Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/vF2gOm1TA4YyvCS5Vd6Qt2I7c5U.roa
File: vF2gOm1TA4YyvCS5Vd6Qt2I7c5U.roa (raw, json)
Hash identifier: +WHx8tcQFHpIytGEbF5fHRn9pk2AxjakxLyDj7VJCrQ=
Subject key identifier: BC:5D:A0:3A:6D:53:03:86:32:BC:24:B9:55:DE:90:B7:62:3B:73:95
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01856FD5260A8E4B720759303357068EE112
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/vF2gOm1TA4YyvCS5Vd6Qt2I7c5U.roa
Signing time: Mon 02 Jan 2023 00:15:17 +0000
ROA not before: Mon 02 Jan 2023 00:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35744
IP address blocks: 2.57.56.0/24 maxlen: 24
2a03:3060:5353::/48 maxlen: 48
2a02:40c0:5353::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 06 Oct 2023 10:28:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:26:0a:8e:4b:72:07:59:30:33:57:06:8e:e1:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 2 00:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc5da03a6d53038632bc24b955de90b7623b7395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fd:ce:f1:26:af:2d:f5:0c:64:6a:5d:0e:ae:
2a:66:69:97:26:79:af:e6:ff:61:3a:a6:3e:aa:8c:
64:80:5c:af:94:76:b5:34:39:fc:93:c1:83:66:54:
01:af:3b:cb:c2:a8:5d:0a:59:d0:64:37:cd:1f:0b:
27:5d:99:6e:c9:26:52:eb:81:63:85:ca:ec:36:6e:
ce:c1:ca:f0:de:ff:30:2b:8b:e7:17:17:22:ce:c0:
d2:90:7a:a4:da:9b:75:7a:22:8e:2d:3b:4e:5a:c8:
83:26:e9:00:cc:13:3f:23:3f:2a:9c:cc:7a:67:4c:
73:ec:49:e6:7a:48:b5:2c:42:ba:92:68:35:37:de:
62:85:2b:1a:4f:a7:d8:3f:52:85:ba:8d:a3:cc:d3:
2e:7e:83:30:be:df:ef:cd:5f:5b:55:16:05:40:1b:
0f:1c:f8:c2:4c:af:d2:70:02:bc:a2:c1:1e:1d:43:
db:d5:1c:09:9b:4f:e3:3a:11:64:94:d5:6f:dc:17:
db:30:dd:f0:d4:97:f0:d6:b1:b9:ba:53:df:68:76:
0c:51:9f:4b:55:d2:2b:1f:3a:aa:3e:cb:55:26:19:
dc:1a:e5:59:1a:db:d7:a5:0e:33:60:1c:3d:11:fc:
70:52:e0:a0:bf:84:03:a2:36:e9:07:23:40:ef:2e:
1f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:5D:A0:3A:6D:53:03:86:32:BC:24:B9:55:DE:90:B7:62:3B:73:95
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/vF2gOm1TA4YyvCS5Vd6Qt2I7c5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.56.0/24
IPv6:
2a02:40c0:5353::/48
2a03:3060:5353::/48
Signature Algorithm: sha256WithRSAEncryption
59:3a:c7:d6:12:d9:8e:45:a5:9a:79:d4:08:67:18:31:b7:1a:
a3:7e:d0:10:33:2e:26:1f:90:19:03:d0:f5:76:38:9c:43:77:
7c:9f:56:ad:4d:e8:49:8a:4f:27:f5:10:c1:e2:65:17:b4:23:
05:2e:d3:85:fe:1f:cc:42:6d:0b:67:18:63:ec:8b:20:21:5a:
65:4a:70:62:52:b8:50:1c:28:26:c0:4d:5f:f1:1e:6f:82:35:
ee:92:04:5b:24:95:39:03:3d:51:76:fe:88:2c:2c:9c:c9:d5:
5f:38:6b:26:7d:28:48:eb:07:ca:c5:bb:38:65:80:4f:76:26:
e3:ec:a2:e0:00:44:90:08:fe:5f:b1:06:48:b9:3c:b0:e4:46:
2c:73:14:ca:02:25:99:ef:ab:c9:08:b0:04:1b:a1:2e:85:89:
61:28:e3:8e:cb:c8:b6:fa:0a:9f:98:45:b4:7c:ca:5f:83:ea:
f4:25:2c:9f:09:e2:00:c1:74:b8:0b:fd:35:99:e4:7d:56:6d:
47:f4:82:ce:4c:cd:83:aa:a3:ce:33:ec:ea:8b:c8:33:11:f3:
f1:ff:d2:24:93:74:43:7a:8c:29:66:8b:d4:35:cf:7f:0e:8e:
b0:4c:d4:a0:26:1e:56:b7:4c:69:bb:d8:ec:14:b2:f7:37:26:
6f:de:da:72
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVv1SYKjktyB1kwM1cGjuESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMTAyMDAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzVkYTAzYTZkNTMwMzg2MzJiYzI0Yjk1NWRlOTBiNzYyM2I3Mzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxP3O8SavLfUMZGpdDq4qZmmXJnmv
5v9hOqY+qoxkgFyvlHa1NDn8k8GDZlQBrzvLwqhdClnQZDfNHwsnXZluySZS64Fj
hcrsNm7Owcrw3v8wK4vnFxcizsDSkHqk2pt1eiKOLTtOWsiDJukAzBM/Iz8qnMx6
Z0xz7Enmeki1LEK6kmg1N95ihSsaT6fYP1KFuo2jzNMufoMwvt/vzV9bVRYFQBsP
HPjCTK/ScAK8osEeHUPb1RwJm0/jOhFklNVv3BfbMN3w1Jfw1rG5ulPfaHYMUZ9L
VdIrHzqqPstVJhncGuVZGtvXpQ4zYBw9EfxwUuCgv4QDojbpByNA7y4fwwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLxdoDptUwOGMrwkuVXekLdiO3OVMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvdkYyZ09tMVRBNFl5dkNTNVZkNlF0Mkk3YzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAAjk4MBgE
AgACMBIDBwAqAkDAU1MDBwAqAzBgU1MwDQYJKoZIhvcNAQELBQADggEBAFk6x9YS
2Y5FpZp51AhnGDG3GqN+0BAzLiYfkBkD0PV2OJxDd3yfVq1N6EmKTyf1EMHiZRe0
IwUu04X+H8xCbQtnGGPsiyAhWmVKcGJSuFAcKCbATV/xHm+CNe6SBFsklTkDPVF2
/ogsLJzJ1V84ayZ9KEjrB8rFuzhlgE92JuPsouAARJAI/l+xBki5PLDkRixzFMoC
JZnvq8kIsAQboS6FiWEo447LyLb6Cp+YRbR8yl+D6vQlLJ8J4gDBdLgL/TWZ5H1W
bUf0gs5MzYOqo84z7OqLyDMR8/H/0iSTdEN6jClmi9Q1z38OjrBM1KAmHla3TGm7
2OwUsvc3Jm/e2nI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org