Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/trBVJQbmtFOXk2MOH3cvX61_YrY.roa
File: trBVJQbmtFOXk2MOH3cvX61_YrY.roa (raw, json)
Hash identifier: JNLVc6cHFG7h1asqrIvDwshZcVvx/g8ODAs2QON8jRc=
Subject key identifier: B6:B0:55:25:06:E6:B4:53:97:93:63:0E:1F:77:2F:5F:AD:7F:62:B6
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018D8A9D378E07A7B25811BD46F1599C0208
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/trBVJQbmtFOXk2MOH3cvX61_YrY.roa
Signing time: Thu 08 Feb 2024 21:26:15 +0000
ROA not before: Thu 08 Feb 2024 21:26:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 128.65.167.0/24 maxlen: 24
128.65.169.0/24 maxlen: 24
128.65.170.0/24 maxlen: 24
128.65.171.0/24 maxlen: 24
128.65.173.0/24 maxlen: 24
128.65.174.0/24 maxlen: 24
128.65.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Feb 2024 15:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8a:9d:37:8e:07:a7:b2:58:11:bd:46:f1:59:9c:02:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Feb 8 21:26:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6b0552506e6b4539793630e1f772f5fad7f62b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f2:dd:c6:a1:19:51:f9:59:ff:07:96:49:24:
87:ff:e4:72:63:9c:19:43:f3:ef:96:3b:1f:eb:8f:
de:6f:c2:4b:11:75:49:5d:da:45:8f:67:05:f2:a2:
cd:8a:d5:ab:dd:a6:65:2e:cc:b1:0f:0e:c9:cf:58:
45:8b:7a:e2:5a:7b:2e:a1:bd:ff:10:ea:7e:a0:bf:
93:f1:59:2d:1d:a4:c2:99:bf:1b:5a:72:e4:1d:ab:
55:cb:9b:97:fb:c9:9e:38:c0:c6:c2:60:1e:5c:70:
3e:91:01:bc:06:1f:38:76:28:b9:a5:9e:e9:92:5a:
9f:6c:d4:9f:d3:d8:ac:be:f0:34:10:e1:11:c1:4e:
e3:7b:9d:dc:dd:f0:5d:54:c4:9b:48:0f:db:8f:74:
3e:c4:bb:71:cc:12:f9:3b:d4:5c:40:72:40:63:e4:
95:7f:90:9f:b7:07:0d:15:44:d3:11:47:de:bd:bc:
77:68:e6:c7:c7:b4:45:e2:b4:ab:ac:39:2a:64:7f:
dc:73:03:51:ff:02:32:0e:70:9a:a9:81:54:fc:bf:
8f:dc:ec:9b:4d:f2:94:12:37:7c:4b:60:f6:0c:0d:
65:6a:bd:92:4a:97:b0:55:17:a9:de:22:44:a3:b5:
99:a4:fe:f2:98:f4:ac:e9:c1:ad:ed:68:f7:59:44:
a9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B0:55:25:06:E6:B4:53:97:93:63:0E:1F:77:2F:5F:AD:7F:62:B6
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/trBVJQbmtFOXk2MOH3cvX61_YrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.167.0/24
128.65.169.0-128.65.171.255
128.65.173.0-128.65.175.255
Signature Algorithm: sha256WithRSAEncryption
41:5c:65:ef:0b:ce:a9:42:a1:7b:ef:6a:05:5d:9f:a1:75:4a:
ff:33:1a:55:7c:29:17:a0:e2:6d:e7:d5:5c:a0:df:53:bf:83:
54:5c:2b:2d:d5:d3:a9:24:1f:7c:f2:20:35:60:c7:a0:ea:e4:
9b:73:a0:58:5c:13:d6:f0:e0:04:4a:29:1b:54:f8:74:1a:43:
21:21:f2:89:88:a2:05:32:31:ab:bc:3d:2e:af:82:54:7c:e6:
65:ca:03:88:17:4d:7d:1c:99:02:0b:e5:cd:fd:37:ff:36:04:
4d:bf:6c:c4:16:ce:3e:c0:54:4e:cc:2b:22:f8:b5:58:00:cf:
e9:9d:2c:b1:bb:83:01:d3:49:b8:7b:56:dc:4d:8a:24:47:d7:
8b:3c:b3:bc:ba:b4:df:49:bd:9e:9a:7e:5f:6b:f9:97:53:86:
35:35:52:06:7b:c7:9a:64:95:34:10:2c:5d:85:dd:00:18:e4:
72:fe:d3:92:63:3a:1a:c9:0e:ed:77:ef:1e:6f:d1:dc:3f:40:
f3:1a:9d:15:38:32:ea:47:66:34:df:63:70:87:0d:b4:a5:cc:
4c:63:b5:7e:82:26:7b:16:e2:b2:af:6b:38:ec:bf:a5:ab:70:
64:64:db:7c:6a:4f:b2:5e:e1:df:e9:9c:0a:77:ef:64:17:f6:
46:55:4c:f2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY2KnTeOB6eyWBG9RvFZnAIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMjA4MjEyNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmIwNTUyNTA2ZTZiNDUzOTc5MzYzMGUxZjc3MmY1ZmFkN2Y2MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvLdxqEZUflZ/weWSSSH/+RyY5wZ
Q/Pvljsf64/eb8JLEXVJXdpFj2cF8qLNitWr3aZlLsyxDw7Jz1hFi3riWnsuob3/
EOp+oL+T8VktHaTCmb8bWnLkHatVy5uX+8meOMDGwmAeXHA+kQG8Bh84dii5pZ7p
klqfbNSf09isvvA0EOERwU7je53c3fBdVMSbSA/bj3Q+xLtxzBL5O9RcQHJAY+SV
f5CftwcNFUTTEUfevbx3aObHx7RF4rSrrDkqZH/ccwNR/wIyDnCaqYFU/L+P3Oyb
TfKUEjd8S2D2DA1lar2SSpewVRep3iJEo7WZpP7ymPSs6cGt7Wj3WUSp+wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLawVSUG5rRTl5NjDh93L1+tf2K2MB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvdHJCVkpRYm10Rk9YazJNT0gzY3ZYNjFfWXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAgEGnMAwD
BACAQakDBAKAQagwDAMEAIBBrQMEBIBBoDANBgkqhkiG9w0BAQsFAAOCAQEAQVxl
7wvOqUKhe+9qBV2foXVK/zMaVXwpF6DibefVXKDfU7+DVFwrLdXTqSQffPIgNWDH
oOrkm3OgWFwT1vDgBEopG1T4dBpDISHyiYiiBTIxq7w9Lq+CVHzmZcoDiBdNfRyZ
Agvlzf03/zYETb9sxBbOPsBUTswrIvi1WADP6Z0ssbuDAdNJuHtW3E2KJEfXizyz
vLq030m9npp+X2v5l1OGNTVSBnvHmmSVNBAsXYXdABjkcv7TkmM6GskO7XfvHm/R
3D9A8xqdFTgy6kdmNN9jcIcNtKXMTGO1foImexbisq9rOOy/patwZGTbfGpPsl7h
3+mcCnfvZBf2RlVM8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org