Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/dO8Ax5IXjukIznAao0Av4PN_aDk.roa
File: dO8Ax5IXjukIznAao0Av4PN_aDk.roa (raw, json)
Hash identifier: fLZFdwbk+31sWONw5yyKdQh+m1U4krA82HxjOTOyK84=
Subject key identifier: 74:EF:00:C7:92:17:8E:E9:08:CE:70:1A:A3:40:2F:E0:F3:7F:68:39
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01856CC176A9123DBD8BFC12C633939BAF19
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/dO8Ax5IXjukIznAao0Av4PN_aDk.roa
Signing time: Sun 01 Jan 2023 09:54:56 +0000
ROA not before: Sun 01 Jan 2023 09:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6057
IP address blocks: 2.22.26.0/23 maxlen: 23
2.22.28.0/24 maxlen: 24
2.18.64.0/24 maxlen: 24
2.19.251.0/24 maxlen: 24
2.22.24.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:76:a9:12:3d:bd:8b:fc:12:c6:33:93:9b:af:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 09:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74ef00c792178ee908ce701aa3402fe0f37f6839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f2:24:37:dd:43:93:1e:63:88:3e:85:88:84:
05:2f:44:01:3b:70:e9:c9:65:76:80:bd:f6:49:cc:
0f:14:1c:84:66:e3:a3:e2:4c:9a:f9:3f:52:b4:ec:
60:8f:0d:b6:73:35:fb:6a:f0:40:4e:d7:26:43:f1:
84:ca:2d:f5:04:d5:59:b3:f9:41:91:ad:07:8a:5d:
38:e2:e8:3e:67:bf:e5:c7:09:0c:5f:07:eb:51:89:
3a:db:74:bc:e5:04:ce:83:26:a1:61:3b:f3:c8:6d:
f5:b0:17:db:72:57:8d:3c:34:bf:03:c1:1e:bd:4a:
86:f5:47:af:bb:3d:39:c5:4e:85:a5:44:25:68:31:
08:a1:8e:01:93:02:58:41:72:d5:0e:ee:9f:eb:a0:
96:66:41:76:54:81:2c:0e:e2:f0:56:8e:92:4b:7c:
de:f4:9f:d2:44:bf:2e:c7:c9:b7:cb:25:ea:06:7b:
7a:31:f9:99:5d:a1:5e:60:fd:23:e2:d2:07:70:fe:
34:9e:56:6f:ca:5a:a4:7e:65:40:94:19:6d:4c:b5:
5c:ca:f7:97:db:7e:1c:7d:6b:68:00:47:da:74:b8:
90:aa:57:31:51:5f:f9:36:d5:f3:19:61:49:08:5c:
3e:66:03:cd:1b:af:4c:0e:75:a9:53:ae:9d:b2:29:
35:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EF:00:C7:92:17:8E:E9:08:CE:70:1A:A3:40:2F:E0:F3:7F:68:39
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/dO8Ax5IXjukIznAao0Av4PN_aDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.18.64.0/24
2.19.251.0/24
2.22.24.0-2.22.28.255
Signature Algorithm: sha256WithRSAEncryption
9f:0f:73:75:15:ea:85:42:34:a9:58:d0:b9:01:af:a1:93:e2:
33:9e:e1:a5:44:40:4f:7f:c8:4b:95:4c:fb:4e:60:d1:62:16:
a4:73:d2:a0:3c:c5:af:7d:14:e2:92:d9:db:68:14:06:b8:55:
17:14:ca:99:30:a5:8d:7e:27:79:41:17:82:4e:cd:8a:d3:06:
d4:a0:86:88:bd:df:c8:5a:96:9f:c7:0b:c7:ee:90:fc:72:d2:
c4:11:f3:b3:95:82:11:1c:ed:80:aa:d0:01:93:fe:6e:ab:95:
25:c1:85:06:b0:cf:2b:c4:a9:b8:b6:0c:22:5e:f0:19:20:35:
62:92:56:c5:78:e2:10:30:31:6a:83:9c:90:14:f9:6e:80:1a:
36:9c:b3:ae:a4:30:90:d8:36:54:75:37:02:47:b2:8e:ce:d3:
19:76:08:67:a8:f8:aa:b6:b2:17:cd:9f:ec:b1:df:dc:74:22:
86:a9:a5:e5:77:74:28:bc:d1:47:e1:80:cc:d8:9c:8b:62:69:
e8:db:0b:98:a8:ec:69:d5:55:f5:c2:29:62:e8:d8:d4:47:51:
b4:ad:ed:5e:04:76:89:97:d1:f9:75:c7:c3:28:58:9f:79:bb:
f3:b5:14:9d:74:7d:43:78:12:1e:84:aa:e6:6c:75:49:a1:29:
82:0d:47:74
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVswXapEj29i/wSxjOTm68ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwMTAxMDk1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGVmMDBjNzkyMTc4ZWU5MDhjZTcwMWFhMzQwMmZlMGYzN2Y2ODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfIkN91Dkx5jiD6FiIQFL0QBO3Dp
yWV2gL32ScwPFByEZuOj4kya+T9StOxgjw22czX7avBATtcmQ/GEyi31BNVZs/lB
ka0Hil044ug+Z7/lxwkMXwfrUYk623S85QTOgyahYTvzyG31sBfbcleNPDS/A8Ee
vUqG9Uevuz05xU6FpUQlaDEIoY4BkwJYQXLVDu6f66CWZkF2VIEsDuLwVo6SS3ze
9J/SRL8ux8m3yyXqBnt6MfmZXaFeYP0j4tIHcP40nlZvylqkfmVAlBltTLVcyveX
234cfWtoAEfadLiQqlcxUV/5NtXzGWFJCFw+ZgPNG69MDnWpU66dsik1ZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHTvAMeSF47pCM5wGqNAL+Dzf2g5MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvZE84QXg1SVhqdWtJem5BYW8wQXY0UE5fYURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAAhJAAwQA
AhP7MAwDBAMCFhgDBAACFhwwDQYJKoZIhvcNAQELBQADggEBAJ8Pc3UV6oVCNKlY
0LkBr6GT4jOe4aVEQE9/yEuVTPtOYNFiFqRz0qA8xa99FOKS2dtoFAa4VRcUypkw
pY1+J3lBF4JOzYrTBtSghoi938halp/HC8fukPxy0sQR87OVghEc7YCq0AGT/m6r
lSXBhQawzyvEqbi2DCJe8BkgNWKSVsV44hAwMWqDnJAU+W6AGjacs66kMJDYNlR1
NwJHso7O0xl2CGeo+Kq2shfNn+yx39x0IoappeV3dCi80UfhgMzYnItiaejbC5io
7GnVVfXCKWLo2NRHUbSt7V4EdomX0fl1x8MoWJ95u/O1FJ10fUN4Eh6EquZsdUmh
KYINR3Q=
-----END CERTIFICATE-----
Generated at Mon Sep 4 10:23:55 2023 by rpki-client on console-fra.rpki-client.org