Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/2tiWctyv-a5oJB1e5SX8q9cqvhk.roa
File: 2tiWctyv-a5oJB1e5SX8q9cqvhk.roa (raw, json)
Hash identifier: Sl4fzyb4kgNqq0UtTSyuGx0p+TgH3AcSzriTNRvnw90=
Subject key identifier: DA:D8:96:72:DC:AF:F9:AE:68:24:1D:5E:E5:25:FC:AB:D7:2A:BE:19
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018A1A712421D3EC5BA456EEEF1D06F37B5B
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/2tiWctyv-a5oJB1e5SX8q9cqvhk.roa
Signing time: Mon 21 Aug 2023 23:32:16 +0000
ROA not before: Mon 21 Aug 2023 23:32:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25437
IP address blocks: 195.20.119.0/24 maxlen: 24
31.40.158.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1a:71:24:21:d3:ec:5b:a4:56:ee:ef:1d:06:f3:7b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Aug 21 23:32:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dad89672dcaff9ae68241d5ee525fcabd72abe19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:11:20:bf:0c:93:21:ac:a5:e8:64:74:e6:0a:
77:12:e0:85:47:a2:2d:c9:a9:be:23:31:c5:be:d4:
90:a0:c6:55:b8:bd:80:3f:11:e8:7b:4a:f2:50:1e:
9f:a6:82:00:5c:3e:01:38:cc:52:09:55:12:ee:0a:
09:e6:16:5e:ee:27:c3:ef:14:dd:3b:7f:50:c7:7a:
58:5d:c6:81:64:47:27:02:e2:a0:91:80:29:c4:9a:
4c:38:cc:97:85:09:11:7c:45:3d:6d:ac:96:c1:7b:
7e:86:01:08:4b:2e:76:d9:af:5f:fe:14:24:00:eb:
2e:44:93:89:ce:28:b1:2e:31:ff:fd:12:f8:d9:44:
d4:82:21:f3:5d:97:2f:62:40:d9:a1:ba:4d:0d:9e:
76:f0:c6:c0:22:bd:79:83:a9:d9:72:95:f2:2f:88:
d7:66:99:83:cb:35:2a:7f:ee:c8:74:be:cd:71:23:
21:fc:62:72:53:b5:59:0f:e9:c1:9d:7c:3e:aa:21:
c5:8e:c5:88:48:62:19:99:5f:2e:d4:ed:59:7f:dc:
2f:09:a3:b2:38:0b:2d:e0:82:6a:8a:40:1b:aa:76:
f1:46:30:a5:9e:80:cb:71:bb:e1:a4:ce:c2:55:84:
83:91:45:32:f3:2e:db:f8:a2:cc:29:ff:83:9e:55:
b9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D8:96:72:DC:AF:F9:AE:68:24:1D:5E:E5:25:FC:AB:D7:2A:BE:19
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/2tiWctyv-a5oJB1e5SX8q9cqvhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.158.0/24
195.20.119.0/24
Signature Algorithm: sha256WithRSAEncryption
08:15:ad:d2:e9:1c:4d:f9:25:aa:39:71:9a:9e:f5:57:14:f4:
4c:bf:52:27:42:04:94:ec:5d:7a:aa:96:3e:96:ce:b9:53:e6:
6f:ca:6a:c6:b9:c5:49:d1:fa:3b:79:94:79:ff:a9:21:8b:08:
1c:ff:67:08:9e:e4:8c:14:0f:4e:57:19:6e:d2:7a:48:c1:a1:
fb:cc:7b:d5:bd:7b:2a:ca:1d:c1:f4:29:dc:61:0b:26:96:dd:
b9:cb:fb:94:0b:60:98:26:60:d1:a3:de:f1:36:4c:e9:c1:76:
24:e9:eb:3f:9c:f1:1f:83:e4:f7:2f:d3:6f:6f:94:09:2e:69:
ec:d8:4b:81:7d:14:59:a6:05:e6:e7:a0:fe:fc:33:3b:e1:13:
65:1b:2b:1d:76:24:c1:28:f9:73:78:45:5c:97:29:22:d8:bd:
9b:44:7d:97:8d:27:c5:5f:6a:65:7e:63:bf:e2:e8:a7:10:15:
aa:77:bc:0c:f0:ac:6d:76:8d:7b:52:67:7f:8c:e3:b1:50:f8:
03:e6:f5:5e:31:29:ce:ee:06:9e:1e:27:3a:7e:a2:b9:67:91:
eb:d0:e0:68:00:0d:85:10:1a:56:57:f4:56:e1:e2:46:98:ef:
c9:aa:a1:2a:da:f5:9d:da:39:48:92:0b:6f:b9:fe:40:24:6d:
f7:91:a4:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoacSQh0+xbpFbu7x0G83tbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMwODIxMjMzMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQ4OTY3MmRjYWZmOWFlNjgyNDFkNWVlNTI1ZmNhYmQ3MmFiZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBEgvwyTIayl6GR05gp3EuCFR6It
yam+IzHFvtSQoMZVuL2APxHoe0ryUB6fpoIAXD4BOMxSCVUS7goJ5hZe7ifD7xTd
O39Qx3pYXcaBZEcnAuKgkYApxJpMOMyXhQkRfEU9bayWwXt+hgEISy522a9f/hQk
AOsuRJOJziixLjH//RL42UTUgiHzXZcvYkDZobpNDZ528MbAIr15g6nZcpXyL4jX
ZpmDyzUqf+7IdL7NcSMh/GJyU7VZD+nBnXw+qiHFjsWISGIZmV8u1O1Zf9wvCaOy
OAst4IJqikAbqnbxRjClnoDLcbvhpM7CVYSDkUUy8y7b+KLMKf+DnlW5OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNrYlnLcr/muaCQdXuUl/KvXKr4ZMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvMnRpV2N0eXYtYTVvSkIxZTVTWDhxOWNxdmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHyieAwQA
wxR3MA0GCSqGSIb3DQEBCwUAA4IBAQAIFa3S6RxN+SWqOXGanvVXFPRMv1InQgSU
7F16qpY+ls65U+ZvymrGucVJ0fo7eZR5/6khiwgc/2cInuSMFA9OVxlu0npIwaH7
zHvVvXsqyh3B9CncYQsmlt25y/uUC2CYJmDRo97xNkzpwXYk6es/nPEfg+T3L9Nv
b5QJLmns2EuBfRRZpgXm56D+/DM74RNlGysddiTBKPlzeEVclyki2L2bRH2XjSfF
X2plfmO/4uinEBWqd7wM8Kxtdo17Umd/jOOxUPgD5vVeMSnO7gaeHic6fqK5Z5Hr
0OBoAA2FEBpWV/RW4eJGmO/JqqEq2vWd2jlIkgtvuf5AJG33kaR0
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:17 2024 by rpki-client on console-fra.rpki-client.org