Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/61a140-110e-4197-8da5-56ba198d17f0/1/a2-EaVZ6uh7mTUz2f9M9AZxuiXo.roa
File: a2-EaVZ6uh7mTUz2f9M9AZxuiXo.roa (raw, json)
Hash identifier: 7Hfwcy3Js7bzK258FAjW+3RIRwNsvgXIlBPqn37EX1A=
Subject key identifier: 6B:6F:84:69:56:7A:BA:1E:E6:4D:4C:F6:7F:D3:3D:01:9C:6E:89:7A
Certificate issuer: /CN=8eac36ff533eb6f8f8aa65920220cfa471e5a2b1
Certificate serial: 018570305A59F90EB581B7E1455AE4EF5DC7
Authority key identifier: 8E:AC:36:FF:53:3E:B6:F8:F8:AA:65:92:02:20:CF:A4:71:E5:A2:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jqw2_1M-tvj4qmWSAiDPpHHlorE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/61a140-110e-4197-8da5-56ba198d17f0/1/a2-EaVZ6uh7mTUz2f9M9AZxuiXo.roa
Signing time: Mon 02 Jan 2023 01:54:54 +0000
ROA not before: Mon 02 Jan 2023 01:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210127
IP address blocks: 194.61.132.0/24 maxlen: 24
194.61.132.0/22 maxlen: 24
194.61.134.0/24 maxlen: 24
194.61.133.0/24 maxlen: 24
194.61.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:5a:59:f9:0e:b5:81:b7:e1:45:5a:e4:ef:5d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eac36ff533eb6f8f8aa65920220cfa471e5a2b1
Validity
Not Before: Jan 2 01:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b6f8469567aba1ee64d4cf67fd33d019c6e897a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:29:05:8f:56:4f:6b:cc:40:ab:96:7c:2f:dc:
f5:57:70:28:0a:f6:90:44:9a:ed:b4:49:f4:25:92:
4f:4e:2a:35:79:00:44:da:91:0d:03:9a:13:97:21:
6e:59:ea:fe:0a:e7:82:cc:6a:fe:a1:ef:18:f5:3e:
72:63:a2:3d:3d:a7:38:5b:c5:7c:f4:d9:b5:7c:cc:
bf:73:29:8d:78:ff:9f:85:83:f0:72:f3:7d:a7:a0:
a1:13:e0:f5:71:93:a2:e0:ef:ba:19:80:3e:8c:17:
44:ed:df:f6:82:26:6f:bf:4b:96:4d:2c:29:50:e3:
1f:3d:5f:70:46:d7:80:f2:b7:5d:7f:ab:18:43:ec:
79:76:bf:98:c2:04:00:8f:a1:d2:88:0d:6f:3b:06:
99:8b:7f:5d:41:cc:a0:83:9b:92:66:f7:4e:14:fc:
d9:b0:73:3e:0d:e9:27:4d:29:d0:de:f1:8e:67:ae:
ca:08:71:ce:53:8c:b8:c8:24:0f:4d:89:e5:cf:9d:
16:ff:91:50:e6:f3:23:15:0e:5c:a5:14:8e:c1:2d:
2c:5e:e5:cf:75:72:77:0f:68:5b:1e:e5:a2:2a:e7:
4a:c2:a8:b5:a4:5d:27:58:d0:aa:b2:f0:b9:a2:ef:
31:4f:bc:5c:d9:37:06:e3:63:c3:17:68:08:c2:75:
98:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:6F:84:69:56:7A:BA:1E:E6:4D:4C:F6:7F:D3:3D:01:9C:6E:89:7A
X509v3 Authority Key Identifier:
keyid:8E:AC:36:FF:53:3E:B6:F8:F8:AA:65:92:02:20:CF:A4:71:E5:A2:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jqw2_1M-tvj4qmWSAiDPpHHlorE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61a140-110e-4197-8da5-56ba198d17f0/1/a2-EaVZ6uh7mTUz2f9M9AZxuiXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61a140-110e-4197-8da5-56ba198d17f0/1/jqw2_1M-tvj4qmWSAiDPpHHlorE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.132.0/22
Signature Algorithm: sha256WithRSAEncryption
91:e5:30:b9:ec:8d:92:f5:0a:ce:ab:86:b4:97:6a:72:22:8e:
15:e5:c7:f4:29:f9:7c:01:0a:78:fc:e9:c5:a2:68:92:0f:fb:
57:17:4e:7d:8d:cf:4d:78:d4:02:a9:09:92:53:9f:24:89:c2:
4f:bc:e9:f8:db:03:96:3a:4e:5c:e8:12:50:5c:14:f4:19:8c:
fa:81:57:7d:f6:7e:09:9f:e0:c5:05:e6:75:36:79:c8:bc:14:
8c:8b:46:6f:5a:a9:66:bb:ca:47:3b:de:87:24:19:43:b8:5a:
d0:30:cb:61:71:75:7a:75:1d:09:43:12:88:f3:f7:53:a4:64:
81:67:d1:1a:cc:55:98:f9:05:1a:cc:a8:76:f2:c2:92:e8:dd:
59:e1:10:28:e3:5f:e4:54:d3:05:ca:8f:ab:6f:1a:fe:2f:c5:
47:a5:bb:33:3a:41:1b:bf:8b:ee:27:2f:af:ad:7d:46:dc:b0:
ae:a2:2e:46:62:58:be:50:bc:07:42:b5:c3:c0:b0:1d:37:0a:
db:59:0a:16:ce:6e:49:fd:75:93:c5:b2:57:15:20:5c:38:60:
5a:a3:1f:07:c9:c2:27:b8:5f:2a:0f:ab:59:47:87:1a:b5:4d:
ed:67:fa:4f:b0:22:10:b4:fb:cd:0f:52:c1:68:fb:44:17:51:
31:4a:c0:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMFpZ+Q61gbfhRVrk713HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYWMzNmZmNTMzZWI2ZjhmOGFhNjU5MjAyMjBjZmE0NzFl
NWEyYjEwHhcNMjMwMTAyMDE1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjZmODQ2OTU2N2FiYTFlZTY0ZDRjZjY3ZmQzM2QwMTljNmU4OTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCkFj1ZPa8xAq5Z8L9z1V3AoCvaQ
RJrttEn0JZJPTio1eQBE2pENA5oTlyFuWer+CueCzGr+oe8Y9T5yY6I9Pac4W8V8
9Nm1fMy/cymNeP+fhYPwcvN9p6ChE+D1cZOi4O+6GYA+jBdE7d/2giZvv0uWTSwp
UOMfPV9wRteA8rddf6sYQ+x5dr+YwgQAj6HSiA1vOwaZi39dQcygg5uSZvdOFPzZ
sHM+DeknTSnQ3vGOZ67KCHHOU4y4yCQPTYnlz50W/5FQ5vMjFQ5cpRSOwS0sXuXP
dXJ3D2hbHuWiKudKwqi1pF0nWNCqsvC5ou8xT7xc2TcG42PDF2gIwnWY3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtvhGlWeroe5k1M9n/TPQGcbol6MB8GA1UdIwQY
MBaAFI6sNv9TPrb4+KplkgIgz6Rx5aKxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanF3Ml8xTS10dmo0cW1XU0FpRFBwSEhsb3JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82MWExNDAtMTEwZS00MTk3LThkYTUt
NTZiYTE5OGQxN2YwLzEvYTItRWFWWjZ1aDdtVFV6MmY5TTlBWnh1aVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82MWExNDAtMTEwZS00MTk3LThkYTUtNTZiYTE5OGQxN2Yw
LzEvanF3Ml8xTS10dmo0cW1XU0FpRFBwSEhsb3JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwj2EMA0G
CSqGSIb3DQEBCwUAA4IBAQCR5TC57I2S9QrOq4a0l2pyIo4V5cf0Kfl8AQp4/OnF
omiSD/tXF059jc9NeNQCqQmSU58kicJPvOn42wOWOk5c6BJQXBT0GYz6gVd99n4J
n+DFBeZ1NnnIvBSMi0ZvWqlmu8pHO96HJBlDuFrQMMthcXV6dR0JQxKI8/dTpGSB
Z9EazFWY+QUazKh28sKS6N1Z4RAo41/kVNMFyo+rbxr+L8VHpbszOkEbv4vuJy+v
rX1G3LCuoi5GYli+ULwHQrXDwLAdNwrbWQoWzm5J/XWTxbJXFSBcOGBaox8HycIn
uF8qD6tZR4catU3tZ/pPsCIQtPvND1LBaPtEF1ExSsA9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:48 2024 by rpki-client on console-ams.rpki-client.org