Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/aE-akpBEpPnLvfQhC8OH8pJUczw.roa
File: aE-akpBEpPnLvfQhC8OH8pJUczw.roa (raw, json)
Hash identifier: dPx+mmPw3AB7CWrIGqsPEoISpsZ61MrsaA/xrKbZcfs=
Subject key identifier: 68:4F:9A:92:90:44:A4:F9:CB:BD:F4:21:0B:C3:87:F2:92:54:73:3C
Certificate issuer: /CN=c2746ccb7e73a9cc30ef04edd7cf16cc1d946894
Certificate serial: 018CC7271712D5C59BF4BA5B3B036C73BD53
Authority key identifier: C2:74:6C:CB:7E:73:A9:CC:30:EF:04:ED:D7:CF:16:CC:1D:94:68:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnRsy35zqcww7wTt188WzB2UaJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/aE-akpBEpPnLvfQhC8OH8pJUczw.roa
Signing time: Mon 01 Jan 2024 22:31:16 +0000
ROA not before: Mon 01 Jan 2024 22:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209828
IP address blocks: 178.255.218.0/24 maxlen: 24
2a10:7cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 27 Jan 2024 14:24:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:17:12:d5:c5:9b:f4:ba:5b:3b:03:6c:73:bd:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2746ccb7e73a9cc30ef04edd7cf16cc1d946894
Validity
Not Before: Jan 1 22:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=684f9a929044a4f9cbbdf4210bc387f29254733c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:56:f0:a1:2f:0d:6c:b2:23:06:a5:e0:b7:2d:
ec:ab:7f:cc:7d:5f:87:80:1a:a7:5c:02:1b:53:00:
73:de:2b:e5:56:2f:b7:57:61:b9:37:b0:6d:49:6f:
8c:eb:bf:19:f3:26:f6:cc:7d:6f:d7:88:42:8f:cc:
6d:27:34:a3:0b:2c:c3:59:1e:f9:4d:20:a8:05:ac:
55:87:12:96:cf:93:ab:97:65:3b:58:00:a7:5b:39:
aa:39:a8:da:d3:a2:6e:9f:8b:a2:d9:c2:b1:46:9e:
7f:74:ad:41:dc:47:82:2b:8e:ee:ef:22:5a:b0:85:
64:07:68:81:73:a7:5d:1c:e2:e1:7e:00:65:2f:8f:
f5:71:44:a8:ac:64:4f:95:08:2d:5b:48:74:41:3b:
18:09:d3:be:8d:7b:be:30:39:68:de:be:30:f3:73:
83:8c:97:23:6f:5d:66:56:17:88:a6:da:df:2c:73:
9f:dc:57:f3:53:09:e6:84:ca:f9:99:a3:a6:b9:64:
e3:f0:50:f7:cd:cd:33:b8:4d:1a:44:87:41:33:d5:
f0:75:37:29:f5:8d:ce:bd:44:69:a5:28:d4:b8:17:
aa:34:bd:d4:cd:3b:f5:ab:b3:af:b4:e9:df:88:0b:
35:2c:35:1d:fd:96:8a:10:cf:e1:71:38:2e:8d:92:
75:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:4F:9A:92:90:44:A4:F9:CB:BD:F4:21:0B:C3:87:F2:92:54:73:3C
X509v3 Authority Key Identifier:
keyid:C2:74:6C:CB:7E:73:A9:CC:30:EF:04:ED:D7:CF:16:CC:1D:94:68:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnRsy35zqcww7wTt188WzB2UaJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/aE-akpBEpPnLvfQhC8OH8pJUczw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/wnRsy35zqcww7wTt188WzB2UaJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.218.0/24
IPv6:
2a10:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:f8:69:90:c4:7a:0b:83:f7:c5:f1:cc:cc:d3:9f:4c:c1:bb:
3a:83:42:03:50:6f:5e:6b:92:f0:e9:8b:0d:20:ae:22:95:45:
a2:1e:6c:74:21:56:94:1d:52:ac:11:1b:47:9f:23:c1:b7:de:
5d:6e:41:c3:6b:19:32:40:12:54:24:38:f0:68:6e:81:16:f3:
cc:9f:3b:8e:6c:a9:84:d8:c9:98:b7:45:5e:b7:4c:33:c8:14:
73:3b:50:0b:f9:cb:4c:f4:90:8e:5d:78:c8:a8:54:b4:6a:ce:
3d:e7:da:a4:11:1b:d1:75:7c:1d:47:92:ef:b0:03:86:bf:24:
1e:d1:05:2d:bf:57:29:fe:37:26:e6:f3:54:da:04:0e:04:31:
85:3c:02:f2:72:f4:a6:7e:0c:57:c3:27:a7:f6:f3:d2:14:88:
10:43:ef:de:a1:95:79:01:16:de:90:c4:d4:ae:1a:27:c8:49:
c3:78:43:0e:04:83:07:8b:06:02:8e:6b:c6:f1:38:5e:56:5a:
09:76:b3:d3:49:8d:12:04:2b:11:84:95:de:03:c0:f5:76:23:
ca:e2:59:bc:69:d8:9d:ee:08:d8:f1:d7:57:52:36:08:7f:a2:
12:e2:39:8a:d1:ca:5e:f5:d0:fb:09:23:b9:95:fc:b7:e5:83:
b1:8c:f0:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJxcS1cWb9LpbOwNsc71TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzQ2Y2NiN2U3M2E5Y2MzMGVmMDRlZGQ3Y2YxNmNjMWQ5
NDY4OTQwHhcNMjQwMTAxMjIzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODRmOWE5MjkwNDRhNGY5Y2JiZGY0MjEwYmMzODdmMjkyNTQ3MzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulbwoS8NbLIjBqXgty3sq3/MfV+H
gBqnXAIbUwBz3ivlVi+3V2G5N7BtSW+M678Z8yb2zH1v14hCj8xtJzSjCyzDWR75
TSCoBaxVhxKWz5Orl2U7WACnWzmqOaja06Jun4ui2cKxRp5/dK1B3EeCK47u7yJa
sIVkB2iBc6ddHOLhfgBlL4/1cUSorGRPlQgtW0h0QTsYCdO+jXu+MDlo3r4w83OD
jJcjb11mVheIptrfLHOf3FfzUwnmhMr5maOmuWTj8FD3zc0zuE0aRIdBM9XwdTcp
9Y3OvURppSjUuBeqNL3UzTv1q7OvtOnfiAs1LDUd/ZaKEM/hcTgujZJ1fQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGhPmpKQRKT5y730IQvDh/KSVHM8MB8GA1UdIwQY
MBaAFMJ0bMt+c6nMMO8E7dfPFswdlGiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25Sc3kzNXpxY3d3N3dUdDE4OFd6QjJVYUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS81OTcwM2YtZjAwMy00ODQ1LTk4M2Et
OTNlOTE4ZDEwZWM1LzEvYUUtYWtwQkVwUG5MdmZRaEM4T0g4cEpVY3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS81OTcwM2YtZjAwMy00ODQ1LTk4M2EtOTNlOTE4ZDEwZWM1
LzEvd25Sc3kzNXpxY3d3N3dUdDE4OFd6QjJVYUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsv/aMA0E
AgACMAcDBQMqEHzAMA0GCSqGSIb3DQEBCwUAA4IBAQCi+GmQxHoLg/fF8czM059M
wbs6g0IDUG9ea5Lw6YsNIK4ilUWiHmx0IVaUHVKsERtHnyPBt95dbkHDaxkyQBJU
JDjwaG6BFvPMnzuObKmE2MmYt0Vet0wzyBRzO1AL+ctM9JCOXXjIqFS0as4959qk
ERvRdXwdR5LvsAOGvyQe0QUtv1cp/jcm5vNU2gQOBDGFPALycvSmfgxXwyen9vPS
FIgQQ+/eoZV5ARbekMTUrhonyEnDeEMOBIMHiwYCjmvG8TheVloJdrPTSY0SBCsR
hJXeA8D1diPK4lm8adid7gjY8ddXUjYIf6IS4jmK0cpe9dD7CSO5lfy35YOxjPBe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:45 2024 by rpki-client on console-ams.rpki-client.org