Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/2WaYR4wy968TxSLO-CjGKO4D7QQ.roa
File: 2WaYR4wy968TxSLO-CjGKO4D7QQ.roa (raw, json)
Hash identifier: ReWioGF6EIQk42R+HATAZVjDC/c1RTLa6hcl+Tn6mQw=
Subject key identifier: D9:66:98:47:8C:32:F7:AF:13:C5:22:CE:F8:28:C6:28:EE:03:ED:04
Certificate issuer: /CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
Certificate serial: 018CC94DEE876C541494A25CAE2F62935940
Authority key identifier: D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/2WaYR4wy968TxSLO-CjGKO4D7QQ.roa
Signing time: Tue 02 Jan 2024 08:32:56 +0000
ROA not before: Tue 02 Jan 2024 08:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29063
IP address blocks: 83.138.0.0/21 maxlen: 24
212.25.192.0/20 maxlen: 24
212.25.212.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 13:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ee:87:6c:54:14:94:a2:5c:ae:2f:62:93:59:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
Validity
Not Before: Jan 2 08:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d96698478c32f7af13c522cef828c628ee03ed04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cc:f2:d3:39:b2:f2:27:23:81:ed:ea:39:e7:
65:28:e8:3f:31:8a:81:47:f0:1a:8e:a7:2a:bd:73:
15:e3:75:1f:b6:68:dd:8f:3d:d7:15:e8:6d:3e:77:
be:7d:88:b5:c1:35:f1:18:bc:98:71:7b:a3:6c:5a:
29:f2:ff:90:9a:1f:8e:82:28:52:93:05:7e:bb:99:
d2:99:1d:0a:ea:fc:78:b3:1c:10:10:18:92:8f:aa:
da:38:cb:0c:25:72:ce:c5:c5:8d:aa:b4:2f:b1:6c:
45:32:06:76:fe:70:9b:84:ed:8b:33:6c:57:a1:6e:
4d:6b:30:56:cd:54:5b:3b:0a:70:d7:37:0b:9d:fa:
9b:d9:4b:7f:4c:a1:c9:6e:74:b2:66:2c:81:5f:92:
85:01:7b:58:52:58:bf:0a:d3:f0:52:00:7b:52:d2:
9b:3d:89:3f:4e:71:4c:2a:12:8b:3f:4a:25:8f:e7:
79:f1:7a:76:d5:b8:26:2d:c4:f5:6e:d9:06:44:57:
42:23:6b:4f:d3:c9:9b:27:5a:cd:0a:ee:8d:b4:84:
c9:dd:fe:0e:93:78:74:d7:3e:74:a2:32:ec:c9:86:
d2:dc:f6:3d:ec:8f:2a:07:4c:f9:c8:ed:73:24:d7:
9e:ee:4a:c8:7d:d8:6d:82:ff:c7:e0:74:b9:ba:d3:
20:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:66:98:47:8C:32:F7:AF:13:C5:22:CE:F8:28:C6:28:EE:03:ED:04
X509v3 Authority Key Identifier:
keyid:D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/2WaYR4wy968TxSLO-CjGKO4D7QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.138.0.0/21
212.25.192.0/20
212.25.212.0/23
Signature Algorithm: sha256WithRSAEncryption
78:1c:6b:b5:fb:87:b2:61:94:f6:c1:01:ab:51:fc:1e:87:22:
4b:21:3a:64:d0:a8:a8:c1:df:cf:70:fe:05:f1:d7:59:97:01:
db:85:cb:18:5d:12:68:da:92:e8:44:cc:d4:00:b4:a9:f0:31:
fa:73:d5:ba:16:d8:a7:33:df:0e:8c:15:60:c4:68:83:68:cc:
c9:f5:9c:88:21:d7:db:6c:32:07:d4:d2:e9:bd:f6:64:9c:fd:
0f:82:62:c8:c3:a1:8a:7c:6c:4e:78:bc:8c:c2:cf:d3:9c:19:
ee:32:70:81:e4:74:5f:00:27:9d:16:2a:65:5a:20:c1:93:fa:
63:ad:c2:8a:1d:d1:e4:5e:60:6d:7d:03:12:d3:bc:41:65:9d:
91:82:a8:ce:05:85:f9:e6:b5:cf:7a:78:5b:02:76:d5:30:d8:
62:c4:a3:41:f1:a8:6e:8f:b6:49:22:cb:17:75:2e:3d:f7:23:
a9:6b:a0:d5:7e:4e:25:02:a3:5b:30:48:d9:03:b3:6d:60:84:
a6:f1:4d:56:2d:7e:ae:d7:2f:e0:2c:fa:be:15:79:ab:b4:92:
0e:fd:6f:fc:fd:3c:3e:e0:a0:89:0e:04:06:50:c9:a9:81:e1:
25:36:82:71:94:30:cc:54:f6:e0:38:bd:ad:4d:5d:61:4f:a0:
59:e4:6e:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTe6HbFQUlKJcri9ik1lAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNmJmZDkyOGJjY2I0MmFkOWM0NjhhNTUyYWI3MzkzZmRk
ODcwOTUwHhcNMjQwMTAyMDgzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTY2OTg0NzhjMzJmN2FmMTNjNTIyY2VmODI4YzYyOGVlMDNlZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMzy0zmy8icjge3qOedlKOg/MYqB
R/AajqcqvXMV43Uftmjdjz3XFehtPne+fYi1wTXxGLyYcXujbFop8v+Qmh+OgihS
kwV+u5nSmR0K6vx4sxwQEBiSj6raOMsMJXLOxcWNqrQvsWxFMgZ2/nCbhO2LM2xX
oW5NazBWzVRbOwpw1zcLnfqb2Ut/TKHJbnSyZiyBX5KFAXtYUli/CtPwUgB7UtKb
PYk/TnFMKhKLP0olj+d58Xp21bgmLcT1btkGRFdCI2tP08mbJ1rNCu6NtITJ3f4O
k3h01z50ojLsyYbS3PY97I8qB0z5yO1zJNee7krIfdhtgv/H4HS5utMgowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNlmmEeMMvevE8UizvgoxijuA+0EMB8GA1UdIwQY
MBaAFNNr/ZKLzLQq2cRopVKrc5P92HCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjkt
YTc0ZTRhODg3ODA0LzEvMldhWVI0d3k5NjhUeFNMTy1DakdLTzREN1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjktYTc0ZTRhODg3ODA0
LzEvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDU4oAAwQE
1BnAAwQB1BnUMA0GCSqGSIb3DQEBCwUAA4IBAQB4HGu1+4eyYZT2wQGrUfwehyJL
ITpk0Kiowd/PcP4F8ddZlwHbhcsYXRJo2pLoRMzUALSp8DH6c9W6FtinM98OjBVg
xGiDaMzJ9ZyIIdfbbDIH1NLpvfZknP0PgmLIw6GKfGxOeLyMws/TnBnuMnCB5HRf
ACedFiplWiDBk/pjrcKKHdHkXmBtfQMS07xBZZ2RgqjOBYX55rXPenhbAnbVMNhi
xKNB8ahuj7ZJIssXdS499yOpa6DVfk4lAqNbMEjZA7NtYISm8U1WLX6u1y/gLPq+
FXmrtJIO/W/8/Tw+4KCJDgQGUMmpgeElNoJxlDDMVPbgOL2tTV1hT6BZ5G6Q
-----END CERTIFICATE-----
Generated at Wed Feb 14 18:19:20 2024 by rpki-client on console-fra.rpki-client.org