Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/pr2gfSIMK4drDsfCflubIMW_KJU.roa
File: pr2gfSIMK4drDsfCflubIMW_KJU.roa (raw, json)
Hash identifier: C5bJcHU2OD8DbjPmz+kQNiDAI909PDBLHsayUeD+u44=
Subject key identifier: A6:BD:A0:7D:22:0C:2B:87:6B:0E:C7:C2:7E:5B:9B:20:C5:BF:28:95
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0188A3D652A3C69672776DA234059B8EF66F
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/pr2gfSIMK4drDsfCflubIMW_KJU.roa
Signing time: Sat 10 Jun 2023 05:45:11 +0000
ROA not before: Sat 10 Jun 2023 05:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate revoked on Wed 02 Aug 2023 14:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a3:d6:52:a3:c6:96:72:77:6d:a2:34:05:9b:8e:f6:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 10 05:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6bda07d220c2b876b0ec7c27e5b9b20c5bf2895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ae:04:14:fd:f3:02:8e:b9:ba:b5:dd:57:27:
70:fc:70:8f:a2:52:66:37:f5:c8:98:03:53:98:a5:
e2:c1:56:21:16:5c:ac:63:03:25:78:9e:31:e5:fb:
58:fe:38:96:f0:1b:ca:f7:fe:57:00:c6:0d:e6:3a:
6c:27:24:a7:ae:9c:9e:7c:3e:4b:1a:74:1c:59:b0:
6d:4b:2f:6c:6e:2d:7a:0e:8b:ed:8b:96:13:46:d1:
d3:a2:de:8f:39:5f:cc:ef:89:be:81:37:81:8c:9f:
ca:39:fe:68:5e:21:8d:5c:e8:72:be:f5:97:e7:12:
a7:52:f2:42:f5:63:1d:64:d9:33:3f:fc:11:33:7d:
b5:1e:51:7a:56:e8:b4:a3:3f:d7:f3:c2:b3:30:43:
a9:2d:82:bc:f2:f5:6a:86:e4:7d:c2:d9:d2:98:b8:
57:8b:7b:64:c4:7c:cd:97:fd:f1:07:f6:69:34:79:
86:a0:db:28:2b:d2:d7:fb:92:55:8b:71:c4:d6:21:
e9:62:c5:98:77:de:ea:9b:d4:71:0f:8a:3c:93:b9:
0d:ff:05:a8:d8:bd:c0:bd:35:f0:9a:91:fc:39:09:
56:4d:60:a1:6b:22:9f:8a:a9:19:1c:bb:fe:ed:ff:
a5:24:2f:0a:40:16:fc:3b:97:42:ce:f7:33:fc:1c:
7a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BD:A0:7D:22:0C:2B:87:6B:0E:C7:C2:7E:5B:9B:20:C5:BF:28:95
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/pr2gfSIMK4drDsfCflubIMW_KJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
1c:fb:c3:32:dc:6f:54:f7:b3:fd:73:a1:64:74:7e:57:4d:bc:
cc:ef:86:c2:ec:ce:ae:5d:f9:46:b7:30:82:48:c2:43:3f:3e:
ff:a1:b9:69:68:74:9e:09:23:a8:d9:1a:b9:7d:a0:3e:bd:55:
cd:91:46:19:fc:78:ae:78:8d:99:1b:97:6b:32:21:d1:d5:05:
36:e0:68:46:0f:09:3c:af:20:28:60:89:f1:c0:aa:ce:d1:1a:
ff:99:be:88:e1:e7:aa:eb:ec:2e:63:96:c4:fb:bb:d9:8a:9c:
50:bd:1c:48:aa:24:2d:5e:66:b8:84:04:0f:76:8d:ae:d9:80:
36:69:d9:fe:d4:79:0e:b8:66:db:d8:9e:52:49:77:48:70:fd:
61:2d:dd:3f:d9:83:27:87:6e:09:18:eb:e5:9d:2f:f5:ba:fe:
87:7c:f3:19:ee:5a:9a:c3:39:22:47:ca:d5:ab:9a:28:f9:25:
2e:d4:b9:02:bc:af:60:9f:a9:18:00:e7:85:02:f3:58:16:6e:
2d:f8:77:d1:bd:d8:b0:ba:c9:91:84:d2:d2:b3:41:dc:11:1e:
cc:99:29:7a:e6:17:5b:2b:e2:5c:5a:bb:db:8e:03:c7:8f:c7:
47:84:6d:1f:98:d5:9d:0c:29:02:5a:95:c3:a1:92:07:de:4b:
09:28:5c:94
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYij1lKjxpZyd22iNAWbjvZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwNjEwMDU0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmJkYTA3ZDIyMGMyYjg3NmIwZWM3YzI3ZTViOWIyMGM1YmYyODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq4EFP3zAo65urXdVydw/HCPolJm
N/XImANTmKXiwVYhFlysYwMleJ4x5ftY/jiW8BvK9/5XAMYN5jpsJySnrpyefD5L
GnQcWbBtSy9sbi16Dovti5YTRtHTot6POV/M74m+gTeBjJ/KOf5oXiGNXOhyvvWX
5xKnUvJC9WMdZNkzP/wRM321HlF6Vui0oz/X88KzMEOpLYK88vVqhuR9wtnSmLhX
i3tkxHzNl/3xB/ZpNHmGoNsoK9LX+5JVi3HE1iHpYsWYd97qm9RxD4o8k7kN/wWo
2L3AvTXwmpH8OQlWTWChayKfiqkZHLv+7f+lJC8KQBb8O5dCzvcz/Bx68wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKa9oH0iDCuHaw7Hwn5bmyDFvyiVMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvcHIyZ2ZTSU1LNGRyRHNmQ2ZsdWJJTVdfS0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvIK2AwQA
w9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQAc+8My3G9U97P9
c6FkdH5XTbzM74bC7M6uXflGtzCCSMJDPz7/oblpaHSeCSOo2Rq5faA+vVXNkUYZ
/HiueI2ZG5drMiHR1QU24GhGDwk8ryAoYInxwKrO0Rr/mb6I4eeq6+wuY5bE+7vZ
ipxQvRxIqiQtXma4hAQPdo2u2YA2adn+1HkOuGbb2J5SSXdIcP1hLd0/2YMnh24J
GOvlnS/1uv6HfPMZ7lqawzkiR8rVq5oo+SUu1LkCvK9gn6kYAOeFAvNYFm4t+HfR
vdiwusmRhNLSs0HcER7MmSl65hdbK+JcWrvbjgPHj8dHhG0fmNWdDCkCWpXDoZIH
3ksJKFyU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org