Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/2AU4lGODh-QufyHimxbkwI7qLKU.roa
File: 2AU4lGODh-QufyHimxbkwI7qLKU.roa (raw, json)
Hash identifier: dsGxyFsnlx0Mk1vbJEZ6XRpW+gzpDL8yhXUXwBkIva4=
Subject key identifier: D8:05:38:94:63:83:87:E4:2E:7F:21:E2:9B:16:E4:C0:8E:EA:2C:A5
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01881FEEE3EC369C63E57C090F21ECA14647
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/2AU4lGODh-QufyHimxbkwI7qLKU.roa
Signing time: Mon 15 May 2023 15:02:09 +0000
ROA not before: Mon 15 May 2023 15:02:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60627
IP address blocks: 87.107.66.0/24 maxlen: 24
81.12.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:ee:e3:ec:36:9c:63:e5:7c:09:0f:21:ec:a1:46:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: May 15 15:02:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8053894638387e42e7f21e29b16e4c08eea2ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8e:14:f0:81:ec:69:af:7c:39:79:76:77:47:
53:87:a1:1a:ed:88:00:f9:66:bb:92:1f:e4:61:d4:
15:6c:34:fc:14:96:5f:12:69:a3:13:10:12:e3:54:
fb:6f:28:8a:f3:bd:5f:ac:d1:49:68:a6:0f:a0:24:
e1:19:00:29:e1:91:d6:b4:ad:57:cf:53:3d:1d:1a:
73:2c:4a:ed:7d:ab:33:ac:66:15:27:72:1f:92:bb:
1c:7c:c7:8f:02:fd:8a:32:b1:47:cf:92:40:d7:3c:
8c:e9:f9:fb:ad:26:4a:c1:1c:81:a9:b6:6c:62:9f:
20:19:1f:d3:b4:de:68:db:64:20:43:3d:ca:6b:1d:
ad:74:02:48:2e:2a:4f:f4:b6:dd:d3:62:67:58:ba:
2d:82:a2:bb:62:bd:2e:e4:a2:60:8d:97:6e:fb:f5:
26:db:62:17:04:2c:78:8e:2b:06:18:73:fc:3f:ad:
92:64:7b:61:83:0a:85:89:9e:2e:3a:86:41:92:88:
45:e8:06:9c:83:77:5e:61:10:4c:f7:d3:1f:79:e4:
5b:d6:95:18:cf:7b:01:82:43:97:b6:c5:25:3a:a6:
5a:94:3f:f2:65:0c:00:4e:c5:b9:49:65:24:27:ac:
52:3e:78:c9:6e:66:53:24:fc:51:17:ea:a1:61:3c:
64:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:05:38:94:63:83:87:E4:2E:7F:21:E2:9B:16:E4:C0:8E:EA:2C:A5
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/2AU4lGODh-QufyHimxbkwI7qLKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.63.0/24
87.107.66.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f5:04:b0:18:c9:86:75:3b:d1:40:10:3a:a1:d7:b1:7b:70:
bc:25:1b:69:c5:d5:7c:94:cc:68:d0:a5:92:3a:30:62:ae:66:
55:13:0a:2a:e5:96:71:8a:b0:b8:17:13:7a:9a:a3:b0:a3:6e:
9b:ea:26:aa:4c:2f:b9:71:9a:2e:47:15:b3:64:bc:00:51:9e:
0f:e2:d8:34:7e:99:88:02:15:4b:75:7f:a1:21:9e:cb:2c:3f:
8f:04:43:90:67:b0:76:fa:9d:5d:59:45:44:79:75:7b:b6:8b:
c1:2b:c7:3a:12:b4:82:3e:8d:6a:20:39:08:b3:78:57:e8:01:
be:f7:ed:22:e6:34:31:f3:9e:8e:16:7a:f1:c3:79:d1:13:d7:
49:0d:79:04:71:49:8e:b4:15:b8:08:f0:b2:07:bc:b6:c4:73:
b5:92:d1:ad:70:c5:a5:65:a4:29:81:40:15:c5:77:84:7e:47:
62:26:e5:c5:47:03:ec:72:c1:83:a7:40:03:72:d9:ee:34:f9:
31:7e:8f:53:c8:9b:bc:4e:56:d0:6e:18:7b:98:c8:69:b3:2f:
ba:c4:6e:82:ed:3b:57:60:84:4c:e2:4d:6e:6b:08:75:6f:75:
79:58:be:9a:78:2c:28:59:3e:cc:4d:dd:55:0f:d9:9c:2e:a0:
9a:12:53:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgf7uPsNpxj5XwJDyHsoUZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwNTE1MTUwMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODA1Mzg5NDYzODM4N2U0MmU3ZjIxZTI5YjE2ZTRjMDhlZWEyY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY4U8IHsaa98OXl2d0dTh6Ea7YgA
+Wa7kh/kYdQVbDT8FJZfEmmjExAS41T7byiK871frNFJaKYPoCThGQAp4ZHWtK1X
z1M9HRpzLErtfaszrGYVJ3IfkrscfMePAv2KMrFHz5JA1zyM6fn7rSZKwRyBqbZs
Yp8gGR/TtN5o22QgQz3Kax2tdAJILipP9Lbd02JnWLotgqK7Yr0u5KJgjZdu+/Um
22IXBCx4jisGGHP8P62SZHthgwqFiZ4uOoZBkohF6Aacg3deYRBM99MfeeRb1pUY
z3sBgkOXtsUlOqZalD/yZQwATsW5SWUkJ6xSPnjJbmZTJPxRF+qhYTxkGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNgFOJRjg4fkLn8h4psW5MCO6iylMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvMkFVNGxHT0RoLVF1ZnlIaW14Ymt3STdxTEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUQw/AwQA
V2tCMA0GCSqGSIb3DQEBCwUAA4IBAQBy9QSwGMmGdTvRQBA6odexe3C8JRtpxdV8
lMxo0KWSOjBirmZVEwoq5ZZxirC4FxN6mqOwo26b6iaqTC+5cZouRxWzZLwAUZ4P
4tg0fpmIAhVLdX+hIZ7LLD+PBEOQZ7B2+p1dWUVEeXV7tovBK8c6ErSCPo1qIDkI
s3hX6AG+9+0i5jQx856OFnrxw3nRE9dJDXkEcUmOtBW4CPCyB7y2xHO1ktGtcMWl
ZaQpgUAVxXeEfkdiJuXFRwPscsGDp0ADctnuNPkxfo9TyJu8TlbQbhh7mMhpsy+6
xG6C7TtXYIRM4k1uawh1b3V5WL6aeCwoWT7MTd1VD9mcLqCaElN9
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:54 2024 by rpki-client on console-ams.rpki-client.org