Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/153ee2-ba84-449b-81fa-a040c7b6a670/1/2-5JeCPyIm0zoN712z2TI6eJ7Fw.roa
File: 2-5JeCPyIm0zoN712z2TI6eJ7Fw.roa (raw, json)
Hash identifier: grL7lpxvHJM1fiOEbjZsUhLwgtcPTbe8llYNYZk0nM0=
Subject key identifier: DB:EE:49:78:23:F2:22:6D:33:A0:DE:F5:DB:3D:93:23:A7:89:EC:5C
Certificate issuer: /CN=70ef95d2cf0e7d84058b528e7902d60b403d7b76
Certificate serial: 01856D7899BDAC50E88EE0C008A7041E3286
Authority key identifier: 70:EF:95:D2:CF:0E:7D:84:05:8B:52:8E:79:02:D6:0B:40:3D:7B:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cO-V0s8OfYQFi1KOeQLWC0A9e3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/153ee2-ba84-449b-81fa-a040c7b6a670/1/2-5JeCPyIm0zoN712z2TI6eJ7Fw.roa
Signing time: Sun 01 Jan 2023 13:14:58 +0000
ROA not before: Sun 01 Jan 2023 13:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210958
IP address blocks: 93.190.56.0/21 maxlen: 21
46.254.64.0/21 maxlen: 21
2a02:a28::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:99:bd:ac:50:e8:8e:e0:c0:08:a7:04:1e:32:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70ef95d2cf0e7d84058b528e7902d60b403d7b76
Validity
Not Before: Jan 1 13:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbee497823f2226d33a0def5db3d9323a789ec5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ca:56:e8:d8:6e:05:10:43:bf:59:61:09:bc:
3c:61:57:35:cc:c6:3e:4f:24:21:da:35:76:87:43:
09:a5:7f:1c:1c:cd:00:ea:3f:86:6e:d8:ed:3c:99:
6d:1f:ea:b3:76:29:9b:8f:72:ea:c1:f5:62:cf:90:
f4:97:5f:ba:7f:fd:19:db:35:99:df:82:1a:4f:10:
ad:66:cc:62:a9:39:1b:70:48:21:60:92:d6:79:8d:
de:e8:5a:5a:13:20:31:74:63:5a:c7:c2:d7:d1:28:
a3:9f:f5:ab:1a:b8:4c:16:2e:76:7b:ab:09:8d:90:
8f:e3:b1:6a:6b:c3:58:0d:af:87:8e:a7:f1:a3:f2:
6d:ad:7f:6c:96:c3:d4:1e:7a:5d:a5:c0:4d:36:22:
2d:2b:65:02:28:9a:81:f2:f3:5f:b4:5e:10:a1:4f:
69:e1:dd:fe:0d:6b:b1:40:73:b7:73:bd:1e:7b:c7:
80:cc:10:ff:e3:15:90:2e:19:dd:2f:3f:1c:23:75:
00:b9:73:fb:aa:a0:62:bc:da:c9:9b:52:7d:75:cd:
d7:29:80:f3:0a:2e:fb:33:8e:e1:a6:3d:0c:fe:33:
26:ab:b0:bc:1b:8a:a2:4d:d4:4d:14:dd:f3:b6:5e:
da:71:38:47:4c:bd:b7:1b:51:47:31:66:59:5d:09:
28:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:EE:49:78:23:F2:22:6D:33:A0:DE:F5:DB:3D:93:23:A7:89:EC:5C
X509v3 Authority Key Identifier:
keyid:70:EF:95:D2:CF:0E:7D:84:05:8B:52:8E:79:02:D6:0B:40:3D:7B:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cO-V0s8OfYQFi1KOeQLWC0A9e3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/153ee2-ba84-449b-81fa-a040c7b6a670/1/2-5JeCPyIm0zoN712z2TI6eJ7Fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/153ee2-ba84-449b-81fa-a040c7b6a670/1/cO-V0s8OfYQFi1KOeQLWC0A9e3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.64.0/21
93.190.56.0/21
IPv6:
2a02:a28::/32
Signature Algorithm: sha256WithRSAEncryption
3f:4d:22:41:63:a0:c6:09:e0:3f:98:39:05:ce:76:ca:21:14:
aa:b6:5e:5d:58:f4:3d:ca:5a:17:26:e8:1a:5b:bd:ed:b2:ee:
ff:f1:49:c5:c7:2e:b8:87:18:21:f5:a7:ab:14:38:bf:44:91:
f9:e4:14:80:dd:dd:18:74:ce:7a:86:68:23:b3:ca:9d:44:ce:
52:48:1f:79:c2:61:b6:f2:68:3c:51:1c:78:66:88:61:63:e1:
a4:8d:8e:a9:da:78:8d:a3:46:bd:db:67:e5:99:3a:15:43:8d:
c1:ba:ae:3a:be:9c:c8:25:bb:1d:bf:32:27:95:15:5e:95:02:
19:0e:b3:42:58:cf:47:2f:ae:8b:cf:8e:00:2a:43:f2:7d:6f:
d1:62:21:66:e1:87:ce:6d:37:66:6b:f4:f8:fa:d4:0e:09:ff:
32:88:30:8b:8b:6e:3e:1f:cd:15:fe:df:38:86:a8:69:12:07:
a5:a4:dd:a3:31:fa:a8:50:16:0a:04:a2:5c:35:d5:ff:ee:9b:
81:e2:7d:40:0d:ff:98:44:09:30:13:fc:72:c2:18:82:2f:c1:
be:35:6c:88:55:e9:84:73:3f:4b:e3:48:c3:63:65:53:1a:5a:
f2:16:db:90:a5:fc:e1:ae:12:f4:b6:70:60:fc:ff:22:13:2e:
bc:d0:f5:a4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVteJm9rFDojuDACKcEHjKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZWY5NWQyY2YwZTdkODQwNThiNTI4ZTc5MDJkNjBiNDAz
ZDdiNzYwHhcNMjMwMTAxMTMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmVlNDk3ODIzZjIyMjZkMzNhMGRlZjVkYjNkOTMyM2E3ODllYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38pW6NhuBRBDv1lhCbw8YVc1zMY+
TyQh2jV2h0MJpX8cHM0A6j+GbtjtPJltH+qzdimbj3LqwfViz5D0l1+6f/0Z2zWZ
34IaTxCtZsxiqTkbcEghYJLWeY3e6FpaEyAxdGNax8LX0Sijn/WrGrhMFi52e6sJ
jZCP47Fqa8NYDa+Hjqfxo/JtrX9slsPUHnpdpcBNNiItK2UCKJqB8vNftF4QoU9p
4d3+DWuxQHO3c70ee8eAzBD/4xWQLhndLz8cI3UAuXP7qqBivNrJm1J9dc3XKYDz
Ci77M47hpj0M/jMmq7C8G4qiTdRNFN3ztl7acThHTL23G1FHMWZZXQkohwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNvuSXgj8iJtM6De9ds9kyOniexcMB8GA1UdIwQY
MBaAFHDvldLPDn2EBYtSjnkC1gtAPXt2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY08tVjBzOE9mWVFGaTFLT2VRTFdDMEE5ZTNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xNTNlZTItYmE4NC00NDliLTgxZmEt
YTA0MGM3YjZhNjcwLzEvMi01SmVDUHlJbTB6b043MTJ6MlRJNmVKN0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xNTNlZTItYmE4NC00NDliLTgxZmEtYTA0MGM3YjZhNjcw
LzEvY08tVjBzOE9mWVFGaTFLT2VRTFdDMEE5ZTNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLv5AAwQD
Xb44MA0EAgACMAcDBQAqAgooMA0GCSqGSIb3DQEBCwUAA4IBAQA/TSJBY6DGCeA/
mDkFznbKIRSqtl5dWPQ9yloXJugaW73tsu7/8UnFxy64hxgh9aerFDi/RJH55BSA
3d0YdM56hmgjs8qdRM5SSB95wmG28mg8URx4ZohhY+GkjY6p2niNo0a922flmToV
Q43Buq46vpzIJbsdvzInlRVelQIZDrNCWM9HL66Lz44AKkPyfW/RYiFm4YfObTdm
a/T4+tQOCf8yiDCLi24+H80V/t84hqhpEgelpN2jMfqoUBYKBKJcNdX/7puB4n1A
Df+YRAkwE/xywhiCL8G+NWyIVemEcz9L40jDY2VTGlryFtuQpfzhrhL0tnBg/P8i
Ey680PWk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org