Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ALJFN0Nz25kaxwAz5u7gJ0h1V4A.roa
File: ALJFN0Nz25kaxwAz5u7gJ0h1V4A.roa (raw, json)
Hash identifier: sXezPpTK/cDBWDy+5+rb6JDfTOdaIr0MI1ov+UK5dEM=
Subject key identifier: 00:B2:45:37:43:73:DB:99:1A:C7:00:33:E6:EE:E0:27:48:75:57:80
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ADBFFE3A3BA25B50B4CA66066C77C1851
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ALJFN0Nz25kaxwAz5u7gJ0h1V4A.roa
Signing time: Thu 28 Sep 2023 13:34:54 +0000
ROA not before: Thu 28 Sep 2023 13:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208885
IP address blocks: 2.59.255.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Nov 2023 09:35:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:ff:e3:a3:ba:25:b5:0b:4c:a6:60:66:c7:7c:18:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 28 13:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00b245374373db991ac70033e6eee02748755780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a4:a8:cc:d3:e1:cb:f1:78:f3:5e:54:56:14:
b3:91:67:8e:80:61:6e:de:17:df:fa:89:b1:1f:d4:
aa:8d:45:8c:43:e3:c6:48:2a:fa:15:e7:24:13:12:
fe:ce:e9:ae:f4:1b:8b:84:3d:87:98:63:87:de:a5:
2f:e5:c3:12:6f:6d:ec:bf:61:9a:78:55:20:e4:51:
76:41:27:0f:17:4e:99:db:35:0b:85:81:b2:b2:22:
99:a9:86:2d:88:bb:e1:bd:14:90:d7:a9:8e:66:7c:
cf:de:0b:c2:a1:8c:bb:8e:57:bb:75:3a:86:51:7c:
2b:6a:20:3f:99:10:2a:02:ac:57:f6:42:1d:e6:b7:
2c:7b:39:75:4b:60:ba:0f:01:56:a0:a8:c6:bc:17:
cc:42:f9:97:30:e0:8e:a9:98:92:19:b2:1e:5a:37:
7b:85:60:d1:61:4b:20:fe:7f:eb:cf:f5:09:f0:d4:
21:dd:49:1d:21:22:83:7d:6e:35:cf:8b:3e:94:d8:
57:54:3c:57:6b:ed:44:27:12:d3:36:3c:d2:0b:ba:
47:a0:da:f1:81:52:e0:df:44:9e:1a:85:08:bf:e5:
06:2a:aa:89:58:a8:a0:e0:f1:26:db:61:11:79:87:
24:02:59:5a:20:a1:4e:9c:87:12:97:6b:85:de:5b:
c5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B2:45:37:43:73:DB:99:1A:C7:00:33:E6:EE:E0:27:48:75:57:80
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ALJFN0Nz25kaxwAz5u7gJ0h1V4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
94.156.10.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:c2:93:64:d0:71:eb:9a:46:33:4f:c5:be:59:29:df:95:e2:
20:6f:bb:44:b7:ae:3e:be:ad:88:c5:55:e7:ba:c1:3c:66:f9:
eb:73:2f:2f:f4:02:0d:97:f8:86:27:bf:57:3f:b1:a0:8f:fc:
56:03:70:dd:80:66:94:ef:9a:62:bd:bc:cc:a2:e5:1e:d9:bd:
ad:3e:71:f8:7a:b2:8f:04:f7:b1:a8:9f:a0:58:5f:ef:c5:6e:
0e:e8:05:db:f8:39:43:68:84:69:c3:44:0e:a3:50:99:f3:10:
a0:03:4b:38:fc:bb:1a:db:43:23:57:a5:d0:99:6e:c6:7b:91:
b9:e2:2d:dd:fd:fd:a1:a3:0d:d0:f8:e2:93:ff:49:67:02:9e:
2a:34:32:23:ab:f1:fc:39:63:c9:07:20:28:8e:7d:5d:52:23:
65:6b:47:4a:ca:78:19:2c:c5:01:6b:4c:5d:1e:2c:a4:11:fb:
a8:89:56:9c:81:ea:a7:cf:77:aa:27:32:01:66:01:ba:d2:44:
09:5e:7a:67:b0:f7:c9:82:86:a3:f9:06:b5:42:5b:ee:8e:27:
b5:94:b5:ad:cd:c7:ca:1e:19:dd:9d:f2:38:dc:04:24:47:0a:
60:d4:1e:23:8e:d6:06:e8:54:81:10:e0:9b:0b:35:d2:ab:02:
d0:2e:06:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrb/+OjuiW1C0ymYGbHfBhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTI4MTMzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGIyNDUzNzQzNzNkYjk5MWFjNzAwMzNlNmVlZTAyNzQ4NzU1NzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6SozNPhy/F4815UVhSzkWeOgGFu
3hff+omxH9SqjUWMQ+PGSCr6FeckExL+zumu9BuLhD2HmGOH3qUv5cMSb23sv2Ga
eFUg5FF2QScPF06Z2zULhYGysiKZqYYtiLvhvRSQ16mOZnzP3gvCoYy7jle7dTqG
UXwraiA/mRAqAqxX9kId5rcsezl1S2C6DwFWoKjGvBfMQvmXMOCOqZiSGbIeWjd7
hWDRYUsg/n/rz/UJ8NQh3UkdISKDfW41z4s+lNhXVDxXa+1EJxLTNjzSC7pHoNrx
gVLg30SeGoUIv+UGKqqJWKig4PEm22EReYckAllaIKFOnIcSl2uF3lvFnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFACyRTdDc9uZGscAM+bu4CdIdVeAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQUxKRk4wTnoyNWtheHdBejV1N2dKMGgxVjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjv/AwQA
XpwKMA0GCSqGSIb3DQEBCwUAA4IBAQBMwpNk0HHrmkYzT8W+WSnfleIgb7tEt64+
vq2IxVXnusE8Zvnrcy8v9AINl/iGJ79XP7Ggj/xWA3DdgGaU75pivbzMouUe2b2t
PnH4erKPBPexqJ+gWF/vxW4O6AXb+DlDaIRpw0QOo1CZ8xCgA0s4/Lsa20MjV6XQ
mW7Ge5G54i3d/f2how3Q+OKT/0lnAp4qNDIjq/H8OWPJByAojn1dUiNla0dKyngZ
LMUBa0xdHiykEfuoiVacgeqnz3eqJzIBZgG60kQJXnpnsPfJgoaj+Qa1Qlvujie1
lLWtzcfKHhndnfI43AQkRwpg1B4jjtYG6FSBEOCbCzXSqwLQLgZw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:00 2024 by rpki-client on console-fra.rpki-client.org