Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8738b9-2d0a-4ef6-afad-1ae506ea1760/1/2KpRF6Lcjz3b5q6S_2FwSNYfGYg.roa
File: 2KpRF6Lcjz3b5q6S_2FwSNYfGYg.roa (raw, json)
Hash identifier: NUJ1XHlZHChKaJH2qY59N0lf4WDy9otg/wckIz3oxlk=
Subject key identifier: D8:AA:51:17:A2:DC:8F:3D:DB:E6:AE:92:FF:61:70:48:D6:1F:19:88
Certificate issuer: /CN=d8e9e40ff9fbb6280da36e972f20d312500c185c
Certificate serial: 0185737180A5F549D669BB949888E00B4F97
Authority key identifier: D8:E9:E4:0F:F9:FB:B6:28:0D:A3:6E:97:2F:20:D3:12:50:0C:18:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2OnkD_n7tigNo26XLyDTElAMGFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8738b9-2d0a-4ef6-afad-1ae506ea1760/1/2KpRF6Lcjz3b5q6S_2FwSNYfGYg.roa
Signing time: Mon 02 Jan 2023 17:04:56 +0000
ROA not before: Mon 02 Jan 2023 17:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212367
IP address blocks: 194.8.58.0/24 maxlen: 24
2a0b:cfc0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:80:a5:f5:49:d6:69:bb:94:98:88:e0:0b:4f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8e9e40ff9fbb6280da36e972f20d312500c185c
Validity
Not Before: Jan 2 17:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8aa5117a2dc8f3ddbe6ae92ff617048d61f1988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:13:5b:20:81:54:52:05:73:22:d6:ec:1d:0a:
59:c9:0b:ff:96:b5:d8:84:6d:28:c6:34:dc:ae:21:
12:00:b8:67:a6:14:48:1a:2b:44:5d:2f:2a:32:7a:
3e:b8:f2:a8:78:53:7e:92:9c:fb:6d:cf:a5:b2:a8:
0f:01:8a:39:fa:5e:4c:57:4e:34:5c:c0:d9:7f:41:
24:1c:9e:13:85:f4:94:4e:04:1b:6a:17:3d:f4:67:
b1:c1:e9:14:c0:a9:0b:e3:ec:37:db:cb:26:f0:67:
23:78:85:09:e5:c7:87:e4:64:46:a7:02:8a:8e:7c:
d3:80:10:1f:0d:fd:d4:5d:f7:ab:1b:13:1b:65:35:
85:8a:77:4a:44:cb:9b:c3:d0:1b:da:2f:05:65:c7:
92:87:75:81:49:e2:cd:95:3c:43:f0:cd:88:48:29:
a4:e4:64:8e:b2:1e:cc:c3:b6:25:05:d5:50:6f:80:
bb:5b:e0:10:f0:ef:73:82:bf:24:b1:5f:07:22:0c:
bb:19:c8:e6:fc:eb:00:6e:6e:3a:64:2e:96:be:28:
3d:b1:f3:64:d3:1e:1b:3a:20:a4:f1:cc:cf:48:e6:
88:af:ff:30:78:cb:18:48:5d:d0:d2:68:e0:24:66:
1f:9d:60:95:5b:de:32:2e:7b:36:d4:00:15:a5:62:
9d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AA:51:17:A2:DC:8F:3D:DB:E6:AE:92:FF:61:70:48:D6:1F:19:88
X509v3 Authority Key Identifier:
keyid:D8:E9:E4:0F:F9:FB:B6:28:0D:A3:6E:97:2F:20:D3:12:50:0C:18:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2OnkD_n7tigNo26XLyDTElAMGFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8738b9-2d0a-4ef6-afad-1ae506ea1760/1/2KpRF6Lcjz3b5q6S_2FwSNYfGYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8738b9-2d0a-4ef6-afad-1ae506ea1760/1/2OnkD_n7tigNo26XLyDTElAMGFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.58.0/24
IPv6:
2a0b:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
52:c0:ef:b9:7b:99:5f:93:a0:bb:ec:f5:d6:1e:58:78:40:6e:
82:ff:95:07:e7:31:16:72:0f:45:04:b9:34:84:5f:b5:92:ae:
ca:96:78:ae:3f:4b:11:56:26:74:f0:05:69:a0:41:a5:25:ec:
86:c0:67:e3:8b:be:fb:09:8e:b9:f7:78:0d:7b:bc:f5:72:20:
f1:4f:eb:db:90:e4:f9:39:4a:da:58:ae:6d:5d:b1:a2:20:2b:
d1:f1:d5:cb:84:8c:85:31:c6:90:25:a5:96:86:1d:07:0c:bc:
57:1c:ba:72:ce:43:87:e1:cb:22:36:c5:42:6a:08:a0:bb:da:
b7:64:c5:c5:7c:93:09:20:d9:5e:09:2a:cd:ff:cc:ec:4b:45:
0c:7b:b6:10:68:03:8c:5d:f5:0d:78:d9:ff:ec:d2:ef:51:40:
2a:77:88:9e:3d:01:4c:fe:e9:78:76:ef:03:ca:c8:88:a1:68:
67:7f:e7:fc:b0:46:5c:50:b9:29:35:35:d8:ea:83:c7:e9:99:
0a:34:2b:f5:ac:94:5f:8f:2c:ae:7a:68:63:c1:78:08:f2:ff:
c4:0f:a6:54:42:7c:32:7d:04:42:2d:2e:92:18:59:ab:ec:13:
76:7a:74:3c:66:40:6b:2e:3e:8b:c9:9f:d2:a0:0d:f5:98:77:
e3:e4:b0:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzcYCl9UnWabuUmIjgC0+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZTllNDBmZjlmYmI2MjgwZGEzNmU5NzJmMjBkMzEyNTAw
YzE4NWMwHhcNMjMwMTAyMTcwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGFhNTExN2EyZGM4ZjNkZGJlNmFlOTJmZjYxNzA0OGQ2MWYxOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixNbIIFUUgVzItbsHQpZyQv/lrXY
hG0oxjTcriESALhnphRIGitEXS8qMno+uPKoeFN+kpz7bc+lsqgPAYo5+l5MV040
XMDZf0EkHJ4ThfSUTgQbahc99GexwekUwKkL4+w328sm8GcjeIUJ5ceH5GRGpwKK
jnzTgBAfDf3UXferGxMbZTWFindKRMubw9Ab2i8FZceSh3WBSeLNlTxD8M2ISCmk
5GSOsh7Mw7YlBdVQb4C7W+AQ8O9zgr8ksV8HIgy7Gcjm/OsAbm46ZC6Wvig9sfNk
0x4bOiCk8czPSOaIr/8weMsYSF3Q0mjgJGYfnWCVW94yLns21AAVpWKdiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNiqURei3I892+aukv9hcEjWHxmIMB8GA1UdIwQY
MBaAFNjp5A/5+7YoDaNuly8g0xJQDBhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk9ua0Rfbjd0aWdObzI2WEx5RFRFbEFNR0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84NzM4YjktMmQwYS00ZWY2LWFmYWQt
MWFlNTA2ZWExNzYwLzEvMktwUkY2TGNqejNiNXE2U18yRndTTllmR1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84NzM4YjktMmQwYS00ZWY2LWFmYWQtMWFlNTA2ZWExNzYw
LzEvMk9ua0Rfbjd0aWdObzI2WEx5RFRFbEFNR0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwgg6MA0E
AgACMAcDBQMqC8/AMA0GCSqGSIb3DQEBCwUAA4IBAQBSwO+5e5lfk6C77PXWHlh4
QG6C/5UH5zEWcg9FBLk0hF+1kq7KlniuP0sRViZ08AVpoEGlJeyGwGfji777CY65
93gNe7z1ciDxT+vbkOT5OUraWK5tXbGiICvR8dXLhIyFMcaQJaWWhh0HDLxXHLpy
zkOH4csiNsVCagigu9q3ZMXFfJMJINleCSrN/8zsS0UMe7YQaAOMXfUNeNn/7NLv
UUAqd4iePQFM/ul4du8DysiIoWhnf+f8sEZcULkpNTXY6oPH6ZkKNCv1rJRfjyyu
emhjwXgI8v/ED6ZUQnwyfQRCLS6SGFmr7BN2enQ8ZkBrLj6LyZ/SoA31mHfj5LAi
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:15 2024 by rpki-client on console-fra.rpki-client.org