Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/x2j72-2j6EBEoMWbob1b12n7yJ0.roa
File: x2j72-2j6EBEoMWbob1b12n7yJ0.roa (raw, json)
Hash identifier: qjB3qZXzasS282NgdagzMT/0czhDzffuw3ziZpOqZ8U=
Subject key identifier: C7:68:FB:DB:ED:A3:E8:40:44:A0:C5:9B:A1:BD:5B:D7:69:FB:C8:9D
Certificate issuer: /CN=dc2c2fef9c8caf8f2f08211ef02c3d0ad3474917
Certificate serial: 018570708736BC87C5974A3532F9F867DC19
Authority key identifier: DC:2C:2F:EF:9C:8C:AF:8F:2F:08:21:1E:F0:2C:3D:0A:D3:47:49:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Cwv75yMr48vCCEe8Cw9CtNHSRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/x2j72-2j6EBEoMWbob1b12n7yJ0.roa
Signing time: Mon 02 Jan 2023 03:05:00 +0000
ROA not before: Mon 02 Jan 2023 03:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56496
IP address blocks: 89.19.52.0/24 maxlen: 24
89.19.52.0/22 maxlen: 24
91.224.210.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:87:36:bc:87:c5:97:4a:35:32:f9:f8:67:dc:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc2c2fef9c8caf8f2f08211ef02c3d0ad3474917
Validity
Not Before: Jan 2 03:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c768fbdbeda3e84044a0c59ba1bd5bd769fbc89d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:aa:76:ca:87:b8:7e:0d:97:b3:4d:cc:4a:92:
16:be:a6:6f:b9:89:5a:30:64:1b:c6:38:02:ab:72:
39:60:df:7c:d6:87:6e:33:65:92:54:1b:78:0e:b3:
f3:d7:9b:28:4a:c5:bb:3f:1f:f0:48:d8:59:9d:30:
b6:6c:59:32:41:6a:ed:a1:c2:12:e5:23:16:65:fe:
0a:1a:1f:43:21:38:a2:f9:e2:28:ea:7e:82:97:45:
18:f1:e9:74:78:0c:78:f9:d6:b5:b5:33:19:97:09:
4e:9c:b6:a4:87:e8:8d:39:db:6d:ed:a5:50:27:a9:
07:16:f6:50:99:9a:bf:81:20:63:aa:3e:c6:b9:93:
67:43:d8:52:2d:0f:aa:54:f8:78:05:72:0c:e1:a6:
35:03:4d:05:94:1a:43:7b:7e:b6:91:7a:a6:4c:40:
af:25:6f:d3:27:65:9e:7f:e4:4e:b0:42:a4:73:9e:
a5:5f:96:35:0a:86:95:62:28:22:87:b3:42:80:58:
b8:63:98:39:19:8a:3b:08:e0:b8:f9:d1:7d:d1:f2:
01:cd:b4:b8:75:71:a9:3a:2c:90:04:dc:0e:ae:b3:
dc:b7:ee:8e:f6:c3:7a:01:6d:65:e9:51:d1:e4:92:
18:d2:37:59:f5:d7:88:1e:18:00:06:c3:79:bc:75:
dc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:68:FB:DB:ED:A3:E8:40:44:A0:C5:9B:A1:BD:5B:D7:69:FB:C8:9D
X509v3 Authority Key Identifier:
keyid:DC:2C:2F:EF:9C:8C:AF:8F:2F:08:21:1E:F0:2C:3D:0A:D3:47:49:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Cwv75yMr48vCCEe8Cw9CtNHSRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/x2j72-2j6EBEoMWbob1b12n7yJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/3Cwv75yMr48vCCEe8Cw9CtNHSRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.52.0/22
91.224.210.0/23
Signature Algorithm: sha256WithRSAEncryption
67:08:4a:ad:d0:db:87:4e:f1:4e:d7:ff:cd:c9:51:97:95:87:
d5:2b:55:aa:27:57:b6:da:16:49:94:a4:28:d1:9e:c3:8e:b9:
29:90:d5:a5:ed:48:2d:30:9d:4f:1c:b5:f9:90:a7:c8:a6:db:
3a:ab:cb:1e:e9:bd:a9:22:25:b9:3d:3b:42:b6:c0:5e:9a:c2:
0c:f2:16:2c:5c:6e:ab:ae:ad:39:8b:9d:6d:f1:71:00:12:88:
ea:33:c2:00:f5:ef:f5:e0:60:e9:00:c3:63:e9:28:68:7b:b7:
0c:ad:43:87:ea:41:1d:ad:36:7f:57:c1:96:cd:7e:0f:a8:55:
08:ae:be:c8:95:9f:04:62:52:43:bb:f8:c9:63:ef:62:80:e7:
68:e7:d1:7e:d3:b2:71:8e:86:a5:58:91:89:eb:d6:6d:fd:2e:
1f:a2:80:56:0b:44:6b:ea:f7:9b:76:49:e1:9e:47:29:da:64:
31:c2:4a:42:66:11:dc:1f:86:bf:02:41:b3:20:58:28:2e:17:
f3:98:70:8e:f2:bb:02:55:12:8e:3f:8c:ed:fc:65:60:9c:7f:
38:d2:7b:c5:3c:17:de:f5:b0:a2:82:ea:0d:16:22:c4:e3:f7:
cc:26:8a:88:12:14:7b:e7:f0:26:68:af:a3:33:cc:92:b3:5f:
6d:db:50:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwcIc2vIfFl0o1Mvn4Z9wZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmMyZmVmOWM4Y2FmOGYyZjA4MjExZWYwMmMzZDBhZDM0
NzQ5MTcwHhcNMjMwMTAyMDMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzY4ZmJkYmVkYTNlODQwNDRhMGM1OWJhMWJkNWJkNzY5ZmJjODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoap2yoe4fg2Xs03MSpIWvqZvuYla
MGQbxjgCq3I5YN981oduM2WSVBt4DrPz15soSsW7Px/wSNhZnTC2bFkyQWrtocIS
5SMWZf4KGh9DITii+eIo6n6Cl0UY8el0eAx4+da1tTMZlwlOnLakh+iNOdtt7aVQ
J6kHFvZQmZq/gSBjqj7GuZNnQ9hSLQ+qVPh4BXIM4aY1A00FlBpDe362kXqmTECv
JW/TJ2Wef+ROsEKkc56lX5Y1CoaVYigih7NCgFi4Y5g5GYo7COC4+dF90fIBzbS4
dXGpOiyQBNwOrrPct+6O9sN6AW1l6VHR5JIY0jdZ9deIHhgABsN5vHXc+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMdo+9vto+hARKDFm6G9W9dp+8idMB8GA1UdIwQY
MBaAFNwsL++cjK+PLwghHvAsPQrTR0kXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0N3djc1eU1yNDh2Q0NFZThDdzlDdE5IU1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wODUzMWItYmQ2Ni00ZmNlLWE1Njkt
ODY0NGM1ODE0YzlhLzEveDJqNzItMmo2RUJFb01XYm9iMWIxMm43eUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wODUzMWItYmQ2Ni00ZmNlLWE1NjktODY0NGM1ODE0Yzlh
LzEvM0N3djc1eU1yNDh2Q0NFZThDdzlDdE5IU1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWRM0AwQB
W+DSMA0GCSqGSIb3DQEBCwUAA4IBAQBnCEqt0NuHTvFO1//NyVGXlYfVK1WqJ1e2
2hZJlKQo0Z7DjrkpkNWl7UgtMJ1PHLX5kKfIpts6q8se6b2pIiW5PTtCtsBemsIM
8hYsXG6rrq05i51t8XEAEojqM8IA9e/14GDpAMNj6Shoe7cMrUOH6kEdrTZ/V8GW
zX4PqFUIrr7IlZ8EYlJDu/jJY+9igOdo59F+07JxjoalWJGJ69Zt/S4fooBWC0Rr
6vebdknhnkcp2mQxwkpCZhHcH4a/AkGzIFgoLhfzmHCO8rsCVRKOP4zt/GVgnH84
0nvFPBfe9bCiguoNFiLE4/fMJoqIEhR75/AmaK+jM8ySs19t21Dr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:24 2024 by rpki-client on console-ams.rpki-client.org