Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/y-tEgxIXG2uSpMtqaB0gvBOIFAQ.roa
File: y-tEgxIXG2uSpMtqaB0gvBOIFAQ.roa (raw, json)
Hash identifier: 9rNj5jFrJYxp4YSuHvEvbGbuSdFAkUvvzDeOTJlJnLY=
Subject key identifier: CB:EB:44:83:12:17:1B:6B:92:A4:CB:6A:68:1D:20:BC:13:88:14:04
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018CCA2A410657DE1158D797CD2D6ECFB958
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/y-tEgxIXG2uSpMtqaB0gvBOIFAQ.roa
Signing time: Tue 02 Jan 2024 12:33:35 +0000
ROA not before: Tue 02 Jan 2024 12:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 128.65.166.0/24 maxlen: 24
128.65.167.0/24 maxlen: 24
128.65.168.0/24 maxlen: 24
128.65.169.0/24 maxlen: 24
128.65.170.0/24 maxlen: 24
128.65.171.0/24 maxlen: 24
128.65.172.0/24 maxlen: 24
128.65.173.0/24 maxlen: 24
128.65.174.0/24 maxlen: 24
128.65.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 14:36:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:41:06:57:de:11:58:d7:97:cd:2d:6e:cf:b9:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Jan 2 12:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbeb448312171b6b92a4cb6a681d20bc13881404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f9:7e:df:04:ff:e6:e6:f9:6f:bb:a2:b7:1e:
1e:91:d6:6f:13:96:b8:ec:3a:91:7a:f5:38:00:8b:
3e:45:cd:0a:36:8f:5d:2b:d0:93:45:37:f3:c3:cb:
07:f9:f1:bb:de:1a:ad:25:41:04:b5:ef:01:ab:96:
e8:28:dc:35:93:f0:69:9a:52:f8:8b:ff:44:04:27:
13:c8:24:07:14:8b:c9:8c:03:d1:17:77:aa:27:67:
fe:1d:c6:fb:69:92:c4:5f:24:c0:16:26:78:a4:02:
83:7d:57:3c:28:6b:0e:2d:fc:4e:0b:aa:90:5c:5a:
65:34:be:73:ab:62:04:10:d4:3f:02:a4:8b:6a:d5:
ee:4f:89:b9:40:26:85:34:fe:89:fc:b7:16:26:8e:
3b:66:7f:6c:e2:d3:34:57:a4:92:e1:f0:6b:60:6d:
cf:62:3d:d0:df:b0:00:bd:0a:9d:7b:e6:d8:87:cd:
11:33:6d:96:49:61:bd:66:17:e8:dc:58:e5:3a:9b:
93:93:fd:c6:7b:72:c5:b7:fb:f2:b1:fc:61:19:8a:
9a:af:f3:af:4e:5d:f5:3e:29:48:44:5a:7d:d2:2a:
0f:62:ec:24:11:c9:47:aa:49:9d:87:94:57:69:5c:
bb:7d:32:95:bf:21:3e:c6:86:9c:31:fb:8f:e0:34:
ad:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EB:44:83:12:17:1B:6B:92:A4:CB:6A:68:1D:20:BC:13:88:14:04
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/y-tEgxIXG2uSpMtqaB0gvBOIFAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.166.0-128.65.175.255
Signature Algorithm: sha256WithRSAEncryption
5c:38:d6:39:cb:d6:b1:a1:26:7a:ac:45:21:24:a2:4c:79:08:
20:28:76:29:78:f6:35:39:21:e3:26:68:fe:4a:2f:22:31:c9:
1c:6a:4c:d8:40:d1:53:d4:11:4f:44:13:78:42:3d:fc:41:9b:
f0:94:b0:76:f0:7d:ad:89:4d:d6:96:5f:98:d4:ae:e7:d8:5d:
de:f6:50:53:42:a6:88:24:7d:45:fd:ae:b3:dc:12:77:47:b3:
b3:5f:ca:17:15:14:58:9c:bb:d5:19:43:b5:60:13:ef:a6:e0:
ba:75:c6:33:75:68:66:c0:f7:69:23:ff:f0:0d:6f:7e:d5:cc:
0c:b2:9b:4f:63:63:bb:49:0d:83:da:d6:94:e8:34:cd:0e:c1:
d8:3b:0e:5a:f5:5b:16:d9:0d:74:b5:41:71:f9:c9:80:5c:11:
1f:5b:0b:6b:5c:42:4a:cd:8b:9d:19:76:7b:49:02:f8:eb:1e:
a4:ee:e4:4b:b9:95:a6:64:44:49:76:09:98:f1:5f:25:fb:5c:
37:fa:cb:ab:4d:8b:12:49:69:9e:02:29:ad:71:10:4e:b5:08:
e1:72:48:4d:84:e4:51:2f:14:0b:51:a8:bc:0b:52:a6:15:a8:
9a:a2:af:47:e4:bb:0e:29:b2:9d:d1:03:ff:f5:41:f3:c6:73:
aa:80:22:f7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKKkEGV94RWNeXzS1uz7lYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMTAyMTIzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmViNDQ4MzEyMTcxYjZiOTJhNGNiNmE2ODFkMjBiYzEzODgxNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPl+3wT/5ub5b7uitx4ekdZvE5a4
7DqRevU4AIs+Rc0KNo9dK9CTRTfzw8sH+fG73hqtJUEEte8Bq5boKNw1k/BpmlL4
i/9EBCcTyCQHFIvJjAPRF3eqJ2f+Hcb7aZLEXyTAFiZ4pAKDfVc8KGsOLfxOC6qQ
XFplNL5zq2IEENQ/AqSLatXuT4m5QCaFNP6J/LcWJo47Zn9s4tM0V6SS4fBrYG3P
Yj3Q37AAvQqde+bYh80RM22WSWG9Zhfo3FjlOpuTk/3Ge3LFt/vysfxhGYqar/Ov
Tl31PilIRFp90ioPYuwkEclHqkmdh5RXaVy7fTKVvyE+xoacMfuP4DStNQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMvrRIMSFxtrkqTLamgdILwTiBQEMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEveS10RWd4SVhHMnVTcE10cWFCMGd2Qk9JRkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGAQaYD
BASAQaAwDQYJKoZIhvcNAQELBQADggEBAFw41jnL1rGhJnqsRSEkokx5CCAodil4
9jU5IeMmaP5KLyIxyRxqTNhA0VPUEU9EE3hCPfxBm/CUsHbwfa2JTdaWX5jUrufY
Xd72UFNCpogkfUX9rrPcEndHs7NfyhcVFFicu9UZQ7VgE++m4Lp1xjN1aGbA92kj
//ANb37VzAyym09jY7tJDYPa1pToNM0Owdg7Dlr1WxbZDXS1QXH5yYBcER9bC2tc
QkrNi50ZdntJAvjrHqTu5Eu5laZkREl2CZjxXyX7XDf6y6tNixJJaZ4CKa1xEE61
COFySE2E5FEvFAtRqLwLUqYVqJqir0fkuw4psp3RA//1QfPGc6qAIvc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org