Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/2gcjAPrQDCbhbq2PRmj5M--lH-s.roa
File: 2gcjAPrQDCbhbq2PRmj5M--lH-s.roa (raw, json)
Hash identifier: t7q7mfYZ5gnjmKX5CFpGP1jKJQAa9eo7610APq+tmZY=
Subject key identifier: DA:07:23:00:FA:D0:0C:26:E1:6E:AD:8F:46:68:F9:33:EF:A5:1F:EB
Certificate issuer: /CN=ee2259f158b9aa76aad0b1adfa62c1eed4559d14
Certificate serial: 018CC49349AABC80B4D89DB7D482A776159B
Authority key identifier: EE:22:59:F1:58:B9:AA:76:AA:D0:B1:AD:FA:62:C1:EE:D4:55:9D:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/2gcjAPrQDCbhbq2PRmj5M--lH-s.roa
Signing time: Mon 01 Jan 2024 10:30:36 +0000
ROA not before: Mon 01 Jan 2024 10:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34476
IP address blocks: 45.139.200.0/22 maxlen: 24
212.102.103.0/24 maxlen: 24
2a0f:8c80::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Jul 2024 10:16:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:49:aa:bc:80:b4:d8:9d:b7:d4:82:a7:76:15:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee2259f158b9aa76aad0b1adfa62c1eed4559d14
Validity
Not Before: Jan 1 10:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da072300fad00c26e16ead8f4668f933efa51feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a6:33:61:66:39:41:16:c5:66:94:ca:50:98:
04:dc:51:ff:be:ed:69:b9:39:57:bc:4d:df:78:29:
ae:e2:9d:b2:6c:e0:e3:71:01:d5:7b:63:cb:3e:c5:
26:19:93:50:c6:8b:e0:bf:b0:37:3d:99:60:31:06:
4a:07:d3:42:a5:e4:0a:76:37:4e:6a:16:5c:77:1a:
ff:e0:50:40:a7:20:d2:7e:f0:2c:2b:56:9a:97:da:
5a:6b:9b:c5:f4:ee:3b:be:27:ff:88:6b:a3:4e:3d:
24:52:1e:b0:f9:0f:5b:fb:1d:19:88:d5:6e:fa:cd:
64:96:4c:eb:6d:88:3a:c8:23:2e:e9:09:6f:e2:f8:
78:06:f9:20:ac:68:b6:9e:97:0b:45:37:bb:01:2b:
38:c4:b0:16:72:fa:e2:45:43:5d:c3:48:ff:b0:03:
cb:11:e8:e2:af:05:28:16:96:cd:f0:10:79:cb:48:
84:e0:66:35:4e:59:0e:e4:29:9a:3c:4a:df:57:5f:
e2:b8:de:a5:1b:d4:ed:99:87:c2:9e:09:8b:11:99:
f7:d1:d4:ac:c5:a1:1b:a9:ea:bc:5e:a5:ce:66:ea:
e6:0e:50:54:f6:33:91:57:0d:36:d6:0a:52:3f:89:
a2:17:a6:d0:ab:28:a5:fb:c8:82:f6:11:14:b9:2d:
2e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:07:23:00:FA:D0:0C:26:E1:6E:AD:8F:46:68:F9:33:EF:A5:1F:EB
X509v3 Authority Key Identifier:
keyid:EE:22:59:F1:58:B9:AA:76:AA:D0:B1:AD:FA:62:C1:EE:D4:55:9D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/2gcjAPrQDCbhbq2PRmj5M--lH-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.200.0/22
212.102.103.0/24
IPv6:
2a0f:8c80::/29
Signature Algorithm: sha256WithRSAEncryption
8f:a7:d8:d9:d2:63:d1:7b:07:a9:88:62:f1:17:64:31:d1:22:
5d:e7:5f:fc:67:ff:ed:a2:2f:d1:da:45:f2:b5:d5:fc:63:2c:
0c:1e:b8:0c:f2:32:bb:ad:39:12:e6:d2:2f:e2:ec:48:f7:1a:
e2:c7:39:9a:2a:e5:3b:99:83:bc:76:57:bc:c5:1d:f0:12:1f:
15:4c:6d:a6:68:b8:13:1e:35:2a:fc:fd:98:87:03:eb:4a:0f:
1f:a3:20:6b:7c:2f:93:fb:3e:5f:15:e2:f3:3a:77:da:6a:62:
10:1b:73:90:b9:39:b9:ae:27:d2:ce:89:d5:d6:c2:c7:06:29:
ac:5d:a6:9a:0f:4e:54:fb:d5:ab:36:cc:e9:dc:97:3d:48:96:
cb:b5:8c:2b:20:a1:53:05:6b:52:d1:47:05:4c:f7:7c:57:a5:
a1:93:97:15:94:c6:b0:41:6e:d1:56:e0:10:cb:ad:9d:1d:46:
e2:db:28:be:81:86:88:e5:be:eb:b6:c2:7c:9e:98:d4:6b:9d:
d3:44:a4:49:ba:4f:b9:52:4c:43:27:d7:a2:35:70:f7:42:3e:
e6:1e:8b:29:35:8a:1d:a4:1e:71:7f:81:14:e8:b5:81:d8:e0:
62:ce:4c:8a:5d:ec:ba:4d:50:3c:30:86:73:3c:70:89:51:25:
9f:44:c0:36
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEk0mqvIC02J231IKndhWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMjI1OWYxNThiOWFhNzZhYWQwYjFhZGZhNjJjMWVlZDQ1
NTlkMTQwHhcNMjQwMTAxMTAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTA3MjMwMGZhZDAwYzI2ZTE2ZWFkOGY0NjY4ZjkzM2VmYTUxZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYzYWY5QRbFZpTKUJgE3FH/vu1p
uTlXvE3feCmu4p2ybODjcQHVe2PLPsUmGZNQxovgv7A3PZlgMQZKB9NCpeQKdjdO
ahZcdxr/4FBApyDSfvAsK1aal9paa5vF9O47vif/iGujTj0kUh6w+Q9b+x0ZiNVu
+s1klkzrbYg6yCMu6Qlv4vh4BvkgrGi2npcLRTe7ASs4xLAWcvriRUNdw0j/sAPL
EejirwUoFpbN8BB5y0iE4GY1TlkO5CmaPErfV1/iuN6lG9TtmYfCngmLEZn30dSs
xaEbqeq8XqXOZurmDlBU9jORVw021gpSP4miF6bQqyil+8iC9hEUuS0uqQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNoHIwD60Awm4W6tj0Zo+TPvpR/rMB8GA1UdIwQY
MBaAFO4iWfFYuap2qtCxrfpiwe7UVZ0UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2lKWjhWaTVxbmFxMExHdC1tTEI3dFJWblJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80MTAxMmUtNzg4NS00ZjQwLWJkZjQt
MzQ5N2NlMWI3MWJmLzEvMmdjakFQclFEQ2JoYnEyUFJtajVNLS1sSC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80MTAxMmUtNzg4NS00ZjQwLWJkZjQtMzQ5N2NlMWI3MWJm
LzEvN2lKWjhWaTVxbmFxMExHdC1tTEI3dFJWblJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYvIAwQA
1GZnMA0EAgACMAcDBQMqD4yAMA0GCSqGSIb3DQEBCwUAA4IBAQCPp9jZ0mPRewep
iGLxF2Qx0SJd51/8Z//toi/R2kXytdX8YywMHrgM8jK7rTkS5tIv4uxI9xrixzma
KuU7mYO8dle8xR3wEh8VTG2maLgTHjUq/P2YhwPrSg8foyBrfC+T+z5fFeLzOnfa
amIQG3OQuTm5rifSzonV1sLHBimsXaaaD05U+9WrNszp3Jc9SJbLtYwrIKFTBWtS
0UcFTPd8V6Whk5cVlMawQW7RVuAQy62dHUbi2yi+gYaI5b7rtsJ8npjUa53TRKRJ
uk+5UkxDJ9eiNXD3Qj7mHospNYodpB5xf4EU6LWB2OBizkyKXey6TVA8MIZzPHCJ
USWfRMA2
-----END CERTIFICATE-----
Generated at Thu Jul 25 13:50:37 2024 by rpki-client on console-ams.rpki-client.org