Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/2zjMhPuGBTBLM0txorXhflpiiO4.roa
File: 2zjMhPuGBTBLM0txorXhflpiiO4.roa (raw, json)
Hash identifier: E6pIcGHIGm8Cuo4DY4NSW47ZhvnsvUFvhKBKufFyGyE=
Subject key identifier: DB:38:CC:84:FB:86:05:30:4B:33:4B:71:A2:B5:E1:7E:5A:62:88:EE
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0189B6D2D740C781535B97B3A987F1978A21
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/2zjMhPuGBTBLM0txorXhflpiiO4.roa
Signing time: Wed 02 Aug 2023 15:16:58 +0000
ROA not before: Wed 02 Aug 2023 15:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate revoked on Thu 10 Aug 2023 11:57:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:d2:d7:40:c7:81:53:5b:97:b3:a9:87:f1:97:8a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Aug 2 15:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db38cc84fb8605304b334b71a2b5e17e5a6288ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4a:33:ad:ac:61:5b:ed:a6:c2:73:62:4b:9d:
f4:93:f4:a2:14:7d:bf:a9:0c:f2:41:fa:2e:dc:6b:
50:d5:40:e8:b6:15:9b:9b:2f:79:c8:2b:79:54:31:
d8:fd:f4:31:ae:21:39:4f:90:65:31:0b:45:9a:1a:
63:d1:c2:8e:7b:5f:35:5e:84:17:16:ba:59:47:00:
5f:2e:3e:3a:4e:62:12:a1:d3:31:15:ad:8c:59:c2:
67:02:c7:7d:aa:c0:fc:b3:c3:9d:6e:aa:7b:56:c6:
67:b4:73:ee:a0:bf:36:78:78:8b:71:a6:c8:c5:20:
06:47:c9:73:22:29:ce:cb:22:bf:3c:8c:37:27:18:
d5:01:99:22:b2:21:5b:e0:78:62:be:15:e8:03:4f:
22:c4:e1:d0:ef:d8:f2:3e:87:b5:01:62:76:4c:d2:
cb:14:19:0e:e4:21:af:68:be:d7:75:85:3f:d0:c4:
c5:95:57:87:73:9b:97:69:d7:7a:87:68:38:16:f6:
b4:00:2a:19:9d:59:eb:63:1b:70:f7:5c:53:44:1a:
65:91:20:d0:28:2b:82:0b:92:d0:bc:e5:c6:7a:2b:
6f:d8:a5:9c:9e:f2:a7:0c:d3:ef:be:f8:aa:eb:33:
63:cb:d0:35:ee:39:8d:e8:fb:e3:cc:dc:88:0c:bd:
d2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:38:CC:84:FB:86:05:30:4B:33:4B:71:A2:B5:E1:7E:5A:62:88:EE
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/2zjMhPuGBTBLM0txorXhflpiiO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
14:b6:f2:43:a1:3e:d3:44:90:e4:8b:a2:25:a5:27:0d:53:66:
8a:e5:e0:c3:c9:43:c4:47:85:29:6b:e7:8c:c6:ec:8b:db:93:
0f:21:dc:f3:51:08:61:9c:39:94:84:6a:a2:6c:f2:2e:37:aa:
0a:94:0e:8e:81:f6:dd:34:4d:ab:e3:cc:d6:6a:c3:d7:d5:80:
68:d5:48:02:b6:31:f9:2f:e8:41:23:08:3c:2e:35:26:13:09:
dd:b3:92:a2:e2:cf:40:59:00:5d:f5:11:11:de:ac:8c:e9:2f:
23:a3:62:82:11:7d:cd:7f:fd:81:2d:7b:a9:e4:b0:6e:9a:0d:
e5:bf:6b:40:b7:92:d8:ab:c2:a1:31:ae:23:f5:4f:a1:e8:e9:
1c:25:9d:2b:cc:72:78:ed:40:dc:83:b4:0a:0f:9b:c3:61:f1:
5d:04:7d:83:27:d0:e8:89:ca:05:8f:d1:e0:59:c2:a8:4c:55:
73:c1:c4:2f:c3:75:d7:b1:eb:00:cf:aa:1e:3d:06:c6:fe:bd:
37:c7:20:06:2e:43:57:8a:a1:0c:2f:31:b7:4b:95:d8:ae:83:
11:cd:64:40:c6:ae:34:c7:a4:bc:aa:00:ec:07:a4:81:fa:72:
27:02:75:f0:25:dc:34:e5:72:be:1f:d1:16:dd:7c:73:5c:f5:
b3:e6:05:5e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYm20tdAx4FTW5ezqYfxl4ohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwODAyMTUxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjM4Y2M4NGZiODYwNTMwNGIzMzRiNzFhMmI1ZTE3ZTVhNjI4OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEozraxhW+2mwnNiS530k/SiFH2/
qQzyQfou3GtQ1UDothWbmy95yCt5VDHY/fQxriE5T5BlMQtFmhpj0cKOe181XoQX
FrpZRwBfLj46TmISodMxFa2MWcJnAsd9qsD8s8Odbqp7VsZntHPuoL82eHiLcabI
xSAGR8lzIinOyyK/PIw3JxjVAZkisiFb4HhivhXoA08ixOHQ79jyPoe1AWJ2TNLL
FBkO5CGvaL7XdYU/0MTFlVeHc5uXadd6h2g4Fva0ACoZnVnrYxtw91xTRBplkSDQ
KCuCC5LQvOXGeitv2KWcnvKnDNPvvviq6zNjy9A17jmN6PvjzNyIDL3S9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNs4zIT7hgUwSzNLcaK14X5aYojuMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvMnpqTWhQdUdCVEJMTTB0eG9yWGhmbHBpaU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvIK2AwQA
w9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQAUtvJDoT7TRJDk
i6IlpScNU2aK5eDDyUPER4Upa+eMxuyL25MPIdzzUQhhnDmUhGqibPIuN6oKlA6O
gfbdNE2r48zWasPX1YBo1UgCtjH5L+hBIwg8LjUmEwnds5Ki4s9AWQBd9RER3qyM
6S8jo2KCEX3Nf/2BLXup5LBumg3lv2tAt5LYq8KhMa4j9U+h6OkcJZ0rzHJ47UDc
g7QKD5vDYfFdBH2DJ9DoicoFj9HgWcKoTFVzwcQvw3XXsesAz6oePQbG/r03xyAG
LkNXiqEMLzG3S5XYroMRzWRAxq40x6S8qgDsB6SB+nInAnXwJdw05XK+H9EW3Xxz
XPWz5gVe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org