Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/lvU2reXvbX51mmzQwiW4-EN1M_M.roa
File: lvU2reXvbX51mmzQwiW4-EN1M_M.roa (raw, json)
Hash identifier: azgdcHAkrqB0xVkYw9z0d5pnCH6gbGrTeawiWVVjADY=
Subject key identifier: 96:F5:36:AD:E5:EF:6D:7E:75:9A:6C:D0:C2:25:B8:F8:43:75:33:F3
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018DADB38C7D7B306CB0DA13801504F280E4
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/lvU2reXvbX51mmzQwiW4-EN1M_M.roa
Signing time: Thu 15 Feb 2024 16:57:21 +0000
ROA not before: Thu 15 Feb 2024 16:57:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 128.65.164.0/24 maxlen: 24
128.65.166.0/24 maxlen: 24
128.65.168.0/24 maxlen: 24
128.65.172.0/22 maxlen: 24
128.65.172.0/24 maxlen: 24
128.65.173.0/24 maxlen: 24
128.65.174.0/24 maxlen: 24
128.65.175.0/24 maxlen: 24
194.26.2.0/24 maxlen: 24
194.26.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 23:10:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ad:b3:8c:7d:7b:30:6c:b0:da:13:80:15:04:f2:80:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Feb 15 16:57:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96f536ade5ef6d7e759a6cd0c225b8f8437533f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5c:da:99:1f:9d:9d:81:7f:00:e2:74:29:6b:
76:5c:85:05:3f:88:90:b8:5c:2d:82:f4:17:fa:05:
63:c7:e1:15:c9:d8:a7:d0:8e:c8:43:e5:3e:b9:1f:
02:83:d9:03:f1:a8:4b:8f:94:f4:b4:70:fa:64:85:
a3:8b:20:3d:8a:dc:de:9e:fc:47:31:a3:c9:90:e9:
f6:e9:b8:2b:1c:9a:46:fa:70:a0:26:c9:42:2d:10:
3c:fd:c8:ab:1b:4a:f9:9a:27:de:f0:62:16:6a:61:
28:49:ad:b8:64:95:a4:b2:3f:f4:6a:bd:c0:60:19:
59:d9:aa:fb:7a:27:78:1e:1f:ed:e4:7e:a1:e4:11:
b9:1b:b7:a6:0d:cc:33:57:f1:b9:41:25:9b:77:d6:
bc:23:c3:56:7b:24:3d:97:50:bb:13:41:ff:d8:9d:
aa:f2:ed:1c:3d:ce:ed:f9:1c:60:02:fa:c7:e7:22:
16:0e:55:3b:f4:56:53:d6:d3:59:f2:c4:9e:a8:b7:
62:11:18:64:f3:2b:49:87:c7:31:5c:1d:8d:d4:bf:
1d:52:62:17:5d:60:0d:09:49:96:35:49:23:40:95:
a4:31:7c:81:4d:ef:b5:ba:6e:9d:14:08:8b:56:41:
ed:b4:fc:85:84:25:85:c7:3e:3c:66:5e:ed:b1:71:
a7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F5:36:AD:E5:EF:6D:7E:75:9A:6C:D0:C2:25:B8:F8:43:75:33:F3
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/lvU2reXvbX51mmzQwiW4-EN1M_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.164.0/24
128.65.166.0/24
128.65.168.0/24
128.65.172.0/22
194.26.2.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:9d:07:b2:17:71:74:d8:54:6e:8d:7c:73:0d:a8:ff:68:a1:
96:56:f8:b4:6c:fe:81:69:5c:60:7b:b9:d7:79:31:3c:29:b5:
7b:e8:f3:a9:d6:a5:2b:59:1e:64:f9:0e:59:a7:60:f5:6c:38:
b2:fc:ab:c2:82:54:df:b2:7d:bd:9e:74:db:fb:bb:14:f6:75:
af:df:39:35:c8:56:cc:a9:74:3b:3c:86:d2:16:d8:3a:da:a6:
d7:89:db:01:6f:69:a7:78:a7:79:0f:54:e7:fe:7a:88:d9:f2:
e2:a1:50:be:59:04:46:79:89:95:ff:ed:93:ed:24:5d:20:89:
2d:e1:20:8e:11:36:d4:83:62:d1:ea:6b:d4:e5:cc:33:b8:a6:
65:f2:93:ec:66:53:d3:d9:fd:5f:29:81:a6:67:63:58:0a:26:
bf:69:58:d6:db:b4:7d:02:60:de:26:2d:8f:d1:20:b1:23:1c:
6a:fe:49:e7:8f:a5:d4:51:3d:1d:af:e9:1f:c5:b8:98:7e:88:
c4:51:5f:c8:94:bb:fe:b7:73:55:96:2f:5a:c5:97:31:d0:f9:
93:a7:58:93:37:f0:d2:1a:17:35:ab:17:bf:6a:d0:53:50:a7:
b1:6a:c7:a5:e3:75:0d:40:2f:10:41:a9:b0:8c:b8:88:52:0f:
8f:ec:33:f7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2ts4x9ezBssNoTgBUE8oDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMjE1MTY1NzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmY1MzZhZGU1ZWY2ZDdlNzU5YTZjZDBjMjI1YjhmODQzNzUzM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllzamR+dnYF/AOJ0KWt2XIUFP4iQ
uFwtgvQX+gVjx+EVydin0I7IQ+U+uR8Cg9kD8ahLj5T0tHD6ZIWjiyA9itzenvxH
MaPJkOn26bgrHJpG+nCgJslCLRA8/cirG0r5mife8GIWamEoSa24ZJWksj/0ar3A
YBlZ2ar7eid4Hh/t5H6h5BG5G7emDcwzV/G5QSWbd9a8I8NWeyQ9l1C7E0H/2J2q
8u0cPc7t+RxgAvrH5yIWDlU79FZT1tNZ8sSeqLdiERhk8ytJh8cxXB2N1L8dUmIX
XWANCUmWNUkjQJWkMXyBTe+1um6dFAiLVkHttPyFhCWFxz48Zl7tsXGnyQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJb1Nq3l721+dZps0MIluPhDdTPzMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvbHZVMnJlWHZiWDUxbW16UXdpVzQtRU4xTV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAgEGkAwQA
gEGmAwQAgEGoAwQCgEGsAwQBwhoCMA0GCSqGSIb3DQEBCwUAA4IBAQBanQeyF3F0
2FRujXxzDaj/aKGWVvi0bP6BaVxge7nXeTE8KbV76POp1qUrWR5k+Q5Zp2D1bDiy
/KvCglTfsn29nnTb+7sU9nWv3zk1yFbMqXQ7PIbSFtg62qbXidsBb2mneKd5D1Tn
/nqI2fLioVC+WQRGeYmV/+2T7SRdIIkt4SCOETbUg2LR6mvU5cwzuKZl8pPsZlPT
2f1fKYGmZ2NYCia/aVjW27R9AmDeJi2P0SCxIxxq/knnj6XUUT0dr+kfxbiYfojE
UV/IlLv+t3NVli9axZcx0PmTp1iTN/DSGhc1qxe/atBTUKexasel43UNQC8QQamw
jLiIUg+P7DP3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org