Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/G2t0DRg87wtxzMd2JwapByNiOWM.roa
File: G2t0DRg87wtxzMd2JwapByNiOWM.roa (raw, json)
Hash identifier: D5snzE600poWTk44Ue9nCAnfGhdPzc4jUqt6kv86VYY=
Subject key identifier: 1B:6B:74:0D:18:3C:EF:0B:71:CC:C7:76:27:06:A9:07:23:62:39:63
Certificate issuer: /CN=94962e2afa7748f45265d89fd15624b584e72466
Certificate serial: 01887211D85F78A23434800D787B3F05EDFC
Authority key identifier: 94:96:2E:2A:FA:77:48:F4:52:65:D8:9F:D1:56:24:B5:84:E7:24:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJYuKvp3SPRSZdif0VYktYTnJGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/G2t0DRg87wtxzMd2JwapByNiOWM.roa
Signing time: Wed 31 May 2023 13:49:11 +0000
ROA not before: Wed 31 May 2023 13:49:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 131.220.0.0/16 maxlen: 17
193.23.254.0/24 maxlen: 32
193.30.3.0/24 maxlen: 24
2a00:5ba0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:11:d8:5f:78:a2:34:34:80:0d:78:7b:3f:05:ed:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94962e2afa7748f45265d89fd15624b584e72466
Validity
Not Before: May 31 13:49:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b6b740d183cef0b71ccc7762706a90723623963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fa:60:7b:e3:3a:7b:4a:7e:6c:ce:77:de:ed:
70:9d:94:47:e6:0d:c2:a6:ef:36:2a:93:d5:f4:3f:
21:c6:5b:e4:93:dd:6e:61:10:1b:d9:57:85:7d:11:
91:a7:b1:39:4b:e3:76:79:21:d3:51:a0:95:8c:75:
8a:84:2b:76:1e:8a:a6:2a:a4:93:2d:a5:28:8a:56:
5e:e2:7c:7f:da:cc:61:54:7e:5d:be:22:c0:48:ed:
7f:1a:98:6b:1b:aa:92:27:e1:ea:69:b2:00:66:1d:
af:dd:86:27:eb:75:7b:b7:02:94:c4:95:9b:e9:f7:
59:32:57:b2:4a:25:72:40:3f:87:69:b1:c0:66:81:
1a:33:4c:3b:3a:2d:bb:ff:f5:2b:63:6b:27:32:ae:
d9:c1:2f:bf:b5:5e:61:3c:ab:01:9c:ea:e1:4f:2d:
ac:56:5d:dd:d1:e4:2b:93:25:ee:1a:18:3c:1d:5b:
09:20:83:73:d4:d2:d7:56:ee:93:51:ed:c1:d7:d9:
e4:b1:97:d3:d5:8d:e3:4a:33:c6:e2:7e:d2:9e:ba:
bf:ad:ec:b8:b0:cb:e9:cc:79:81:61:d4:8c:d8:63:
0c:45:36:5d:a0:1e:d9:ea:9f:1c:58:bb:79:4b:cd:
fc:c6:4f:ee:82:30:2d:1c:33:1d:a0:91:c9:76:0a:
0e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6B:74:0D:18:3C:EF:0B:71:CC:C7:76:27:06:A9:07:23:62:39:63
X509v3 Authority Key Identifier:
keyid:94:96:2E:2A:FA:77:48:F4:52:65:D8:9F:D1:56:24:B5:84:E7:24:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJYuKvp3SPRSZdif0VYktYTnJGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/G2t0DRg87wtxzMd2JwapByNiOWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/lJYuKvp3SPRSZdif0VYktYTnJGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.220.0.0/16
193.23.254.0/24
193.30.3.0/24
IPv6:
2a00:5ba0::/29
Signature Algorithm: sha256WithRSAEncryption
06:fa:b4:f5:99:4a:5a:b6:14:fe:a0:8c:8e:5b:4c:f0:86:20:
89:24:c6:91:4f:8f:28:b9:b5:53:ec:33:8b:37:29:8f:a5:da:
73:98:5b:c0:b0:15:79:56:cd:10:ff:b3:2d:77:60:05:7a:ed:
67:0f:d4:5f:ee:c1:05:01:56:b3:42:b3:c6:73:9a:85:bf:98:
88:16:fa:5a:66:72:9d:6f:cb:4e:3d:09:b4:df:87:15:0a:15:
43:d3:81:c1:17:18:31:5a:5d:bb:57:02:8e:62:e2:ca:fa:f1:
9c:df:ef:40:8c:69:9d:48:0d:6f:c3:03:fe:31:2d:9f:bb:f2:
81:11:24:8f:9b:d3:44:44:89:f2:6d:9e:60:15:d9:bf:21:1b:
9f:43:c7:fa:33:ef:aa:5d:8e:4e:b9:ab:f9:32:41:89:03:0f:
44:44:37:e5:88:52:a7:32:78:a6:d6:95:08:4b:8a:a4:83:d3:
14:18:91:c2:38:d2:82:d9:08:1f:a9:7f:30:83:78:7b:1e:05:
ab:79:64:5e:79:e9:e4:ce:fb:bc:be:54:30:4e:67:d8:40:16:
21:52:24:13:1c:2b:be:86:e6:d0:d4:45:d4:eb:88:89:9b:1f:
20:c1:bf:51:60:3e:c1:a1:fd:4d:f5:f4:f0:5b:cc:a2:29:3d:
4b:b8:6b:96
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYhyEdhfeKI0NIANeHs/Be38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTYyZTJhZmE3NzQ4ZjQ1MjY1ZDg5ZmQxNTYyNGI1ODRl
NzI0NjYwHhcNMjMwNTMxMTM0OTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjZiNzQwZDE4M2NlZjBiNzFjY2M3NzYyNzA2YTkwNzIzNjIzOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/pge+M6e0p+bM533u1wnZRH5g3C
pu82KpPV9D8hxlvkk91uYRAb2VeFfRGRp7E5S+N2eSHTUaCVjHWKhCt2HoqmKqST
LaUoilZe4nx/2sxhVH5dviLASO1/GphrG6qSJ+HqabIAZh2v3YYn63V7twKUxJWb
6fdZMleySiVyQD+HabHAZoEaM0w7Oi27//UrY2snMq7ZwS+/tV5hPKsBnOrhTy2s
Vl3d0eQrkyXuGhg8HVsJIINz1NLXVu6TUe3B19nksZfT1Y3jSjPG4n7Snrq/rey4
sMvpzHmBYdSM2GMMRTZdoB7Z6p8cWLt5S838xk/ugjAtHDMdoJHJdgoOfwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBtrdA0YPO8LcczHdicGqQcjYjljMB8GA1UdIwQY
MBaAFJSWLir6d0j0UmXYn9FWJLWE5yRmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpZdUt2cDNTUFJTWmRpZjBWWWt0WVRuSkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yZGI2ODMtYzllOS00NjQ3LTgyM2It
Y2Q0MDNiZGVlNGRmLzEvRzJ0MERSZzg3d3R4ek1kMkp3YXBCeU5pT1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yZGI2ODMtYzllOS00NjQ3LTgyM2ItY2Q0MDNiZGVlNGRm
LzEvbEpZdUt2cDNTUFJTWmRpZjBWWWt0WVRuSkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAg9wDBADB
F/4DBADBHgMwDQQCAAIwBwMFAyoAW6AwDQYJKoZIhvcNAQELBQADggEBAAb6tPWZ
Slq2FP6gjI5bTPCGIIkkxpFPjyi5tVPsM4s3KY+l2nOYW8CwFXlWzRD/sy13YAV6
7WcP1F/uwQUBVrNCs8ZzmoW/mIgW+lpmcp1vy049CbTfhxUKFUPTgcEXGDFaXbtX
Ao5i4sr68Zzf70CMaZ1IDW/DA/4xLZ+78oERJI+b00REifJtnmAV2b8hG59Dx/oz
76pdjk65q/kyQYkDD0REN+WIUqcyeKbWlQhLiqSD0xQYkcI40oLZCB+pfzCDeHse
Bat5ZF556eTO+7y+VDBOZ9hAFiFSJBMcK76G5tDURdTriImbHyDBv1FgPsGh/U31
9PBbzKIpPUu4a5Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:29 2024 by rpki-client on console-ams.rpki-client.org