b:f4:72:82:de:64:7a:6d:32:
3f:22:eb:9a:4a:86:71:94:01:0f:b6:bd:20:73:6c:
6a:ee:cc:03:9d:1b:41:da:98:58:7c:77:63:52:90:
aa:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2A:1C:96:55:D2:6C:C8:F0:73:09:0F:95:EA:FC:CD:DF:08:8D:D6
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/9SocllXSbMjwcwkPler8zd8IjdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.165.0-128.65.175.255
194.26.2.0/23
194.26.20.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:fb:a2:41:e3:e4:38:7c:15:3b:dc:29:2c:17:e9:c5:a3:61:
57:fb:d2:77:2e:2b:b4:9e:c6:fb:79:09:5f:3b:f6:a5:70:83:
f7:76:0f:6b:1f:95:4c:de:4e:45:86:2f:53:b4:96:34:dc:7d:
c8:67:52:c9:ad:60:a2:6a:30:87:52:03:19:d3:cf:83:0c:2f:
07:d0:1d:21:8b:e2:84:91:36:70:64:26:aa:91:0f:b3:e2:c2:
5e:90:9d:f6:a9:5d:20:ed:00:bc:e4:c4:76:b8:c4:88:86:73:
14:3e:c7:ac:85:c1:e8:eb:60:04:5c:77:8f:69:26:d2:45:5f:
fc:94:86:85:6e:a4:3e:60:c6:18:d2:84:60:f1:33:88:bb:2e:
33:d9:c6:46:42:f7:5c:6e:ba:44:04:d0:20:3b:52:f1:d2:a0:
ad:be:87:b3:0d:6c:c2:41:49:9f:d4:28:4f:f0:e7:a5:f8:80:
30:67:38:42:5f:84:29:aa:3c:45:91:0d:0a:04:c3:10:25:34:
b1:90:75:9a:05:fe:71:ad:39:ec:49:ab:f7:09:9e:69:08:70:
8c:41:cc:e7:89:66:14:d1:2f:32:ef:b4:dc:da:68:54:5c:db:
9b:01:34:84:2a:37:65:9c:06:c0:23:96:1e:6d:93:38:12:c0:
50:1b:23:26
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYuwEcr9j8Ao8MNmQUiI1Mp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMxMTA4MTc1MzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTJhMWM5NjU1ZDI2Y2M4ZjA3MzA5MGY5NWVhZmNjZGRmMDg4ZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSDlZun0B6rPmzF146vzW81tDObE
fngFyqaB+PppsDjQL4nA5lZEdFhRNKLNWegxJXYOlsrT7UyHcKQuVCfOdkTg3cm4
2OEVe4hXDRdu/39zL3yPGiFsEmNTL3s2oe6uxG+5kapr1mvu2hrTnzhGuNIO2/+9
hOLTIpiqAhTlxRo7Z7QG1iy1ohqsCTGDmVk9BOKMSNOJ3decZsJXpIthNhQ+iyYU
Ua8p5vvN2LK5modMJY/jiuEkUkgCbpcutccpTKOs7ltDmykheOQn8ojLr/Y8qfBb
CzsL9HKC3mR6bTI/IuuaSoZxlAEPtr0gc2xq7swDnRtB2phYfHdjUpCqFQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPUqHJZV0mzI8HMJD5Xq/M3fCI3WMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvOVNvY2xsWFNiTWp3Y3drUGxlcjh6ZDhJamRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACAQaUD
BASAQaADBAHCGgIDBADCGhQwDQYJKoZIhvcNAQELBQADggEBAE37okHj5Dh8FTvc
KSwX6cWjYVf70ncuK7Sexvt5CV879qVwg/d2D2sflUzeTkWGL1O0ljTcfchnUsmt
YKJqMIdSAxnTz4MMLwfQHSGL4oSRNnBkJqqRD7Piwl6QnfapXSDtALzkxHa4xIiG
cxQ+x6yFwejrYARcd49pJtJFX/yUhoVupD5gxhjShGDxM4i7LjPZxkZC91xuukQE
0CA7UvHSoK2+h7MNbMJBSZ/UKE/w56X4gDBnOEJfhCmqPEWRDQoEwxAlNLGQdZoF
/nGtOexJq/cJnmkIcIxBzOeJZhTRLzLvtNzaaFRc25sBNIQqN2WcBsAjlh5tkzgS
wFAbIyY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org