Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2WcyToGySCdzaPWAX8LL98S3on8.roa
File: 2WcyToGySCdzaPWAX8LL98S3on8.roa (raw, json)
Hash identifier: vu0lkkmNV6uzyHUNG23ibJpJLgphNN4+QG2kBFDI2OI=
Subject key identifier: D9:67:32:4E:81:B2:48:27:73:68:F5:80:5F:C2:CB:F7:C4:B7:A2:7F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AB91CA77BF391888E01FB9FAE99CA5D94
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2WcyToGySCdzaPWAX8LL98S3on8.roa
Signing time: Thu 21 Sep 2023 18:59:37 +0000
ROA not before: Thu 21 Sep 2023 18:59:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56582
IP address blocks: 2.59.255.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b9:1c:a7:7b:f3:91:88:8e:01:fb:9f:ae:99:ca:5d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 21 18:59:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d967324e81b248277368f5805fc2cbf7c4b7a27f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:47:cb:03:40:29:51:aa:84:12:2a:00:b3:5f:
dd:9a:2c:c8:66:a8:6f:ba:f8:6d:01:0f:42:0c:cd:
3b:0e:50:b5:9f:1d:d1:7a:c4:c7:ff:34:6b:a6:b4:
80:26:8c:a9:92:02:ef:43:d3:8e:9e:1a:28:2d:b7:
e8:2f:08:b9:89:27:ee:44:8d:25:d9:91:7b:c7:23:
56:79:2d:37:29:cd:2a:be:4b:c5:eb:f5:e3:70:ab:
c7:44:53:f9:40:2a:ae:95:c3:69:9e:22:6c:8f:63:
0c:09:8d:bb:5f:2e:9d:9a:14:cb:7a:da:1e:f5:3c:
11:45:ee:5e:61:82:c6:80:fe:01:1f:f0:77:7a:6f:
63:05:95:08:a4:3b:44:87:a3:d3:0c:3b:e7:bf:46:
56:7c:bd:b8:3c:12:9a:e7:6b:2b:d7:a1:e8:23:7f:
7a:00:3b:48:a2:ff:c8:97:15:c4:8f:24:85:04:ef:
58:93:29:a2:e5:03:b6:d4:87:e7:8d:52:91:69:37:
46:5c:9b:41:3e:05:d7:51:03:d5:25:7f:29:63:c8:
f8:d2:6c:63:95:36:e5:20:6e:b5:b8:3b:5f:da:53:
32:4f:d0:54:19:49:f8:bd:20:60:9c:dc:0f:33:1d:
0d:4e:15:41:77:40:aa:8c:0e:8d:83:ba:f7:b0:db:
d9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:67:32:4E:81:B2:48:27:73:68:F5:80:5F:C2:CB:F7:C4:B7:A2:7F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2WcyToGySCdzaPWAX8LL98S3on8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
94.156.10.0/24
Signature Algorithm: sha256WithRSAEncryption
78:1d:94:3f:95:e8:68:a4:f1:ab:02:0a:57:db:1a:5f:19:08:
5d:68:c4:b1:e9:fd:e2:7d:24:af:80:93:e4:a7:1c:a2:d4:d4:
12:f8:6d:65:16:25:93:c5:0c:b7:e8:54:43:36:16:c7:2e:31:
04:6e:f2:c9:c6:00:af:4b:c9:5e:86:6a:95:2f:95:7e:10:ec:
56:5c:60:f9:11:32:51:e7:aa:c4:b5:3e:31:88:ac:5a:2b:65:
2e:e6:4e:ba:43:6f:70:56:24:b6:20:fb:10:d5:5c:83:f6:fc:
f5:6f:e4:46:28:3e:1f:40:e3:25:85:42:01:76:52:cc:4a:5f:
79:ae:c4:2a:ce:58:92:71:9a:2d:97:00:a7:c3:44:c3:54:f3:
0e:73:7e:55:f9:fe:cc:9e:89:9d:86:02:82:59:a5:23:b0:cb:
94:41:e3:9c:79:c1:8a:db:37:d0:30:8b:d2:f5:d2:8f:d7:30:
58:74:b7:47:6b:f8:6c:ed:27:6f:a6:5a:17:4c:da:2b:6f:de:
2b:70:15:2d:56:8b:bd:c5:ef:38:a4:88:78:1c:0e:99:ec:f4:
5d:93:e4:74:16:3a:2b:5b:62:50:64:5e:7d:9e:35:9f:27:d1:
df:83:34:78:39:30:db:7d:21:6d:ab:66:38:77:84:04:22:af:
4d:df:8c:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYq5HKd785GIjgH7n66Zyl2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTIxMTg1OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTY3MzI0ZTgxYjI0ODI3NzM2OGY1ODA1ZmMyY2JmN2M0YjdhMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0fLA0ApUaqEEioAs1/dmizIZqhv
uvhtAQ9CDM07DlC1nx3ResTH/zRrprSAJoypkgLvQ9OOnhooLbfoLwi5iSfuRI0l
2ZF7xyNWeS03Kc0qvkvF6/XjcKvHRFP5QCqulcNpniJsj2MMCY27Xy6dmhTLetoe
9TwRRe5eYYLGgP4BH/B3em9jBZUIpDtEh6PTDDvnv0ZWfL24PBKa52sr16HoI396
ADtIov/IlxXEjySFBO9Ykymi5QO21IfnjVKRaTdGXJtBPgXXUQPVJX8pY8j40mxj
lTblIG61uDtf2lMyT9BUGUn4vSBgnNwPMx0NThVBd0CqjA6Ng7r3sNvZtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNlnMk6Bskgnc2j1gF/Cy/fEt6J/MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMldjeVRvR3lTQ2R6YVBXQVg4TEw5OFMzb244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjv/AwQA
XpwKMA0GCSqGSIb3DQEBCwUAA4IBAQB4HZQ/lehopPGrAgpX2xpfGQhdaMSx6f3i
fSSvgJPkpxyi1NQS+G1lFiWTxQy36FRDNhbHLjEEbvLJxgCvS8lehmqVL5V+EOxW
XGD5ETJR56rEtT4xiKxaK2Uu5k66Q29wViS2IPsQ1VyD9vz1b+RGKD4fQOMlhUIB
dlLMSl95rsQqzliScZotlwCnw0TDVPMOc35V+f7MnomdhgKCWaUjsMuUQeOcecGK
2zfQMIvS9dKP1zBYdLdHa/hs7SdvploXTNorb94rcBUtVou9xe84pIh4HA6Z7PRd
k+R0FjorW2JQZF59njWfJ9HfgzR4OTDbfSFtq2Y4d4QEIq9N34xw
-----END CERTIFICATE-----
Generated at Thu Sep 28 14:11:03 2023 by rpki-client on console-ams.rpki-client.org