Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/4b1a80-4e5f-49e7-b502-a22ffee4a515/1/2PzRllNe4g6vT_xF6eEUXHsFbEs.roa
File: 2PzRllNe4g6vT_xF6eEUXHsFbEs.roa (raw, json)
Hash identifier: 2p3ZuMzt0ZeLSpadVuFr9suPzwh7C9NB8ZzGWnQg1fo=
Subject key identifier: D8:FC:D1:96:53:5E:E2:0E:AF:4F:FC:45:E9:E1:14:5C:7B:05:6C:4B
Certificate issuer: /CN=a2d952245bb34e40cdab5d4b090143c0d8581390
Certificate serial: 01856F1D8FBE26C19428338B01046F221A04
Authority key identifier: A2:D9:52:24:5B:B3:4E:40:CD:AB:5D:4B:09:01:43:C0:D8:58:13:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otlSJFuzTkDNq11LCQFDwNhYE5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/4b1a80-4e5f-49e7-b502-a22ffee4a515/1/2PzRllNe4g6vT_xF6eEUXHsFbEs.roa
Signing time: Sun 01 Jan 2023 20:54:46 +0000
ROA not before: Sun 01 Jan 2023 20:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206656
IP address blocks: 185.179.192.0/22 maxlen: 22
2a0c:4140::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:8f:be:26:c1:94:28:33:8b:01:04:6f:22:1a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d952245bb34e40cdab5d4b090143c0d8581390
Validity
Not Before: Jan 1 20:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8fcd196535ee20eaf4ffc45e9e1145c7b056c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:59:78:ed:65:d8:3b:29:0c:74:83:06:9a:04:
80:d2:18:29:03:a1:c5:9c:4e:34:53:9c:70:3d:a3:
ed:1f:e2:17:72:4d:f5:5f:6e:6e:38:04:d0:a4:e8:
dd:e3:0b:ee:f9:12:c9:7a:23:c0:d5:bf:3c:cf:84:
52:f2:8e:38:64:bc:ef:b5:19:c9:48:03:39:80:d7:
0a:ae:e0:27:bc:e4:b3:f7:63:45:83:35:f6:c1:33:
34:91:59:b0:13:0f:e3:d7:a3:52:e1:b0:32:26:8c:
e8:6c:ba:52:6a:b3:20:c4:7f:10:e9:48:b9:40:a2:
51:22:b4:25:0c:29:b5:54:ea:d7:c3:03:1e:8d:2a:
31:47:f3:d4:44:a1:cd:ef:1a:66:ac:c0:64:28:8e:
09:8a:65:46:06:ce:d5:bb:22:98:e3:f6:4f:06:f4:
2e:d7:3b:de:43:c7:62:41:d6:89:b3:eb:61:cf:99:
9d:2b:18:23:40:c7:06:82:11:61:f3:d5:d2:4c:60:
58:dc:49:d5:f0:19:3a:66:73:42:08:e4:0e:2d:60:
21:1e:9e:64:1c:53:7f:93:c9:5b:18:87:a8:b9:f1:
f2:ab:9a:7a:23:95:83:46:9b:9a:ad:f0:13:9d:79:
32:f1:df:94:e4:49:a8:5e:85:5c:36:06:e4:44:b2:
e4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FC:D1:96:53:5E:E2:0E:AF:4F:FC:45:E9:E1:14:5C:7B:05:6C:4B
X509v3 Authority Key Identifier:
keyid:A2:D9:52:24:5B:B3:4E:40:CD:AB:5D:4B:09:01:43:C0:D8:58:13:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otlSJFuzTkDNq11LCQFDwNhYE5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/4b1a80-4e5f-49e7-b502-a22ffee4a515/1/2PzRllNe4g6vT_xF6eEUXHsFbEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/4b1a80-4e5f-49e7-b502-a22ffee4a515/1/otlSJFuzTkDNq11LCQFDwNhYE5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.192.0/22
IPv6:
2a0c:4140::/32
Signature Algorithm: sha256WithRSAEncryption
64:c5:b5:57:62:ee:9e:16:1c:46:ea:4d:a7:eb:9a:72:cd:8c:
56:21:3b:4e:e3:30:1c:bf:9e:68:49:20:27:18:14:b3:d3:96:
28:05:03:69:32:42:97:67:55:2b:59:79:76:40:51:85:d8:ff:
8b:ff:2d:a4:8d:fe:6d:a8:88:f6:fe:92:23:64:1f:41:64:f6:
c1:e7:03:e9:93:70:4b:41:5d:eb:6e:cc:8e:d3:35:d7:52:ef:
44:91:3c:dd:db:d8:97:a3:27:39:0f:18:20:ea:08:67:4b:82:
aa:79:c0:54:ea:72:0e:ca:70:3b:78:d9:2c:cc:42:91:9d:81:
ed:03:df:f7:23:50:2a:b7:fb:15:8c:99:31:41:04:45:db:5e:
fc:85:5f:c9:d1:fc:97:f4:6f:20:b8:2f:41:a3:80:90:99:56:
44:39:5b:3c:a9:56:fa:59:fa:90:a4:bb:a9:b1:da:e4:c8:c6:
11:26:be:49:1d:c4:dd:96:d7:0f:8d:65:d1:12:a6:3b:f8:7c:
39:6a:c3:3a:be:fb:9e:cf:56:20:5d:99:6c:b5:f0:cc:12:8f:
9a:0d:f7:ce:33:d3:22:0f:83:31:26:c6:41:05:c0:dc:a6:55:
f1:ce:54:c7:53:a1:b2:52:89:0a:da:9b:5b:52:12:dc:cd:d9:
43:64:d8:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvHY++JsGUKDOLAQRvIhoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDk1MjI0NWJiMzRlNDBjZGFiNWQ0YjA5MDE0M2MwZDg1
ODEzOTAwHhcNMjMwMTAxMjA1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGZjZDE5NjUzNWVlMjBlYWY0ZmZjNDVlOWUxMTQ1YzdiMDU2YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1l47WXYOykMdIMGmgSA0hgpA6HF
nE40U5xwPaPtH+IXck31X25uOATQpOjd4wvu+RLJeiPA1b88z4RS8o44ZLzvtRnJ
SAM5gNcKruAnvOSz92NFgzX2wTM0kVmwEw/j16NS4bAyJozobLpSarMgxH8Q6Ui5
QKJRIrQlDCm1VOrXwwMejSoxR/PURKHN7xpmrMBkKI4JimVGBs7VuyKY4/ZPBvQu
1zveQ8diQdaJs+thz5mdKxgjQMcGghFh89XSTGBY3EnV8Bk6ZnNCCOQOLWAhHp5k
HFN/k8lbGIeoufHyq5p6I5WDRpuarfATnXky8d+U5EmoXoVcNgbkRLLkjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNj80ZZTXuIOr0/8RenhFFx7BWxLMB8GA1UdIwQY
MBaAFKLZUiRbs05AzatdSwkBQ8DYWBOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RsU0pGdXpUa0ROcTExTENRRkR3TmhZRTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC80YjFhODAtNGU1Zi00OWU3LWI1MDIt
YTIyZmZlZTRhNTE1LzEvMlB6UmxsTmU0ZzZ2VF94RjZlRVVYSHNGYkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC80YjFhODAtNGU1Zi00OWU3LWI1MDItYTIyZmZlZTRhNTE1
LzEvb3RsU0pGdXpUa0ROcTExTENRRkR3TmhZRTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubPAMA0E
AgACMAcDBQAqDEFAMA0GCSqGSIb3DQEBCwUAA4IBAQBkxbVXYu6eFhxG6k2n65py
zYxWITtO4zAcv55oSSAnGBSz05YoBQNpMkKXZ1UrWXl2QFGF2P+L/y2kjf5tqIj2
/pIjZB9BZPbB5wPpk3BLQV3rbsyO0zXXUu9EkTzd29iXoyc5Dxgg6ghnS4KqecBU
6nIOynA7eNkszEKRnYHtA9/3I1Aqt/sVjJkxQQRF2178hV/J0fyX9G8guC9Bo4CQ
mVZEOVs8qVb6WfqQpLupsdrkyMYRJr5JHcTdltcPjWXREqY7+Hw5asM6vvuez1Yg
XZlstfDMEo+aDffOM9MiD4MxJsZBBcDcplXxzlTHU6GyUokK2ptbUhLczdlDZNh7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:41 2024 by rpki-client on console-ams.rpki-client.org