Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/2qxHL9JShkBHf246fPWH2M9gkno.roa
File: 2qxHL9JShkBHf246fPWH2M9gkno.roa (raw, json)
Hash identifier: Be2aa/6QFglA/Z39vAQyLEso4dCgoz7aIdzHTUQxY78=
Subject key identifier: DA:AC:47:2F:D2:52:86:40:47:7F:6E:3A:7C:F5:87:D8:CF:60:92:7A
Certificate issuer: /CN=cf9625541abe6b5ae926671daa98ac6d8094ec7b
Certificate serial: 01856DA646E3DC580CECEFB25CBE9522CBCE
Authority key identifier: CF:96:25:54:1A:BE:6B:5A:E9:26:67:1D:AA:98:AC:6D:80:94:EC:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z5YlVBq-a1rpJmcdqpisbYCU7Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/2qxHL9JShkBHf246fPWH2M9gkno.roa
Signing time: Sun 01 Jan 2023 14:04:51 +0000
ROA not before: Sun 01 Jan 2023 14:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29611
IP address blocks: 185.138.196.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:46:e3:dc:58:0c:ec:ef:b2:5c:be:95:22:cb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf9625541abe6b5ae926671daa98ac6d8094ec7b
Validity
Not Before: Jan 1 14:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daac472fd2528640477f6e3a7cf587d8cf60927a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fd:c2:bd:c6:72:89:eb:22:f2:8b:86:1f:51:
a4:10:62:bf:9f:3d:82:21:bb:dc:cd:3c:a2:93:8a:
17:43:b5:76:d3:78:b4:17:40:38:ba:96:58:ab:f0:
f2:5e:5c:e7:85:66:eb:09:79:51:10:4b:ae:34:03:
d7:b5:4d:28:d9:2d:10:61:a3:1f:4d:9e:ef:1f:a3:
65:96:52:14:80:fc:20:72:fe:b9:ff:8d:0c:0d:5c:
d5:a8:de:00:50:9e:be:7c:7b:d8:26:77:d1:8e:2c:
6f:fd:82:1a:26:43:59:e9:2b:c2:a5:68:9b:5a:2d:
d8:6e:6a:f8:7b:63:10:8f:f0:89:26:63:b8:47:c7:
9b:24:93:2d:40:86:13:ba:2f:ea:fb:02:58:75:e1:
b9:d0:ac:6e:75:a3:11:20:b6:41:8d:41:a8:c1:6e:
76:11:90:50:ae:36:ba:86:4f:a9:8d:38:85:d5:f1:
13:49:53:e2:74:a4:ae:b5:37:be:28:15:0f:91:95:
ed:b8:d8:20:d7:07:70:9d:44:c1:d0:65:d3:50:6e:
cd:a4:be:d1:98:0c:e3:1e:9d:a1:73:e4:8f:ca:4e:
57:de:3c:48:e4:56:5a:fa:9b:87:26:73:fe:c6:70:
b3:c9:41:a0:3f:28:52:73:f6:7f:bc:07:fb:fc:c2:
1d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AC:47:2F:D2:52:86:40:47:7F:6E:3A:7C:F5:87:D8:CF:60:92:7A
X509v3 Authority Key Identifier:
keyid:CF:96:25:54:1A:BE:6B:5A:E9:26:67:1D:AA:98:AC:6D:80:94:EC:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z5YlVBq-a1rpJmcdqpisbYCU7Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/2qxHL9JShkBHf246fPWH2M9gkno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/z5YlVBq-a1rpJmcdqpisbYCU7Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.196.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:9a:74:1e:73:77:12:9c:54:08:13:39:28:02:50:b3:59:bc:
96:f5:df:bf:c4:75:e5:bf:aa:99:e3:52:c3:83:ae:40:a6:da:
27:3a:e8:cf:d0:56:2b:e2:18:db:53:f1:cc:54:20:81:25:ca:
16:af:e7:21:dc:18:a6:7c:c6:91:ca:88:39:bb:d1:b4:da:eb:
99:4f:07:9f:a1:10:48:67:86:9c:ee:c5:d7:5d:0b:7b:d4:13:
1f:eb:b4:34:af:5c:11:ed:73:19:66:c2:e4:af:7c:11:e4:a0:
6d:fd:d8:31:4e:cf:6d:31:c0:f9:1c:06:d4:fd:6f:11:b0:18:
a9:8e:50:28:41:3e:45:a3:02:c2:85:a8:a9:a1:97:67:dc:c3:
15:ba:ca:1f:85:31:aa:ea:c9:d4:f1:80:85:f2:5a:f6:cc:2e:
aa:9c:dd:bc:ea:ff:24:c1:09:30:6c:5e:e7:fd:da:0f:70:56:
7c:67:80:d0:ac:45:2e:5a:ff:7e:90:7d:dd:b4:69:d8:0a:11:
be:cb:82:8b:e0:84:14:ae:8d:53:dd:32:0b:fe:d0:e8:1b:29:
f3:79:4b:f0:07:41:f6:af:c1:07:03:f8:ad:fc:68:59:af:b9:
f6:a5:9a:61:6d:72:4a:c4:e5:a2:d4:95:bc:06:36:a2:da:d3:
65:15:70:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpkbj3FgM7O+yXL6VIsvOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOTYyNTU0MWFiZTZiNWFlOTI2NjcxZGFhOThhYzZkODA5
NGVjN2IwHhcNMjMwMTAxMTQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFjNDcyZmQyNTI4NjQwNDc3ZjZlM2E3Y2Y1ODdkOGNmNjA5MjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/3CvcZyiesi8ouGH1GkEGK/nz2C
IbvczTyik4oXQ7V203i0F0A4upZYq/DyXlznhWbrCXlREEuuNAPXtU0o2S0QYaMf
TZ7vH6NlllIUgPwgcv65/40MDVzVqN4AUJ6+fHvYJnfRjixv/YIaJkNZ6SvCpWib
Wi3Ybmr4e2MQj/CJJmO4R8ebJJMtQIYTui/q+wJYdeG50KxudaMRILZBjUGowW52
EZBQrja6hk+pjTiF1fETSVPidKSutTe+KBUPkZXtuNgg1wdwnUTB0GXTUG7NpL7R
mAzjHp2hc+SPyk5X3jxI5FZa+puHJnP+xnCzyUGgPyhSc/Z/vAf7/MIdtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqsRy/SUoZAR39uOnz1h9jPYJJ6MB8GA1UdIwQY
MBaAFM+WJVQavmta6SZnHaqYrG2AlOx7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejVZbFZCcS1hMXJwSm1jZHFwaXNiWUNVN0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xMzJlZDMtNDM0ZC00ZDQ5LTk1Y2Et
NTlhNTg3YmRlYTNmLzEvMnF4SEw5SlNoa0JIZjI0NmZQV0gyTTlna25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xMzJlZDMtNDM0ZC00ZDQ5LTk1Y2EtNTlhNTg3YmRlYTNm
LzEvejVZbFZCcS1hMXJwSm1jZHFwaXNiWUNVN0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYrEMA0G
CSqGSIb3DQEBCwUAA4IBAQB6mnQec3cSnFQIEzkoAlCzWbyW9d+/xHXlv6qZ41LD
g65AptonOujP0FYr4hjbU/HMVCCBJcoWr+ch3BimfMaRyog5u9G02uuZTwefoRBI
Z4ac7sXXXQt71BMf67Q0r1wR7XMZZsLkr3wR5KBt/dgxTs9tMcD5HAbU/W8RsBip
jlAoQT5FowLChaipoZdn3MMVusofhTGq6snU8YCF8lr2zC6qnN286v8kwQkwbF7n
/doPcFZ8Z4DQrEUuWv9+kH3dtGnYChG+y4KL4IQUro1T3TIL/tDoGynzeUvwB0H2
r8EHA/it/GhZr7n2pZphbXJKxOWi1JW8Bjai2tNlFXDq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:03 2024 by rpki-client on console-ams.rpki-client.org