Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/edae6a-6a5d-4e89-8986-e88d884c20ef/1/2G8p2HYolexnL_nMoBK09IF5yfI.roa
File: 2G8p2HYolexnL_nMoBK09IF5yfI.roa (raw, json)
Hash identifier: SJqshPtcMruVx5BdUj/G4KO7QpL4j2P9hU0A+y6C2+k=
Subject key identifier: D8:6F:29:D8:76:28:95:EC:67:2F:F9:CC:A0:12:B4:F4:81:79:C9:F2
Certificate issuer: /CN=51bdf0d4de40057f5cc3fd1e70bfc11f5351738d
Certificate serial: 0187B20FA1585274CEBEF75ECEDD8C1F8258
Authority key identifier: 51:BD:F0:D4:DE:40:05:7F:5C:C3:FD:1E:70:BF:C1:1F:53:51:73:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ub3w1N5ABX9cw_0ecL_BH1NRc40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/edae6a-6a5d-4e89-8986-e88d884c20ef/1/2G8p2HYolexnL_nMoBK09IF5yfI.roa
Signing time: Mon 24 Apr 2023 06:59:41 +0000
ROA not before: Mon 24 Apr 2023 06:59:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48634
IP address blocks: 91.211.158.0/24 maxlen: 24
91.211.159.0/24 maxlen: 24
91.211.156.0/22 maxlen: 22
91.211.156.0/24 maxlen: 24
91.211.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:0f:a1:58:52:74:ce:be:f7:5e:ce:dd:8c:1f:82:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51bdf0d4de40057f5cc3fd1e70bfc11f5351738d
Validity
Not Before: Apr 24 06:59:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d86f29d8762895ec672ff9cca012b4f48179c9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fb:47:66:35:25:99:d2:88:45:30:09:8e:ac:
b8:2c:db:27:33:f7:9c:4a:ac:d3:1f:5d:e2:59:a5:
23:ba:b1:90:3b:8b:db:54:31:8a:5b:fc:23:ba:c8:
ed:2e:29:7e:86:18:05:d0:63:e5:30:63:b2:84:98:
a1:9e:57:37:db:de:ee:20:e9:92:92:07:4c:95:fa:
71:22:b9:fd:f6:39:e1:6b:04:b4:c5:8f:b8:bb:78:
2c:d3:5d:88:86:69:8e:ff:10:f8:bf:4e:32:e3:53:
1f:47:96:10:b1:79:67:24:36:e9:51:c0:05:71:5e:
77:84:e3:3d:6e:53:24:4f:5b:ae:c9:41:1d:7c:bc:
70:05:cf:92:9b:22:d4:c6:25:56:02:a8:cf:ff:bd:
d0:89:29:ed:f3:85:d0:a4:5e:9b:d3:87:6c:10:7e:
dc:ee:c7:b5:1d:d5:45:a8:31:92:77:8b:6d:d4:26:
af:cc:dc:51:e5:f5:49:b0:eb:1b:ba:a2:72:74:29:
cd:f1:c3:d3:32:c3:25:4b:80:53:b8:f5:ca:05:57:
a8:1d:23:ff:94:3e:ce:9a:ce:44:e4:0b:5a:52:26:
70:68:55:1b:42:c4:81:5c:54:78:d4:54:96:41:c6:
68:3f:f7:52:45:13:90:3f:70:e6:a0:67:d9:f8:d4:
d3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6F:29:D8:76:28:95:EC:67:2F:F9:CC:A0:12:B4:F4:81:79:C9:F2
X509v3 Authority Key Identifier:
keyid:51:BD:F0:D4:DE:40:05:7F:5C:C3:FD:1E:70:BF:C1:1F:53:51:73:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ub3w1N5ABX9cw_0ecL_BH1NRc40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/edae6a-6a5d-4e89-8986-e88d884c20ef/1/2G8p2HYolexnL_nMoBK09IF5yfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/edae6a-6a5d-4e89-8986-e88d884c20ef/1/Ub3w1N5ABX9cw_0ecL_BH1NRc40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.156.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:26:82:0c:46:39:9f:84:d1:81:06:ea:39:dd:9d:3d:92:4c:
f1:89:33:4e:99:c2:fd:52:40:e1:88:48:ec:16:9a:20:96:f7:
d7:03:74:b8:bd:62:36:e7:60:aa:c9:e2:0b:0a:e5:fa:63:d2:
a0:c7:23:71:7d:83:a9:3e:db:bb:df:af:31:b8:88:6e:3f:62:
1b:fe:75:ef:1c:0a:97:01:9c:6e:9d:3f:f0:c8:77:40:40:bb:
55:14:e9:a7:1d:cf:d7:a3:99:1e:b0:4d:8e:6c:4a:86:6b:26:
28:e4:47:73:56:56:d1:71:6f:aa:52:84:9f:4e:12:13:1c:75:
6f:77:bf:5b:dc:3b:31:42:51:67:45:51:53:31:3b:09:66:69:
ed:52:3c:d2:65:20:cd:34:f7:37:a5:d8:63:04:5d:3a:8d:d0:
fe:a2:56:4a:54:03:e3:8f:b9:95:b7:d5:3e:5d:24:5b:ab:d2:
ac:32:81:00:6c:e3:80:54:bc:4a:3a:56:cf:df:eb:3e:ff:c5:
18:26:a8:32:28:50:9c:3c:f2:9d:da:26:98:5e:20:07:22:71:
6c:6e:42:38:c2:a7:3d:ff:c3:04:1a:f0:d7:fa:97:d9:8a:72:
19:fe:96:59:eb:45:0f:0f:e6:6a:96:4d:ff:6f:40:84:50:48:
69:7d:1f:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeyD6FYUnTOvvdezt2MH4JYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYmRmMGQ0ZGU0MDA1N2Y1Y2MzZmQxZTcwYmZjMTFmNTM1
MTczOGQwHhcNMjMwNDI0MDY1OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZmMjlkODc2Mjg5NWVjNjcyZmY5Y2NhMDEyYjRmNDgxNzljOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvtHZjUlmdKIRTAJjqy4LNsnM/ec
SqzTH13iWaUjurGQO4vbVDGKW/wjusjtLil+hhgF0GPlMGOyhJihnlc3297uIOmS
kgdMlfpxIrn99jnhawS0xY+4u3gs012IhmmO/xD4v04y41MfR5YQsXlnJDbpUcAF
cV53hOM9blMkT1uuyUEdfLxwBc+SmyLUxiVWAqjP/73QiSnt84XQpF6b04dsEH7c
7se1HdVFqDGSd4tt1CavzNxR5fVJsOsbuqJydCnN8cPTMsMlS4BTuPXKBVeoHSP/
lD7Oms5E5AtaUiZwaFUbQsSBXFR41FSWQcZoP/dSRROQP3DmoGfZ+NTTrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhvKdh2KJXsZy/5zKAStPSBecnyMB8GA1UdIwQY
MBaAFFG98NTeQAV/XMP9HnC/wR9TUXONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWIzdzFONUFCWDljd18wZWNMX0JIMU5SYzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lZGFlNmEtNmE1ZC00ZTg5LTg5ODYt
ZTg4ZDg4NGMyMGVmLzEvMkc4cDJIWW9sZXhuTF9uTW9CSzA5SUY1eWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9lZGFlNmEtNmE1ZC00ZTg5LTg5ODYtZTg4ZDg4NGMyMGVm
LzEvVWIzdzFONUFCWDljd18wZWNMX0JIMU5SYzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9OcMA0G
CSqGSIb3DQEBCwUAA4IBAQBcJoIMRjmfhNGBBuo53Z09kkzxiTNOmcL9UkDhiEjs
FpoglvfXA3S4vWI252CqyeILCuX6Y9KgxyNxfYOpPtu7368xuIhuP2Ib/nXvHAqX
AZxunT/wyHdAQLtVFOmnHc/Xo5kesE2ObEqGayYo5EdzVlbRcW+qUoSfThITHHVv
d79b3DsxQlFnRVFTMTsJZmntUjzSZSDNNPc3pdhjBF06jdD+olZKVAPjj7mVt9U+
XSRbq9KsMoEAbOOAVLxKOlbP3+s+/8UYJqgyKFCcPPKd2iaYXiAHInFsbkI4wqc9
/8MEGvDX+pfZinIZ/pZZ60UPD+Zqlk3/b0CEUEhpfR/p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:54 2024 by rpki-client on console-ams.rpki-client.org