Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/wd2hirgI11mQKLhhjprRuUOP7oA.roa
File: wd2hirgI11mQKLhhjprRuUOP7oA.roa (raw, json)
Hash identifier: GsX+DKmBn90MHmbcZmPClkk+n3P4+dRp6b8j5UYP+AA=
Subject key identifier: C1:DD:A1:8A:B8:08:D7:59:90:28:B8:61:8E:9A:D1:B9:43:8F:EE:80
Certificate issuer: /CN=2ceadee58f864f472eb422b0b95497b85075a12b
Certificate serial: 01857130807784F0D89B9DFB531ED3151757
Authority key identifier: 2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/wd2hirgI11mQKLhhjprRuUOP7oA.roa
Signing time: Mon 02 Jan 2023 06:34:42 +0000
ROA not before: Mon 02 Jan 2023 06:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200675
IP address blocks: 185.232.76.0/22 maxlen: 22
138.124.188.0/22 maxlen: 22
185.71.176.0/22 maxlen: 22
2a05:3400::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:80:77:84:f0:d8:9b:9d:fb:53:1e:d3:15:17:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ceadee58f864f472eb422b0b95497b85075a12b
Validity
Not Before: Jan 2 06:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1dda18ab808d7599028b8618e9ad1b9438fee80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c3:6a:75:bc:bb:5e:5e:d9:45:2e:06:63:84:
2e:10:3f:b6:82:48:c2:c0:14:e0:81:6e:94:3c:73:
0e:ed:e3:00:91:f1:bf:df:90:9b:94:f1:d5:dd:ea:
43:d0:94:ee:53:9b:a7:c0:4f:98:bf:ad:3e:14:1b:
fe:a3:fd:ac:9c:c8:a2:73:e1:ee:3a:05:0b:da:c4:
de:f3:57:a1:35:1b:dd:0d:a5:29:06:33:85:1b:f3:
42:15:42:f4:58:ab:65:2e:5a:b7:56:6d:d6:d0:7f:
5d:9d:e1:c0:9b:28:b0:54:d6:55:74:a1:ec:6c:32:
7f:50:12:62:62:ff:a8:82:a7:04:07:dd:3b:28:57:
e4:04:2b:3f:03:8d:ea:98:f0:ac:0f:73:a0:b1:75:
6a:ad:ac:15:f8:bf:cb:b8:68:02:08:dc:f3:37:57:
91:a6:99:1d:94:4e:84:f2:46:47:69:b7:b1:86:80:
db:3d:f6:e9:63:0e:af:03:64:f0:23:14:72:77:95:
00:d2:2d:33:04:4e:9a:48:2c:88:0a:99:75:3c:46:
7c:6e:c3:4a:72:04:ce:be:43:98:f9:4c:08:13:e3:
d9:f3:64:cf:0b:96:6b:9c:9e:70:87:a1:fb:f2:34:
41:81:d6:b0:3f:09:d7:bc:9b:a4:f5:02:2f:3f:97:
cd:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DD:A1:8A:B8:08:D7:59:90:28:B8:61:8E:9A:D1:B9:43:8F:EE:80
X509v3 Authority Key Identifier:
keyid:2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/wd2hirgI11mQKLhhjprRuUOP7oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.188.0/22
185.71.176.0/22
185.232.76.0/22
IPv6:
2a05:3400::/29
Signature Algorithm: sha256WithRSAEncryption
ab:5b:58:49:41:04:28:15:ea:a2:30:95:89:34:f1:d9:06:b6:
e5:fd:2e:19:f1:f4:b9:3c:6d:4a:45:76:7d:aa:99:f4:4c:fc:
89:f4:b1:f3:fe:29:93:a9:2d:3a:2b:a4:ca:19:fa:8a:b2:bf:
e4:07:95:88:1c:be:99:87:3b:98:7e:ad:47:70:e8:0a:b5:b8:
b8:c2:3a:f2:da:d0:a1:f6:da:4f:67:9e:06:08:cc:06:77:35:
3b:67:32:db:d1:0b:15:9a:06:65:d9:32:65:40:2d:85:cd:73:
85:ad:27:c6:46:c9:9e:fb:46:b7:f2:3b:aa:84:8f:4a:1d:73:
f5:0d:4b:4c:1b:1d:0f:c6:50:2d:b2:ec:9e:ff:4e:15:7a:b9:
dc:8a:80:70:96:fc:e6:57:59:a1:2b:fa:9e:10:33:4e:0a:09:
9a:1b:6d:79:40:55:ce:79:c0:84:db:ff:98:2a:50:06:94:60:
1f:86:27:96:b1:65:1d:3d:d8:a3:b4:35:ed:88:c7:db:3a:eb:
7c:47:01:83:bf:4f:0d:80:a8:f9:0a:8f:0c:8c:58:d3:2d:55:
40:89:7e:aa:82:1a:ad:2d:fc:7f:d4:5e:67:c2:75:12:41:a5:
be:e6:77:84:d8:83:ff:c3:37:68:a8:44:c6:62:8f:d8:42:89:
79:f3:d0:7b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxMIB3hPDYm537Ux7TFRdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZWFkZWU1OGY4NjRmNDcyZWI0MjJiMGI5NTQ5N2I4NTA3
NWExMmIwHhcNMjMwMTAyMDYzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWRkYTE4YWI4MDhkNzU5OTAyOGI4NjE4ZTlhZDFiOTQzOGZlZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMNqdby7Xl7ZRS4GY4QuED+2gkjC
wBTggW6UPHMO7eMAkfG/35CblPHV3epD0JTuU5unwE+Yv60+FBv+o/2snMiic+Hu
OgUL2sTe81ehNRvdDaUpBjOFG/NCFUL0WKtlLlq3Vm3W0H9dneHAmyiwVNZVdKHs
bDJ/UBJiYv+ogqcEB907KFfkBCs/A43qmPCsD3OgsXVqrawV+L/LuGgCCNzzN1eR
ppkdlE6E8kZHabexhoDbPfbpYw6vA2TwIxRyd5UA0i0zBE6aSCyICpl1PEZ8bsNK
cgTOvkOY+UwIE+PZ82TPC5ZrnJ5wh6H78jRBgdawPwnXvJuk9QIvP5fN7wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMHdoYq4CNdZkCi4YY6a0blDj+6AMB8GA1UdIwQY
MBaAFCzq3uWPhk9HLrQisLlUl7hQdaErMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9yZTVZLUdUMGN1dENLd3VWU1h1RkIxb1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83YzJlODQtZTZjYy00NzUxLTg4N2It
YmM3YTI0YzJlMjE5LzEvd2QyaGlyZ0kxMW1RS0xoaGpwclJ1VU9QN29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83YzJlODQtZTZjYy00NzUxLTg4N2ItYmM3YTI0YzJlMjE5
LzEvTE9yZTVZLUdUMGN1dENLd3VWU1h1RkIxb1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCiny8AwQC
uUewAwQCuehMMA0EAgACMAcDBQMqBTQAMA0GCSqGSIb3DQEBCwUAA4IBAQCrW1hJ
QQQoFeqiMJWJNPHZBrbl/S4Z8fS5PG1KRXZ9qpn0TPyJ9LHz/imTqS06K6TKGfqK
sr/kB5WIHL6ZhzuYfq1HcOgKtbi4wjry2tCh9tpPZ54GCMwGdzU7ZzLb0QsVmgZl
2TJlQC2FzXOFrSfGRsme+0a38juqhI9KHXP1DUtMGx0PxlAtsuye/04VerncioBw
lvzmV1mhK/qeEDNOCgmaG215QFXOecCE2/+YKlAGlGAfhieWsWUdPdijtDXtiMfb
Out8RwGDv08NgKj5Co8MjFjTLVVAiX6qghqtLfx/1F5nwnUSQaW+5neE2IP/wzdo
qETGYo/YQol589B7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:13 2024 by rpki-client on console-fra.rpki-client.org