Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/2LBpOOSHwu_Zb14NVVF2UhmFkOQ.roa
File: 2LBpOOSHwu_Zb14NVVF2UhmFkOQ.roa (raw, json)
Hash identifier: 7qYnlrxsqDiT/XqsATLJNlw1bsZKpZNrv2k+Ikd8Lsw=
Subject key identifier: D8:B0:69:38:E4:87:C2:EF:D9:6F:5E:0D:55:51:76:52:19:85:90:E4
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0186B636A81F55FE3A2A7F374B02C95BE409
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/2LBpOOSHwu_Zb14NVVF2UhmFkOQ.roa
Signing time: Mon 06 Mar 2023 09:18:00 +0000
ROA not before: Mon 06 Mar 2023 09:18:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 81.29.152.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:36:a8:1f:55:fe:3a:2a:7f:37:4b:02:c9:5b:e4:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Mar 6 09:18:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8b06938e487c2efd96f5e0d55517652198590e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ee:6c:5c:23:5a:87:67:15:bd:bd:72:fb:86:
24:a5:fa:d0:62:4f:ce:f0:9b:03:b9:cd:89:21:b3:
20:d1:e5:6f:3e:34:04:b6:fc:88:30:93:36:e0:b6:
cf:86:54:5f:cc:d4:52:94:a6:97:c3:4b:c9:1b:d3:
d0:4b:cb:8d:ad:dd:31:8b:d7:5a:2c:eb:9d:a7:7a:
52:6a:9b:c9:e3:b0:91:78:81:81:0b:00:26:5c:35:
bb:da:78:0f:5b:ec:24:ac:e1:53:07:a3:8a:78:13:
41:e2:17:b6:85:92:90:2b:ae:b1:cf:30:fa:d7:f6:
88:02:6e:01:af:2f:57:0e:53:35:74:f0:68:cc:63:
bb:52:fe:a3:96:b6:de:c5:ac:ca:e0:45:26:d9:a6:
26:f3:88:d5:b5:e2:9b:3e:ef:e7:95:95:29:6e:87:
0c:02:65:b6:6e:b5:88:df:ef:e3:df:ee:8d:3f:3e:
b6:f4:9d:98:24:ba:12:3c:73:93:85:c4:50:2c:99:
ad:72:68:e3:44:f3:01:a0:b3:5a:9e:b3:8b:e2:97:
e6:f6:c2:47:58:67:bd:37:f9:ad:8f:9c:e8:e9:79:
2b:52:62:00:3e:27:5f:97:10:f6:b8:95:22:64:15:
fa:ce:67:4c:46:7b:5c:e8:bb:d9:bc:cc:33:02:cf:
47:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B0:69:38:E4:87:C2:EF:D9:6F:5E:0D:55:51:76:52:19:85:90:E4
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/2LBpOOSHwu_Zb14NVVF2UhmFkOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.152.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:51:c6:1e:b0:b6:be:3d:1e:9e:5b:9c:25:48:06:5d:95:75:
a3:d3:f0:c8:46:01:14:9c:85:0f:67:0f:c8:86:df:1f:ba:95:
47:fc:b1:f1:ce:60:07:71:8d:83:3d:b6:cc:d0:fc:68:ab:d6:
d9:96:17:c3:7b:03:8c:48:c8:dc:45:1a:83:35:bc:90:db:61:
9c:9b:a8:3f:e6:49:c1:8c:c8:4b:37:06:e3:c2:37:69:05:c9:
36:4e:29:18:8f:7d:a1:99:2e:97:97:17:71:13:7e:a4:a0:4c:
a8:1b:02:49:28:df:91:f7:e7:12:02:60:7d:fb:30:f0:79:65:
75:c7:10:31:22:18:06:bf:4b:ac:cd:f3:8d:87:8a:94:2b:b5:
c6:f3:34:fc:bd:bb:79:9d:3a:d4:b3:60:06:80:51:e1:a3:9e:
cf:a0:87:d0:fe:4c:9f:07:b9:62:eb:bd:e5:43:b5:46:33:27:
15:aa:1d:c3:b9:90:a5:26:60:e1:8a:ef:9c:e8:3b:59:70:05:
6e:92:4c:e6:b5:92:50:9a:c6:e0:74:f2:bc:d4:6c:22:c8:24:
45:d2:1b:06:cc:24:21:4c:56:8f:85:04:10:7a:5f:47:66:f9:
03:58:6c:5c:dd:fe:33:80:de:13:0c:80:32:f7:3a:82:91:54:
44:24:02:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa2NqgfVf46Kn83SwLJW+QJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMzA2MDkxODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGIwNjkzOGU0ODdjMmVmZDk2ZjVlMGQ1NTUxNzY1MjE5ODU5MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+5sXCNah2cVvb1y+4YkpfrQYk/O
8JsDuc2JIbMg0eVvPjQEtvyIMJM24LbPhlRfzNRSlKaXw0vJG9PQS8uNrd0xi9da
LOudp3pSapvJ47CReIGBCwAmXDW72ngPW+wkrOFTB6OKeBNB4he2hZKQK66xzzD6
1/aIAm4Bry9XDlM1dPBozGO7Uv6jlrbexazK4EUm2aYm84jVteKbPu/nlZUpbocM
AmW2brWI3+/j3+6NPz629J2YJLoSPHOThcRQLJmtcmjjRPMBoLNanrOL4pfm9sJH
WGe9N/mtj5zo6XkrUmIAPidflxD2uJUiZBX6zmdMRntc6LvZvMwzAs9H/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNiwaTjkh8Lv2W9eDVVRdlIZhZDkMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvMkxCcE9PU0h3dV9aYjE0TlZWRjJVaG1Ga09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2YMA0G
CSqGSIb3DQEBCwUAA4IBAQBsUcYesLa+PR6eW5wlSAZdlXWj0/DIRgEUnIUPZw/I
ht8fupVH/LHxzmAHcY2DPbbM0Pxoq9bZlhfDewOMSMjcRRqDNbyQ22Gcm6g/5knB
jMhLNwbjwjdpBck2TikYj32hmS6XlxdxE36koEyoGwJJKN+R9+cSAmB9+zDweWV1
xxAxIhgGv0uszfONh4qUK7XG8zT8vbt5nTrUs2AGgFHho57PoIfQ/kyfB7li673l
Q7VGMycVqh3DuZClJmDhiu+c6DtZcAVukkzmtZJQmsbgdPK81GwiyCRF0hsGzCQh
TFaPhQQQel9HZvkDWGxc3f4zgN4TDIAy9zqCkVREJAJ6
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:02 2024 by rpki-client on console-fra.rpki-client.org