Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/2gx_I6StBl_TvlsaqWc5RSxIgPk.roa
File: 2gx_I6StBl_TvlsaqWc5RSxIgPk.roa (raw, json)
Hash identifier: 4vK/TyO5bd2lkce1DqKZSaHID2MjzAd+cgHCCiW8MME=
Subject key identifier: DA:0C:7F:23:A4:AD:06:5F:D3:BE:5B:1A:A9:67:39:45:2C:48:80:F9
Certificate issuer: /CN=bde636ff523e5f3734227f33c44c2e50ff8d1ee2
Certificate serial: 0189FEA5C7025C1475925B578727CD623741
Authority key identifier: BD:E6:36:FF:52:3E:5F:37:34:22:7F:33:C4:4C:2E:50:FF:8D:1E:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/2gx_I6StBl_TvlsaqWc5RSxIgPk.roa
Signing time: Wed 16 Aug 2023 14:00:24 +0000
ROA not before: Wed 16 Aug 2023 14:00:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60284
IP address blocks: 193.135.96.0/22 maxlen: 24
178.238.0.0/22 maxlen: 24
193.228.197.0/24 maxlen: 24
193.228.198.0/24 maxlen: 24
2a13:a200::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:a5:c7:02:5c:14:75:92:5b:57:87:27:cd:62:37:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde636ff523e5f3734227f33c44c2e50ff8d1ee2
Validity
Not Before: Aug 16 14:00:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da0c7f23a4ad065fd3be5b1aa96739452c4880f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:91:a6:a6:f1:bb:44:c7:28:ab:e0:15:28:8c:
45:fe:eb:3e:c0:02:3f:f5:40:c5:1d:9c:94:a2:3e:
8d:55:62:d3:99:a0:bb:3d:fd:ae:5a:cc:e4:24:b5:
e6:9b:73:ba:bd:93:67:03:f4:17:06:e1:71:39:57:
9e:62:cf:17:48:56:f6:09:4e:bd:ce:12:ad:45:d9:
bc:74:b9:72:20:4f:c5:94:af:0d:eb:dc:cf:cc:a2:
46:1e:86:ef:f8:f5:5e:5e:02:91:58:5c:3a:2f:c7:
0e:b4:59:4d:80:9b:2a:a6:a1:bd:6c:ae:50:8b:59:
01:c4:a0:3a:41:2d:d7:80:f3:8e:51:05:02:35:bd:
3a:c4:00:12:4c:49:43:78:42:bc:66:0a:74:44:91:
79:ee:6d:82:b5:bd:19:63:69:09:07:43:94:2e:3c:
7d:5e:e1:14:ba:b2:4a:d4:c0:ea:9a:ee:93:4a:d3:
e5:5e:90:80:31:82:ca:58:58:72:a0:2b:e0:49:3e:
f7:8a:19:57:a2:2f:a7:22:20:c8:9a:e8:54:9c:c6:
5d:ab:3c:9a:ce:f1:ad:cd:d5:aa:74:ea:90:b1:c6:
ee:c6:32:e0:5a:99:55:3a:fc:98:96:0d:0f:49:b5:
08:26:e8:83:7f:0b:b5:62:80:cd:dc:50:94:01:58:
c9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:0C:7F:23:A4:AD:06:5F:D3:BE:5B:1A:A9:67:39:45:2C:48:80:F9
X509v3 Authority Key Identifier:
keyid:BD:E6:36:FF:52:3E:5F:37:34:22:7F:33:C4:4C:2E:50:FF:8D:1E:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/2gx_I6StBl_TvlsaqWc5RSxIgPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/veY2_1I-Xzc0In8zxEwuUP-NHuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.238.0.0/22
193.135.96.0/22
193.228.197.0-193.228.198.255
IPv6:
2a13:a200::/29
Signature Algorithm: sha256WithRSAEncryption
0f:82:16:38:ac:ee:49:2c:c7:c8:ed:ff:9b:dc:09:6f:38:f1:
48:b3:32:9a:e0:6f:90:43:f0:d6:ef:ed:9d:6f:7e:d7:13:5d:
eb:00:6a:99:ff:24:70:13:25:f3:ca:24:55:45:f9:b5:64:72:
ad:7c:04:bc:d4:96:09:72:e1:d4:21:ac:7c:18:cc:ab:3b:92:
d2:43:04:e2:92:6c:2b:d0:f3:86:56:01:2e:f0:9d:ee:de:36:
ee:6f:36:f5:9f:95:80:0f:22:2d:fa:83:6c:81:14:2b:20:53:
20:d7:41:29:6c:44:1b:9b:b8:40:6c:67:2c:3b:bb:e9:3e:dd:
b6:cf:27:ad:14:a7:08:4e:e7:26:34:87:e8:78:c0:d4:6f:05:
81:39:b9:00:ca:3d:c5:08:51:ff:b0:6d:d0:c7:b4:44:92:1a:
af:d2:09:d9:e4:62:9e:5c:23:3e:95:f1:e3:0d:25:d0:dc:6d:
23:65:b1:86:78:2d:78:0f:08:f9:d2:e0:92:e3:52:62:85:db:
25:c7:9e:8b:d9:8b:0a:f4:b9:6e:81:d2:7d:0f:29:80:5a:5b:
0d:d2:a8:04:f4:a0:85:78:de:9c:f4:ba:90:ee:2b:41:74:c6:
e1:b1:f2:89:b7:a0:fa:4a:94:e1:1b:c2:bf:94:a2:73:8a:1b:
15:06:23:c8
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYn+pccCXBR1kltXhyfNYjdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTYzNmZmNTIzZTVmMzczNDIyN2YzM2M0NGMyZTUwZmY4
ZDFlZTIwHhcNMjMwODE2MTQwMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTBjN2YyM2E0YWQwNjVmZDNiZTViMWFhOTY3Mzk0NTJjNDg4MGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JGmpvG7RMcoq+AVKIxF/us+wAI/
9UDFHZyUoj6NVWLTmaC7Pf2uWszkJLXmm3O6vZNnA/QXBuFxOVeeYs8XSFb2CU69
zhKtRdm8dLlyIE/FlK8N69zPzKJGHobv+PVeXgKRWFw6L8cOtFlNgJsqpqG9bK5Q
i1kBxKA6QS3XgPOOUQUCNb06xAASTElDeEK8Zgp0RJF57m2Ctb0ZY2kJB0OULjx9
XuEUurJK1MDqmu6TStPlXpCAMYLKWFhyoCvgST73ihlXoi+nIiDImuhUnMZdqzya
zvGtzdWqdOqQscbuxjLgWplVOvyYlg0PSbUIJuiDfwu1YoDN3FCUAVjJEQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNoMfyOkrQZf075bGqlnOUUsSID5MB8GA1UdIwQY
MBaAFL3mNv9SPl83NCJ/M8RMLlD/jR7iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVZMl8xSS1YemMwSW44enhFd3VVUC1OSHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wYzQzOTItMjc1NC00ZTMzLWEwMmYt
N2JmYjQzODFhYjU0LzEvMmd4X0k2U3RCbF9UdmxzYXFXYzVSU3hJZ1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wYzQzOTItMjc1NC00ZTMzLWEwMmYtN2JmYjQzODFhYjU0
LzEvdmVZMl8xSS1YemMwSW44enhFd3VVUC1OSHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCsu4AAwQC
wYdgMAwDBADB5MUDBADB5MYwDQQCAAIwBwMFAyoTogAwDQYJKoZIhvcNAQELBQAD
ggEBAA+CFjis7kksx8jt/5vcCW848UizMprgb5BD8Nbv7Z1vftcTXesAapn/JHAT
JfPKJFVF+bVkcq18BLzUlgly4dQhrHwYzKs7ktJDBOKSbCvQ84ZWAS7wne7eNu5v
NvWflYAPIi36g2yBFCsgUyDXQSlsRBubuEBsZyw7u+k+3bbPJ60UpwhO5yY0h+h4
wNRvBYE5uQDKPcUIUf+wbdDHtESSGq/SCdnkYp5cIz6V8eMNJdDcbSNlsYZ4LXgP
CPnS4JLjUmKF2yXHnovZiwr0uW6B0n0PKYBaWw3SqAT0oIV43pz0upDuK0F0xuGx
8om3oPpKlOEbwr+UonOKGxUGI8g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:32 2024 by rpki-client on console-ams.rpki-client.org