Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/2WZLi5Odvg8eWPuFZwXQQXX2aj8.roa
File: 2WZLi5Odvg8eWPuFZwXQQXX2aj8.roa (raw, json)
Hash identifier: pE18eN0EJIwkJfqCwkDIuzp6Zf3zC81DD1Rbvn8Cgr0=
Subject key identifier: D9:66:4B:8B:93:9D:BE:0F:1E:58:FB:85:67:05:D0:41:75:F6:6A:3F
Certificate issuer: /CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Certificate serial: 018570027D2A3B1A5E1DF773DFF3B5996DC5
Authority key identifier: 2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/2WZLi5Odvg8eWPuFZwXQQXX2aj8.roa
Signing time: Mon 02 Jan 2023 01:04:49 +0000
ROA not before: Mon 02 Jan 2023 01:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201167
IP address blocks: 94.20.239.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:7d:2a:3b:1a:5e:1d:f7:73:df:f3:b5:99:6d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Validity
Not Before: Jan 2 01:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9664b8b939dbe0f1e58fb856705d04175f66a3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:13:a5:b8:27:83:6f:cc:fb:b0:b1:a5:e1:85:
28:e7:1a:d9:92:b3:00:ef:27:12:59:0f:23:b2:b8:
8a:87:46:8e:af:ed:98:67:07:33:c1:b7:d5:32:ae:
11:0b:9c:0c:c0:93:f8:bb:92:93:6d:1f:8e:2b:b1:
82:bd:43:85:a6:43:3c:f0:c8:27:a9:98:45:0e:70:
e8:50:bc:98:a3:b9:44:1f:16:d4:77:34:62:e4:aa:
b9:67:6f:50:05:8f:e8:19:1f:2c:86:0c:0f:ab:0c:
17:96:1b:b4:73:31:94:19:a7:94:b0:fe:2f:f4:d5:
cd:a7:b3:3f:ca:67:bc:11:b6:ab:1a:e4:ab:19:16:
54:09:d4:16:f3:31:ed:b0:79:88:ff:a0:e7:aa:cd:
61:d6:c0:83:e0:97:a7:9d:df:d1:71:4e:1a:ce:2f:
39:17:1f:d5:72:83:e6:e9:78:e5:7f:00:39:eb:c4:
99:45:7d:98:df:35:47:3f:c1:91:58:ac:e4:8d:52:
00:df:5b:04:0d:24:91:8d:74:7f:d5:9e:cd:f8:b4:
01:32:ef:96:4e:87:0d:db:f9:e2:3d:79:69:75:ad:
f4:3e:ed:26:69:e9:00:5d:ed:31:aa:72:77:6a:69:
c2:3d:9d:72:7a:e7:d6:de:df:5d:67:43:92:9b:ed:
a6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:66:4B:8B:93:9D:BE:0F:1E:58:FB:85:67:05:D0:41:75:F6:6A:3F
X509v3 Authority Key Identifier:
keyid:2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/2WZLi5Odvg8eWPuFZwXQQXX2aj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.20.239.0/24
Signature Algorithm: sha256WithRSAEncryption
18:2e:68:43:f9:a3:c0:3c:18:53:b5:7e:32:bf:7c:25:1a:b6:
fc:c2:a3:91:e6:79:03:95:82:02:f9:d6:10:66:57:44:4f:e3:
5d:16:9c:ec:01:50:72:a1:0c:45:6c:ce:cc:6a:30:04:fc:1a:
c4:8c:9a:fa:ed:64:6e:74:e8:cb:b0:5d:9f:e3:91:d1:a8:c9:
14:26:e9:e7:2f:c4:6e:2d:22:25:dd:ea:ff:8e:1a:57:5c:80:
c3:f2:cd:7a:c0:1a:71:7e:b6:0e:7d:74:4d:b6:c1:ea:ec:3c:
e8:74:22:25:a2:59:26:ca:db:fe:8a:7a:39:2b:3e:c6:e9:1f:
72:3d:fb:d7:93:da:80:5e:67:4a:84:7e:9f:63:31:5b:07:7d:
56:a7:47:f0:b0:f9:41:fa:6e:30:3c:9b:f5:27:50:9c:4a:2d:
9a:32:20:f9:5a:76:ce:a7:67:e4:26:22:cd:5b:1b:9a:95:65:
19:fd:1c:af:4a:a2:1f:28:70:83:7a:df:d7:cd:eb:81:40:41:
7b:a8:70:8f:0d:e3:32:cb:8d:b0:40:3f:a6:04:35:93:27:89:
68:0e:0d:30:8f:6e:dc:9d:85:d5:08:ed:6e:57:eb:d6:d2:fa:
c8:e1:e7:87:df:17:a9:e2:58:74:0e:35:b9:6d:3f:51:e9:20:
f8:29:b8:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAn0qOxpeHfdz3/O1mW3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjUyYTQ3NzI0MmZiNDVmMjBiYjA4MDIwYTQwM2EyYmI0
NjZhOWIwHhcNMjMwMTAyMDEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTY2NGI4YjkzOWRiZTBmMWU1OGZiODU2NzA1ZDA0MTc1ZjY2YTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxOluCeDb8z7sLGl4YUo5xrZkrMA
7ycSWQ8jsriKh0aOr+2YZwczwbfVMq4RC5wMwJP4u5KTbR+OK7GCvUOFpkM88Mgn
qZhFDnDoULyYo7lEHxbUdzRi5Kq5Z29QBY/oGR8shgwPqwwXlhu0czGUGaeUsP4v
9NXNp7M/yme8EbarGuSrGRZUCdQW8zHtsHmI/6Dnqs1h1sCD4Jennd/RcU4azi85
Fx/VcoPm6XjlfwA568SZRX2Y3zVHP8GRWKzkjVIA31sEDSSRjXR/1Z7N+LQBMu+W
TocN2/niPXlpda30Pu0maekAXe0xqnJ3amnCPZ1yeufW3t9dZ0OSm+2mwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNlmS4uTnb4PHlj7hWcF0EF19mo/MB8GA1UdIwQY
MBaAFC4lKkdyQvtF8guwgCCkA6K7RmqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmIt
MTZmMTQ2YmVmOTk1LzEvMldaTGk1T2R2ZzhlV1B1Rlp3WFFRWFgyYWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmItMTZmMTQ2YmVmOTk1
LzEvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXhTvMA0G
CSqGSIb3DQEBCwUAA4IBAQAYLmhD+aPAPBhTtX4yv3wlGrb8wqOR5nkDlYIC+dYQ
ZldET+NdFpzsAVByoQxFbM7MajAE/BrEjJr67WRudOjLsF2f45HRqMkUJunnL8Ru
LSIl3er/jhpXXIDD8s16wBpxfrYOfXRNtsHq7DzodCIlolkmytv+ino5Kz7G6R9y
PfvXk9qAXmdKhH6fYzFbB31Wp0fwsPlB+m4wPJv1J1CcSi2aMiD5WnbOp2fkJiLN
WxualWUZ/RyvSqIfKHCDet/XzeuBQEF7qHCPDeMyy42wQD+mBDWTJ4loDg0wj27c
nYXVCO1uV+vW0vrI4eeH3xep4lh0DjW5bT9R6SD4KbiD
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:27 2024 by rpki-client on console-ams.rpki-client.org