Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/B8q-obv_6T_kKeNqXzlNbMqfY1s.roa
File: B8q-obv_6T_kKeNqXzlNbMqfY1s.roa (raw, json)
Hash identifier: DLVgTLqukW6GqvgNifz2+tGEvIroCjCbyJ1PWTJLTas=
Subject key identifier: 07:CA:BE:A1:BB:FF:E9:3F:E4:29:E3:6A:5F:39:4D:6C:CA:9F:63:5B
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018D98B723A5CB3DDA90301EA8B10B36A34A
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/B8q-obv_6T_kKeNqXzlNbMqfY1s.roa
Signing time: Sun 11 Feb 2024 15:09:15 +0000
ROA not before: Sun 11 Feb 2024 15:09:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 128.65.164.0/22 maxlen: 24
128.65.168.0/22 maxlen: 24
128.65.172.0/22 maxlen: 24
194.26.2.0/24 maxlen: 24
194.26.3.0/24 maxlen: 24
194.26.20.0/24 maxlen: 24
194.26.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 15:54:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:98:b7:23:a5:cb:3d:da:90:30:1e:a8:b1:0b:36:a3:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Feb 11 15:09:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07cabea1bbffe93fe429e36a5f394d6cca9f635b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e8:80:39:ab:57:19:af:e2:c0:2e:c9:29:e6:
8a:14:79:0e:98:56:07:d6:d2:fd:c8:ec:41:45:13:
03:bf:89:42:8c:de:50:96:30:e8:b3:b6:3b:d7:4a:
95:af:ba:5c:54:bd:a9:e0:d3:e5:de:77:c0:f7:3f:
2c:10:3a:44:57:65:d9:aa:1a:7a:88:b1:2e:cf:31:
e8:18:7d:59:f6:cf:e5:b1:ce:fb:bc:93:da:3e:b8:
7d:53:b7:31:ee:2a:61:a8:9d:1b:51:a7:10:47:e2:
e1:82:8f:57:01:27:e9:a7:60:62:e9:15:56:39:60:
41:63:ba:85:94:a3:6a:bc:08:ff:e3:da:a5:4e:e2:
00:ad:33:08:36:02:36:e5:ac:f9:26:a7:75:2e:17:
a3:63:e4:9a:53:cb:93:aa:e0:ac:7f:8c:83:27:9a:
0f:75:ad:bd:8a:86:2f:2b:d3:d8:e3:1f:4a:0b:51:
8e:40:f9:f2:93:1b:e1:08:ab:48:19:26:d9:30:cb:
ee:76:b8:fe:0d:aa:00:68:1d:d5:9c:38:4f:21:6c:
26:d8:19:57:8e:56:07:52:ab:6d:18:6f:c7:b0:8b:
c8:57:97:65:d9:fc:d5:ed:f6:5e:59:3b:05:c7:ec:
2b:a4:a7:94:9b:b1:28:04:0b:1a:d0:aa:ac:8a:2a:
f7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:CA:BE:A1:BB:FF:E9:3F:E4:29:E3:6A:5F:39:4D:6C:CA:9F:63:5B
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/B8q-obv_6T_kKeNqXzlNbMqfY1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.164.0-128.65.175.255
194.26.2.0/23
194.26.20.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:bf:1e:9c:90:43:70:c6:53:39:01:e0:d8:8d:85:6a:59:e5:
7e:22:90:53:8a:b9:e2:70:a4:4c:37:2c:f2:e6:e8:38:52:20:
e1:06:31:d9:9d:3a:a3:39:2c:ec:1d:21:97:a9:02:69:04:91:
50:84:9a:8a:e7:f4:e4:51:9a:29:43:37:a4:d8:a1:88:c1:47:
f5:27:17:ed:2c:7d:12:2b:b2:3a:dc:dc:1f:da:83:bf:f7:43:
d6:9a:d7:a9:ec:fe:fa:e2:79:0f:3d:b8:b8:b3:91:fc:43:bc:
e7:ed:29:51:60:80:f4:e5:ef:d1:44:a3:fa:38:b2:cd:b1:82:
4e:be:08:4f:14:54:d2:6e:da:29:0d:56:ef:6d:cb:fb:00:e5:
d3:7c:8e:b8:fc:b0:e9:5a:d4:7c:d9:d9:4b:8a:f9:7b:d6:67:
4a:ff:96:f5:fd:d4:05:01:b5:32:e6:98:1c:41:24:9f:cb:bd:
8f:cf:7d:09:78:5c:b1:32:ee:f5:a6:39:28:53:26:b9:43:c5:
2d:32:87:27:63:43:b3:b5:64:40:bf:ac:32:d3:51:85:48:47:
fb:97:bb:e0:85:a4:fa:0d:5d:ef:ff:5c:d4:f1:53:fd:26:68:
75:05:20:91:51:ce:c1:30:57:3a:81:03:d9:fb:10:e0:bc:bd:
0d:e5:2b:84
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY2YtyOlyz3akDAeqLELNqNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMjExMTUwOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2NhYmVhMWJiZmZlOTNmZTQyOWUzNmE1ZjM5NGQ2Y2NhOWY2MzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+iAOatXGa/iwC7JKeaKFHkOmFYH
1tL9yOxBRRMDv4lCjN5QljDos7Y710qVr7pcVL2p4NPl3nfA9z8sEDpEV2XZqhp6
iLEuzzHoGH1Z9s/lsc77vJPaPrh9U7cx7iphqJ0bUacQR+Lhgo9XASfpp2Bi6RVW
OWBBY7qFlKNqvAj/49qlTuIArTMINgI25az5Jqd1LhejY+SaU8uTquCsf4yDJ5oP
da29ioYvK9PY4x9KC1GOQPnykxvhCKtIGSbZMMvudrj+DaoAaB3VnDhPIWwm2BlX
jlYHUqttGG/HsIvIV5dl2fzV7fZeWTsFx+wrpKeUm7EoBAsa0Kqsiir3NQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAfKvqG7/+k/5Cnjal85TWzKn2NbMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvQjhxLW9idl82VF9rS2VOcVh6bE5iTXFmWTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKAQaQD
BASAQaADBAHCGgIDBAHCGhQwDQYJKoZIhvcNAQELBQADggEBAD6/HpyQQ3DGUzkB
4NiNhWpZ5X4ikFOKueJwpEw3LPLm6DhSIOEGMdmdOqM5LOwdIZepAmkEkVCEmorn
9ORRmilDN6TYoYjBR/UnF+0sfRIrsjrc3B/ag7/3Q9aa16ns/vrieQ89uLizkfxD
vOftKVFggPTl79FEo/o4ss2xgk6+CE8UVNJu2ikNVu9ty/sA5dN8jrj8sOla1HzZ
2UuK+XvWZ0r/lvX91AUBtTLmmBxBJJ/LvY/PfQl4XLEy7vWmOShTJrlDxS0yhydj
Q7O1ZEC/rDLTUYVIR/uXu+CFpPoNXe//XNTxU/0maHUFIJFRzsEwVzqBA9n7EOC8
vQ3lK4Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org