Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/2-cGDJvZtKSVnUZnDTZJjX9011I.roa
File: 2-cGDJvZtKSVnUZnDTZJjX9011I.roa (raw, json)
Hash identifier: bP7d6W2S+FPDWPjKDXPvuTs5l39h2bFwpn1pqGrCy4g=
Subject key identifier: DB:E7:06:0C:9B:D9:B4:A4:95:9D:46:67:0D:36:49:8D:7F:74:D7:52
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 01856CCAC88F429796B44658C55974796EB2
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/2-cGDJvZtKSVnUZnDTZJjX9011I.roa
Signing time: Sun 01 Jan 2023 10:05:06 +0000
ROA not before: Sun 01 Jan 2023 10:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.189.0/24 maxlen: 24
2001:7f8:103::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:c8:8f:42:97:96:b4:46:58:c5:59:74:79:6e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Jan 1 10:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbe7060c9bd9b4a4959d46670d36498d7f74d752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:df:f1:ad:61:c6:97:a4:f6:12:36:13:2d:b3:
66:db:5d:53:a4:e4:5b:1b:e2:a5:4a:32:9b:f7:33:
55:f1:51:97:42:ad:ac:f0:76:a9:40:ae:91:de:94:
f7:82:94:9a:31:18:9a:ce:b8:78:1c:3f:90:5d:8e:
c8:17:26:07:87:34:d8:4a:f7:52:b1:e3:7b:2b:0e:
a8:ab:ab:c1:62:53:0d:d6:e9:e9:b6:78:d0:a7:55:
84:2b:bb:ad:5c:e1:52:54:ef:33:ef:1e:8c:ae:ac:
b7:d2:fe:e3:32:bb:9d:d8:1c:87:4f:4c:ce:fa:e1:
16:b8:5b:03:7e:e4:90:d4:4f:cf:b7:84:58:be:e4:
46:40:29:63:ab:e1:21:d7:44:3f:b6:34:ad:8c:9b:
f5:d7:f1:59:bc:11:22:d7:76:aa:9c:d5:7b:00:d4:
0e:cf:6c:e6:14:3e:3e:a5:40:d2:89:2f:f2:3e:08:
62:57:ad:2d:71:7f:cc:3f:f8:1f:87:23:f7:75:bb:
ed:0d:44:5d:ff:bb:22:ee:6e:e7:7c:d3:cb:de:ad:
13:3d:95:a7:1c:62:7d:d2:4b:38:bb:35:f2:cc:59:
25:c8:0c:30:f0:83:4e:3f:3f:6b:bd:0e:4d:75:d9:
f1:ff:cf:d2:22:0f:23:96:cf:25:a4:d1:c4:3e:fd:
5a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E7:06:0C:9B:D9:B4:A4:95:9D:46:67:0D:36:49:8D:7F:74:D7:52
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/2-cGDJvZtKSVnUZnDTZJjX9011I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.189.0/24
IPv6:
2001:7f8:103::/48
Signature Algorithm: sha256WithRSAEncryption
87:ce:ec:01:9c:2d:c8:87:b8:c8:72:07:bb:db:e0:6c:5d:65:
40:06:4a:f9:2b:b4:0c:38:ba:b4:74:cd:a8:13:eb:b3:da:b8:
84:0d:9a:83:70:99:ee:f2:ab:55:ee:65:73:be:5e:70:4c:a0:
ed:b5:3b:be:c3:4c:cd:e3:5c:99:45:00:c2:af:3f:96:60:a7:
fd:94:07:a8:78:2b:94:e6:e3:92:ab:2f:7c:3d:ef:e3:62:91:
52:7c:b1:6c:bc:f3:aa:47:2a:14:f3:be:a1:b3:80:83:70:67:
00:79:e4:40:55:31:d9:ef:74:09:36:0e:2d:94:9d:9f:18:08:
8a:8f:04:d9:8c:ba:74:f6:06:9e:c3:be:a9:48:c1:86:25:b3:
f3:26:15:73:4c:da:22:72:d8:22:5a:03:42:b0:f5:76:9d:08:
90:85:f3:13:01:e0:04:73:ce:95:98:12:5a:bf:b5:62:c5:54:
e1:27:97:cc:51:5e:c9:84:c9:14:f4:72:97:18:1e:c1:70:1b:
fc:5c:09:47:cb:59:16:1b:10:2c:9a:e1:2e:ac:d7:63:f4:67:
e0:83:28:9c:36:98:73:6b:9a:04:85:68:56:f9:ef:08:f1:95:
1b:c4:9f:bf:68:0b:01:04:71:e0:fc:fd:31:0d:0d:7e:0b:b3:
db:d6:25:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsysiPQpeWtEZYxVl0eW6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjE3ODhmZTIyMGU0NjQzNDY5MmQxY2M0MzcwNzJkNzky
ZDc4ODgwHhcNMjMwMTAxMTAwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmU3MDYwYzliZDliNGE0OTU5ZDQ2NjcwZDM2NDk4ZDdmNzRkNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9/xrWHGl6T2EjYTLbNm211TpORb
G+KlSjKb9zNV8VGXQq2s8HapQK6R3pT3gpSaMRiazrh4HD+QXY7IFyYHhzTYSvdS
seN7Kw6oq6vBYlMN1unptnjQp1WEK7utXOFSVO8z7x6Mrqy30v7jMrud2ByHT0zO
+uEWuFsDfuSQ1E/Pt4RYvuRGQCljq+Eh10Q/tjStjJv11/FZvBEi13aqnNV7ANQO
z2zmFD4+pUDSiS/yPghiV60tcX/MP/gfhyP3dbvtDURd/7si7m7nfNPL3q0TPZWn
HGJ90ks4uzXyzFklyAww8INOPz9rvQ5Nddnx/8/SIg8jls8lpNHEPv1amQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNvnBgyb2bSklZ1GZw02SY1/dNdSMB8GA1UdIwQY
MBaAFD6xeI/iIORkNGktHMQ3By15LXiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAt
ZDk1MDk0NzMwNzJjLzEvMi1jR0RKdlp0S1NWblVabkRUWkpqWDkwMTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAtZDk1MDk0NzMwNzJj
LzEvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQG9MA8E
AgACMAkDBwAgAQf4AQMwDQYJKoZIhvcNAQELBQADggEBAIfO7AGcLciHuMhyB7vb
4GxdZUAGSvkrtAw4urR0zagT67PauIQNmoNwme7yq1XuZXO+XnBMoO21O77DTM3j
XJlFAMKvP5Zgp/2UB6h4K5Tm45KrL3w97+NikVJ8sWy886pHKhTzvqGzgINwZwB5
5EBVMdnvdAk2Di2UnZ8YCIqPBNmMunT2Bp7DvqlIwYYls/MmFXNM2iJy2CJaA0Kw
9XadCJCF8xMB4ARzzpWYElq/tWLFVOEnl8xRXsmEyRT0cpcYHsFwG/xcCUfLWRYb
ECya4S6s12P0Z+CDKJw2mHNrmgSFaFb57wjxlRvEn79oCwEEceD8/TENDX4Ls9vW
JeA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org