Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/2M43jp8z_F7AThu7ICjywQiaKsg.roa
File: 2M43jp8z_F7AThu7ICjywQiaKsg.roa (raw, json)
Hash identifier: NgzJz4h9s0Pv6x/YbAkJ/6p4zWrNNOD+PepwN9QGrUc=
Subject key identifier: D8:CE:37:8E:9F:33:FC:5E:C0:4E:1B:BB:20:28:F2:C1:08:9A:2A:C8
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 0187E10526CA46FE0271D60206FF4A5A37DE
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/2M43jp8z_F7AThu7ICjywQiaKsg.roa
Signing time: Wed 03 May 2023 09:50:23 +0000
ROA not before: Wed 03 May 2023 09:50:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133499
IP address blocks: 94.139.40.0/21 maxlen: 32
121.91.176.0/20 maxlen: 32
212.70.4.0/22 maxlen: 32
212.70.0.0/23 maxlen: 32
212.70.16.0/20 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 May 2023 06:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:05:26:ca:46:fe:02:71:d6:02:06:ff:4a:5a:37:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: May 3 09:50:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8ce378e9f33fc5ec04e1bbb2028f2c1089a2ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2f:93:8a:0b:b3:88:2a:cd:24:2e:13:41:67:
72:d5:0f:8b:08:79:0f:fe:68:a2:6d:fc:1b:36:2e:
ba:5f:9e:fd:85:06:2f:e5:1c:cb:0e:5b:dd:d6:15:
46:40:9c:09:dd:bc:8e:8a:0c:21:70:ec:5e:64:b1:
c6:d5:df:82:1d:54:8f:ff:1d:fc:7b:71:9e:9e:e9:
b9:b1:de:b7:01:a2:be:79:a0:e9:b9:b4:d0:c1:39:
ae:70:33:67:d8:a7:ae:cf:fd:9c:33:3f:9f:35:79:
05:b3:3f:0e:91:a8:8c:e6:91:cd:1f:97:f5:bf:59:
1c:79:35:33:e8:fc:3e:19:b0:5a:1d:5f:c3:26:50:
9e:03:f0:19:b1:b6:63:f7:07:cc:30:18:c8:43:ca:
ac:8f:a8:d7:d9:74:e8:9d:f1:ed:e3:bf:2b:11:14:
8d:a4:5f:dc:b5:6c:9d:35:b9:ca:cc:3c:6f:59:e2:
c8:28:28:7d:59:8d:ea:64:c8:75:5d:90:fa:e2:b9:
90:79:ae:b9:68:bc:26:f4:56:c5:ab:4e:23:53:34:
76:41:fb:1e:f5:03:69:e2:e5:58:e3:73:40:9d:5c:
77:82:8f:f0:e1:d2:6a:8c:26:af:46:74:68:ec:c4:
89:3e:f5:22:d2:30:72:86:8b:21:89:1c:b2:24:eb:
bb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CE:37:8E:9F:33:FC:5E:C0:4E:1B:BB:20:28:F2:C1:08:9A:2A:C8
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/2M43jp8z_F7AThu7ICjywQiaKsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.40.0/21
121.91.176.0/20
212.70.0.0/23
212.70.4.0/22
212.70.16.0/20
Signature Algorithm: sha256WithRSAEncryption
20:98:55:84:4d:46:3d:cb:d8:49:30:ee:e8:97:26:d8:bb:f5:
6e:67:e8:ad:a8:0b:45:1a:a1:6d:76:7e:f4:fc:eb:2e:e5:8e:
f4:3b:41:02:d7:17:54:7d:22:84:1b:94:48:70:5b:af:c8:46:
7d:14:5d:97:0c:05:0b:5d:42:51:cd:f6:64:35:90:e3:7b:b6:
07:e3:24:82:e3:55:cb:5b:66:2f:06:32:e3:d2:a9:c8:f3:dd:
ae:49:f1:ec:78:40:a2:d1:90:0f:03:3a:ad:c5:6e:b0:c7:5b:
98:f3:6d:e9:dd:f7:6b:78:28:e6:6a:b4:2d:8d:d5:9a:39:0a:
db:d5:4c:0a:88:69:00:2a:95:de:85:99:42:74:10:d5:f7:d3:
49:0b:73:9d:11:26:4a:d1:59:d0:92:85:7f:2d:f2:07:49:13:
26:b1:c6:06:20:b5:24:c6:09:d8:f1:a1:bd:4e:6e:4c:cc:21:
65:d3:7e:47:8d:78:4a:2c:e7:de:a5:01:9c:7f:5a:88:2a:4f:
7f:bb:6c:bc:ac:de:36:b6:28:2b:1a:c5:5e:7c:fd:9a:5d:2b:
84:f2:c0:1f:b5:6b:92:48:6f:5a:c1:36:f9:b0:26:ce:2f:e3:
40:d3:33:7c:a1:79:00:0f:ac:23:e9:06:e0:a7:6c:71:91:4f:
de:cc:17:b2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYfhBSbKRv4CcdYCBv9KWjfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjMwNTAzMDk1MDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGNlMzc4ZTlmMzNmYzVlYzA0ZTFiYmIyMDI4ZjJjMTA4OWEyYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi+TiguziCrNJC4TQWdy1Q+LCHkP
/miibfwbNi66X579hQYv5RzLDlvd1hVGQJwJ3byOigwhcOxeZLHG1d+CHVSP/x38
e3Genum5sd63AaK+eaDpubTQwTmucDNn2Keuz/2cMz+fNXkFsz8OkaiM5pHNH5f1
v1kceTUz6Pw+GbBaHV/DJlCeA/AZsbZj9wfMMBjIQ8qsj6jX2XTonfHt478rERSN
pF/ctWydNbnKzDxvWeLIKCh9WY3qZMh1XZD64rmQea65aLwm9FbFq04jUzR2Qfse
9QNp4uVY43NAnVx3go/w4dJqjCavRnRo7MSJPvUi0jByhoshiRyyJOu7JwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNjON46fM/xewE4buyAo8sEImirIMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvMk00M2pwOHpfRjdBVGh1N0lDanl3UWlhS3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDXosoAwQE
eVuwAwQB1EYAAwQC1EYEAwQE1EYQMA0GCSqGSIb3DQEBCwUAA4IBAQAgmFWETUY9
y9hJMO7olybYu/VuZ+itqAtFGqFtdn70/Osu5Y70O0EC1xdUfSKEG5RIcFuvyEZ9
FF2XDAULXUJRzfZkNZDje7YH4ySC41XLW2YvBjLj0qnI892uSfHseECi0ZAPAzqt
xW6wx1uY823p3fdreCjmarQtjdWaOQrb1UwKiGkAKpXehZlCdBDV99NJC3OdESZK
0VnQkoV/LfIHSRMmscYGILUkxgnY8aG9Tm5MzCFl035HjXhKLOfepQGcf1qIKk9/
u2y8rN42tigrGsVefP2aXSuE8sAftWuSSG9awTb5sCbOL+NA0zN8oXkAD6wj6Qbg
p2xxkU/ezBey
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:45 2024 by rpki-client on console-ams.rpki-client.org