Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/2cj5uaocmXCwlCwrNXxatKpYGKQ.roa
File: 2cj5uaocmXCwlCwrNXxatKpYGKQ.roa (raw, json)
Hash identifier: M+eDcv71I7pfnGKqPFNU3UVb0IpRW70jfoS+3SppVok=
Subject key identifier: D9:C8:F9:B9:AA:1C:99:70:B0:94:2C:2B:35:7C:5A:B4:AA:58:18:A4
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01926D65E265C23F2EECD04B8EDAEF01F222
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/2cj5uaocmXCwlCwrNXxatKpYGKQ.roa
Signing time: Tue 08 Oct 2024 18:30:46 +0000
ROA not before: Tue 08 Oct 2024 18:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.247.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6d:65:e2:65:c2:3f:2e:ec:d0:4b:8e:da:ef:01:f2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Oct 8 18:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9c8f9b9aa1c9970b0942c2b357c5ab4aa5818a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3b:2e:24:39:cc:22:70:12:a2:f4:c7:10:6a:
34:6a:cf:c5:c8:af:53:dc:0e:86:4d:b5:77:2c:98:
5d:f6:99:40:c9:13:a5:69:19:3e:01:db:01:9f:1d:
ea:43:21:65:2c:96:a0:88:2a:3c:db:9e:43:94:44:
32:91:f7:43:6e:5f:b8:35:0e:db:07:9f:fb:ea:27:
2b:63:dd:7d:a6:81:41:8b:77:4c:8f:0d:50:10:af:
da:e6:c1:61:f5:31:c5:e5:ab:cb:84:4e:60:ad:b6:
03:77:d4:4a:a0:6a:c3:04:cf:5b:79:84:2f:91:50:
81:cc:05:fd:b7:ef:2b:04:21:8e:a7:f6:00:52:fe:
a7:65:c8:6f:e6:c3:de:e3:68:72:f6:dd:a0:54:b7:
09:a7:f7:d9:e4:c6:60:16:7e:c8:df:36:aa:02:81:
10:35:8c:8f:af:66:ab:52:77:71:4b:65:e3:2b:8f:
f8:22:64:af:fa:26:a2:3c:46:ca:9e:64:ca:05:36:
6d:cd:8f:52:25:40:8d:40:a8:f2:7c:ed:9e:ae:d7:
ff:55:6f:e5:75:9c:68:07:88:7e:0c:09:28:f5:38:
ea:4e:6a:8d:a5:5a:c3:20:89:f5:82:39:c9:27:77:
bb:ed:1f:14:eb:9b:9c:5d:09:b3:a0:84:70:72:ad:
45:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C8:F9:B9:AA:1C:99:70:B0:94:2C:2B:35:7C:5A:B4:AA:58:18:A4
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/2cj5uaocmXCwlCwrNXxatKpYGKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
Signature Algorithm: sha256WithRSAEncryption
92:98:f1:6a:e8:61:a8:98:27:af:31:61:39:66:50:97:84:2f:
ee:89:ed:d1:ba:02:cc:e1:69:78:15:0b:c4:8e:1b:bd:3d:97:
44:5a:52:d5:81:a2:fb:38:d1:3b:3f:b8:2d:1c:3e:d6:3d:2b:
09:79:e1:df:6a:e4:a4:de:b7:f1:ee:82:62:3a:0f:75:17:c0:
0b:7b:84:56:f1:4a:37:4c:f1:0c:67:48:56:7f:54:df:ed:04:
5b:79:48:54:d3:32:92:c7:67:ab:ff:62:e0:66:df:81:5c:d4:
14:77:72:1f:96:70:ad:9c:66:76:15:2b:95:0b:fb:a1:ef:20:
a3:02:4c:07:1b:7f:76:6e:a9:bd:6d:a5:12:3d:f8:25:14:8a:
ea:46:9b:be:54:dc:6d:7e:99:4b:49:61:62:be:de:a9:39:66:
78:fa:e9:a4:5e:47:ef:53:62:55:3c:da:f1:67:55:f8:2c:12:
50:28:f5:98:c8:4a:f1:e8:1e:c1:44:ab:c7:3f:9c:72:bd:23:
1c:28:32:75:10:5d:ec:d9:1c:e6:66:8b:fa:48:86:20:2c:0f:
53:16:0a:55:be:f0:5b:61:e4:e2:e1:66:5b:e4:56:99:db:60:
14:92:12:28:9a:60:95:38:61:53:90:01:ac:11:97:69:58:26:
1a:a9:0c:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJtZeJlwj8u7NBLjtrvAfIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQxMDA4MTgzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWM4ZjliOWFhMWM5OTcwYjA5NDJjMmIzNTdjNWFiNGFhNTgxOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTsuJDnMInASovTHEGo0as/FyK9T
3A6GTbV3LJhd9plAyROlaRk+AdsBnx3qQyFlLJagiCo8255DlEQykfdDbl+4NQ7b
B5/76icrY919poFBi3dMjw1QEK/a5sFh9THF5avLhE5grbYDd9RKoGrDBM9beYQv
kVCBzAX9t+8rBCGOp/YAUv6nZchv5sPe42hy9t2gVLcJp/fZ5MZgFn7I3zaqAoEQ
NYyPr2arUndxS2XjK4/4ImSv+iaiPEbKnmTKBTZtzY9SJUCNQKjyfO2ertf/VW/l
dZxoB4h+DAko9TjqTmqNpVrDIIn1gjnJJ3e77R8U65ucXQmzoIRwcq1F4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnI+bmqHJlwsJQsKzV8WrSqWBikMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvMmNqNXVhb2NtWEN3bEN3ck5YeGF0S3BZR0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPc7MA0G
CSqGSIb3DQEBCwUAA4IBAQCSmPFq6GGomCevMWE5ZlCXhC/uie3RugLM4Wl4FQvE
jhu9PZdEWlLVgaL7ONE7P7gtHD7WPSsJeeHfauSk3rfx7oJiOg91F8ALe4RW8Uo3
TPEMZ0hWf1Tf7QRbeUhU0zKSx2er/2LgZt+BXNQUd3IflnCtnGZ2FSuVC/uh7yCj
AkwHG392bqm9baUSPfglFIrqRpu+VNxtfplLSWFivt6pOWZ4+umkXkfvU2JVPNrx
Z1X4LBJQKPWYyErx6B7BRKvHP5xyvSMcKDJ1EF3s2RzmZov6SIYgLA9TFgpVvvBb
YeTi4WZb5FaZ22AUkhIommCVOGFTkAGsEZdpWCYaqQz8
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:20:24 2025 by rpki-client