Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/xrDbyiNK4-Zd8gR5wrH0im2yzqc.roa
File: xrDbyiNK4-Zd8gR5wrH0im2yzqc.roa (raw, json)
Hash identifier: k2rKV0BUz8K7d6jaHEtP6qguFhdsOQJPpYJu5eGQcsk=
Subject key identifier: C6:B0:DB:CA:23:4A:E3:E6:5D:F2:04:79:C2:B1:F4:8A:6D:B2:CE:A7
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018CFE6B19052A97BACDA47D413E295A6899
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/xrDbyiNK4-Zd8gR5wrH0im2yzqc.roa
Signing time: Fri 12 Jan 2024 16:04:40 +0000
ROA not before: Fri 12 Jan 2024 16:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 128.65.167.0/24 maxlen: 24
128.65.169.0/24 maxlen: 24
128.65.170.0/24 maxlen: 24
128.65.171.0/24 maxlen: 24
128.65.172.0/24 maxlen: 24
128.65.173.0/24 maxlen: 24
128.65.174.0/24 maxlen: 24
128.65.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 21:26:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fe:6b:19:05:2a:97:ba:cd:a4:7d:41:3e:29:5a:68:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Jan 12 16:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6b0dbca234ae3e65df20479c2b1f48a6db2cea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fb:0c:80:df:aa:80:21:19:f0:75:31:15:3f:
a6:ae:0b:30:e4:9d:f9:e0:f2:d9:8d:df:b0:56:a5:
b6:d9:b1:be:1d:ce:be:7e:82:ce:80:2a:58:15:e9:
57:5f:91:60:18:32:31:86:c4:11:3a:97:1f:1f:4b:
af:9f:a9:3b:99:7e:a8:56:27:49:0f:6c:95:ab:61:
02:46:be:a2:57:2b:44:d8:17:9f:8f:ae:f5:57:ab:
21:28:93:7a:67:67:37:17:16:d2:56:2c:6c:18:96:
1e:20:1a:42:bf:70:3c:31:ba:51:33:e6:5a:c5:61:
fd:cf:54:9d:0a:30:4b:9a:97:e2:01:49:be:8f:ed:
f8:42:c3:4a:a4:46:d0:88:3e:75:1b:32:98:d9:1a:
f3:28:a7:b5:09:7e:60:4b:ec:7d:ec:9e:3d:44:cd:
f7:ef:72:e3:f9:c0:ac:68:fa:3e:87:7b:c2:1c:3f:
9a:04:69:f2:4e:59:90:01:41:9b:e5:19:c1:16:39:
4e:c4:36:46:fe:30:19:ec:fb:cb:4f:97:a4:f9:77:
23:94:03:89:33:26:f7:af:ee:96:91:dc:61:b1:37:
03:50:89:4c:69:bd:34:83:f3:2c:f1:05:45:ed:e8:
ab:0e:16:f4:c0:3b:d6:36:12:11:75:62:09:fe:64:
c0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B0:DB:CA:23:4A:E3:E6:5D:F2:04:79:C2:B1:F4:8A:6D:B2:CE:A7
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/xrDbyiNK4-Zd8gR5wrH0im2yzqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.167.0/24
128.65.169.0-128.65.175.255
Signature Algorithm: sha256WithRSAEncryption
74:dd:57:5d:2b:59:38:cf:46:d6:b5:29:08:25:f8:bf:fd:1b:
2d:44:04:36:90:30:ba:aa:ae:8c:07:8c:3b:fe:a4:cb:2f:53:
a7:c7:45:66:05:c6:ac:0c:67:5f:73:bc:96:34:d7:d2:c8:1f:
5f:14:8b:f7:a9:e2:3c:78:30:31:16:84:5e:75:8f:30:29:97:
d0:fb:79:19:81:29:3c:a0:12:e8:f2:98:84:8c:79:f8:9a:8c:
9d:36:e0:34:ba:ab:4d:a2:ff:d3:79:9d:7d:dc:57:4d:84:c8:
39:8d:7f:77:6b:d9:2c:ff:aa:50:dd:e2:81:6a:c0:ab:8f:7e:
92:46:bc:97:12:7d:e5:92:16:07:bb:57:19:e0:0c:7a:da:fb:
63:0f:43:27:35:64:ac:3d:88:2f:5c:67:2f:ba:1d:82:ae:4f:
3f:a8:77:86:24:4a:60:c6:9f:69:64:61:77:e2:aa:06:77:4b:
a4:95:48:cc:e4:27:f5:76:48:85:fd:42:ee:59:28:a0:d1:e3:
74:42:81:e2:a0:64:8a:22:ed:50:21:db:21:30:39:98:73:b0:
3b:44:b9:67:c8:c2:ca:f8:e1:83:97:3d:7f:f5:d6:24:48:f9:
b3:28:2a:ff:10:6a:25:b7:65:b2:5b:52:7e:b7:09:11:eb:e2:
11:81:f3:b7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYz+axkFKpe6zaR9QT4pWmiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMTEyMTYwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmIwZGJjYTIzNGFlM2U2NWRmMjA0NzljMmIxZjQ4YTZkYjJjZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvsMgN+qgCEZ8HUxFT+mrgsw5J35
4PLZjd+wVqW22bG+Hc6+foLOgCpYFelXX5FgGDIxhsQROpcfH0uvn6k7mX6oVidJ
D2yVq2ECRr6iVytE2Befj671V6shKJN6Z2c3FxbSVixsGJYeIBpCv3A8MbpRM+Za
xWH9z1SdCjBLmpfiAUm+j+34QsNKpEbQiD51GzKY2RrzKKe1CX5gS+x97J49RM33
73Lj+cCsaPo+h3vCHD+aBGnyTlmQAUGb5RnBFjlOxDZG/jAZ7PvLT5ek+XcjlAOJ
Myb3r+6WkdxhsTcDUIlMab00g/Ms8QVF7eirDhb0wDvWNhIRdWIJ/mTA1wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMaw28ojSuPmXfIEecKx9Iptss6nMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEveHJEYnlpTks0LVpkOGdSNXdySDBpbTJ5enFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAgEGnMAwD
BACAQakDBASAQaAwDQYJKoZIhvcNAQELBQADggEBAHTdV10rWTjPRta1KQgl+L/9
Gy1EBDaQMLqqrowHjDv+pMsvU6fHRWYFxqwMZ19zvJY019LIH18Ui/ep4jx4MDEW
hF51jzApl9D7eRmBKTygEujymISMefiajJ024DS6q02i/9N5nX3cV02EyDmNf3dr
2Sz/qlDd4oFqwKuPfpJGvJcSfeWSFge7VxngDHra+2MPQyc1ZKw9iC9cZy+6HYKu
Tz+od4YkSmDGn2lkYXfiqgZ3S6SVSMzkJ/V2SIX9Qu5ZKKDR43RCgeKgZIoi7VAh
2yEwOZhzsDtEuWfIwsr44YOXPX/11iRI+bMoKv8QaiW3ZbJbUn63CRHr4hGB87c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org