Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/K2kTjALHuSOtR3u5y_jzfv6dlgA.roa
File: K2kTjALHuSOtR3u5y_jzfv6dlgA.roa (raw, json)
Hash identifier: K3yDRbaBdyhg0tQs9GNy7SivX38Qeqz9wl0xwVT/KBk=
Subject key identifier: 2B:69:13:8C:02:C7:B9:23:AD:47:7B:B9:CB:F8:F3:7E:FE:9D:96:00
Certificate issuer: /CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Certificate serial: 018570796D3B4EAEE35F358756A73C34B633
Authority key identifier: F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/K2kTjALHuSOtR3u5y_jzfv6dlgA.roa
Signing time: Mon 02 Jan 2023 03:14:44 +0000
ROA not before: Mon 02 Jan 2023 03:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 176.57.178.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:6d:3b:4e:ae:e3:5f:35:87:56:a7:3c:34:b6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Validity
Not Before: Jan 2 03:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b69138c02c7b923ad477bb9cbf8f37efe9d9600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e2:da:9b:6a:ae:59:06:64:b2:d0:8c:da:16:
b9:8e:1f:14:83:c7:da:e4:9e:92:26:74:95:25:48:
24:02:44:44:0d:25:44:b0:e8:b2:ba:0b:5f:13:aa:
e7:97:bf:6a:23:97:0c:12:8a:b1:8f:7f:d6:26:0a:
f9:49:ad:cf:40:3a:81:f3:ea:7c:df:c9:37:76:f4:
f8:2f:bf:56:62:fa:c5:e8:45:60:4d:84:63:24:c6:
12:23:6c:e0:a9:38:e0:74:c7:71:f7:76:ea:53:cf:
4a:b8:e5:4e:8c:33:c6:27:ba:df:e4:f7:5c:54:72:
a1:f8:09:c5:08:4d:c6:e1:3f:19:68:3a:99:2c:fe:
82:c3:10:38:9b:4b:b1:96:08:38:15:5e:07:ab:5f:
d6:c0:7a:59:81:61:1f:97:5d:79:f0:02:39:03:ba:
c4:54:e5:39:57:8b:c6:2c:55:64:ff:6f:51:4c:a7:
66:b3:f5:c1:b2:70:4e:9f:40:9a:f5:3c:5e:e1:4e:
cc:75:cd:ce:90:4e:f7:a5:c2:9c:e8:87:bf:20:0e:
b5:ba:a9:7b:15:2d:87:81:45:1b:f9:f1:39:a9:22:
6d:74:04:8d:26:a7:c6:db:31:19:d0:bf:d1:73:11:
83:39:82:28:b5:d1:18:33:60:bd:86:f0:fe:07:05:
7a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:69:13:8C:02:C7:B9:23:AD:47:7B:B9:CB:F8:F3:7E:FE:9D:96:00
X509v3 Authority Key Identifier:
keyid:F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/K2kTjALHuSOtR3u5y_jzfv6dlgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.178.0/24
Signature Algorithm: sha256WithRSAEncryption
69:df:b4:b3:cb:26:af:08:46:cd:75:7c:cd:e0:1e:bd:36:f5:
01:74:01:a0:dc:01:3c:cb:d2:c6:a5:17:f3:ca:dd:81:fb:c0:
0a:d0:ef:83:88:32:a0:71:f8:ff:9c:b1:c3:d9:95:3c:6b:92:
16:92:53:15:f9:8a:af:df:e5:05:cc:b9:8d:b7:aa:99:81:7a:
3c:4b:27:21:cf:55:2d:64:0e:bb:39:6e:6f:a4:cb:e8:ad:1f:
84:d5:e3:3b:ad:50:a1:64:d8:ca:26:5c:d8:43:a1:6e:a3:cc:
1e:f6:65:47:a7:5b:36:17:8b:c3:2f:1c:a1:69:45:2b:ef:8c:
99:99:56:f6:60:c5:2a:89:0d:2c:54:46:33:65:8f:47:f2:9c:
56:f1:30:69:a9:b9:0e:a4:09:ad:7e:b0:57:0d:31:44:91:f9:
be:f2:09:a9:c4:52:32:50:51:50:96:f1:dd:7c:51:ef:43:f7:
d0:b9:05:b8:c9:dc:c0:cb:2c:3f:be:4a:8f:5d:58:4e:32:81:
16:0d:bc:9f:e6:3f:2b:b9:cf:e4:a5:95:8a:3c:3e:67:98:f4:
4c:95:84:b3:4e:0f:08:17:be:b2:07:f1:0d:b9:df:88:ee:1a:
0d:19:22:39:92:f3:ea:25:4a:11:fc:ad:19:f7:29:32:fd:04:
ea:64:75:ef
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVweW07Tq7jXzWHVqc8NLYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ODU3ZWNmNDQxZTVlYTFkNzE4MWZlYzdlOTdlNmRiYzEy
MjBmYzIwHhcNMjMwMTAyMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjY5MTM4YzAyYzdiOTIzYWQ0NzdiYjljYmY4ZjM3ZWZlOWQ5NjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOLam2quWQZkstCM2ha5jh8Ug8fa
5J6SJnSVJUgkAkREDSVEsOiyugtfE6rnl79qI5cMEoqxj3/WJgr5Sa3PQDqB8+p8
38k3dvT4L79WYvrF6EVgTYRjJMYSI2zgqTjgdMdx93bqU89KuOVOjDPGJ7rf5Pdc
VHKh+AnFCE3G4T8ZaDqZLP6CwxA4m0uxlgg4FV4Hq1/WwHpZgWEfl1158AI5A7rE
VOU5V4vGLFVk/29RTKdms/XBsnBOn0Ca9Txe4U7Mdc3OkE73pcKc6Ie/IA61uql7
FS2HgUUb+fE5qSJtdASNJqfG2zEZ0L/RcxGDOYIotdEYM2C9hvD+BwV6EwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCtpE4wCx7kjrUd7ucv4837+nZYAMB8GA1UdIwQY
MBaAFPiFfs9EHl6h1xgf7H6X5tvBIg/CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JVi16MFFlWHFIWEdCX3NmcGZtMjhFaUQ4SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQz
LWE4OWY4MTc3NjQwNi8xL0sya1RqQUxIdVNPdFIzdTV5X2p6ZnY2ZGxnQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQzLWE4OWY4MTc3NjQw
Ni8xLzEtSVYtejBRZVhxSFhHQl9zZnBmbTI4RWlEOEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACwObIw
DQYJKoZIhvcNAQELBQADggEBAGnftLPLJq8IRs11fM3gHr029QF0AaDcATzL0sal
F/PK3YH7wArQ74OIMqBx+P+cscPZlTxrkhaSUxX5iq/f5QXMuY23qpmBejxLJyHP
VS1kDrs5bm+ky+itH4TV4zutUKFk2MomXNhDoW6jzB72ZUenWzYXi8MvHKFpRSvv
jJmZVvZgxSqJDSxURjNlj0fynFbxMGmpuQ6kCa1+sFcNMUSR+b7yCanEUjJQUVCW
8d18Ue9D99C5BbjJ3MDLLD++So9dWE4ygRYNvJ/mPyu5z+SllYo8PmeY9EyVhLNO
DwgXvrIH8Q2534juGg0ZIjmS8+olShH8rRn3KTL9BOpkde8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:24 2024 by rpki-client on console-fra.rpki-client.org