Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/2ZQ_fqX2WAwPFfwEMPJAmNR91mI.roa
File: 2ZQ_fqX2WAwPFfwEMPJAmNR91mI.roa (raw, json)
Hash identifier: CH5rG3irb5Us1CGqvlU7jAbD4ODn+ptTPm6DVOroH9E=
Subject key identifier: D9:94:3F:7E:A5:F6:58:0C:0F:15:FC:04:30:F2:40:98:D4:7D:D6:62
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0187508C24B52ED1EB79A47108D7AEA4809E
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/2ZQ_fqX2WAwPFfwEMPJAmNR91mI.roa
Signing time: Wed 05 Apr 2023 08:32:54 +0000
ROA not before: Wed 05 Apr 2023 08:32:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44547
IP address blocks: 130.255.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Apr 2023 07:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:8c:24:b5:2e:d1:eb:79:a4:71:08:d7:ae:a4:80:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Apr 5 08:32:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9943f7ea5f6580c0f15fc0430f24098d47dd662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a8:3f:01:c7:7f:c1:c9:f7:fe:58:c8:04:1e:
9a:0a:de:cd:c2:6b:94:f6:f5:ff:57:d9:a8:3e:8d:
7c:f1:d5:17:56:f7:52:10:0f:67:48:5d:9a:84:ad:
82:bb:b0:18:f8:ca:3b:99:46:f5:35:c2:a2:8c:da:
80:9b:63:20:65:c7:de:37:69:55:44:c3:b6:4a:98:
9c:1b:46:59:d6:56:a2:21:71:e9:a2:6c:46:60:20:
10:3d:1c:90:46:c2:31:64:10:e2:01:cf:1a:05:81:
e8:af:f3:94:2b:c7:56:97:87:b7:3c:a5:e4:13:6e:
9d:a5:86:f4:7e:bf:77:ae:fe:29:a2:9e:0e:92:50:
1c:fd:32:d5:81:f8:25:9a:63:72:17:10:ee:1c:50:
1c:f6:db:e0:58:03:56:a1:7c:16:7b:3a:94:af:87:
6e:e8:da:28:2e:e2:ef:5d:4b:b3:9a:7c:72:7a:83:
20:ca:27:94:47:f9:fe:ff:89:b7:4e:ff:72:68:70:
ca:e8:73:79:f8:fc:7e:ed:39:3b:f0:e0:b8:48:f2:
85:1e:c1:c2:fc:1d:05:f0:a3:5e:f3:0d:21:e0:6f:
40:64:bb:ae:e7:74:f1:2b:15:58:42:07:4c:8f:00:
62:d0:3f:e9:82:7f:1c:6b:02:5f:e7:0e:60:bd:0d:
03:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:94:3F:7E:A5:F6:58:0C:0F:15:FC:04:30:F2:40:98:D4:7D:D6:62
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/2ZQ_fqX2WAwPFfwEMPJAmNR91mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
91:5c:a6:2a:53:77:f7:b3:67:91:43:41:28:20:80:6c:ce:83:
a4:18:6a:79:c3:64:0d:9f:10:e7:ee:21:ae:17:df:3b:0d:94:
1c:8a:17:5d:b7:66:6f:94:57:43:63:8b:f0:c1:a0:3f:72:9c:
c6:c0:fa:65:f9:83:ac:eb:89:c4:d0:54:03:a6:52:7d:6b:da:
3f:05:91:04:43:51:fb:13:c0:7d:a0:78:6a:ec:a6:6e:34:95:
f1:4c:13:3b:7c:7d:38:8e:38:2b:7a:2f:58:91:b7:d7:97:c7:
9b:6e:4e:13:4e:16:9c:4e:ef:ee:51:2b:62:8c:2e:6f:e2:45:
0f:4f:ed:77:8c:9c:e6:63:75:d6:39:3d:a7:90:7a:de:24:73:
1a:88:1d:b9:34:a2:53:de:02:c5:a4:64:ad:e6:75:7c:5f:ec:
4f:db:da:0c:34:01:6b:9b:76:dc:f6:40:0f:ab:14:61:4a:e7:
56:98:4f:1f:bb:45:c8:e4:78:3c:0e:3b:88:24:9d:4f:cb:41:
4a:34:d8:9f:66:cf:f5:cc:2a:18:57:58:cd:6c:a8:0e:61:d9:
74:d7:24:39:15:10:84:c3:ac:58:ce:1c:34:a1:1f:eb:11:66:
29:67:13:f3:21:9d:23:6a:73:ed:7b:df:ed:9f:c9:73:c1:8c:
f6:36:b0:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdQjCS1LtHreaRxCNeupICeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNDA1MDgzMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTk0M2Y3ZWE1ZjY1ODBjMGYxNWZjMDQzMGYyNDA5OGQ0N2RkNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKg/Acd/wcn3/ljIBB6aCt7NwmuU
9vX/V9moPo188dUXVvdSEA9nSF2ahK2Cu7AY+Mo7mUb1NcKijNqAm2MgZcfeN2lV
RMO2SpicG0ZZ1laiIXHpomxGYCAQPRyQRsIxZBDiAc8aBYHor/OUK8dWl4e3PKXk
E26dpYb0fr93rv4pop4OklAc/TLVgfglmmNyFxDuHFAc9tvgWANWoXwWezqUr4du
6NooLuLvXUuzmnxyeoMgyieUR/n+/4m3Tv9yaHDK6HN5+Px+7Tk78OC4SPKFHsHC
/B0F8KNe8w0h4G9AZLuu53TxKxVYQgdMjwBi0D/pgn8cawJf5w5gvQ0D2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmUP36l9lgMDxX8BDDyQJjUfdZiMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMlpRX2ZxWDJXQXdQRmZ3RU1QSkFtTlI5MW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgv9EMA0G
CSqGSIb3DQEBCwUAA4IBAQCRXKYqU3f3s2eRQ0EoIIBszoOkGGp5w2QNnxDn7iGu
F987DZQcihddt2ZvlFdDY4vwwaA/cpzGwPpl+YOs64nE0FQDplJ9a9o/BZEEQ1H7
E8B9oHhq7KZuNJXxTBM7fH04jjgrei9YkbfXl8ebbk4TThacTu/uUStijC5v4kUP
T+13jJzmY3XWOT2nkHreJHMaiB25NKJT3gLFpGSt5nV8X+xP29oMNAFrm3bc9kAP
qxRhSudWmE8fu0XI5Hg8DjuIJJ1Py0FKNNifZs/1zCoYV1jNbKgOYdl01yQ5FRCE
w6xYzhw0oR/rEWYpZxPzIZ0janPte9/tn8lzwYz2NrCu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org