Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/CJL8XpsBkJU6tZRenmESCxpLLjY.roa
File: CJL8XpsBkJU6tZRenmESCxpLLjY.roa (raw, json)
Hash identifier: trjtaKJB15r3O7UeKAeo2bpIiCYKREt+lvezcD+WcGU=
Subject key identifier: 08:92:FC:5E:9B:01:90:95:3A:B5:94:5E:9E:61:12:0B:1A:4B:2E:36
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018D95F54451BD48FB265025E62279EA3BBA
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/CJL8XpsBkJU6tZRenmESCxpLLjY.roa
Signing time: Sun 11 Feb 2024 02:18:15 +0000
ROA not before: Sun 11 Feb 2024 02:18:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 128.65.164.0/22 maxlen: 24
128.65.168.0/22 maxlen: 24
128.65.172.0/22 maxlen: 24
194.26.2.0/24 maxlen: 24
194.26.3.0/24 maxlen: 24
194.26.20.0/24 maxlen: 24
194.26.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Feb 2024 15:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:95:f5:44:51:bd:48:fb:26:50:25:e6:22:79:ea:3b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Feb 11 02:18:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0892fc5e9b0190953ab5945e9e61120b1a4b2e36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d7:5d:20:61:9a:8f:4f:a5:59:9f:73:aa:53:
d7:d2:f3:55:88:a7:d6:1e:80:a3:b1:fb:d6:07:cc:
4b:cf:af:45:c1:0f:16:95:ef:b9:f9:2f:68:16:68:
8d:66:33:72:d9:fd:4a:35:fa:5c:c3:f7:a3:02:32:
51:29:33:4f:0f:79:c8:98:74:d1:1f:1f:61:46:7f:
54:0f:8e:d0:ef:11:77:3f:4c:e6:05:be:21:6c:15:
5d:cd:c1:93:41:fd:af:22:2b:f2:bd:1e:09:12:4b:
37:1c:1e:82:56:ca:1c:75:3a:0b:86:82:d9:d2:fd:
04:c3:3a:81:28:68:e9:c5:77:a5:73:a0:da:39:4d:
1b:4d:a8:06:a1:6b:29:d7:f2:14:a2:7c:cf:21:ba:
ba:96:5f:13:04:cd:e1:21:e4:f0:3c:7f:d9:0d:49:
16:07:92:44:79:7a:55:0f:56:7a:39:8d:88:62:3f:
02:09:39:24:71:7b:97:4a:2d:47:0f:09:19:92:5c:
d2:01:3d:a9:b8:e1:31:52:88:4d:6e:65:33:d1:03:
f8:cd:2c:2d:49:d5:75:19:af:a6:5b:77:0f:54:8e:
c8:a4:a4:96:f3:3d:e3:8f:c9:9b:f3:e5:72:8d:ae:
72:40:fe:2e:8a:ae:fb:80:1e:57:73:3b:9d:fd:9a:
c6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:92:FC:5E:9B:01:90:95:3A:B5:94:5E:9E:61:12:0B:1A:4B:2E:36
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/CJL8XpsBkJU6tZRenmESCxpLLjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.164.0-128.65.175.255
194.26.2.0/23
194.26.20.0/23
Signature Algorithm: sha256WithRSAEncryption
36:a6:2a:12:f9:96:f6:84:a8:a0:0b:0d:b9:d8:bf:4f:b3:0e:
1a:f8:de:8d:7e:9b:08:dc:db:5c:29:84:76:48:43:bb:a4:95:
15:37:c6:8f:1e:d5:fb:74:38:de:e7:a0:ca:af:91:99:eb:73:
15:ba:71:03:83:5c:cb:11:3f:39:78:b6:1d:57:5e:64:1c:b1:
82:60:55:93:a5:b8:48:70:42:36:d8:f6:31:ec:f7:a7:38:2d:
f0:9f:ab:3d:1e:f6:59:86:00:4e:af:7d:13:b6:9e:0b:98:31:
bc:00:e8:d2:69:00:8e:4c:fe:b9:d2:46:44:23:74:1d:43:74:
a3:09:a7:87:3e:ce:81:2f:b4:da:e1:53:e2:74:6b:98:f9:1b:
f6:85:27:fc:93:b0:3b:c9:29:63:bc:11:4b:7f:9a:9d:e4:01:
0a:63:59:a6:5d:bb:1b:81:b0:7d:65:bd:64:1c:62:cf:0c:ba:
83:e6:c4:8f:28:27:51:c4:9a:81:f5:29:12:2d:05:8f:96:e3:
55:a2:68:ab:46:8c:bb:5e:ac:c4:97:40:64:23:b6:b9:bb:52:
24:73:8d:b1:04:ee:a6:e5:e7:35:aa:52:8d:37:58:24:56:0c:
26:7e:f3:67:8b:a3:14:41:87:f0:28:5d:9e:aa:46:ad:e8:11:
fd:74:7a:c3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY2V9URRvUj7JlAl5iJ56ju6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMjExMDIxODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODkyZmM1ZTliMDE5MDk1M2FiNTk0NWU5ZTYxMTIwYjFhNGIyZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tddIGGaj0+lWZ9zqlPX0vNViKfW
HoCjsfvWB8xLz69FwQ8Wle+5+S9oFmiNZjNy2f1KNfpcw/ejAjJRKTNPD3nImHTR
Hx9hRn9UD47Q7xF3P0zmBb4hbBVdzcGTQf2vIivyvR4JEks3HB6CVsocdToLhoLZ
0v0EwzqBKGjpxXelc6DaOU0bTagGoWsp1/IUonzPIbq6ll8TBM3hIeTwPH/ZDUkW
B5JEeXpVD1Z6OY2IYj8CCTkkcXuXSi1HDwkZklzSAT2puOExUohNbmUz0QP4zSwt
SdV1Ga+mW3cPVI7IpKSW8z3jj8mb8+Vyja5yQP4uiq77gB5Xczud/ZrGlwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAiS/F6bAZCVOrWUXp5hEgsaSy42MB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvQ0pMOFhwc0JrSlU2dFpSZW5tRVNDeHBMTGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKAQaQD
BASAQaADBAHCGgIDBAHCGhQwDQYJKoZIhvcNAQELBQADggEBADamKhL5lvaEqKAL
DbnYv0+zDhr43o1+mwjc21wphHZIQ7uklRU3xo8e1ft0ON7noMqvkZnrcxW6cQOD
XMsRPzl4th1XXmQcsYJgVZOluEhwQjbY9jHs96c4LfCfqz0e9lmGAE6vfRO2nguY
MbwA6NJpAI5M/rnSRkQjdB1DdKMJp4c+zoEvtNrhU+J0a5j5G/aFJ/yTsDvJKWO8
EUt/mp3kAQpjWaZduxuBsH1lvWQcYs8MuoPmxI8oJ1HEmoH1KRItBY+W41WiaKtG
jLterMSXQGQjtrm7UiRzjbEE7qbl5zWqUo03WCRWDCZ+82eLoxRBh/AoXZ6qRq3o
Ef10esM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org