Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/tG2GflvaxC9K7t0l6MhvLBmTvxI.roa
File: tG2GflvaxC9K7t0l6MhvLBmTvxI.roa (raw, json)
Hash identifier: rRYxuzHxBoCVIvB+Lbt7OL8ES021JPZQTir2uLuEgb0=
Subject key identifier: B4:6D:86:7E:5B:DA:C4:2F:4A:EE:DD:25:E8:C8:6F:2C:19:93:BF:12
Certificate issuer: /CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Certificate serial: 01856D4AB4A74E88FD35D48B958A84C276CB
Authority key identifier: F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/tG2GflvaxC9K7t0l6MhvLBmTvxI.roa
Signing time: Sun 01 Jan 2023 12:24:50 +0000
ROA not before: Sun 01 Jan 2023 12:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210356
IP address blocks: 178.255.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:b4:a7:4e:88:fd:35:d4:8b:95:8a:84:c2:76:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Validity
Not Before: Jan 1 12:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b46d867e5bdac42f4aeedd25e8c86f2c1993bf12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d0:57:d7:09:d3:71:a9:f4:bb:d0:11:bf:16:
14:47:5a:37:48:c3:97:7b:e8:ed:c8:91:7d:68:e2:
19:a5:b1:cc:a7:ca:c1:ec:f0:e6:60:41:75:78:72:
88:45:da:6f:db:83:e4:a2:b1:8c:f7:e9:0f:55:a3:
68:34:d3:d6:c8:ae:20:46:18:b2:91:2e:ba:da:b2:
be:85:cf:c2:ea:11:4e:51:41:ba:46:6e:8f:dd:67:
4c:49:6a:aa:98:76:3d:60:b7:f7:25:62:87:58:ad:
52:97:09:3e:73:77:c5:81:f6:66:b5:9f:0e:08:35:
d3:df:4d:1b:8f:f6:67:3a:be:f2:2e:36:68:63:d3:
60:f3:2e:ad:06:f3:33:cf:01:54:48:6c:3c:75:3b:
bc:5a:c8:60:45:ce:f5:45:32:5e:2b:6e:3f:4c:cb:
07:f1:d0:8f:73:d5:26:22:fb:42:61:5c:99:1f:09:
46:6f:24:c0:09:d5:e6:2e:2f:2b:5e:92:26:da:e0:
82:f1:0a:95:ad:6c:56:57:91:2d:b8:e2:9c:29:d9:
a3:f1:1a:4b:61:9b:a5:e5:8e:be:c8:b3:a2:4e:40:
6e:b2:f2:f6:a1:8c:9a:7f:4d:b0:46:7b:37:54:e9:
7c:a8:f5:b3:71:0d:43:86:b7:08:40:fe:d1:e8:09:
1d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:6D:86:7E:5B:DA:C4:2F:4A:EE:DD:25:E8:C8:6F:2C:19:93:BF:12
X509v3 Authority Key Identifier:
keyid:F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/tG2GflvaxC9K7t0l6MhvLBmTvxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/87KAXYd27t63qky-WvVozbJin8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.219.0/24
Signature Algorithm: sha256WithRSAEncryption
45:f5:ec:bf:84:b0:f2:d7:85:2e:26:f2:90:1f:73:54:33:57:
1c:7d:b0:3d:0d:6e:ad:f1:27:3f:e3:bc:8e:65:d4:20:84:80:
55:a2:af:73:10:16:4e:e7:57:51:3d:b9:c0:0f:b2:ec:e1:60:
c0:85:4c:df:74:0a:17:2d:90:e3:44:38:dd:83:09:05:f8:09:
cd:4f:74:b5:25:69:af:c0:12:96:17:a0:9a:19:e3:cf:6d:ee:
03:44:26:fe:e8:a8:6b:c2:0c:c2:13:99:63:d0:82:5b:09:7a:
9e:4c:1b:e2:c6:45:6c:e6:a8:b4:a2:25:93:6d:52:ef:bb:84:
59:64:23:3e:52:5b:4d:de:ae:3d:33:84:a1:94:b1:6c:18:9c:
e5:23:a2:68:62:38:7b:b5:3a:49:63:dc:da:2c:d7:b1:b1:08:
d7:ab:fe:1a:89:8d:c0:eb:7a:f3:29:dd:4e:35:9a:ca:c1:ab:
01:07:fd:34:7c:22:4a:cd:8e:11:8f:c8:87:46:b5:2a:14:6c:
ba:53:7d:c8:ea:94:cd:4f:b3:91:4a:1e:59:c0:84:59:29:fe:
0c:df:cb:32:6a:28:af:8e:41:51:da:7e:de:cd:3b:17:f0:3f:
46:cf:04:ae:4c:50:25:3f:51:ea:2e:2e:d3:4b:1f:96:38:38:
84:ee:24:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSrSnToj9NdSLlYqEwnbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjI4MDVkODc3NmVlZGViN2FhNGNiZTVhZjU2OGNkYjI2
MjlmYzIwHhcNMjMwMTAxMTIyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDZkODY3ZTViZGFjNDJmNGFlZWRkMjVlOGM4NmYyYzE5OTNiZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9BX1wnTcan0u9ARvxYUR1o3SMOX
e+jtyJF9aOIZpbHMp8rB7PDmYEF1eHKIRdpv24PkorGM9+kPVaNoNNPWyK4gRhiy
kS662rK+hc/C6hFOUUG6Rm6P3WdMSWqqmHY9YLf3JWKHWK1Slwk+c3fFgfZmtZ8O
CDXT300bj/ZnOr7yLjZoY9Ng8y6tBvMzzwFUSGw8dTu8WshgRc71RTJeK24/TMsH
8dCPc9UmIvtCYVyZHwlGbyTACdXmLi8rXpIm2uCC8QqVrWxWV5EtuOKcKdmj8RpL
YZul5Y6+yLOiTkBusvL2oYyaf02wRns3VOl8qPWzcQ1DhrcIQP7R6AkdnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRthn5b2sQvSu7dJejIbywZk78SMB8GA1UdIwQY
MBaAFPOygF2Hdu7et6pMvlr1aM2yYp/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdLQVhZZDI3dDYzcWt5LVd2Vm96YkppbjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iODYyZDMtNjg0NC00NmY3LWJkOTgt
ODNiYzc5NzI3OGUyLzEvdEcyR2ZsdmF4QzlLN3QwbDZNaHZMQm1UdnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iODYyZDMtNjg0NC00NmY3LWJkOTgtODNiYzc5NzI3OGUy
LzEvODdLQVhZZDI3dDYzcWt5LVd2Vm96YkppbjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv/bMA0G
CSqGSIb3DQEBCwUAA4IBAQBF9ey/hLDy14UuJvKQH3NUM1ccfbA9DW6t8Sc/47yO
ZdQghIBVoq9zEBZO51dRPbnAD7Ls4WDAhUzfdAoXLZDjRDjdgwkF+AnNT3S1JWmv
wBKWF6CaGePPbe4DRCb+6KhrwgzCE5lj0IJbCXqeTBvixkVs5qi0oiWTbVLvu4RZ
ZCM+UltN3q49M4ShlLFsGJzlI6JoYjh7tTpJY9zaLNexsQjXq/4aiY3A63rzKd1O
NZrKwasBB/00fCJKzY4Rj8iHRrUqFGy6U33I6pTNT7ORSh5ZwIRZKf4M38syaiiv
jkFR2n7ezTsX8D9GzwSuTFAlP1HqLi7TSx+WODiE7iQG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:34 2023 by rpki-client on console-fra.rpki-client.org