Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/C2v66yZ36L777MDpnQfVDlqIidE.roa
File: C2v66yZ36L777MDpnQfVDlqIidE.roa (raw, json)
Hash identifier: /U0rXSk0xq+/eK0VJazuxe6n2FnTbzaNoWB03mBkOVo=
Subject key identifier: 0B:6B:FA:EB:26:77:E8:BE:FB:EC:C0:E9:9D:07:D5:0E:5A:88:89:D1
Certificate issuer: /CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Certificate serial: 018C01845EC5C543ECB5A247738048481A1B
Authority key identifier: DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/C2v66yZ36L777MDpnQfVDlqIidE.roa
Signing time: Fri 24 Nov 2023 13:28:21 +0000
ROA not before: Fri 24 Nov 2023 13:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210544
IP address blocks: 192.124.252.0/24 maxlen: 24
193.28.64.0/23 maxlen: 24
193.28.71.0/24 maxlen: 24
2a12:6900::/36 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:01:84:5e:c5:c5:43:ec:b5:a2:47:73:80:48:48:1a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Validity
Not Before: Nov 24 13:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b6bfaeb2677e8befbecc0e99d07d50e5a8889d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e9:5d:d8:12:7d:69:a6:cc:ef:c3:80:9a:3a:
8b:1a:26:7a:df:90:78:9f:f2:03:8b:fa:79:dc:08:
7a:8d:ee:94:95:33:f6:d8:fd:43:94:a3:26:a8:74:
a5:f6:56:da:e1:bb:d2:1b:cf:1f:dd:c6:40:27:26:
c0:30:67:74:fe:88:3d:f1:49:db:e1:b2:4b:64:79:
c7:30:75:0e:95:dc:75:d2:cc:16:2d:58:ef:64:0b:
73:2c:1c:03:55:36:74:f6:a1:40:cf:75:35:1f:7f:
21:80:3d:9b:5c:de:de:ef:da:f1:92:e5:1e:b8:2e:
a3:20:84:63:76:bd:5f:39:45:75:53:43:a6:f6:97:
3f:38:ba:99:17:e7:3b:98:9b:30:fe:23:62:ef:fd:
4f:09:b6:7d:55:1c:6a:93:a2:2a:f9:77:9c:b4:66:
36:a4:e9:19:5e:17:22:aa:81:23:e9:df:ff:8e:f0:
03:9c:4a:85:7b:ee:fb:9e:88:50:c6:56:98:02:7a:
b0:0c:a8:91:75:6a:e5:87:5d:fb:cd:07:af:c1:21:
61:9c:1e:84:ac:1c:c3:88:4e:6f:5a:b7:0d:75:7e:
14:c4:e1:40:42:4c:29:74:6e:5d:17:64:83:26:4e:
f9:08:d2:96:00:de:cf:e0:29:2b:28:ef:c4:23:65:
ff:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6B:FA:EB:26:77:E8:BE:FB:EC:C0:E9:9D:07:D5:0E:5A:88:89:D1
X509v3 Authority Key Identifier:
keyid:DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/C2v66yZ36L777MDpnQfVDlqIidE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.252.0/24
193.28.64.0/23
193.28.71.0/24
IPv6:
2a12:6900::/36
Signature Algorithm: sha256WithRSAEncryption
4a:16:37:60:8b:a1:8a:65:5e:c6:e2:41:9d:fa:72:52:43:fb:
de:16:72:95:66:f1:b9:44:bd:ac:03:74:1c:f4:dc:55:67:98:
67:86:a3:2d:43:2a:8e:2b:2c:70:84:b0:77:0f:2f:75:46:7e:
90:8a:43:65:4e:6c:40:a9:d1:c8:cd:ad:6b:79:82:32:61:df:
25:20:8f:ff:19:ba:a4:3c:de:a5:0d:af:93:18:64:13:c7:9a:
c7:c4:3d:8b:c9:85:ee:b1:e6:75:8e:b8:d2:63:f6:de:3d:85:
24:7b:4f:83:da:0a:34:4d:81:1b:1b:9e:ae:2c:e3:a5:8a:04:
0d:bd:5c:4c:69:c9:2c:3e:59:2e:99:4c:79:1f:28:9d:8a:fb:
bf:3e:df:1e:25:75:44:7e:b9:01:9d:fd:87:12:d1:25:8e:7a:
f8:88:f4:71:bf:a3:1e:3e:6a:43:1f:b9:d4:7b:ff:7d:63:63:
d3:a1:6c:ec:93:01:6d:ed:0d:93:d3:16:3d:5b:8f:e9:23:00:
61:b9:f1:66:23:2f:07:cb:eb:c3:75:00:19:80:cf:b8:3b:41:
5b:b3:bb:d8:29:21:cc:5a:9c:5c:ea:c0:87:b4:52:53:01:cf:
bb:91:66:32:58:05:0d:6a:7f:88:56:f1:c3:cf:37:0c:9b:11:
b9:92:84:ec
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYwBhF7FxUPstaJHc4BISBobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGU5MWEwZmIxZjRkZDE3OTAwZDA2ZGI2ZTg4MzM2Zjc4
YjVjMDUwHhcNMjMxMTI0MTMyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjZiZmFlYjI2NzdlOGJlZmJlY2MwZTk5ZDA3ZDUwZTVhODg4OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuld2BJ9aabM78OAmjqLGiZ635B4
n/IDi/p53Ah6je6UlTP22P1DlKMmqHSl9lba4bvSG88f3cZAJybAMGd0/og98Unb
4bJLZHnHMHUOldx10swWLVjvZAtzLBwDVTZ09qFAz3U1H38hgD2bXN7e79rxkuUe
uC6jIIRjdr1fOUV1U0Om9pc/OLqZF+c7mJsw/iNi7/1PCbZ9VRxqk6Iq+XectGY2
pOkZXhciqoEj6d//jvADnEqFe+77nohQxlaYAnqwDKiRdWrlh137zQevwSFhnB6E
rBzDiE5vWrcNdX4UxOFAQkwpdG5dF2SDJk75CNKWAN7P4CkrKO/EI2X/wwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAtr+usmd+i+++zA6Z0H1Q5aiInRMB8GA1UdIwQY
MBaAFN7ekaD7H03ReQDQbbbogzb3i1wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMt
MjFhNzAwYzcxMTlmLzEvQzJ2NjZ5WjM2TDc3N01EcG5RZlZEbHFJaWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMtMjFhNzAwYzcxMTlm
LzEvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAwHz8AwQB
wRxAAwQAwRxHMA4EAgACMAgDBgQqEmkAADANBgkqhkiG9w0BAQsFAAOCAQEAShY3
YIuhimVexuJBnfpyUkP73hZylWbxuUS9rAN0HPTcVWeYZ4ajLUMqjisscISwdw8v
dUZ+kIpDZU5sQKnRyM2ta3mCMmHfJSCP/xm6pDzepQ2vkxhkE8eax8Q9i8mF7rHm
dY640mP23j2FJHtPg9oKNE2BGxuerizjpYoEDb1cTGnJLD5ZLplMeR8onYr7vz7f
HiV1RH65AZ39hxLRJY56+Ij0cb+jHj5qQx+51Hv/fWNj06Fs7JMBbe0Nk9MWPVuP
6SMAYbnxZiMvB8vrw3UAGYDPuDtBW7O72CkhzFqcXOrAh7RSUwHPu5FmMlgFDWp/
iFbxw883DJsRuZKE7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:13 2024 by rpki-client on console-ams.rpki-client.org