Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/9ded2e-3973-4bcf-9562-3774881e7e1e/1/2SpLbVfPSgGsoa-sTwQYW1GHGgM.roa
File: 2SpLbVfPSgGsoa-sTwQYW1GHGgM.roa (raw, json)
Hash identifier: BpZCHnPdjYydScNKdFdA/WAbH98rXFQ8huLMyZW/iuY=
Subject key identifier: D9:2A:4B:6D:57:CF:4A:01:AC:A1:AF:AC:4F:04:18:5B:51:87:1A:03
Certificate issuer: /CN=c2937b9461a3d266e935834e5047a182238362c8
Certificate serial: 01856F94C5108510313DECA0B5BDE24B3138
Authority key identifier: C2:93:7B:94:61:A3:D2:66:E9:35:83:4E:50:47:A1:82:23:83:62:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wpN7lGGj0mbpNYNOUEehgiODYsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/9ded2e-3973-4bcf-9562-3774881e7e1e/1/2SpLbVfPSgGsoa-sTwQYW1GHGgM.roa
Signing time: Sun 01 Jan 2023 23:04:58 +0000
ROA not before: Sun 01 Jan 2023 23:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204228
IP address blocks: 2001:67c:24d8::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:c5:10:85:10:31:3d:ec:a0:b5:bd:e2:4b:31:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2937b9461a3d266e935834e5047a182238362c8
Validity
Not Before: Jan 1 23:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d92a4b6d57cf4a01aca1afac4f04185b51871a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ef:42:09:61:32:51:7f:e6:09:2f:99:6c:91:
c2:15:cb:6a:d0:3f:5e:3b:fc:62:a0:64:4c:58:b8:
b0:46:89:18:98:6e:42:42:8e:08:88:20:1d:f0:d7:
38:7f:d2:5d:4d:f9:7a:af:bf:4a:29:2a:e5:49:85:
f4:53:82:a5:9f:d0:19:7f:d9:dc:81:69:4d:37:39:
48:16:a1:06:9d:61:15:01:77:8b:7d:09:bd:0d:02:
7f:1d:23:fe:94:22:ee:6d:b8:b2:d3:2e:71:c1:cf:
ac:59:f7:0c:fc:06:3e:20:02:a9:d9:9d:e6:13:40:
0d:72:15:f1:b6:c4:45:3c:02:7f:53:7a:13:70:3f:
e1:68:51:e3:ae:40:b7:50:14:65:f7:c8:54:66:94:
ec:6d:be:4c:e2:5d:b6:a6:d3:02:20:de:f5:e8:8a:
bf:2c:8c:5c:a5:73:69:3e:7f:fb:92:0d:7e:ed:8a:
e7:2f:a5:3d:84:d7:23:94:5d:a1:0e:dc:09:d9:ba:
72:c8:2a:63:47:82:31:44:fa:f3:c0:d4:8a:83:9e:
45:77:51:3d:dd:19:f9:05:f3:bb:35:76:bc:61:25:
d1:c4:c5:d4:6b:ec:28:9f:21:45:4f:62:25:64:0d:
c7:6c:36:74:04:77:64:9b:5c:39:8c:fe:db:35:3c:
c6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:2A:4B:6D:57:CF:4A:01:AC:A1:AF:AC:4F:04:18:5B:51:87:1A:03
X509v3 Authority Key Identifier:
keyid:C2:93:7B:94:61:A3:D2:66:E9:35:83:4E:50:47:A1:82:23:83:62:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wpN7lGGj0mbpNYNOUEehgiODYsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/9ded2e-3973-4bcf-9562-3774881e7e1e/1/2SpLbVfPSgGsoa-sTwQYW1GHGgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/9ded2e-3973-4bcf-9562-3774881e7e1e/1/wpN7lGGj0mbpNYNOUEehgiODYsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:24d8::/48
Signature Algorithm: sha256WithRSAEncryption
99:e0:a0:13:cd:ef:32:8a:cc:ab:b6:57:76:83:58:be:48:1d:
20:43:5e:8a:a1:ab:0d:6f:7b:69:15:f9:82:d0:9a:6f:ed:43:
47:78:60:b5:61:1e:41:97:19:8e:9c:2a:e6:85:b9:15:12:b0:
5f:50:ab:a3:3f:d3:3f:64:84:3d:ba:f3:9a:67:05:3d:f7:e0:
ec:92:c3:f8:fd:f4:07:b7:f5:70:97:56:94:71:3c:d2:3f:10:
54:2f:ad:3c:34:45:68:fe:30:2f:00:c8:1a:03:1d:38:b0:9c:
a5:55:0e:6c:e7:c3:81:64:fd:bc:d0:fe:89:6c:40:ee:f4:fe:
91:66:d1:60:bb:ab:8b:2a:39:14:8f:c2:b2:36:37:da:9d:36:
25:22:e1:7d:4b:75:ab:4c:31:22:de:a3:09:1a:34:e3:d8:3e:
28:d1:8e:41:a6:3d:26:31:49:ef:83:c6:44:4e:91:a0:79:1f:
7e:0e:fb:84:eb:de:01:10:18:3f:f8:4a:01:1d:1c:38:d8:eb:
fc:6d:af:4d:fd:b6:34:5b:e4:d1:b2:9c:46:7e:bc:80:87:df:
4a:c6:57:24:38:a6:4e:d0:74:00:ea:fa:19:ca:fd:58:52:47:
2b:35:dd:4c:ce:94:d5:1a:33:b9:33:28:0b:c4:1d:9c:5b:69:
83:d6:80:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvlMUQhRAxPeygtb3iSzE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyOTM3Yjk0NjFhM2QyNjZlOTM1ODM0ZTUwNDdhMTgyMjM4
MzYyYzgwHhcNMjMwMTAxMjMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTJhNGI2ZDU3Y2Y0YTAxYWNhMWFmYWM0ZjA0MTg1YjUxODcxYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgu9CCWEyUX/mCS+ZbJHCFctq0D9e
O/xioGRMWLiwRokYmG5CQo4IiCAd8Nc4f9JdTfl6r79KKSrlSYX0U4Kln9AZf9nc
gWlNNzlIFqEGnWEVAXeLfQm9DQJ/HSP+lCLubbiy0y5xwc+sWfcM/AY+IAKp2Z3m
E0ANchXxtsRFPAJ/U3oTcD/haFHjrkC3UBRl98hUZpTsbb5M4l22ptMCIN716Iq/
LIxcpXNpPn/7kg1+7YrnL6U9hNcjlF2hDtwJ2bpyyCpjR4IxRPrzwNSKg55Fd1E9
3Rn5BfO7NXa8YSXRxMXUa+wonyFFT2IlZA3HbDZ0BHdkm1w5jP7bNTzGxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNkqS21Xz0oBrKGvrE8EGFtRhxoDMB8GA1UdIwQY
MBaAFMKTe5Rho9Jm6TWDTlBHoYIjg2LIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3BON2xHR2owbWJwTllOT1VFZWhnaU9EWXNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85ZGVkMmUtMzk3My00YmNmLTk1NjIt
Mzc3NDg4MWU3ZTFlLzEvMlNwTGJWZlBTZ0dzb2Etc1R3UVlXMUdIR2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85ZGVkMmUtMzk3My00YmNmLTk1NjItMzc3NDg4MWU3ZTFl
LzEvd3BON2xHR2owbWJwTllOT1VFZWhnaU9EWXNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCTY
MA0GCSqGSIb3DQEBCwUAA4IBAQCZ4KATze8yisyrtld2g1i+SB0gQ16KoasNb3tp
FfmC0Jpv7UNHeGC1YR5BlxmOnCrmhbkVErBfUKujP9M/ZIQ9uvOaZwU99+DsksP4
/fQHt/Vwl1aUcTzSPxBUL608NEVo/jAvAMgaAx04sJylVQ5s58OBZP280P6JbEDu
9P6RZtFgu6uLKjkUj8KyNjfanTYlIuF9S3WrTDEi3qMJGjTj2D4o0Y5Bpj0mMUnv
g8ZETpGgeR9+DvuE694BEBg/+EoBHRw42Ov8ba9N/bY0W+TRspxGfryAh99Kxlck
OKZO0HQA6voZyv1YUkcrNd1MzpTVGjO5MygLxB2cW2mD1oCX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:09 2024 by rpki-client on console-fra.rpki-client.org