Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/rXGB2_GpExFKMFFeX69b9dcsETY.roa
File: rXGB2_GpExFKMFFeX69b9dcsETY.roa (raw, json)
Hash identifier: Q8cuw3eEuh1L58esweAm0HpaN0Iw69FhxaSE3Nn535w=
Subject key identifier: AD:71:81:DB:F1:A9:13:11:4A:30:51:5E:5F:AF:5B:F5:D7:2C:11:36
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018E308F0D34147966615F9B3F267A458BED
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/rXGB2_GpExFKMFFeX69b9dcsETY.roa
Signing time: Tue 12 Mar 2024 02:47:45 +0000
ROA not before: Tue 12 Mar 2024 02:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 128.65.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 12 Mar 2024 03:41:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:30:8f:0d:34:14:79:66:61:5f:9b:3f:26:7a:45:8b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Mar 12 02:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad7181dbf1a913114a30515e5faf5bf5d72c1136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:46:83:84:01:69:94:d3:fc:b4:42:72:08:11:
b7:60:e0:f9:0b:df:fc:30:49:7f:73:b9:5c:73:08:
44:1e:06:12:b4:01:8a:fc:93:b2:c3:7b:fb:59:9a:
c1:6a:5f:62:fd:d5:c3:65:68:66:8b:10:91:2e:f0:
b8:27:ca:ec:e3:b6:f7:bd:e7:bb:f0:e6:4e:30:81:
12:1c:b8:02:a3:8d:5a:1f:98:28:ec:41:a0:5c:b1:
b6:5c:77:84:37:ea:87:72:dc:cc:35:19:42:c9:ce:
03:55:bc:1d:72:93:1f:34:ce:3c:c3:88:c3:fb:cb:
74:94:b9:94:31:5b:bb:b8:6e:5a:34:3b:6e:06:2a:
02:56:ea:ec:4b:17:9a:5e:5f:f7:87:eb:05:9d:51:
8b:f7:a4:aa:85:20:7a:bf:b5:bf:c0:06:ee:8f:a4:
a6:da:e0:86:8f:5f:7a:0a:12:d3:0f:da:97:77:0d:
6c:6d:11:63:82:0a:7a:f8:38:bc:02:37:97:c5:e2:
8f:40:28:82:c5:44:2c:7c:69:68:1e:7d:bb:3a:9c:
f7:81:92:a1:07:9a:43:8c:da:f2:19:46:4e:ec:03:
3d:f4:58:47:91:c9:1c:07:93:88:21:7b:31:b1:cb:
dc:cd:f3:0d:f6:2c:b7:58:22:10:cb:99:e6:f8:43:
a1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:71:81:DB:F1:A9:13:11:4A:30:51:5E:5F:AF:5B:F5:D7:2C:11:36
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/rXGB2_GpExFKMFFeX69b9dcsETY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.168.0/22
Signature Algorithm: sha256WithRSAEncryption
11:77:18:8c:7c:b6:80:d4:1e:ee:b9:f9:ae:06:80:4d:c5:66:
8a:12:af:20:50:99:0f:c0:0d:23:61:d4:78:c7:2d:9c:d1:aa:
1a:85:31:97:4d:27:04:e8:2e:0b:89:15:92:e5:77:98:c3:ee:
5b:54:ce:eb:32:b6:fc:37:7e:6a:72:3f:d8:31:40:2a:95:8d:
02:72:ce:2c:6d:e3:82:77:09:bc:16:10:43:5a:f2:f0:f4:9e:
0c:3f:54:13:f1:cd:3d:3e:bc:d9:91:8b:f8:3f:68:06:c5:53:
49:7b:bb:d8:08:d5:34:ff:00:36:ae:92:28:5b:26:2f:01:14:
68:f0:ff:e2:1b:59:57:9f:c0:40:1e:c6:43:47:b2:d3:bb:2a:
4d:ac:a8:66:21:68:51:38:50:be:ab:d7:19:2f:d2:b1:fa:1e:
f1:0a:bd:51:4c:89:e2:bc:a9:ac:5d:49:c2:bf:50:5c:d8:d2:
50:d0:69:da:9f:83:7f:02:5b:46:22:d9:0e:5e:e9:ed:33:ca:
f6:97:4d:ac:ce:4b:9a:bc:8e:e8:b3:29:5e:ca:d7:ca:02:d9:
ea:02:ec:a8:78:82:b4:e6:73:5e:c7:d1:b9:f3:bd:70:b0:c4:
e8:f6:08:8b:e1:14:89:95:87:70:9e:32:44:c1:0e:a9:7b:4c:
6a:7c:f7:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4wjw00FHlmYV+bPyZ6RYvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMzEyMDI0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDcxODFkYmYxYTkxMzExNGEzMDUxNWU1ZmFmNWJmNWQ3MmMxMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0aDhAFplNP8tEJyCBG3YOD5C9/8
MEl/c7lccwhEHgYStAGK/JOyw3v7WZrBal9i/dXDZWhmixCRLvC4J8rs47b3vee7
8OZOMIESHLgCo41aH5go7EGgXLG2XHeEN+qHctzMNRlCyc4DVbwdcpMfNM48w4jD
+8t0lLmUMVu7uG5aNDtuBioCVursSxeaXl/3h+sFnVGL96SqhSB6v7W/wAbuj6Sm
2uCGj196ChLTD9qXdw1sbRFjggp6+Di8AjeXxeKPQCiCxUQsfGloHn27Opz3gZKh
B5pDjNryGUZO7AM99FhHkckcB5OIIXsxscvczfMN9iy3WCIQy5nm+EOhMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK1xgdvxqRMRSjBRXl+vW/XXLBE2MB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvclhHQjJfR3BFeEZLTUZGZVg2OWI5ZGNzRVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgEGoMA0G
CSqGSIb3DQEBCwUAA4IBAQARdxiMfLaA1B7uufmuBoBNxWaKEq8gUJkPwA0jYdR4
xy2c0aoahTGXTScE6C4LiRWS5XeYw+5bVM7rMrb8N35qcj/YMUAqlY0Ccs4sbeOC
dwm8FhBDWvLw9J4MP1QT8c09PrzZkYv4P2gGxVNJe7vYCNU0/wA2rpIoWyYvARRo
8P/iG1lXn8BAHsZDR7LTuypNrKhmIWhROFC+q9cZL9Kx+h7xCr1RTInivKmsXUnC
v1Bc2NJQ0Gnan4N/AltGItkOXuntM8r2l02szkuavI7osyleytfKAtnqAuyoeIK0
5nNex9G5871wsMTo9giL4RSJlYdwnjJEwQ6pe0xqfPe4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org