Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/jAAl2zayDX5ZRc60tshXfgqX6uk.roa
File: jAAl2zayDX5ZRc60tshXfgqX6uk.roa (raw, json)
Hash identifier: zZH1ofQJB/EZ9tA0J3LxaJkquHY4kBZzAcz3WAThwn8=
Subject key identifier: 8C:00:25:DB:36:B2:0D:7E:59:45:CE:B4:B6:C8:57:7E:0A:97:EA:E9
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018F9F6A25020133B43702904976160C54A6
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/jAAl2zayDX5ZRc60tshXfgqX6uk.roa
Signing time: Wed 22 May 2024 08:28:04 +0000
ROA not before: Wed 22 May 2024 08:28:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 11:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:6a:25:02:01:33:b4:37:02:90:49:76:16:0c:54:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: May 22 08:28:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c0025db36b20d7e5945ceb4b6c8577e0a97eae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e4:e4:99:4a:b7:f8:4d:7d:9b:01:25:6c:8b:
ba:be:90:76:e0:0e:7a:04:ae:e2:d9:8d:0f:29:65:
91:83:b7:4e:31:2d:87:2b:c7:a4:fa:56:cc:71:27:
f6:9b:38:df:e2:65:7d:13:6f:6f:fc:57:36:a6:f5:
c4:ec:2d:3e:ae:92:46:8e:47:c4:b4:89:af:2a:4e:
ef:fb:b5:e8:31:5e:24:0d:54:e7:12:50:85:ad:df:
32:2e:fd:00:4a:e2:bd:7e:f1:76:0c:9d:a2:45:7b:
88:c3:48:b5:94:f6:4e:1f:e4:bb:21:5f:2f:90:25:
fe:af:50:59:a3:e7:ac:14:d3:89:e8:42:f4:d8:29:
8c:71:b8:4c:ff:ce:05:81:40:a4:7f:6c:16:a7:08:
6f:86:a3:c9:ca:19:5a:0a:fb:7b:ac:3d:54:f3:75:
ac:b7:c7:23:ee:4a:21:0f:2d:aa:d4:31:fc:5d:09:
ee:dd:67:e4:e2:8b:52:bb:ef:ed:5d:0f:65:89:b0:
cd:f2:5a:1b:42:b4:ac:97:90:a8:75:44:f1:ea:2f:
a8:b2:dd:6f:26:92:47:9f:24:ae:47:59:0d:84:fb:
0e:d0:61:fb:56:fa:9f:45:a7:7d:5c:b9:22:b7:6b:
cb:2d:b0:11:1b:b0:e2:eb:4e:e5:4b:e3:42:89:77:
80:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:00:25:DB:36:B2:0D:7E:59:45:CE:B4:B6:C8:57:7E:0A:97:EA:E9
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/jAAl2zayDX5ZRc60tshXfgqX6uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
76:28:3e:86:70:e5:64:09:cb:3a:ec:e5:9c:1b:66:83:26:c9:
cf:71:57:75:75:18:65:9e:d4:df:40:4f:93:51:7a:eb:00:3d:
c7:29:c4:58:24:11:48:d4:51:9d:34:76:dd:20:ca:2c:f6:ac:
90:a1:ba:e0:51:a9:1c:35:64:5d:6f:6f:6e:ce:46:2d:bd:86:
eb:2e:9c:27:7b:5a:89:40:bc:59:e6:7d:dc:3c:c5:a2:d4:f6:
a7:58:4b:8d:5e:ac:bc:64:4b:11:e5:9f:3f:bb:58:63:10:b3:
ec:09:f3:71:e0:f7:91:70:1e:a1:11:00:3a:05:7c:0c:32:ab:
a1:5d:2e:07:b0:1e:c4:da:10:52:1f:31:ea:d3:89:cd:85:e5:
9c:67:2b:73:f7:55:0c:26:1f:8a:28:f1:27:d5:b4:9c:0d:bc:
46:bf:ec:8e:0b:39:ab:19:e4:8d:23:a3:1e:ae:1d:d0:1c:62:
1b:b3:0b:36:66:ab:17:28:d6:94:86:2d:27:33:76:fd:c5:36:
dd:d0:75:13:4a:0e:fd:56:e3:d0:8c:e2:df:b6:1a:f0:b6:63:
9c:d8:59:1d:0c:2f:ef:80:1f:25:d4:53:00:61:42:ef:2b:64:
00:2d:3a:1b:18:c6:f1:ce:c9:cd:eb:af:61:40:a9:a4:e0:52:
97:98:64:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+faiUCATO0NwKQSXYWDFSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQwNTIyMDgyODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzAwMjVkYjM2YjIwZDdlNTk0NWNlYjRiNmM4NTc3ZTBhOTdlYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uTkmUq3+E19mwElbIu6vpB24A56
BK7i2Y0PKWWRg7dOMS2HK8ek+lbMcSf2mzjf4mV9E29v/Fc2pvXE7C0+rpJGjkfE
tImvKk7v+7XoMV4kDVTnElCFrd8yLv0ASuK9fvF2DJ2iRXuIw0i1lPZOH+S7IV8v
kCX+r1BZo+esFNOJ6EL02CmMcbhM/84FgUCkf2wWpwhvhqPJyhlaCvt7rD1U83Ws
t8cj7kohDy2q1DH8XQnu3Wfk4otSu+/tXQ9libDN8lobQrSsl5CodUTx6i+ost1v
JpJHnySuR1kNhPsO0GH7VvqfRad9XLkit2vLLbARG7Di607lS+NCiXeAcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwAJds2sg1+WUXOtLbIV34Kl+rpMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvakFBbDJ6YXlEWDVaUmM2MHRzaFhmZ3FYNnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqyHwMA0G
CSqGSIb3DQEBCwUAA4IBAQB2KD6GcOVkCcs67OWcG2aDJsnPcVd1dRhlntTfQE+T
UXrrAD3HKcRYJBFI1FGdNHbdIMos9qyQobrgUakcNWRdb29uzkYtvYbrLpwne1qJ
QLxZ5n3cPMWi1PanWEuNXqy8ZEsR5Z8/u1hjELPsCfNx4PeRcB6hEQA6BXwMMquh
XS4HsB7E2hBSHzHq04nNheWcZytz91UMJh+KKPEn1bScDbxGv+yOCzmrGeSNI6Me
rh3QHGIbsws2ZqsXKNaUhi0nM3b9xTbd0HUTSg79VuPQjOLfthrwtmOc2FkdDC/v
gB8l1FMAYULvK2QALTobGMbxzsnN669hQKmk4FKXmGSI
-----END CERTIFICATE-----
Generated at Wed Oct 9 19:11:15 2024 by rpki-client on console-ams.rpki-client.org