Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/2Vw8tAyiPIvQElTNL0WFl0SQr-0.roa
File: 2Vw8tAyiPIvQElTNL0WFl0SQr-0.roa (raw, json)
Hash identifier: fXja28bYeWnWI3vEoDvYV7ubgjL6Yc4M4qSoSA/TfwI=
Subject key identifier: D9:5C:3C:B4:0C:A2:3C:8B:D0:12:54:CD:2F:45:85:97:44:90:AF:ED
Certificate issuer: /CN=5df40ee7489e95c57f104271919da268bc513f9b
Certificate serial: 018571BA131202722D8332356754B835255C
Authority key identifier: 5D:F4:0E:E7:48:9E:95:C5:7F:10:42:71:91:9D:A2:68:BC:51:3F:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfQO50ielcV_EEJxkZ2iaLxRP5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/2Vw8tAyiPIvQElTNL0WFl0SQr-0.roa
Signing time: Mon 02 Jan 2023 09:04:58 +0000
ROA not before: Mon 02 Jan 2023 09:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212797
IP address blocks: 194.76.58.0/23 maxlen: 23
194.76.104.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:13:12:02:72:2d:83:32:35:67:54:b8:35:25:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df40ee7489e95c57f104271919da268bc513f9b
Validity
Not Before: Jan 2 09:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d95c3cb40ca23c8bd01254cd2f4585974490afed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d1:c1:7f:19:08:ec:e0:1d:19:46:19:3b:0d:
96:fb:74:c1:e9:95:7b:03:1d:4d:e4:87:ec:88:ee:
9e:ab:09:85:d5:1c:6d:ce:31:3d:0e:07:d9:b8:7d:
a7:21:9d:83:da:07:64:8d:f0:49:e0:8c:64:80:d7:
eb:ac:ff:9e:2e:9d:d9:a3:8c:c3:ab:c2:5d:61:1f:
b2:8d:52:f5:a9:fa:94:53:6e:b8:dc:11:16:d3:32:
5c:48:9a:1c:47:a7:d5:89:50:15:41:a1:e7:f6:cd:
fa:8d:6c:b4:69:b8:7a:d9:3b:6a:99:bd:bf:12:35:
f7:ff:b4:c9:c8:9f:90:89:a7:60:bd:83:fe:21:a3:
f2:f0:b2:80:0f:f3:d0:e7:fb:3c:c6:d4:b5:d7:d0:
fd:0a:94:e3:6c:8c:53:bd:08:25:f2:f4:cc:71:52:
9e:6d:c6:5e:11:b7:33:d5:eb:05:9b:9b:27:d6:5e:
29:84:dd:c6:92:29:f8:fd:2e:c7:68:d2:14:aa:17:
ad:5b:4d:95:0f:b1:aa:e9:31:b9:10:ca:04:e2:f8:
e8:44:a1:02:e6:3c:1c:9e:bf:70:4c:92:ca:cb:73:
49:24:c6:00:71:b5:10:36:86:74:af:4c:66:ee:bd:
1e:41:1b:0c:97:b2:ca:a1:1b:6e:57:8e:10:7d:33:
7a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:5C:3C:B4:0C:A2:3C:8B:D0:12:54:CD:2F:45:85:97:44:90:AF:ED
X509v3 Authority Key Identifier:
keyid:5D:F4:0E:E7:48:9E:95:C5:7F:10:42:71:91:9D:A2:68:BC:51:3F:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfQO50ielcV_EEJxkZ2iaLxRP5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/2Vw8tAyiPIvQElTNL0WFl0SQr-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/XfQO50ielcV_EEJxkZ2iaLxRP5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.58.0/23
194.76.104.0/23
Signature Algorithm: sha256WithRSAEncryption
cd:ec:18:29:2a:d1:ed:7f:90:2c:98:dc:fd:52:f2:68:dd:b4:
6c:b1:d6:52:7b:50:86:db:32:ca:48:d5:06:6e:08:1d:eb:46:
32:45:23:20:b9:96:f5:c6:6b:49:41:aa:d8:7b:25:80:d3:24:
74:88:cc:4a:1e:93:aa:62:94:59:95:4d:dc:c3:a2:e5:77:72:
b4:2f:32:0f:18:c5:94:79:a1:fe:b1:92:b4:76:f4:13:ae:eb:
3b:fb:0a:68:fe:b3:56:5d:06:de:ac:15:0d:ed:1b:d1:07:32:
ee:b9:5e:d2:93:ea:bf:4b:b8:0b:61:40:33:8d:7e:1d:db:c5:
d1:d1:f9:36:85:e6:db:73:a9:05:25:ce:22:da:29:18:aa:8d:
20:32:2b:d6:b5:70:6e:c5:95:fb:82:29:24:c2:10:32:ba:48:
ca:7e:12:10:44:e3:85:ac:a4:26:7c:3b:c5:f4:97:81:47:1e:
d9:2a:05:1a:2d:87:76:5f:58:a6:b2:b5:00:8e:29:d6:b7:63:
3c:42:aa:5f:75:f6:e6:de:dd:fb:c4:c2:77:d3:e4:6d:74:a7:
10:aa:b6:5c:43:f3:a3:42:2b:34:dc:8a:68:f8:d9:53:5a:81:
c3:09:8c:a3:be:f9:e1:97:1c:19:26:0b:85:ce:2c:6e:e3:26:
eb:2a:aa:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxuhMSAnItgzI1Z1S4NSVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjQwZWU3NDg5ZTk1YzU3ZjEwNDI3MTkxOWRhMjY4YmM1
MTNmOWIwHhcNMjMwMTAyMDkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTVjM2NiNDBjYTIzYzhiZDAxMjU0Y2QyZjQ1ODU5NzQ0OTBhZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdHBfxkI7OAdGUYZOw2W+3TB6ZV7
Ax1N5IfsiO6eqwmF1RxtzjE9DgfZuH2nIZ2D2gdkjfBJ4IxkgNfrrP+eLp3Zo4zD
q8JdYR+yjVL1qfqUU2643BEW0zJcSJocR6fViVAVQaHn9s36jWy0abh62Ttqmb2/
EjX3/7TJyJ+QiadgvYP+IaPy8LKAD/PQ5/s8xtS119D9CpTjbIxTvQgl8vTMcVKe
bcZeEbcz1esFm5sn1l4phN3Gkin4/S7HaNIUqhetW02VD7Gq6TG5EMoE4vjoRKEC
5jwcnr9wTJLKy3NJJMYAcbUQNoZ0r0xm7r0eQRsMl7LKoRtuV44QfTN6zwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNlcPLQMojyL0BJUzS9FhZdEkK/tMB8GA1UdIwQY
MBaAFF30DudInpXFfxBCcZGdomi8UT+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZRTzUwaWVsY1ZfRUVKeGtaMmlhTHhSUDVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9hN2U4NTAtMDBiZS00ZGMyLThjNDEt
Mzg2NmI5NWY0ODVmLzEvMlZ3OHRBeWlQSXZRRWxUTkwwV0ZsMFNRci0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9hN2U4NTAtMDBiZS00ZGMyLThjNDEtMzg2NmI5NWY0ODVm
LzEvWGZRTzUwaWVsY1ZfRUVKeGtaMmlhTHhSUDVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwkw6AwQB
wkxoMA0GCSqGSIb3DQEBCwUAA4IBAQDN7BgpKtHtf5AsmNz9UvJo3bRssdZSe1CG
2zLKSNUGbggd60YyRSMguZb1xmtJQarYeyWA0yR0iMxKHpOqYpRZlU3cw6Lld3K0
LzIPGMWUeaH+sZK0dvQTrus7+wpo/rNWXQberBUN7RvRBzLuuV7Sk+q/S7gLYUAz
jX4d28XR0fk2hebbc6kFJc4i2ikYqo0gMivWtXBuxZX7gikkwhAyukjKfhIQROOF
rKQmfDvF9JeBRx7ZKgUaLYd2X1imsrUAjinWt2M8Qqpfdfbm3t37xMJ30+RtdKcQ
qrZcQ/OjQis03Ipo+NlTWoHDCYyjvvnhlxwZJguFzixu4ybrKqrI
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:39 2024 by rpki-client on console-fra.rpki-client.org