Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/qi1NpOh5YlCkOTDzrWF4fUG0wfA.roa
File: qi1NpOh5YlCkOTDzrWF4fUG0wfA.roa (raw, json)
Hash identifier: oZvjqXr2mCvlk77m0jjPyJKg0mfr1F7N3GQ5Ubmj+YU=
Subject key identifier: AA:2D:4D:A4:E8:79:62:50:A4:39:30:F3:AD:61:78:7D:41:B4:C1:F0
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0187D8A69AAB6202B3F00DBF3F1EE6849F51
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/qi1NpOh5YlCkOTDzrWF4fUG0wfA.roa
Signing time: Mon 01 May 2023 18:50:09 +0000
ROA not before: Mon 01 May 2023 18:50:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202798
IP address blocks: 2.189.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d8:a6:9a:ab:62:02:b3:f0:0d:bf:3f:1e:e6:84:9f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 1 18:50:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa2d4da4e8796250a43930f3ad61787d41b4c1f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:85:6c:8d:20:fb:1e:f7:a0:f1:fd:94:d1:1c:
31:bd:ce:7c:85:7e:b8:47:24:df:82:fd:59:c8:38:
bd:8f:5e:55:b3:79:55:b2:df:af:3c:31:67:d5:a9:
61:8f:63:50:e6:5d:01:67:b9:ad:b8:ee:8d:97:56:
0b:1b:02:2d:8f:b4:49:bd:b1:5a:f8:86:13:0e:50:
94:46:d3:f4:b4:6b:0e:7c:09:2a:96:95:e8:53:84:
3a:b1:06:ee:bd:9b:4d:d9:96:30:a8:56:62:96:df:
fa:af:1f:90:ee:5c:c2:46:7d:09:4c:5f:bb:c9:54:
d3:b2:77:9b:db:8a:4f:ad:26:cc:4f:4d:9d:78:78:
e4:1e:50:eb:07:c2:31:6c:48:21:f9:24:10:0a:d9:
d8:76:42:62:3e:3a:02:d1:97:44:7b:81:d5:53:e9:
0e:c2:fd:88:bf:2b:d8:66:ca:c0:2e:20:d5:2e:06:
75:41:e6:c2:3f:f2:e8:3d:7e:c0:c3:81:b6:be:ec:
6a:96:dc:da:c3:0d:98:25:35:34:e3:71:d1:9c:b3:
1e:b2:f9:3e:2c:77:c7:f2:18:16:e2:74:b9:b8:a1:
71:3a:58:a0:80:52:50:f3:6c:78:12:5c:6c:39:4e:
b7:52:a5:c2:8b:1d:f1:a4:1a:03:e6:ab:4a:84:ee:
f9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2D:4D:A4:E8:79:62:50:A4:39:30:F3:AD:61:78:7D:41:B4:C1:F0
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/qi1NpOh5YlCkOTDzrWF4fUG0wfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.189.58.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ba:b1:96:29:ce:0d:3f:76:8d:c9:85:75:4f:b8:a6:9b:44:
18:09:b2:b9:95:f6:ae:67:1a:9d:d6:e0:f3:69:65:45:b8:bd:
43:ba:db:2e:e0:54:ad:20:2e:4a:cb:54:f0:b3:23:a9:b2:d6:
f6:1d:a0:8c:49:a4:57:32:af:d5:76:01:d6:da:6e:c4:86:5a:
72:3a:41:05:8c:47:1a:bc:b1:02:ce:e5:eb:95:78:c3:f4:1c:
3f:af:45:10:78:f7:a3:bf:41:73:73:7e:ec:db:97:82:5d:f4:
9d:07:f7:d3:c8:b1:db:f3:ca:dd:9a:da:f8:68:d2:4c:72:1d:
d6:46:b6:e2:77:2f:5c:1c:25:dc:51:27:bc:92:81:c2:af:0f:
66:78:79:53:3f:c6:f6:15:4e:10:0d:97:54:57:cb:50:3e:58:
fc:1c:3b:8a:3e:f5:82:2d:7e:7a:58:7f:36:22:6f:c5:4f:f6:
9a:d9:d5:b9:95:f0:ac:4e:0f:ee:52:ed:df:94:4a:86:f8:72:
ef:1b:26:da:6e:6f:16:c4:50:b5:ab:41:0f:ae:ff:8b:f4:52:
f2:2e:29:59:e4:61:4b:5d:96:62:92:54:49:7d:a8:6a:5d:95:
4b:9c:b3:cb:d7:32:0e:b0:eb:99:c9:d3:81:b8:93:3e:f4:4f:
0e:1d:27:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfYppqrYgKz8A2/Px7mhJ9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTAxMTg1MDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTJkNGRhNGU4Nzk2MjUwYTQzOTMwZjNhZDYxNzg3ZDQxYjRjMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4VsjSD7Hveg8f2U0Rwxvc58hX64
RyTfgv1ZyDi9j15Vs3lVst+vPDFn1alhj2NQ5l0BZ7mtuO6Nl1YLGwItj7RJvbFa
+IYTDlCURtP0tGsOfAkqlpXoU4Q6sQbuvZtN2ZYwqFZilt/6rx+Q7lzCRn0JTF+7
yVTTsneb24pPrSbMT02deHjkHlDrB8IxbEgh+SQQCtnYdkJiPjoC0ZdEe4HVU+kO
wv2IvyvYZsrALiDVLgZ1QebCP/LoPX7Aw4G2vuxqltzaww2YJTU043HRnLMesvk+
LHfH8hgW4nS5uKFxOliggFJQ82x4ElxsOU63UqXCix3xpBoD5qtKhO75swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKotTaToeWJQpDkw861heH1BtMHwMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvcWkxTnBPaDVZbENrT1REenJXRjRmVUcwd2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAr06MA0G
CSqGSIb3DQEBCwUAA4IBAQBxurGWKc4NP3aNyYV1T7imm0QYCbK5lfauZxqd1uDz
aWVFuL1Dutsu4FStIC5Ky1TwsyOpstb2HaCMSaRXMq/VdgHW2m7EhlpyOkEFjEca
vLECzuXrlXjD9Bw/r0UQePejv0Fzc37s25eCXfSdB/fTyLHb88rdmtr4aNJMch3W
Rrbidy9cHCXcUSe8koHCrw9meHlTP8b2FU4QDZdUV8tQPlj8HDuKPvWCLX56WH82
Im/FT/aa2dW5lfCsTg/uUu3flEqG+HLvGybabm8WxFC1q0EPrv+L9FLyLilZ5GFL
XZZiklRJfahqXZVLnLPL1zIOsOuZydOBuJM+9E8OHSf9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org