Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2jMqwARGh3aw3gRKa5JAvcp9F4k.roa
File: 2jMqwARGh3aw3gRKa5JAvcp9F4k.roa (raw, json)
Hash identifier: NsOUCfaTeEKaq2SPKf/grluVoNZdbTnfAVrysshhvP4=
Subject key identifier: DA:33:2A:C0:04:46:87:76:B0:DE:04:4A:6B:92:40:BD:CA:7D:17:89
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0192D50A54CA9464C357663B4B055295454F
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2jMqwARGh3aw3gRKa5JAvcp9F4k.roa
Signing time: Mon 28 Oct 2024 21:31:16 +0000
ROA not before: Mon 28 Oct 2024 21:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 147.78.68.0/22 maxlen: 22
193.187.132.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 08 Nov 2024 15:52:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d5:0a:54:ca:94:64:c3:57:66:3b:4b:05:52:95:45:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Oct 28 21:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da332ac004468776b0de044a6b9240bdca7d1789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:51:9c:89:fb:b8:39:27:e6:9e:d4:65:c4:21:
5d:36:2b:6a:cc:b5:de:32:10:36:7c:73:67:3e:be:
9b:2a:6e:12:e9:f8:f4:8e:d0:11:6f:13:69:94:1f:
8d:a6:5c:ac:b4:7e:35:3d:f6:46:27:d5:53:31:96:
a9:67:c7:70:fe:64:f5:10:22:ff:26:9c:aa:16:96:
f0:8b:c5:a1:b7:38:8f:f2:eb:28:4f:5b:46:c0:1f:
e1:c9:17:49:45:9f:80:f7:c1:a7:e3:88:30:d1:98:
06:24:3c:e7:fd:b5:ba:a5:af:ab:7e:df:be:aa:4f:
55:56:9c:d6:5e:79:3f:dd:8d:9e:f4:cd:81:12:1f:
c0:34:57:10:e1:8f:a8:d1:b9:31:da:c9:22:7b:49:
89:9a:8e:58:63:e3:47:f2:be:93:f3:a8:ce:73:da:
aa:74:fa:49:27:e3:a3:03:80:b0:42:99:28:75:16:
3b:9c:bb:63:e9:38:f4:20:1a:de:88:e9:8d:1f:2d:
cd:fb:f2:17:01:ca:e7:1b:79:b2:80:5e:2b:d8:40:
b9:96:69:0f:82:ec:21:8c:a9:0b:f7:92:4f:e2:13:
69:90:5b:ee:e4:13:0c:f0:ca:6d:4d:15:9f:a1:68:
45:d8:3c:ef:93:33:64:75:7d:f1:a3:ae:9c:e1:7c:
3d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:33:2A:C0:04:46:87:76:B0:DE:04:4A:6B:92:40:BD:CA:7D:17:89
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2jMqwARGh3aw3gRKa5JAvcp9F4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.68.0/22
193.187.132.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
03:11:89:a4:fc:53:70:ca:9a:f8:c0:2a:ec:ea:af:22:9d:2f:
7f:94:7b:2c:b8:99:4b:6d:f4:81:21:06:45:a0:cb:67:f6:5b:
aa:19:1e:1a:c6:e5:e0:ad:13:ef:5a:ae:09:ac:a6:a7:13:2e:
34:61:f5:2d:96:11:ee:16:5e:84:de:4b:c7:19:46:cd:db:52:
43:dc:af:90:7f:52:f1:64:a8:d1:52:01:57:36:c7:23:71:a3:
11:57:16:d7:42:c9:d5:ec:79:89:46:80:3d:5b:5b:f2:80:e2:
d3:52:33:a0:6d:a1:50:c2:09:48:35:e0:8a:76:f6:02:e2:91:
80:4e:82:12:38:5f:d6:5f:f8:8d:f9:f2:c8:9b:8c:fe:5d:81:
27:7d:ac:30:ce:d0:83:07:c0:91:5d:71:c3:ab:e0:f5:57:9b:
f3:8d:ab:fb:ee:40:87:ce:13:7e:ad:d1:79:b3:23:f8:7f:af:
b2:1f:09:a6:29:16:21:de:ad:ff:47:d8:8c:71:34:fa:8e:27:
d9:a9:f9:95:1e:f6:5b:b4:67:03:ea:b6:a3:d7:e2:35:90:2a:
01:25:95:f8:2e:e8:18:9b:d7:db:b9:0b:4c:22:39:40:e9:a2:
55:b9:a6:d8:2c:f9:b2:2a:23:ac:0a:ae:59:d9:ed:6a:84:cd:
32:74:08:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLVClTKlGTDV2Y7SwVSlUVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQxMDI4MjEzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTMzMmFjMDA0NDY4Nzc2YjBkZTA0NGE2YjkyNDBiZGNhN2QxNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lGcifu4OSfmntRlxCFdNitqzLXe
MhA2fHNnPr6bKm4S6fj0jtARbxNplB+NplystH41PfZGJ9VTMZapZ8dw/mT1ECL/
JpyqFpbwi8WhtziP8usoT1tGwB/hyRdJRZ+A98Gn44gw0ZgGJDzn/bW6pa+rft++
qk9VVpzWXnk/3Y2e9M2BEh/ANFcQ4Y+o0bkx2skie0mJmo5YY+NH8r6T86jOc9qq
dPpJJ+OjA4CwQpkodRY7nLtj6Tj0IBreiOmNHy3N+/IXAcrnG3mygF4r2EC5lmkP
guwhjKkL95JP4hNpkFvu5BMM8MptTRWfoWhF2DzvkzNkdX3xo66c4Xw9sQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNozKsAERod2sN4ESmuSQL3KfReJMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvMmpNcXdBUkdoM2F3M2dSS2E1SkF2Y3A5RjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCk05EAwQC
wbuEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQADEYmk/FNwypr4wCrs6q8inS9/
lHssuJlLbfSBIQZFoMtn9luqGR4axuXgrRPvWq4JrKanEy40YfUtlhHuFl6E3kvH
GUbN21JD3K+Qf1LxZKjRUgFXNscjcaMRVxbXQsnV7HmJRoA9W1vygOLTUjOgbaFQ
wglINeCKdvYC4pGAToISOF/WX/iN+fLIm4z+XYEnfawwztCDB8CRXXHDq+D1V5vz
jav77kCHzhN+rdF5syP4f6+yHwmmKRYh3q3/R9iMcTT6jifZqfmVHvZbtGcD6raj
1+I1kCoBJZX4LugYm9fbuQtMIjlA6aJVuabYLPmyKiOsCq5Z2e1qhM0ydAhZ
-----END CERTIFICATE-----
Generated at Fri Nov 8 19:11:58 2024 by rpki-client on console-ams.rpki-client.org