Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/cG_wxXQwVIhAt83E5Vqnr_bDmas.roa
File: cG_wxXQwVIhAt83E5Vqnr_bDmas.roa (raw, json)
Hash identifier: Aw1//MAeMi04q7GZw5zPrMFAbdxJuMd7hSsBSL2HQjQ=
Subject key identifier: 70:6F:F0:C5:74:30:54:88:40:B7:CD:C4:E5:5A:A7:AF:F6:C3:99:AB
Certificate issuer: /CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Certificate serial: 01857014FC46B71FC15B9964D8752AE48687
Authority key identifier: 2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/cG_wxXQwVIhAt83E5Vqnr_bDmas.roa
Signing time: Mon 02 Jan 2023 01:25:01 +0000
ROA not before: Mon 02 Jan 2023 01:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2134
IP address blocks: 62.164.0.0/17 maxlen: 24
193.127.0.0/16 maxlen: 24
195.234.166.0/24 maxlen: 24
193.201.108.0/24 maxlen: 24
2a00:dc80::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:14:fc:46:b7:1f:c1:5b:99:64:d8:75:2a:e4:86:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Validity
Not Before: Jan 2 01:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=706ff0c57430548840b7cdc4e55aa7aff6c399ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bb:c1:3d:da:de:44:e4:8f:e7:10:80:aa:96:
99:7b:e4:f9:2f:f8:0c:f3:b1:cc:80:ff:eb:eb:10:
fd:37:4b:db:bf:cf:ef:a2:b6:e0:7e:50:cd:51:8a:
93:39:16:9f:8c:f8:14:8c:4f:5b:16:13:e7:a1:75:
89:47:74:b2:52:d6:27:33:42:c6:51:48:18:eb:b4:
2b:f1:83:96:1a:40:f4:bb:ff:50:1a:6a:8b:92:b2:
14:36:7c:a2:70:88:29:75:c3:24:5e:79:05:20:67:
df:9f:03:a2:89:a6:65:fb:ed:17:2b:97:9b:73:60:
17:50:d7:19:36:c2:b2:c7:d4:d1:60:ee:66:86:a8:
c1:bc:22:8e:09:b2:d5:ba:50:41:71:8c:de:1b:28:
57:9b:4d:00:35:1c:49:4e:f2:ab:d5:74:b7:ed:34:
a3:b3:0a:75:75:29:30:51:86:11:8c:ba:d5:dc:5c:
6b:51:5c:fe:3b:c5:1a:cf:6a:51:d6:02:9b:ac:ad:
87:14:e8:fc:2a:fc:18:c9:25:69:17:52:1c:19:fa:
d8:9b:cf:9b:8a:32:28:70:00:56:93:f2:42:7d:a8:
9e:bc:c9:57:6b:df:ef:34:5c:48:9c:98:cc:09:89:
26:04:55:c9:2f:b1:f8:78:18:43:c7:1f:f6:b9:a7:
07:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6F:F0:C5:74:30:54:88:40:B7:CD:C4:E5:5A:A7:AF:F6:C3:99:AB
X509v3 Authority Key Identifier:
keyid:2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/cG_wxXQwVIhAt83E5Vqnr_bDmas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.0.0/17
193.127.0.0/16
193.201.108.0/24
195.234.166.0/24
IPv6:
2a00:dc80::/32
Signature Algorithm: sha256WithRSAEncryption
51:40:b8:14:26:bb:89:f8:88:ea:c0:df:54:1e:cd:de:ce:b5:
d9:c3:ad:85:e6:50:95:84:5f:9b:19:7a:13:61:f5:83:5b:ce:
84:c9:fa:76:74:af:1f:82:89:83:24:da:ea:d4:e6:07:28:a2:
6e:5c:d3:12:1d:66:bf:86:44:8f:2b:0f:c4:dd:e2:ab:8a:a7:
e5:d8:15:93:ac:8c:f4:60:86:7e:a8:af:f1:6e:7a:87:d4:cf:
fe:14:12:3d:98:c3:6c:64:ea:5d:cb:e6:2f:bc:a4:06:f9:08:
0d:a5:a2:47:9e:86:82:24:25:63:f2:f4:60:8f:a4:73:a3:25:
09:97:00:a1:f0:d7:1c:30:05:38:eb:81:ea:e2:c5:2a:e3:25:
49:11:83:6e:4b:9e:46:2b:0f:ac:0c:20:e3:b0:65:fe:96:6a:
74:4c:6a:a5:51:02:d9:39:a2:6e:aa:6f:a3:95:e0:a1:a2:f2:
26:d6:08:34:bc:43:d5:c0:8c:d7:8b:13:cb:d7:bc:a1:9d:3b:
4f:97:24:50:1d:fd:3e:ba:6a:58:ca:60:c4:a2:35:7f:01:47:
28:86:63:34:a0:81:fc:b4:5c:2c:f0:cb:78:92:25:ca:65:a1:
e9:02:41:42:67:21:4f:d5:49:88:aa:70:f9:05:dc:c6:25:65:
8c:28:5a:69
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVwFPxGtx/BW5lk2HUq5IaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjM2IwYWU1YjdmNzgxMTIyYzcwOWEyNjUwYWRmOTcyOTE4
N2UxZTEwHhcNMjMwMTAyMDEyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDZmZjBjNTc0MzA1NDg4NDBiN2NkYzRlNTVhYTdhZmY2YzM5OWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirvBPdreROSP5xCAqpaZe+T5L/gM
87HMgP/r6xD9N0vbv8/vorbgflDNUYqTORafjPgUjE9bFhPnoXWJR3SyUtYnM0LG
UUgY67Qr8YOWGkD0u/9QGmqLkrIUNnyicIgpdcMkXnkFIGffnwOiiaZl++0XK5eb
c2AXUNcZNsKyx9TRYO5mhqjBvCKOCbLVulBBcYzeGyhXm00ANRxJTvKr1XS37TSj
swp1dSkwUYYRjLrV3FxrUVz+O8Uaz2pR1gKbrK2HFOj8KvwYySVpF1IcGfrYm8+b
ijIocABWk/JCfaievMlXa9/vNFxInJjMCYkmBFXJL7H4eBhDxx/2uacHKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHBv8MV0MFSIQLfNxOVap6/2w5mrMB8GA1UdIwQY
MBaAFCw7CuW394ESLHCaJlCt+XKRh+HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEt
ZmZjY2EzZTFmMTdmLzEvY0dfd3hYUXdWSWhBdDgzRTVWcW5yX2JEbWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEtZmZjY2EzZTFmMTdm
LzEvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQHPqQAAwMA
wX8DBADByWwDBADD6qYwDQQCAAIwBwMFACoA3IAwDQYJKoZIhvcNAQELBQADggEB
AFFAuBQmu4n4iOrA31Qezd7OtdnDrYXmUJWEX5sZehNh9YNbzoTJ+nZ0rx+CiYMk
2urU5gcoom5c0xIdZr+GRI8rD8Td4quKp+XYFZOsjPRghn6or/FueofUz/4UEj2Y
w2xk6l3L5i+8pAb5CA2lokeehoIkJWPy9GCPpHOjJQmXAKHw1xwwBTjrgerixSrj
JUkRg25LnkYrD6wMIOOwZf6WanRMaqVRAtk5om6qb6OV4KGi8ibWCDS8Q9XAjNeL
E8vXvKGdO0+XJFAd/T66aljKYMSiNX8BRyiGYzSggfy0XCzwy3iSJcploekCQUJn
IU/VSYiqcPkF3MYlZYwoWmk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org