Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/duEl8ggmgmo-2I5qTEWaiXeB9bk.roa
File: duEl8ggmgmo-2I5qTEWaiXeB9bk.roa (raw, json)
Hash identifier: V2k3SIsQwFy6/Gk3EYffl7JgA5ksxNCkUKpb4ekVQp8=
Subject key identifier: 76:E1:25:F2:08:26:82:6A:3E:D8:8E:6A:4C:45:9A:89:77:81:F5:B9
Certificate issuer: /CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Certificate serial: 01899371F95EFD0532BFF84FE081D19A8DC9
Authority key identifier: 97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/duEl8ggmgmo-2I5qTEWaiXeB9bk.roa
Signing time: Wed 26 Jul 2023 18:24:27 +0000
ROA not before: Wed 26 Jul 2023 18:24:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42886
IP address blocks: 194.0.95.0/24 maxlen: 24
194.0.94.0/24 maxlen: 24
194.0.92.0/24 maxlen: 24
194.0.93.0/24 maxlen: 24
2001:67c:2dac::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:93:71:f9:5e:fd:05:32:bf:f8:4f:e0:81:d1:9a:8d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Validity
Not Before: Jul 26 18:24:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76e125f20826826a3ed88e6a4c459a897781f5b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:11:d2:4b:66:b8:8d:42:7f:0d:f4:32:e9:15:
e5:73:c1:fb:0f:c5:0a:b3:60:f7:ae:40:b4:f7:7c:
f0:1f:ca:d5:3c:ec:01:5d:1a:f0:38:0c:a4:ca:89:
24:80:22:b8:71:f2:15:6f:af:d6:7e:ed:ee:fe:16:
57:01:fb:08:5c:97:cc:7f:bb:5e:17:6a:8c:96:02:
63:4e:68:ac:70:e8:a5:fc:72:a1:79:9c:5b:15:65:
59:2c:02:e6:49:45:dc:00:07:1a:81:01:db:68:da:
ee:f3:33:85:e2:ec:a3:dc:da:af:29:e7:e2:92:ec:
22:43:e6:83:7a:7c:41:56:db:5e:2f:f4:29:73:a2:
87:9c:f3:9e:c1:72:97:c9:31:3a:9d:d8:6e:ca:56:
bf:23:3f:21:b5:a5:8c:cc:f6:1a:d4:7f:c3:c3:1d:
56:a1:2d:ff:46:db:fc:5d:31:a1:60:9a:0d:28:c2:
f5:63:a3:cc:54:ce:60:28:28:ea:cf:80:6d:b7:02:
b0:85:33:cb:ae:2d:01:b7:28:1c:3b:28:49:83:d0:
22:99:f5:41:16:ba:ec:6a:d7:f1:c9:02:e4:ce:cb:
de:10:16:bf:91:75:36:06:d9:da:e2:49:17:82:f8:
47:c0:44:b2:1d:85:84:14:2f:9a:b8:21:c7:5b:ec:
27:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E1:25:F2:08:26:82:6A:3E:D8:8E:6A:4C:45:9A:89:77:81:F5:B9
X509v3 Authority Key Identifier:
keyid:97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/duEl8ggmgmo-2I5qTEWaiXeB9bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.92.0/22
IPv6:
2001:67c:2dac::/48
Signature Algorithm: sha256WithRSAEncryption
72:a9:d5:f5:b0:0a:d7:ae:0e:48:4a:71:c9:67:39:c0:d8:34:
ae:40:7d:11:57:8f:2e:85:8e:17:31:4b:09:e0:5a:60:96:a5:
79:2e:f2:db:a4:93:3f:d1:04:f2:26:7a:9a:a9:ad:3f:6b:c7:
9e:fc:e2:ba:66:86:0e:00:68:6a:04:76:01:b4:53:76:a6:26:
35:6d:59:21:be:66:3a:51:82:b8:2f:0a:32:b1:2b:db:85:e1:
92:23:7c:a9:64:8f:17:f3:44:82:73:da:7b:51:1b:ff:0e:54:
b8:94:57:94:36:0c:4a:f5:c2:60:f6:35:46:f8:74:3a:ac:04:
38:17:3e:6a:59:49:80:fc:3c:1a:33:5f:a2:45:1d:f2:d0:68:
ce:59:0c:a8:41:c1:79:c3:66:d7:f4:0c:20:15:79:52:12:f2:
1a:e4:63:bc:63:95:3f:70:71:41:39:74:a4:28:c5:5a:88:cb:
47:f5:d1:98:d1:32:ea:3d:e7:e5:3a:49:72:e6:92:14:54:09:
0c:4f:27:87:a9:a1:80:26:c0:5f:7e:f4:dc:22:d2:2d:17:74:
4a:eb:37:bb:cd:05:15:d7:71:54:75:c5:4a:82:3f:c8:92:0a:
92:b8:a1:6b:19:fa:df:30:3f:40:84:56:f9:62:0a:92:ae:f5:
9b:b2:b8:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmTcfle/QUyv/hP4IHRmo3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NzBiZjIzNzVkNTliYTgxYTk5NTVjMDdhMmYwYTIzMjY0
YjYxYTgwHhcNMjMwNzI2MTgyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmUxMjVmMjA4MjY4MjZhM2VkODhlNmE0YzQ1OWE4OTc3ODFmNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxHSS2a4jUJ/DfQy6RXlc8H7D8UK
s2D3rkC093zwH8rVPOwBXRrwOAykyokkgCK4cfIVb6/Wfu3u/hZXAfsIXJfMf7te
F2qMlgJjTmiscOil/HKheZxbFWVZLALmSUXcAAcagQHbaNru8zOF4uyj3NqvKefi
kuwiQ+aDenxBVtteL/Qpc6KHnPOewXKXyTE6ndhuyla/Iz8htaWMzPYa1H/Dwx1W
oS3/Rtv8XTGhYJoNKML1Y6PMVM5gKCjqz4BttwKwhTPLri0BtygcOyhJg9AimfVB
FrrsatfxyQLkzsveEBa/kXU2Btna4kkXgvhHwESyHYWEFC+auCHHW+wnFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHbhJfIIJoJqPtiOakxFmol3gfW5MB8GA1UdIwQY
MBaAFJdwvyN11ZuoGplVwHovCiMmS2GoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWIt
OGQzNGY1NTc4MjJhLzEvZHVFbDhnZ21nbW8tMkk1cVRFV2FpWGVCOWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWItOGQzNGY1NTc4MjJh
LzEvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwgBcMA8E
AgACMAkDBwAgAQZ8LawwDQYJKoZIhvcNAQELBQADggEBAHKp1fWwCteuDkhKccln
OcDYNK5AfRFXjy6FjhcxSwngWmCWpXku8tukkz/RBPImepqprT9rx5784rpmhg4A
aGoEdgG0U3amJjVtWSG+ZjpRgrgvCjKxK9uF4ZIjfKlkjxfzRIJz2ntRG/8OVLiU
V5Q2DEr1wmD2NUb4dDqsBDgXPmpZSYD8PBozX6JFHfLQaM5ZDKhBwXnDZtf0DCAV
eVIS8hrkY7xjlT9wcUE5dKQoxVqIy0f10ZjRMuo95+U6SXLmkhRUCQxPJ4epoYAm
wF9+9Nwi0i0XdErrN7vNBRXXcVR1xUqCP8iSCpK4oWsZ+t8wP0CEVvliCpKu9Zuy
uKY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:43 2024 by rpki-client on console-fra.rpki-client.org