Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/2VutMMPSkKsUEwZ9DstKBmWIvdw.roa
File: 2VutMMPSkKsUEwZ9DstKBmWIvdw.roa (raw, json)
Hash identifier: Sjs6BSs8+1CeHex7bgCzdRSo6dOq5aE7nmwhQv7b2bc=
Subject key identifier: D9:5B:AD:30:C3:D2:90:AB:14:13:06:7D:0E:CB:4A:06:65:88:BD:DC
Certificate issuer: /CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Certificate serial: 01888B0A0DF91E337281B565A33B3FB10F55
Authority key identifier: 98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/2VutMMPSkKsUEwZ9DstKBmWIvdw.roa
Signing time: Mon 05 Jun 2023 10:11:11 +0000
ROA not before: Mon 05 Jun 2023 10:11:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56958
IP address blocks: 201.46.112.0/23 maxlen: 24
178.211.133.0/24 maxlen: 24
2a12:d280::/32 maxlen: 32
2a12:d280::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 13 Jun 2023 16:38:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8b:0a:0d:f9:1e:33:72:81:b5:65:a3:3b:3f:b1:0f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Validity
Not Before: Jun 5 10:11:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d95bad30c3d290ab1413067d0ecb4a066588bddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ec:ee:11:d8:27:a4:72:27:68:ef:2d:67:31:
ae:0b:e1:91:5c:9f:4f:24:b6:b4:c4:65:d1:e0:36:
d7:97:b9:e1:02:4d:8e:16:2e:9c:1a:e1:ad:23:db:
ae:2e:2b:4d:07:d0:02:c0:79:70:59:40:0d:04:94:
9e:71:f5:f7:de:73:60:3a:e4:76:9c:87:cc:80:59:
ff:f3:3c:a8:a0:f5:99:d0:03:5c:8d:ed:f8:b8:eb:
73:64:28:fa:4f:c0:da:6e:68:d3:2b:5f:f7:62:28:
e8:76:2e:1c:f5:5b:99:b1:6e:04:86:08:cf:26:60:
ff:14:49:b7:d3:06:66:ec:02:ad:a5:98:39:95:0e:
5c:c3:cd:f2:82:94:da:a5:e8:14:54:1e:84:82:f7:
89:c0:d7:bb:4e:0d:34:5a:f2:bf:58:12:7e:56:20:
c0:de:ac:4f:13:6d:05:df:c3:35:9f:f8:85:f4:22:
7b:ee:88:e5:71:54:a6:2e:39:03:3f:71:64:1b:3a:
71:13:f2:15:a8:39:6f:67:df:bb:3c:8d:94:04:7d:
47:ac:a2:d0:a7:09:db:82:26:c0:a9:66:3d:62:f4:
86:d3:1f:f7:91:37:d5:80:a8:10:3a:cc:b8:15:86:
19:7c:1f:7d:c5:ce:f6:f6:cb:de:b3:b0:20:0d:e6:
55:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:5B:AD:30:C3:D2:90:AB:14:13:06:7D:0E:CB:4A:06:65:88:BD:DC
X509v3 Authority Key Identifier:
keyid:98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/2VutMMPSkKsUEwZ9DstKBmWIvdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.133.0/24
201.46.112.0/23
IPv6:
2a12:d280::/29
Signature Algorithm: sha256WithRSAEncryption
61:0e:b3:9e:7e:fd:3a:94:e8:ba:3b:cd:1d:7e:6a:07:67:47:
5d:a2:5f:41:4e:b6:ba:15:52:8e:43:52:86:ea:b1:6d:19:07:
a4:cf:ed:4b:90:3e:79:5d:cb:af:b6:19:2f:8e:4d:3a:8e:43:
2d:ba:77:87:14:25:ec:a7:b8:59:80:a4:06:18:06:61:90:1b:
fb:c0:b4:e8:f3:f7:17:ec:95:79:a6:83:51:16:16:e2:56:f0:
3b:09:a7:33:c5:1c:e6:23:7d:9a:75:da:4f:6e:7d:b5:7f:f3:
d4:1c:09:02:cb:cd:dd:5c:85:11:2b:d4:04:08:23:78:a9:db:
ec:fc:70:a8:78:dd:41:49:f5:74:03:eb:d7:76:c2:30:49:76:
c0:8d:36:a2:bf:a6:6a:8c:99:51:f1:dc:63:9d:1a:1a:98:31:
70:be:e7:0d:f0:ed:39:4c:f1:b4:3e:f1:b9:da:ed:ba:ef:49:
40:12:f1:03:2c:48:5e:fe:5b:d2:93:1a:67:75:c7:5a:7f:5a:
90:52:9c:40:99:c8:4a:88:9b:72:b8:fa:ee:71:7a:42:96:d1:
b4:32:29:42:5a:fb:23:7b:da:57:8d:ef:af:be:89:35:bd:a0:
f6:41:ad:c1:82:a1:b9:25:f3:3b:d7:42:5a:b1:cb:61:00:f3:
0f:7b:0c:c7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYiLCg35HjNygbVlozs/sQ9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZWIzM2MyY2VmYjVkYTM0NjA3YjAwYjUwMDVlNDRiNzU1
MjRhMWYwHhcNMjMwNjA1MTAxMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTViYWQzMGMzZDI5MGFiMTQxMzA2N2QwZWNiNGEwNjY1ODhiZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuezuEdgnpHInaO8tZzGuC+GRXJ9P
JLa0xGXR4DbXl7nhAk2OFi6cGuGtI9uuLitNB9ACwHlwWUANBJSecfX33nNgOuR2
nIfMgFn/8zyooPWZ0ANcje34uOtzZCj6T8DabmjTK1/3Yijodi4c9VuZsW4EhgjP
JmD/FEm30wZm7AKtpZg5lQ5cw83ygpTapegUVB6EgveJwNe7Tg00WvK/WBJ+ViDA
3qxPE20F38M1n/iF9CJ77ojlcVSmLjkDP3FkGzpxE/IVqDlvZ9+7PI2UBH1HrKLQ
pwnbgibAqWY9YvSG0x/3kTfVgKgQOsy4FYYZfB99xc729sves7AgDeZVDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNlbrTDD0pCrFBMGfQ7LSgZliL3cMB8GA1UdIwQY
MBaAFJjrM8LO+12jRgewC1AF5Et1UkofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYt
MjBjNGRjMWU0YTc3LzEvMlZ1dE1NUFNrS3NVRXdaOURzdEtCbVdJdmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYtMjBjNGRjMWU0YTc3
LzEvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAstOFAwQB
yS5wMA0EAgACMAcDBQMqEtKAMA0GCSqGSIb3DQEBCwUAA4IBAQBhDrOefv06lOi6
O80dfmoHZ0ddol9BTra6FVKOQ1KG6rFtGQekz+1LkD55Xcuvthkvjk06jkMtuneH
FCXsp7hZgKQGGAZhkBv7wLTo8/cX7JV5poNRFhbiVvA7CaczxRzmI32addpPbn21
f/PUHAkCy83dXIURK9QECCN4qdvs/HCoeN1BSfV0A+vXdsIwSXbAjTaiv6ZqjJlR
8dxjnRoamDFwvucN8O05TPG0PvG52u2670lAEvEDLEhe/lvSkxpndcdaf1qQUpxA
mchKiJtyuPrucXpCltG0MilCWvsje9pXje+vvok1vaD2Qa3BgqG5JfM710Jascth
APMPewzH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:48 2024 by rpki-client on console-ams.rpki-client.org