Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2Nlvh7rV-XSGqYhKg7evakZymoI.roa
File: 2Nlvh7rV-XSGqYhKg7evakZymoI.roa (raw, json)
Hash identifier: GXwbxMAZtpjXflIkKjv5SFETAVYlh3yFv+LUux5s13k=
Subject key identifier: D8:D9:6F:87:BA:D5:F9:74:86:A9:88:4A:83:B7:AF:6A:46:72:9A:82
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4DE9F2F1B039D5315A61CB72434D2
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2Nlvh7rV-XSGqYhKg7evakZymoI.roa
Signing time: Sun 01 Jan 2023 19:35:22 +0000
ROA not before: Sun 01 Jan 2023 19:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 269822
IP address blocks: 139.28.84.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:de:9f:2f:1b:03:9d:53:15:a6:1c:b7:24:34:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8d96f87bad5f97486a9884a83b7af6a46729a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:bc:f2:63:0a:ea:e6:f5:ce:62:0f:27:fa:f4:
68:b2:3b:89:2f:e5:d5:12:09:05:4e:9e:bd:a3:bd:
b2:ac:ae:b3:86:16:40:37:3c:77:78:3a:4f:ee:59:
6e:d6:3a:1e:75:08:0b:50:22:e7:57:a3:80:48:3f:
82:bb:fa:08:b1:8f:e7:4c:a5:ea:12:64:31:91:2e:
17:1d:90:8b:62:df:f7:55:5a:90:78:2e:69:0e:84:
c2:f8:4c:33:cb:71:04:f4:e9:e4:0d:09:00:9c:07:
75:43:14:7d:f2:4f:11:0e:a0:9b:d5:f1:86:67:c5:
4e:03:8e:b0:21:fd:dd:e1:9b:9f:21:d8:38:43:e1:
35:30:7b:7d:e4:09:c7:17:7e:c8:50:31:e8:b8:10:
7e:2a:5a:be:a5:e4:11:f0:e0:40:4b:f2:fa:98:04:
00:42:9d:b5:30:04:0e:51:54:35:de:51:e2:ff:05:
e0:f8:3f:8c:94:a1:49:05:ad:4a:2d:31:c8:81:7d:
f8:44:9c:79:21:93:5e:3e:5b:ee:0d:1d:89:e6:6d:
bb:68:fa:43:90:0c:5e:37:b7:61:21:b1:e1:38:61:
46:54:3c:85:c7:24:59:22:a0:71:98:d6:12:e9:ad:
3a:c6:47:2e:54:be:ce:bd:44:06:13:b0:93:87:93:
11:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D9:6F:87:BA:D5:F9:74:86:A9:88:4A:83:B7:AF:6A:46:72:9A:82
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2Nlvh7rV-XSGqYhKg7evakZymoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.84.0/22
Signature Algorithm: sha256WithRSAEncryption
93:22:7a:95:65:e6:47:c5:9e:7d:c9:f9:79:11:4f:2f:8c:77:
1f:b0:c7:4d:fa:4e:6a:b1:59:30:9b:d7:b7:a5:5e:5d:57:b3:
c8:c1:f2:a1:e8:be:76:99:a5:dc:f7:18:7c:05:72:20:a2:69:
c4:63:a8:cc:37:18:e6:37:a7:97:4a:60:0d:e3:b4:20:bf:ea:
4b:18:8e:fa:0c:af:93:92:b5:f7:52:8d:f2:42:f4:5b:38:07:
b4:fd:80:82:02:2c:b1:af:b5:88:b8:00:b3:86:69:e6:e7:4a:
bc:cd:49:ae:ae:a5:d3:71:89:18:4a:84:e3:cd:a2:fd:70:c8:
3d:93:ba:d1:e8:13:38:1b:e4:d7:8c:e9:d9:d2:22:03:31:5b:
f9:8b:cd:ac:41:a0:6b:69:35:c6:19:9b:c1:07:82:e8:48:72:
a4:38:da:46:ba:59:35:50:0b:70:3f:af:56:37:4e:51:4a:44:
22:67:ec:e6:72:d1:e7:28:31:8c:23:15:ca:d0:f1:dd:27:0b:
07:08:6f:96:65:3b:01:5b:45:e7:1e:28:89:95:32:bd:7f:9e:
f3:13:fe:fe:4f:9a:d5:db:d1:0a:4e:70:a1:0e:5e:92:33:14:
83:0d:f6:5e:1c:e5:4d:f2:cb:f4:69:f5:80:91:05:d0:6c:ce:
e7:fe:ae:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1N6fLxsDnVMVphy3JDTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQ5NmY4N2JhZDVmOTc0ODZhOTg4NGE4M2I3YWY2YTQ2NzI5YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7zyYwrq5vXOYg8n+vRosjuJL+XV
EgkFTp69o72yrK6zhhZANzx3eDpP7llu1joedQgLUCLnV6OASD+Cu/oIsY/nTKXq
EmQxkS4XHZCLYt/3VVqQeC5pDoTC+Ewzy3EE9OnkDQkAnAd1QxR98k8RDqCb1fGG
Z8VOA46wIf3d4ZufIdg4Q+E1MHt95AnHF37IUDHouBB+Klq+peQR8OBAS/L6mAQA
Qp21MAQOUVQ13lHi/wXg+D+MlKFJBa1KLTHIgX34RJx5IZNePlvuDR2J5m27aPpD
kAxeN7dhIbHhOGFGVDyFxyRZIqBxmNYS6a06xkcuVL7OvUQGE7CTh5MRIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjZb4e61fl0hqmISoO3r2pGcpqCMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvMk5sdmg3clYtWFNHcVloS2c3ZXZha1p5bW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixxUMA0G
CSqGSIb3DQEBCwUAA4IBAQCTInqVZeZHxZ59yfl5EU8vjHcfsMdN+k5qsVkwm9e3
pV5dV7PIwfKh6L52maXc9xh8BXIgomnEY6jMNxjmN6eXSmAN47Qgv+pLGI76DK+T
krX3Uo3yQvRbOAe0/YCCAiyxr7WIuACzhmnm50q8zUmurqXTcYkYSoTjzaL9cMg9
k7rR6BM4G+TXjOnZ0iIDMVv5i82sQaBraTXGGZvBB4LoSHKkONpGulk1UAtwP69W
N05RSkQiZ+zmctHnKDGMIxXK0PHdJwsHCG+WZTsBW0XnHiiJlTK9f57zE/7+T5rV
29EKTnChDl6SMxSDDfZeHOVN8sv0afWAkQXQbM7n/q6f
-----END CERTIFICATE-----
Generated at Mon Jul 24 18:33:02 2023 by rpki-client on console-fra.rpki-client.org