Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/2EqObP7yzRkw3OBD-aVlUHgbVBQ.roa
File: 2EqObP7yzRkw3OBD-aVlUHgbVBQ.roa (raw, json)
Hash identifier: r+oIjG66fBziDXO2ajXTLc7seBdAcbJy9kA/uOajFnI=
Subject key identifier: D8:4A:8E:6C:FE:F2:CD:19:30:DC:E0:43:F9:A5:65:50:78:1B:54:14
Certificate issuer: /CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Certificate serial: 0185703984A9BD20A78371FE364B8E3F9D98
Authority key identifier: 9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/2EqObP7yzRkw3OBD-aVlUHgbVBQ.roa
Signing time: Mon 02 Jan 2023 02:04:55 +0000
ROA not before: Mon 02 Jan 2023 02:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209275
IP address blocks: 185.174.31.0/24 maxlen: 24
2a05:9bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 04 Jul 2023 14:15:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:84:a9:bd:20:a7:83:71:fe:36:4b:8e:3f:9d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Validity
Not Before: Jan 2 02:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d84a8e6cfef2cd1930dce043f9a56550781b5414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:da:fa:2c:40:3f:44:a2:f7:40:0b:4a:2e:48:
68:6e:f8:ce:48:1c:39:d9:6c:94:e1:1b:35:6d:6e:
9e:06:d1:9c:2c:be:41:9e:d4:a7:fb:68:e5:83:19:
db:48:73:60:40:62:7a:a8:7c:e7:f9:7a:a3:6a:d8:
d2:22:41:2c:bb:f0:d8:73:0d:ca:58:b9:45:45:08:
5c:95:1d:6c:49:9e:1a:18:f3:b8:3d:a8:11:c0:fa:
55:6d:55:c6:d4:28:6a:32:f6:a5:5e:74:05:c4:e9:
9e:8b:bc:85:84:a3:52:10:15:52:d0:46:5a:f4:a6:
55:fd:7e:c4:9f:78:0f:e1:ce:aa:8c:75:a7:2e:cb:
87:af:42:29:2a:6c:c8:a2:49:cc:4a:da:9b:16:82:
e0:7c:50:da:f7:b6:d2:8d:c5:30:88:b3:d0:17:70:
01:e2:60:8f:e2:4b:7c:0b:d0:b8:6c:2c:5a:20:88:
ba:c7:92:c3:73:f6:82:25:af:9d:7d:fd:66:d6:0c:
8b:54:1c:56:d3:b6:09:f5:2d:fe:4c:3b:de:ed:40:
43:74:e4:c4:72:30:96:78:27:95:44:2e:00:8b:73:
bf:48:22:19:19:6c:ef:c5:e7:a6:c7:24:f0:91:c0:
bc:23:d5:7d:85:e8:6e:b8:d2:53:db:32:96:88:2b:
df:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4A:8E:6C:FE:F2:CD:19:30:DC:E0:43:F9:A5:65:50:78:1B:54:14
X509v3 Authority Key Identifier:
keyid:9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/2EqObP7yzRkw3OBD-aVlUHgbVBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.31.0/24
IPv6:
2a05:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
76:66:62:d5:de:06:9e:e3:ec:8d:7e:a7:ea:61:c6:2e:e0:a7:
03:86:81:91:7c:0a:21:f8:db:5e:d7:26:c7:ac:15:25:b3:31:
79:95:ac:e5:aa:3d:4d:6d:0e:1d:1a:6a:5f:00:22:a9:a2:dc:
bf:be:b2:a9:d8:42:25:97:1e:eb:58:a1:b9:24:5f:f9:42:82:
5a:65:42:c3:1f:8a:10:c0:58:ec:84:65:7e:ff:83:ed:ac:85:
05:50:0e:9d:fd:19:e6:35:cc:8c:83:02:11:3a:5a:b5:d9:f5:
c0:b2:b8:92:0d:30:b0:c7:6e:02:3a:17:f6:3b:51:01:46:b3:
56:20:fc:d7:13:fe:d1:32:5a:89:5b:65:f9:93:4a:ae:0a:77:
85:80:00:82:64:68:bf:6f:cf:70:9b:9f:01:53:9e:8c:33:2f:
c7:57:b6:d3:49:cb:f9:7a:68:af:30:46:f8:f8:c0:8a:ea:12:
8c:d5:d1:f1:11:9a:fd:2f:31:3a:c7:ad:58:c4:e3:61:a6:3d:
22:75:28:a5:ba:9e:41:ae:83:f2:22:d2:cb:44:b8:5e:14:1b:
07:34:cc:4c:12:67:65:9d:23:76:8a:9b:df:bd:1f:1f:e4:ae:
8d:9e:2a:49:5a:43:6a:f0:9c:19:73:87:cc:d5:eb:6c:4e:8a:
80:2c:0f:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwOYSpvSCng3H+NkuOP52YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTEzOGUxZmFjZjdiNjVkYmI1NzVmYTdkNDcyNDBjMjc4
YjM0ZGYwHhcNMjMwMTAyMDIwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODRhOGU2Y2ZlZjJjZDE5MzBkY2UwNDNmOWE1NjU1MDc4MWI1NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidr6LEA/RKL3QAtKLkhobvjOSBw5
2WyU4Rs1bW6eBtGcLL5BntSn+2jlgxnbSHNgQGJ6qHzn+XqjatjSIkEsu/DYcw3K
WLlFRQhclR1sSZ4aGPO4PagRwPpVbVXG1ChqMvalXnQFxOmei7yFhKNSEBVS0EZa
9KZV/X7En3gP4c6qjHWnLsuHr0IpKmzIoknMStqbFoLgfFDa97bSjcUwiLPQF3AB
4mCP4kt8C9C4bCxaIIi6x5LDc/aCJa+dff1m1gyLVBxW07YJ9S3+TDve7UBDdOTE
cjCWeCeVRC4Ai3O/SCIZGWzvxeemxyTwkcC8I9V9hehuuNJT2zKWiCvfcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNhKjmz+8s0ZMNzgQ/mlZVB4G1QUMB8GA1UdIwQY
MBaAFJ1ROOH6z3tl27V1+n1HJAwnizTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2Qt
YzJlZmViM2IzMmE1LzEvMkVxT2JQN3l6Umt3M09CRC1hVmxVSGdiVkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2QtYzJlZmViM2IzMmE1
LzEvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAua4fMA0E
AgACMAcDBQMqBZvAMA0GCSqGSIb3DQEBCwUAA4IBAQB2ZmLV3gae4+yNfqfqYcYu
4KcDhoGRfAoh+Nte1ybHrBUlszF5lazlqj1NbQ4dGmpfACKpoty/vrKp2EIllx7r
WKG5JF/5QoJaZULDH4oQwFjshGV+/4PtrIUFUA6d/RnmNcyMgwIROlq12fXAsriS
DTCwx24COhf2O1EBRrNWIPzXE/7RMlqJW2X5k0quCneFgACCZGi/b89wm58BU56M
My/HV7bTScv5emivMEb4+MCK6hKM1dHxEZr9LzE6x61YxONhpj0idSilup5BroPy
ItLLRLheFBsHNMxMEmdlnSN2ipvfvR8f5K6NnipJWkNq8JwZc4fM1etsToqALA9r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:00 2024 by rpki-client on console-fra.rpki-client.org