Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/2dgAYAq8BvfqrWnQod6CrgEnFzU.roa
File: 2dgAYAq8BvfqrWnQod6CrgEnFzU.roa (raw, json)
Hash identifier: Q+O7VmO2kVRzBeGbxz+yVaW1Yj83azt9J2xTpxa9YI0=
Subject key identifier: D9:D8:00:60:0A:BC:06:F7:EA:AD:69:D0:A1:DE:82:AE:01:27:17:35
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018D021F95B8E401021DADC5B696387B7E79
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/2dgAYAq8BvfqrWnQod6CrgEnFzU.roa
Signing time: Sat 13 Jan 2024 09:20:40 +0000
ROA not before: Sat 13 Jan 2024 09:20:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 5.57.33.0/24 maxlen: 24
178.239.154.0/24 maxlen: 24
185.26.32.0/24 maxlen: 24
185.26.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jan 2024 03:14:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:02:1f:95:b8:e4:01:02:1d:ad:c5:b6:96:38:7b:7e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 13 09:20:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9d800600abc06f7eaad69d0a1de82ae01271735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:73:5c:4b:86:c2:9e:c3:0a:10:58:28:bd:c1:
f0:a7:80:8b:7b:c0:b0:61:7f:fe:66:38:b3:01:28:
29:48:a1:36:ba:15:ad:31:51:c3:46:89:bb:53:06:
29:a0:b5:a8:e8:8a:8f:62:2a:a2:20:7f:f9:45:97:
09:25:6f:6c:62:c2:4e:b0:fc:25:d3:91:0b:f1:3b:
82:4b:28:7d:7a:11:5c:79:a1:a5:95:d7:16:23:73:
ae:74:62:84:84:05:a8:95:d6:c2:c3:9e:97:59:bc:
86:f7:d3:ac:58:a1:06:e1:e5:0d:a5:a8:4b:1e:a7:
c1:f2:7c:a5:24:e2:cc:f7:da:f8:12:89:e4:64:4b:
b6:46:2d:6d:56:b8:12:34:db:b4:43:29:72:4d:21:
8e:ac:ba:af:5d:fb:08:cd:4b:ba:bc:3e:af:6b:bb:
ad:d2:b9:b0:c0:af:55:17:ad:62:6d:d2:82:eb:d0:
51:44:07:e6:0d:67:89:89:e0:4f:55:86:91:5a:d7:
3c:32:e2:1f:b1:9b:a1:98:b2:af:4d:de:dc:25:76:
4a:9d:16:e6:38:ff:5e:7f:c6:a0:4f:87:c1:c1:55:
bd:84:e1:22:ff:3f:09:3a:95:c9:9d:1c:4f:7d:ca:
9a:f8:04:79:9c:4a:ac:a8:69:82:82:a7:6d:c5:3f:
11:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D8:00:60:0A:BC:06:F7:EA:AD:69:D0:A1:DE:82:AE:01:27:17:35
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/2dgAYAq8BvfqrWnQod6CrgEnFzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.33.0/24
178.239.154.0/24
185.26.32.0/23
Signature Algorithm: sha256WithRSAEncryption
08:04:e3:67:bc:38:9c:b1:d4:9b:06:54:18:34:c8:30:70:4f:
95:a1:08:1f:9a:22:18:92:6e:9a:3a:53:7f:81:7a:61:22:f9:
ff:6e:1e:d4:46:72:e8:77:33:3a:84:2d:03:3a:b1:74:e0:18:
51:71:15:df:75:74:23:e8:5d:0e:49:6b:6b:18:09:b2:ff:5f:
05:41:85:fd:01:63:78:c3:e5:0e:c5:5b:d6:64:ac:b1:bb:7d:
17:88:24:87:3b:68:12:68:5c:fa:79:c4:af:c9:07:2e:ca:9d:
16:80:67:29:60:2e:ee:08:53:48:71:3b:f0:c9:18:ed:8d:1b:
60:4b:28:56:c0:b9:72:6b:8a:cf:b7:5b:7c:e4:ee:25:45:bb:
0a:8b:9e:c2:d8:36:04:3e:a8:2d:5c:67:a2:17:1b:1d:a3:d2:
2d:44:3a:30:51:90:9f:d4:c7:00:dd:c7:6c:1d:2d:84:50:cf:
42:0c:d7:70:84:56:ab:6b:bc:82:44:b4:ab:e5:2a:e2:a1:26:
14:8b:ec:f2:22:9a:25:85:3b:39:70:a1:78:88:cc:5a:77:0f:
d5:f4:4d:95:a2:88:6e:1a:2e:0d:41:ab:2d:50:e9:88:11:62:
fd:1d:a6:79:5b:67:6f:a3:47:15:f5:1d:34:37:93:80:c6:bd:
43:e5:5f:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0CH5W45AECHa3FtpY4e355MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwMTEzMDkyMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ4MDA2MDBhYmMwNmY3ZWFhZDY5ZDBhMWRlODJhZTAxMjcxNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3NcS4bCnsMKEFgovcHwp4CLe8Cw
YX/+ZjizASgpSKE2uhWtMVHDRom7UwYpoLWo6IqPYiqiIH/5RZcJJW9sYsJOsPwl
05EL8TuCSyh9ehFceaGlldcWI3OudGKEhAWoldbCw56XWbyG99OsWKEG4eUNpahL
HqfB8nylJOLM99r4EonkZEu2Ri1tVrgSNNu0QylyTSGOrLqvXfsIzUu6vD6va7ut
0rmwwK9VF61ibdKC69BRRAfmDWeJieBPVYaRWtc8MuIfsZuhmLKvTd7cJXZKnRbm
OP9ef8agT4fBwVW9hOEi/z8JOpXJnRxPfcqa+AR5nEqsqGmCgqdtxT8RzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNnYAGAKvAb36q1p0KHegq4BJxc1MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvMmRnQVlBcThCdmZxclduUW9kNkNyZ0VuRnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABTkhAwQA
su+aAwQBuRogMA0GCSqGSIb3DQEBCwUAA4IBAQAIBONnvDicsdSbBlQYNMgwcE+V
oQgfmiIYkm6aOlN/gXphIvn/bh7URnLodzM6hC0DOrF04BhRcRXfdXQj6F0OSWtr
GAmy/18FQYX9AWN4w+UOxVvWZKyxu30XiCSHO2gSaFz6ecSvyQcuyp0WgGcpYC7u
CFNIcTvwyRjtjRtgSyhWwLlya4rPt1t85O4lRbsKi57C2DYEPqgtXGeiFxsdo9It
RDowUZCf1McA3cdsHS2EUM9CDNdwhFara7yCRLSr5SrioSYUi+zyIpolhTs5cKF4
iMxadw/V9E2VoohuGi4NQastUOmIEWL9HaZ5W2dvo0cV9R00N5OAxr1D5V+F
-----END CERTIFICATE-----
Generated at Sun Jan 14 05:15:09 2024 by rpki-client on console-fra.rpki-client.org