Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/2GfiHL2pskeBMTgDoVIeW4QyASs.roa
File: 2GfiHL2pskeBMTgDoVIeW4QyASs.roa (raw, json)
Hash identifier: PrGzOyMWfbJMM/GM/8ftIFj+Bq8Cn05OjGZ4xqcOWlk=
Subject key identifier: D8:67:E2:1C:BD:A9:B2:47:81:31:38:03:A1:52:1E:5B:84:32:01:2B
Certificate issuer: /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial: 018F54A8C2454E472A37FD699CC5C5DCC5D5
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/2GfiHL2pskeBMTgDoVIeW4QyASs.roa
Signing time: Tue 07 May 2024 20:04:56 +0000
ROA not before: Tue 07 May 2024 20:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 269070
IP address blocks: 185.14.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jun 2024 19:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:54:a8:c2:45:4e:47:2a:37:fd:69:9c:c5:c5:dc:c5:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Validity
Not Before: May 7 20:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d867e21cbda9b24781313803a1521e5b8432012b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0b:df:c2:d8:43:b2:0f:c4:ca:e6:1c:6c:d5:
03:b4:a1:78:5d:0f:5e:67:d1:74:19:0f:52:5a:c0:
45:65:e6:6f:ee:ac:4d:6f:e3:a9:52:81:15:60:5d:
43:21:fc:1d:e4:9f:aa:89:a7:3e:a5:4e:9d:a4:d5:
ca:1f:41:9f:29:07:b8:e4:09:68:b8:f8:22:f3:64:
70:48:20:85:ee:08:ad:be:87:c4:53:36:d5:1d:fb:
ab:94:5b:af:85:94:c1:05:86:44:67:da:db:71:fd:
1a:90:1e:c8:1f:95:27:e4:42:b0:1f:af:09:d3:45:
e2:60:8e:cf:4d:c2:10:1d:64:8c:d2:36:59:7a:f8:
c8:66:06:a6:c9:5a:80:1d:db:49:6a:9a:79:bb:00:
a0:95:b3:dd:22:02:93:9f:41:b7:3e:02:ab:d5:4d:
d0:8d:86:8d:46:98:8a:69:13:37:7a:48:dc:4e:61:
17:4d:0a:3a:eb:fb:73:6e:f2:33:85:73:9e:2c:db:
0f:c2:55:b4:9d:7c:d7:40:cf:7f:3d:20:da:4e:52:
f3:86:64:7d:a6:4b:32:11:24:64:17:b5:45:c8:d0:
c2:20:38:c5:cf:ad:e0:39:4f:e6:18:f8:51:7b:4d:
34:16:0e:d4:04:3d:45:77:68:a8:d1:a5:54:8f:e5:
3c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:67:E2:1C:BD:A9:B2:47:81:31:38:03:A1:52:1E:5B:84:32:01:2B
X509v3 Authority Key Identifier:
keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/2GfiHL2pskeBMTgDoVIeW4QyASs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.238.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:29:3c:93:65:3c:cb:a2:95:d2:4d:5c:ff:d1:e9:8c:7e:54:
30:93:47:5d:e9:4d:cb:e2:42:46:e6:76:2e:18:d3:6e:35:85:
44:0b:2d:a7:6e:9e:f0:a2:40:1a:5d:48:14:94:69:91:8c:d7:
00:39:f3:66:47:6a:7e:b3:04:3a:64:23:e0:ad:36:b9:f0:66:
16:69:58:c1:7e:df:fc:d0:41:03:c6:09:37:65:23:10:a8:74:
9a:29:fe:92:4c:e2:ae:18:6d:55:a6:ed:c6:ff:bf:07:96:cb:
01:2a:8f:a1:34:dd:e0:50:8a:78:ea:66:f2:92:3f:83:de:fc:
e6:7c:95:43:0e:66:70:14:71:ae:b7:60:9f:45:3b:2e:3a:ac:
37:0b:4a:df:54:32:09:68:39:5d:74:5b:38:48:e4:84:7a:98:
61:21:86:6d:ff:72:33:a3:5a:21:f7:d8:33:72:26:c6:1d:53:
05:f5:b6:3a:37:9e:b0:2b:06:60:c8:10:55:4b:b5:75:06:fe:
f4:10:40:ab:31:05:b9:23:dd:98:72:c7:1d:f7:0e:07:25:01:
85:91:e9:f2:3c:40:f5:ee:bd:ab:8f:39:94:4e:21:a9:55:48:
ce:71:98:0d:2c:47:99:27:58:b6:44:b3:a1:ff:58:ac:be:ca:
bf:fe:75:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9UqMJFTkcqN/1pnMXF3MXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzgxZDI0YzQ1ZGRhYTM0NWY5MDY0ZGUyOWZiY2E3YjEy
OWE1MmMwHhcNMjQwNTA3MjAwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODY3ZTIxY2JkYTliMjQ3ODEzMTM4MDNhMTUyMWU1Yjg0MzIwMTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQvfwthDsg/EyuYcbNUDtKF4XQ9e
Z9F0GQ9SWsBFZeZv7qxNb+OpUoEVYF1DIfwd5J+qiac+pU6dpNXKH0GfKQe45Alo
uPgi82RwSCCF7gitvofEUzbVHfurlFuvhZTBBYZEZ9rbcf0akB7IH5Un5EKwH68J
00XiYI7PTcIQHWSM0jZZevjIZgamyVqAHdtJapp5uwCglbPdIgKTn0G3PgKr1U3Q
jYaNRpiKaRM3ekjcTmEXTQo66/tzbvIzhXOeLNsPwlW0nXzXQM9/PSDaTlLzhmR9
pksyESRkF7VFyNDCIDjFz63gOU/mGPhRe000Fg7UBD1Fd2io0aVUj+U8kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhn4hy9qbJHgTE4A6FSHluEMgErMB8GA1UdIwQY
MBaAFC3IHSTEXdqjRfkGTeKfvKexKaUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDkt
MmZjYzBiNzQ5YjMyLzEvMkdmaUhMMnBza2VCTVRnRG9WSWVXNFF5QVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDktMmZjYzBiNzQ5YjMy
LzEvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ7uMA0G
CSqGSIb3DQEBCwUAA4IBAQA+KTyTZTzLopXSTVz/0emMflQwk0dd6U3L4kJG5nYu
GNNuNYVECy2nbp7wokAaXUgUlGmRjNcAOfNmR2p+swQ6ZCPgrTa58GYWaVjBft/8
0EEDxgk3ZSMQqHSaKf6STOKuGG1Vpu3G/78HlssBKo+hNN3gUIp46mbykj+D3vzm
fJVDDmZwFHGut2CfRTsuOqw3C0rfVDIJaDlddFs4SOSEephhIYZt/3Izo1oh99gz
cibGHVMF9bY6N56wKwZgyBBVS7V1Bv70EECrMQW5I92Ycscd9w4HJQGFkenyPED1
7r2rjzmUTiGpVUjOcZgNLEeZJ1i2RLOh/1isvsq//nU3
-----END CERTIFICATE-----
Generated at Sat Jun 8 21:10:10 2024 by rpki-client on console-fra.rpki-client.org