Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/2B6bREgyw5k1vqvrch8HxfRIg2A.roa
File: 2B6bREgyw5k1vqvrch8HxfRIg2A.roa (raw, json)
Hash identifier: OmgRf0vVj/nDz6LbtlUES+HSCVPmUzCvyLHM99AkAI4=
Subject key identifier: D8:1E:9B:44:48:32:C3:99:35:BE:AB:EB:72:1F:07:C5:F4:48:83:60
Certificate issuer: /CN=c587b9cda75603eb0d9e377167bf7e0c8e440403
Certificate serial: 01856D786F3DC5FD48A941B6E4CD065E7F1E
Authority key identifier: C5:87:B9:CD:A7:56:03:EB:0D:9E:37:71:67:BF:7E:0C:8E:44:04:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYe5zadWA-sNnjdxZ79-DI5EBAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/2B6bREgyw5k1vqvrch8HxfRIg2A.roa
Signing time: Sun 01 Jan 2023 13:14:47 +0000
ROA not before: Sun 01 Jan 2023 13:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35673
IP address blocks: 194.187.245.0/24 maxlen: 24
194.187.246.0/24 maxlen: 24
194.187.244.0/24 maxlen: 24
194.187.247.0/24 maxlen: 24
2a11:aa80::/48 maxlen: 48
2a11:aa80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:6f:3d:c5:fd:48:a9:41:b6:e4:cd:06:5e:7f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c587b9cda75603eb0d9e377167bf7e0c8e440403
Validity
Not Before: Jan 1 13:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d81e9b444832c39935beabeb721f07c5f4488360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8e:26:06:c0:e8:4a:6e:f8:77:22:8c:51:47:
93:01:e9:b7:c8:06:8d:3a:f9:4c:a2:0c:56:8b:b8:
1e:bd:96:c5:7f:03:ec:98:68:e8:88:b2:0f:2e:c0:
76:4a:86:bf:f8:b4:48:94:c2:33:d6:22:39:88:fb:
d3:e8:02:5c:59:af:f2:1e:78:c3:43:e1:d1:d1:c7:
79:d9:25:ba:34:3e:30:7e:85:b7:6b:27:4a:41:a0:
10:61:20:62:e5:17:5a:ab:c6:16:d5:b9:ff:12:74:
de:db:43:bf:7b:00:a3:f8:2a:7c:e7:ed:0c:73:40:
8e:ab:a7:5a:a1:cf:03:cf:d0:93:91:7b:b1:10:fb:
7b:09:ec:0a:5e:0f:93:58:22:ca:d0:3f:cf:44:a7:
cf:bb:bb:aa:95:f5:52:e9:37:bb:78:02:59:62:fb:
3c:55:db:24:fd:fc:58:72:c1:5b:58:3e:05:92:8d:
cc:2a:48:79:3d:60:7a:ed:67:10:dc:29:55:d5:a5:
94:7b:b7:de:5e:3c:73:87:21:87:3f:fb:a2:01:ea:
54:05:54:b1:79:b2:b8:a4:ac:c3:8f:de:ec:e9:51:
71:0f:a3:90:8f:22:84:00:c9:36:f7:30:ad:aa:f9:
9a:a3:83:bc:bd:56:56:1c:f5:32:6f:37:dc:74:bc:
65:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1E:9B:44:48:32:C3:99:35:BE:AB:EB:72:1F:07:C5:F4:48:83:60
X509v3 Authority Key Identifier:
keyid:C5:87:B9:CD:A7:56:03:EB:0D:9E:37:71:67:BF:7E:0C:8E:44:04:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYe5zadWA-sNnjdxZ79-DI5EBAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/2B6bREgyw5k1vqvrch8HxfRIg2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/xYe5zadWA-sNnjdxZ79-DI5EBAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.244.0/22
IPv6:
2a11:aa80::/47
Signature Algorithm: sha256WithRSAEncryption
10:eb:8d:4d:04:d4:37:a5:37:28:ea:43:e8:c7:97:a0:f1:73:
5f:da:ad:51:2c:92:7d:ca:47:8f:1a:3f:de:6c:e6:7f:ec:bb:
69:e7:a5:68:f5:6c:2e:8e:05:02:6b:64:97:3d:44:15:8a:fd:
48:89:75:ff:51:ac:fb:8e:f8:8a:49:30:4d:ed:ab:3a:e6:56:
b7:82:4a:b7:85:19:17:a5:51:bc:c2:03:8c:7d:32:c2:54:68:
b2:c5:a2:c6:92:00:8e:ca:f8:9b:c6:03:34:be:bb:a0:e7:fd:
b4:6a:ad:76:12:bb:a3:39:84:c8:82:3b:99:4b:30:3f:24:34:
e2:e3:bf:13:ed:2c:5d:8d:1e:3c:54:a3:22:5a:8a:71:e6:a1:
9c:33:b9:a8:2d:ea:f9:bb:af:ff:16:80:3e:b2:f0:a9:d4:26:
dc:93:4b:54:06:2d:34:ac:9b:96:14:97:35:85:36:50:41:0c:
be:86:4e:1d:c4:b5:52:0c:c4:0f:07:ea:aa:f0:17:cd:41:e2:
8f:f9:e3:9c:c4:b2:7a:94:c1:67:aa:24:42:f9:03:8b:c1:f6:
eb:c5:0f:3c:7e:51:71:db:08:a7:40:89:95:94:85:a1:3c:fc:
91:12:70:6d:b7:dd:42:64:6d:49:ec:e4:4b:29:ea:69:ea:43:
a7:13:b1:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVteG89xf1IqUG25M0GXn8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ODdiOWNkYTc1NjAzZWIwZDllMzc3MTY3YmY3ZTBjOGU0
NDA0MDMwHhcNMjMwMTAxMTMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFlOWI0NDQ4MzJjMzk5MzViZWFiZWI3MjFmMDdjNWY0NDg4MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Y4mBsDoSm74dyKMUUeTAem3yAaN
OvlMogxWi7gevZbFfwPsmGjoiLIPLsB2Soa/+LRIlMIz1iI5iPvT6AJcWa/yHnjD
Q+HR0cd52SW6ND4wfoW3aydKQaAQYSBi5Rdaq8YW1bn/EnTe20O/ewCj+Cp85+0M
c0COq6daoc8Dz9CTkXuxEPt7CewKXg+TWCLK0D/PRKfPu7uqlfVS6Te7eAJZYvs8
Vdsk/fxYcsFbWD4Fko3MKkh5PWB67WcQ3ClV1aWUe7feXjxzhyGHP/uiAepUBVSx
ebK4pKzDj97s6VFxD6OQjyKEAMk29zCtqvmao4O8vVZWHPUybzfcdLxl1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNgem0RIMsOZNb6r63IfB8X0SINgMB8GA1UdIwQY
MBaAFMWHuc2nVgPrDZ43cWe/fgyORAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFllNXphZFdBLXNObmpkeFo3OS1ESTVFQkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi81MGQ0OGUtNDk0Zi00ZDE0LTlmMDUt
ZTc1M2NmNzY4YzE0LzEvMkI2YlJFZ3l3NWsxdnF2cmNoOEh4ZlJJZzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi81MGQ0OGUtNDk0Zi00ZDE0LTlmMDUtZTc1M2NmNzY4YzE0
LzEveFllNXphZFdBLXNObmpkeFo3OS1ESTVFQkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwrv0MA8E
AgACMAkDBwEqEaqAAAAwDQYJKoZIhvcNAQELBQADggEBABDrjU0E1DelNyjqQ+jH
l6Dxc1/arVEskn3KR48aP95s5n/su2nnpWj1bC6OBQJrZJc9RBWK/UiJdf9RrPuO
+IpJME3tqzrmVreCSreFGRelUbzCA4x9MsJUaLLFosaSAI7K+JvGAzS+u6Dn/bRq
rXYSu6M5hMiCO5lLMD8kNOLjvxPtLF2NHjxUoyJainHmoZwzuagt6vm7r/8WgD6y
8KnUJtyTS1QGLTSsm5YUlzWFNlBBDL6GTh3EtVIMxA8H6qrwF81B4o/545zEsnqU
wWeqJEL5A4vB9uvFDzx+UXHbCKdAiZWUhaE8/JEScG233UJkbUns5Esp6mnqQ6cT
sdg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:33 2024 by rpki-client on console-ams.rpki-client.org