Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/617778-9f31-475b-84fa-74c979a6536e/1/2GClHW65WqNEzAfesjc-4UZJNKY.roa
File: 2GClHW65WqNEzAfesjc-4UZJNKY.roa (raw, json)
Hash identifier: 2O0skAjJqP1dXFMK8hVyLhgmD5T9O2CojENydLU8or0=
Subject key identifier: D8:60:A5:1D:6E:B9:5A:A3:44:CC:07:DE:B2:37:3E:E1:46:49:34:A6
Certificate issuer: /CN=68cc325c8ad9769a1b54da296305fe0c36573775
Certificate serial: 018CCA9A061CA09F49B1595CB5881BC8360F
Authority key identifier: 68:CC:32:5C:8A:D9:76:9A:1B:54:DA:29:63:05:FE:0C:36:57:37:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMwyXIrZdpobVNopYwX-DDZXN3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/617778-9f31-475b-84fa-74c979a6536e/1/2GClHW65WqNEzAfesjc-4UZJNKY.roa
Signing time: Tue 02 Jan 2024 14:35:40 +0000
ROA not before: Tue 02 Jan 2024 14:35:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213224
IP address blocks: 85.235.158.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 19 Mar 2024 19:25:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:06:1c:a0:9f:49:b1:59:5c:b5:88:1b:c8:36:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cc325c8ad9769a1b54da296305fe0c36573775
Validity
Not Before: Jan 2 14:35:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d860a51d6eb95aa344cc07deb2373ee1464934a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:de:72:ee:ed:29:21:ed:f7:19:c1:0d:1f:91:
20:bb:91:e5:5b:3b:cc:39:6a:13:fe:46:88:69:ee:
0e:47:2d:37:f0:1b:e8:c0:90:4e:4d:bd:4d:5d:87:
c3:9d:39:19:a6:c5:a7:cb:b7:ad:e5:a6:5d:0b:11:
03:8a:81:7d:48:9c:88:86:a3:89:ac:c0:9c:d9:9b:
0c:cd:14:16:e5:e0:80:a3:4c:56:66:75:b1:31:5e:
9d:42:f3:b8:29:4e:17:9c:d9:54:4f:e1:0e:49:e8:
30:7d:38:f5:a5:fc:45:f1:d6:55:36:45:22:2f:20:
c1:57:f7:f1:8d:e6:a8:d2:63:fd:74:71:7e:46:64:
3e:a7:99:2f:30:5a:3b:d5:34:58:5e:38:15:80:f6:
f8:f3:55:07:c4:b6:fd:ba:27:1f:71:ef:52:97:e6:
63:0b:9c:9b:de:eb:4c:53:fc:88:27:b5:90:09:00:
bf:0d:fd:61:f4:50:21:15:41:5d:ff:cc:d2:68:0a:
41:e0:b4:0f:c4:b4:ed:26:89:79:7d:7e:d4:06:de:
ed:87:3b:0a:da:59:0b:8b:05:66:a4:64:eb:a6:cd:
a9:24:da:4b:a3:50:51:3e:89:bc:d8:4e:d6:83:7e:
b6:84:5d:4f:87:29:42:d6:1c:93:04:fb:1b:5a:4a:
a3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:60:A5:1D:6E:B9:5A:A3:44:CC:07:DE:B2:37:3E:E1:46:49:34:A6
X509v3 Authority Key Identifier:
keyid:68:CC:32:5C:8A:D9:76:9A:1B:54:DA:29:63:05:FE:0C:36:57:37:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMwyXIrZdpobVNopYwX-DDZXN3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/617778-9f31-475b-84fa-74c979a6536e/1/2GClHW65WqNEzAfesjc-4UZJNKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/617778-9f31-475b-84fa-74c979a6536e/1/aMwyXIrZdpobVNopYwX-DDZXN3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.158.0/23
Signature Algorithm: sha256WithRSAEncryption
48:e2:82:63:cc:d3:94:7c:45:d2:43:46:86:6f:26:50:84:92:
60:64:b5:bf:23:e5:54:e7:32:25:82:f5:bb:77:f1:48:7b:0f:
d0:bb:14:98:63:fb:f3:73:f6:3b:6d:6b:17:22:3d:c1:77:0d:
ed:99:80:ed:9d:9d:15:96:5c:cf:4f:a4:82:cf:17:ba:84:7e:
40:25:78:a6:e8:98:59:5e:12:15:5f:bd:ae:f1:39:48:ab:96:
bd:3c:5c:54:5b:72:a8:2d:1d:fa:7d:ea:a3:6f:07:d3:16:ea:
06:6e:10:8b:6e:9e:93:ff:39:02:53:f8:ce:5a:d2:cd:4c:21:
c5:ea:6f:64:1d:fc:0d:f6:5d:e1:d0:b6:99:df:ef:d5:68:1f:
3b:c4:e2:c8:38:d5:4b:b2:03:ea:a3:d6:29:b3:f0:93:d6:c2:
cb:da:1e:47:a4:a4:cb:82:44:6a:8e:d1:be:1c:f7:fe:7c:82:
ae:06:ad:cb:2a:04:2b:0e:db:a2:54:48:d4:8c:14:24:92:a0:
61:2a:d8:d6:8f:00:93:09:05:f2:ee:81:92:ae:8f:21:68:fa:
e6:7b:77:f4:1f:54:3d:5d:3d:96:50:fd:0e:72:8a:4c:bc:6f:
b3:3c:69:ee:dc:d5:96:60:77:8b:49:03:ba:00:62:a3:ae:f5:
d3:eb:b1:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmgYcoJ9JsVlctYgbyDYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2MzMjVjOGFkOTc2OWExYjU0ZGEyOTYzMDVmZTBjMzY1
NzM3NzUwHhcNMjQwMTAyMTQzNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYwYTUxZDZlYjk1YWEzNDRjYzA3ZGViMjM3M2VlMTQ2NDkzNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN5y7u0pIe33GcENH5Egu5HlWzvM
OWoT/kaIae4ORy038BvowJBOTb1NXYfDnTkZpsWny7et5aZdCxEDioF9SJyIhqOJ
rMCc2ZsMzRQW5eCAo0xWZnWxMV6dQvO4KU4XnNlUT+EOSegwfTj1pfxF8dZVNkUi
LyDBV/fxjeao0mP9dHF+RmQ+p5kvMFo71TRYXjgVgPb481UHxLb9uicfce9Sl+Zj
C5yb3utMU/yIJ7WQCQC/Df1h9FAhFUFd/8zSaApB4LQPxLTtJol5fX7UBt7thzsK
2lkLiwVmpGTrps2pJNpLo1BRPom82E7Wg362hF1PhylC1hyTBPsbWkqjdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhgpR1uuVqjRMwH3rI3PuFGSTSmMB8GA1UdIwQY
MBaAFGjMMlyK2XaaG1TaKWMF/gw2Vzd1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU13eVhJclpkcG9iVk5vcFl3WC1ERFpYTjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82MTc3NzgtOWYzMS00NzViLTg0ZmEt
NzRjOTc5YTY1MzZlLzEvMkdDbEhXNjVXcU5FekFmZXNqYy00VVpKTktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82MTc3NzgtOWYzMS00NzViLTg0ZmEtNzRjOTc5YTY1MzZl
LzEvYU13eVhJclpkcG9iVk5vcFl3WC1ERFpYTjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVeueMA0G
CSqGSIb3DQEBCwUAA4IBAQBI4oJjzNOUfEXSQ0aGbyZQhJJgZLW/I+VU5zIlgvW7
d/FIew/QuxSYY/vzc/Y7bWsXIj3Bdw3tmYDtnZ0VllzPT6SCzxe6hH5AJXim6JhZ
XhIVX72u8TlIq5a9PFxUW3KoLR36feqjbwfTFuoGbhCLbp6T/zkCU/jOWtLNTCHF
6m9kHfwN9l3h0LaZ3+/VaB87xOLIONVLsgPqo9Yps/CT1sLL2h5HpKTLgkRqjtG+
HPf+fIKuBq3LKgQrDtuiVEjUjBQkkqBhKtjWjwCTCQXy7oGSro8haPrme3f0H1Q9
XT2WUP0OcopMvG+zPGnu3NWWYHeLSQO6AGKjrvXT67Fk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:07 2025 by rpki-client