Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/t8WeLMs8Davc_WqpalKi-b61A-Y.roa
File: t8WeLMs8Davc_WqpalKi-b61A-Y.roa (raw, json)
Hash identifier: Pv25pJRjmJOTs7oazJbMbhhWPo0QoMLf2MrGKOC/rmE=
Subject key identifier: B7:C5:9E:2C:CB:3C:0D:AB:DC:FD:6A:A9:6A:52:A2:F9:BE:B5:03:E6
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 0187B84A7A09BDF855DBC11ED8E3F7EEBDBA
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/t8WeLMs8Davc_WqpalKi-b61A-Y.roa
Signing time: Tue 25 Apr 2023 12:01:41 +0000
ROA not before: Tue 25 Apr 2023 12:01:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21221
IP address blocks: 217.18.64.0/20 maxlen: 24
178.255.192.0/21 maxlen: 24
2a00:19c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:4a:7a:09:bd:f8:55:db:c1:1e:d8:e3:f7:ee:bd:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Apr 25 12:01:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7c59e2ccb3c0dabdcfd6aa96a52a2f9beb503e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:33:e8:ca:a4:61:73:29:94:a1:b6:5f:42:4f:
55:d4:17:a1:3a:da:f0:12:0f:cf:03:62:36:25:00:
bc:a5:e9:fa:77:74:0f:ee:19:6f:e0:81:b1:2f:4f:
e9:d9:78:6f:bc:bd:14:fd:2a:fa:e5:02:04:ae:5c:
47:4e:db:4a:ce:b2:89:7a:24:d4:dd:45:5c:44:45:
80:30:28:12:95:f2:34:78:0c:3e:f2:a7:e5:18:73:
94:cc:28:f2:f9:96:0c:1f:53:de:ab:a3:7c:19:7f:
a5:35:65:36:29:22:6f:39:4a:19:4e:ba:89:6a:15:
40:fe:64:5a:65:3a:49:b2:79:6f:db:60:11:8f:54:
a5:9e:79:6b:1d:90:1e:47:31:b4:ee:5c:c9:92:87:
e0:9b:5f:c9:18:78:fb:4e:d9:71:23:12:0d:b9:45:
9d:64:39:91:85:31:7d:06:c4:7c:05:da:06:75:03:
2e:d8:6e:ba:17:4c:59:e7:b4:a0:22:9e:8e:c2:bb:
3d:4e:81:0b:f4:22:f5:d1:f6:a5:c4:b6:ae:ed:c1:
8b:21:b7:1b:46:2e:d8:11:b3:3e:6e:1e:36:67:02:
2a:d7:20:f1:22:b8:87:c7:25:99:43:0c:d1:85:fe:
a2:78:e9:21:5b:5e:76:7a:d6:2e:03:96:76:65:81:
66:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C5:9E:2C:CB:3C:0D:AB:DC:FD:6A:A9:6A:52:A2:F9:BE:B5:03:E6
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/t8WeLMs8Davc_WqpalKi-b61A-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.192.0/21
217.18.64.0/20
IPv6:
2a00:19c0::/32
Signature Algorithm: sha256WithRSAEncryption
20:5f:eb:f4:96:41:e1:b9:0a:95:9b:0d:dd:0f:0d:c1:10:a0:
52:f0:33:6e:0f:7e:f8:11:e6:9f:e9:eb:7a:72:cd:c0:08:bc:
4f:ef:87:9b:9d:45:b8:98:10:d7:f4:b3:7b:57:2e:b7:d8:a0:
47:ff:10:1a:af:25:b9:d7:31:22:d0:dc:04:78:28:bb:4c:bb:
ed:83:2f:74:4f:2c:42:0f:cd:3a:b3:d7:74:b5:9d:63:db:5a:
4f:03:83:0c:15:5b:b1:aa:8c:11:aa:93:12:c6:63:97:9f:eb:
4c:01:60:7d:f1:ca:b9:97:46:cd:b6:8c:40:a7:b4:d9:39:51:
06:cc:e3:7f:c5:10:f2:3a:2d:9b:0e:de:8a:27:66:63:91:2c:
5b:57:84:56:db:08:9f:01:41:f1:d4:43:97:8c:3d:31:52:ec:
f4:00:3e:21:23:91:ec:87:54:8d:09:d5:8d:29:0b:fc:f4:a8:
9c:b4:c3:0c:dd:55:6b:57:d1:2d:1f:c3:67:94:3b:b1:2a:a0:
33:ea:c0:8d:b5:db:8b:a7:be:af:a0:b7:f2:36:be:a1:79:c4:
05:c7:4c:0d:99:65:19:df:16:10:ee:ee:c5:63:d1:50:e9:2a:
b5:67:f8:9c:fa:47:7d:72:05:ba:85:9c:c1:aa:73:7c:57:27:
3c:5e:b4:aa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYe4SnoJvfhV28Ee2OP37r26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjMwNDI1MTIwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2M1OWUyY2NiM2MwZGFiZGNmZDZhYTk2YTUyYTJmOWJlYjUwM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzPoyqRhcymUobZfQk9V1BehOtrw
Eg/PA2I2JQC8pen6d3QP7hlv4IGxL0/p2XhvvL0U/Sr65QIErlxHTttKzrKJeiTU
3UVcREWAMCgSlfI0eAw+8qflGHOUzCjy+ZYMH1Peq6N8GX+lNWU2KSJvOUoZTrqJ
ahVA/mRaZTpJsnlv22ARj1SlnnlrHZAeRzG07lzJkofgm1/JGHj7TtlxIxINuUWd
ZDmRhTF9BsR8BdoGdQMu2G66F0xZ57SgIp6Owrs9ToEL9CL10falxLau7cGLIbcb
Ri7YEbM+bh42ZwIq1yDxIriHxyWZQwzRhf6ieOkhW152etYuA5Z2ZYFmcwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLfFnizLPA2r3P1qqWpSovm+tQPmMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvdDhXZUxNczhEYXZjX1dxcGFsS2ktYjYxQS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv/AAwQE
2RJAMA0EAgACMAcDBQAqABnAMA0GCSqGSIb3DQEBCwUAA4IBAQAgX+v0lkHhuQqV
mw3dDw3BEKBS8DNuD374Eeaf6et6cs3ACLxP74ebnUW4mBDX9LN7Vy632KBH/xAa
ryW51zEi0NwEeCi7TLvtgy90TyxCD806s9d0tZ1j21pPA4MMFVuxqowRqpMSxmOX
n+tMAWB98cq5l0bNtoxAp7TZOVEGzON/xRDyOi2bDt6KJ2ZjkSxbV4RW2wifAUHx
1EOXjD0xUuz0AD4hI5Hsh1SNCdWNKQv89KictMMM3VVrV9EtH8NnlDuxKqAz6sCN
tduLp76voLfyNr6hecQFx0wNmWUZ3xYQ7u7FY9FQ6Sq1Z/ic+kd9cgW6hZzBqnN8
Vyc8XrSq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:36 2024 by rpki-client on console-fra.rpki-client.org