Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2lXxVCiuGovtowDn1c09ncw1Etc.roa
File: 2lXxVCiuGovtowDn1c09ncw1Etc.roa (raw, json)
Hash identifier: ZZD62PbL5SuNMN2F6RGluz+t22Kf5W6RgbnLrDwITEc=
Subject key identifier: DA:55:F1:54:28:AE:1A:8B:ED:A3:00:E7:D5:CD:3D:9D:CC:35:12:D7
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7BD891FF83972E42C146454C09095
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2lXxVCiuGovtowDn1c09ncw1Etc.roa
Signing time: Mon 02 Jan 2023 08:44:56 +0000
ROA not before: Mon 02 Jan 2023 08:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209868
IP address blocks: 2.57.152.0/22 maxlen: 22
5.253.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:bd:89:1f:f8:39:72:e4:2c:14:64:54:c0:90:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da55f15428ae1a8beda300e7d5cd3d9dcc3512d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5a:5b:28:47:e4:59:ab:90:05:42:f5:64:e6:
12:02:81:b4:b7:e6:25:b6:f7:69:39:1b:b1:e8:e5:
9d:a7:6f:e1:7e:78:39:66:63:b1:be:17:12:8a:4e:
95:36:c1:3f:5a:9f:86:1c:03:27:81:60:b5:ec:1d:
d5:d7:fb:d7:2d:f5:53:c8:8f:cf:e8:a1:77:58:93:
34:20:68:e3:98:96:bf:b9:3c:63:51:6b:a9:ad:b0:
75:d4:ef:eb:90:36:46:33:7b:70:e7:c4:cf:89:71:
fb:e4:95:d4:ce:a3:80:77:8c:5e:c4:24:18:f3:e0:
5f:bf:a2:14:b5:cf:98:1f:4c:b7:2d:32:2c:d3:b9:
83:93:90:9a:a0:27:a7:fd:be:74:25:b5:0f:90:5b:
3a:b8:03:f5:c7:78:b9:32:b7:7e:de:56:72:b1:f4:
88:3c:0d:1b:87:a1:0c:9b:0a:8c:43:4c:b9:7d:a3:
a3:03:89:be:3f:de:40:aa:39:4d:a8:9a:53:17:a7:
bf:a2:f9:f1:6e:71:a9:bb:24:ed:c7:0f:62:97:3f:
f6:a1:66:19:42:cd:f2:d4:86:bf:a3:69:fa:85:61:
e4:16:86:f9:44:bd:3d:97:c7:54:28:7a:72:9f:2d:
67:c3:b8:08:42:fb:51:a2:0f:d0:26:ee:bd:ab:9f:
d0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:55:F1:54:28:AE:1A:8B:ED:A3:00:E7:D5:CD:3D:9D:CC:35:12:D7
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2lXxVCiuGovtowDn1c09ncw1Etc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.152.0/22
5.253.228.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:33:71:a0:5e:88:53:7f:fe:94:2d:3a:98:24:d9:f1:7c:08:
ae:4a:a9:f6:68:60:e0:dd:6c:88:29:79:54:84:67:53:9a:7b:
cb:32:80:d7:80:3a:f5:79:f3:88:2a:e8:55:39:84:a0:2a:ae:
36:af:2a:bc:9a:14:3f:2a:fb:1d:9a:c1:8b:66:9c:a9:95:3e:
4e:4c:84:5b:99:99:4c:63:19:a5:c5:f2:77:90:bd:7e:e0:40:
0e:43:ce:57:23:fa:c4:a0:3f:da:04:33:a9:56:e5:cc:16:2c:
36:8a:1a:40:6d:1d:e4:24:60:b5:0c:c5:b3:04:be:e8:3c:71:
0e:54:30:99:83:83:ba:fe:c5:c8:4a:67:14:ff:78:c1:43:27:
0f:0e:60:ca:db:25:1b:82:19:e3:67:67:d0:29:31:d2:5a:e0:
d9:68:b4:08:7e:45:26:33:38:bd:f3:06:81:97:4e:5f:43:5c:
61:83:65:36:0b:ae:11:bd:38:53:8c:c2:bf:32:28:a0:2f:02:
8c:c2:8f:99:49:43:d7:4f:2f:29:e9:0e:8f:f1:33:e0:12:6e:
1d:c9:bb:41:0c:70:3b:36:1f:eb:4e:90:72:85:79:f6:bb:1f:
8d:29:52:5e:f3:c6:4a:b7:a4:85:f4:f8:59:f8:76:56:a3:81:
5d:65:c3:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp72JH/g5cuQsFGRUwJCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTU1ZjE1NDI4YWUxYThiZWRhMzAwZTdkNWNkM2Q5ZGNjMzUxMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFpbKEfkWauQBUL1ZOYSAoG0t+Yl
tvdpORux6OWdp2/hfng5ZmOxvhcSik6VNsE/Wp+GHAMngWC17B3V1/vXLfVTyI/P
6KF3WJM0IGjjmJa/uTxjUWuprbB11O/rkDZGM3tw58TPiXH75JXUzqOAd4xexCQY
8+Bfv6IUtc+YH0y3LTIs07mDk5CaoCen/b50JbUPkFs6uAP1x3i5Mrd+3lZysfSI
PA0bh6EMmwqMQ0y5faOjA4m+P95AqjlNqJpTF6e/ovnxbnGpuyTtxw9ilz/2oWYZ
Qs3y1Ia/o2n6hWHkFob5RL09l8dUKHpyny1nw7gIQvtRog/QJu69q5/QFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNpV8VQorhqL7aMA59XNPZ3MNRLXMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvMmxYeFZDaXVHb3Z0b3dEbjFjMDluY3cxRXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjmYAwQC
Bf3kMA0GCSqGSIb3DQEBCwUAA4IBAQAfM3GgXohTf/6ULTqYJNnxfAiuSqn2aGDg
3WyIKXlUhGdTmnvLMoDXgDr1efOIKuhVOYSgKq42ryq8mhQ/KvsdmsGLZpyplT5O
TIRbmZlMYxmlxfJ3kL1+4EAOQ85XI/rEoD/aBDOpVuXMFiw2ihpAbR3kJGC1DMWz
BL7oPHEOVDCZg4O6/sXISmcU/3jBQycPDmDK2yUbghnjZ2fQKTHSWuDZaLQIfkUm
Mzi98waBl05fQ1xhg2U2C64RvThTjMK/MiigLwKMwo+ZSUPXTy8p6Q6P8TPgEm4d
ybtBDHA7Nh/rTpByhXn2ux+NKVJe88ZKt6SF9PhZ+HZWo4FdZcNZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org