Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/2mIiUeRypIdlaGHO6IiZ9koN5LQ.roa
File: 2mIiUeRypIdlaGHO6IiZ9koN5LQ.roa (raw, json)
Hash identifier: cylUQmkd2omdUvtVdCmSDE/slwZ271yUQTy3UV4nviE=
Subject key identifier: DA:62:22:51:E4:72:A4:87:65:68:61:CE:E8:88:99:F6:4A:0D:E4:B4
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018D16EFDAC50A1E84630F4CBFFDC782A487
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/2mIiUeRypIdlaGHO6IiZ9koN5LQ.roa
Signing time: Wed 17 Jan 2024 10:20:34 +0000
ROA not before: Wed 17 Jan 2024 10:20:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51714
IP address blocks: 192.144.33.0/24 maxlen: 24
192.144.34.0/24 maxlen: 24
2a09:ff00:103::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 25 Mar 2024 23:13:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:16:ef:da:c5:0a:1e:84:63:0f:4c:bf:fd:c7:82:a4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 17 10:20:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da622251e472a487656861cee88899f64a0de4b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0b:30:ad:2f:d7:9f:7f:c8:69:11:19:29:ff:
ea:25:33:96:54:b3:26:b2:51:42:2b:4f:55:83:15:
48:78:8a:c6:e1:5f:cb:d7:8d:17:f3:9b:18:b0:d8:
71:3d:c8:4a:d3:3e:b5:d0:2f:42:d3:2b:69:97:80:
5a:cf:9b:87:b5:c8:54:85:6b:93:cb:30:c0:80:3f:
f2:38:75:b6:25:f4:68:27:8e:2b:9e:ca:69:69:8b:
28:6e:ca:3b:ec:36:ae:93:eb:99:f4:ca:3c:20:c3:
d4:ad:0b:67:3b:91:60:ba:4a:b0:f4:e2:de:d4:e9:
da:d1:17:3a:ce:57:50:3d:8a:85:e5:09:54:d8:2b:
0c:fe:ba:04:ae:65:36:2a:2a:de:d5:67:11:59:ad:
45:ae:0a:63:21:74:92:06:af:36:fb:77:33:93:c6:
5f:41:f4:a0:00:b8:07:73:ff:bb:ac:90:0e:b7:3a:
40:49:fe:c0:6c:4d:cb:11:b3:ee:30:79:1c:2d:63:
05:d6:e9:9a:c3:a5:20:5b:b1:a3:3f:69:2a:3a:b2:
a4:9a:c8:04:d2:76:7a:45:01:72:7d:8b:61:e3:f4:
f8:bf:75:7a:54:f0:7e:9f:69:70:a2:4a:8b:b3:aa:
65:15:a1:89:ff:af:40:07:1d:0d:64:91:33:40:55:
94:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:62:22:51:E4:72:A4:87:65:68:61:CE:E8:88:99:F6:4A:0D:E4:B4
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/2mIiUeRypIdlaGHO6IiZ9koN5LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.33.0-192.144.34.255
IPv6:
2a09:ff00:103::/48
Signature Algorithm: sha256WithRSAEncryption
1f:a6:98:97:89:81:b1:51:15:fa:2b:a6:45:75:4a:a5:e2:3d:
47:41:26:89:f6:35:54:8f:73:c4:63:17:ee:51:cc:b4:86:10:
f5:be:1e:bc:38:a5:24:58:2f:47:fa:00:14:1c:27:2a:5c:29:
13:e7:b2:af:dc:77:a9:86:19:6c:73:77:55:4c:89:52:c1:81:
ff:2b:96:b3:05:db:55:50:f2:0b:c6:8a:30:f7:63:3d:35:82:
8a:0b:11:47:46:cc:c9:6d:34:97:bb:a6:17:04:cb:91:50:f3:
c3:24:0f:70:7d:1d:39:52:1a:a5:0d:9d:2b:d8:8e:6f:b2:f5:
86:7b:03:8a:3b:ff:44:2c:af:3b:bb:dc:1a:da:a5:f0:4b:10:
41:81:df:80:ed:f0:08:70:62:79:1d:15:91:56:76:e1:23:67:
26:a7:72:a2:e7:58:a7:48:1b:e8:66:36:39:d0:a1:4e:6b:0f:
f9:cf:84:06:10:74:af:e5:30:ab:01:32:9b:7d:0b:e6:38:2b:
db:30:dc:d1:2a:5a:de:f7:88:c3:13:b4:d3:a7:5b:a0:23:21:
32:6b:ee:dd:cb:48:17:77:cc:a5:8f:1b:61:ca:89:79:69:77:
bb:d3:a6:5f:68:c5:4b:27:34:9c:98:fc:70:94:85:7e:02:98:
7e:1e:7f:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY0W79rFCh6EYw9Mv/3HgqSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMTE3MTAyMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTYyMjI1MWU0NzJhNDg3NjU2ODYxY2VlODg4OTlmNjRhMGRlNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgswrS/Xn3/IaREZKf/qJTOWVLMm
slFCK09VgxVIeIrG4V/L140X85sYsNhxPchK0z610C9C0ytpl4Baz5uHtchUhWuT
yzDAgD/yOHW2JfRoJ44rnsppaYsobso77Dauk+uZ9Mo8IMPUrQtnO5Fgukqw9OLe
1Ona0Rc6zldQPYqF5QlU2CsM/roErmU2Kire1WcRWa1FrgpjIXSSBq82+3czk8Zf
QfSgALgHc/+7rJAOtzpASf7AbE3LEbPuMHkcLWMF1umaw6UgW7GjP2kqOrKkmsgE
0nZ6RQFyfYth4/T4v3V6VPB+n2lwokqLs6plFaGJ/69ABx0NZJEzQFWUUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpiIlHkcqSHZWhhzuiImfZKDeS0MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvMm1JaVVlUnlwSWRsYUdITzZJaVo5a29ONUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBADAkCED
BADAkCIwDwQCAAIwCQMHACoJ/wABAzANBgkqhkiG9w0BAQsFAAOCAQEAH6aYl4mB
sVEV+iumRXVKpeI9R0EmifY1VI9zxGMX7lHMtIYQ9b4evDilJFgvR/oAFBwnKlwp
E+eyr9x3qYYZbHN3VUyJUsGB/yuWswXbVVDyC8aKMPdjPTWCigsRR0bMyW00l7um
FwTLkVDzwyQPcH0dOVIapQ2dK9iOb7L1hnsDijv/RCyvO7vcGtql8EsQQYHfgO3w
CHBieR0VkVZ24SNnJqdyoudYp0gb6GY2OdChTmsP+c+EBhB0r+UwqwEym30L5jgr
2zDc0Spa3veIwxO006dboCMhMmvu3ctIF3fMpY8bYcqJeWl3u9OmX2jFSyc0nJj8
cJSFfgKYfh5/Fg==
-----END CERTIFICATE-----
Generated at Tue Mar 26 00:07:59 2024 by rpki-client on console-ams.rpki-client.org