Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/2iKyrkOwJ738uLtncJydDwbhwVA.roa
File: 2iKyrkOwJ738uLtncJydDwbhwVA.roa (raw, json)
Hash identifier: WbIgjq+VaPAwBVfot9iIqgU+SVzyeo8eOGTOlXK0Tb8=
Subject key identifier: DA:22:B2:AE:43:B0:27:BD:FC:B8:BB:67:70:9C:9D:0F:06:E1:C1:50
Certificate issuer: /CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Certificate serial: 0189914AD139B43E830CB01B487114572FD0
Authority key identifier: 36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/2iKyrkOwJ738uLtncJydDwbhwVA.roa
Signing time: Wed 26 Jul 2023 08:22:26 +0000
ROA not before: Wed 26 Jul 2023 08:22:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5459
IP address blocks: 195.66.224.0/19 maxlen: 19
195.66.232.0/22 maxlen: 22
195.66.240.0/22 maxlen: 22
195.66.248.0/22 maxlen: 22
2a01:40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 27 Jul 2023 11:56:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:91:4a:d1:39:b4:3e:83:0c:b0:1b:48:71:14:57:2f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Validity
Not Before: Jul 26 08:22:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da22b2ae43b027bdfcb8bb67709c9d0f06e1c150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:41:c4:52:78:1f:c5:a8:43:dc:45:96:da:8c:
08:9e:a6:ae:8d:32:5b:0f:7d:86:83:e5:b9:55:6a:
82:91:d9:84:43:db:7f:96:da:21:7f:e3:cc:2b:ac:
b8:7d:5e:98:9c:de:3d:e1:12:6a:c1:2e:c0:9e:e9:
0d:4c:79:94:5f:4d:e0:07:95:f4:06:7f:24:82:e4:
72:a9:d6:00:d9:59:26:26:65:7e:1c:d1:e0:b6:db:
d5:6e:94:f7:7e:2c:67:b2:aa:6a:ba:f1:26:d2:d2:
1f:e0:36:92:b9:a2:9a:8a:42:ef:d9:b1:65:6b:7a:
a0:8c:df:0d:ca:df:b3:d7:74:07:17:77:9d:7d:94:
84:bb:4c:11:1f:9f:c6:0b:9a:94:da:7f:73:7f:9a:
0b:fb:14:2d:52:28:17:44:5c:6d:31:74:0d:6d:e9:
7e:3e:d7:7a:db:6a:2e:33:bc:46:78:54:23:4b:27:
9a:71:16:16:31:34:a4:4a:5c:33:e8:3d:02:92:24:
77:19:7d:47:ac:e0:cf:66:c6:0e:e2:0c:6c:82:ab:
5e:af:8a:c6:cf:50:33:7c:d3:de:5a:cb:7d:51:02:
24:0a:ac:dd:07:a2:47:e5:4b:75:c0:3e:3f:53:6b:
6b:ad:5a:f5:d1:be:e6:c7:c5:56:c3:61:88:bd:61:
23:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:22:B2:AE:43:B0:27:BD:FC:B8:BB:67:70:9C:9D:0F:06:E1:C1:50
X509v3 Authority Key Identifier:
keyid:36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/2iKyrkOwJ738uLtncJydDwbhwVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.224.0/19
IPv6:
2a01:40::/32
Signature Algorithm: sha256WithRSAEncryption
16:42:91:a8:24:b5:d7:1e:70:14:55:38:9d:25:d6:ca:ae:2b:
38:41:6e:6c:aa:0e:72:af:f1:82:8e:ad:e0:ab:af:ff:4a:53:
fa:29:2a:97:b2:51:d2:86:fa:9c:02:4f:5b:cd:8d:b8:24:fc:
fa:b1:d2:a1:63:a0:e9:65:87:8c:fa:79:2f:0c:6e:19:20:20:
a7:83:3a:98:d4:61:5a:18:21:45:97:12:f5:5a:2d:a2:46:6a:
4c:84:5d:d8:35:37:af:8f:69:9e:16:43:6a:c1:75:10:e0:0a:
4d:31:b1:d8:cd:ab:c8:29:bf:0b:23:ed:5a:26:3f:b5:ba:ee:
1c:6d:45:2c:e2:dc:15:71:df:21:86:c5:c2:52:fe:b4:58:ec:
51:86:0d:b5:15:a8:91:cd:7e:9f:a9:b8:4b:0e:06:b2:a7:5c:
f6:09:c1:20:95:d6:bb:8f:40:18:6e:1c:f7:fe:1c:79:0b:5c:
43:6d:d6:bf:69:6b:8e:21:dc:75:e3:f1:ed:f7:b9:88:5d:c8:
21:bd:43:0b:4f:85:f6:b3:d1:7a:ad:d3:a6:12:1d:39:0d:e3:
35:ce:be:74:cc:90:98:59:3c:ee:3f:8e:77:66:a1:ab:81:81:
d3:c7:04:72:61:8e:1e:a3:d2:1c:8a:52:57:6b:9e:a4:32:1c:
0c:1c:a9:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYmRStE5tD6DDLAbSHEUVy/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZWFhMDBlYTc3NzA5OGIxYmYwMzY3NTZkNjQwZTlkMzFk
NjNiM2IwHhcNMjMwNzI2MDgyMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTIyYjJhZTQzYjAyN2JkZmNiOGJiNjc3MDljOWQwZjA2ZTFjMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkHEUngfxahD3EWW2owInqaujTJb
D32Gg+W5VWqCkdmEQ9t/ltohf+PMK6y4fV6YnN494RJqwS7AnukNTHmUX03gB5X0
Bn8kguRyqdYA2VkmJmV+HNHgttvVbpT3fixnsqpquvEm0tIf4DaSuaKaikLv2bFl
a3qgjN8Nyt+z13QHF3edfZSEu0wRH5/GC5qU2n9zf5oL+xQtUigXRFxtMXQNbel+
Ptd622ouM7xGeFQjSyeacRYWMTSkSlwz6D0CkiR3GX1HrODPZsYO4gxsgqter4rG
z1AzfNPeWst9UQIkCqzdB6JH5Ut1wD4/U2trrVr10b7mx8VWw2GIvWEjBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNoisq5DsCe9/Li7Z3CcnQ8G4cFQMB8GA1UdIwQY
MBaAFDbqoA6ndwmLG/A2dW1kDp0x1js7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQt
YmRiMjEzMTNjM2VjLzEvMmlLeXJrT3dKNzM4dUx0bmNKeWREd2Jod1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQtYmRiMjEzMTNjM2Vj
LzEvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFw0LgMA0E
AgACMAcDBQAqAQBAMA0GCSqGSIb3DQEBCwUAA4IBAQAWQpGoJLXXHnAUVTidJdbK
ris4QW5sqg5yr/GCjq3gq6//SlP6KSqXslHShvqcAk9bzY24JPz6sdKhY6DpZYeM
+nkvDG4ZICCngzqY1GFaGCFFlxL1Wi2iRmpMhF3YNTevj2meFkNqwXUQ4ApNMbHY
zavIKb8LI+1aJj+1uu4cbUUs4twVcd8hhsXCUv60WOxRhg21FaiRzX6fqbhLDgay
p1z2CcEglda7j0AYbhz3/hx5C1xDbda/aWuOIdx14/Ht97mIXcghvUMLT4X2s9F6
rdOmEh05DeM1zr50zJCYWTzuP453ZqGrgYHTxwRyYY4eo9IcilJXa56kMhwMHKm7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:37 2024 by rpki-client on console-ams.rpki-client.org