Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0aW3zjKGlFPkB6--Dml7hGJ2gIY.roa
File: 0aW3zjKGlFPkB6--Dml7hGJ2gIY.roa (raw, json)
Hash identifier: LzCARqQQrU80CGfZCeuR0MKHDDuTP9u3b8ZxJL31iIo=
Subject key identifier: D1:A5:B7:CE:32:86:94:53:E4:07:AF:BE:0E:69:7B:84:62:76:80:86
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018698053EA5FE6A2B5411F65E8C4507916F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0aW3zjKGlFPkB6--Dml7hGJ2gIY.roa
Signing time: Tue 28 Feb 2023 12:35:25 +0000
ROA not before: Tue 28 Feb 2023 12:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 2.56.56.0/22 maxlen: 24
37.46.150.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
185.239.242.0/24 maxlen: 24
2.58.148.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:05:3e:a5:fe:6a:2b:54:11:f6:5e:8c:45:07:91:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 28 12:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1a5b7ce32869453e407afbe0e697b8462768086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0e:21:10:e3:39:a8:30:13:2a:69:78:3e:b4:
c1:d7:13:38:48:91:f4:cb:ee:61:cf:b4:c4:72:80:
4e:ec:a6:dd:e5:49:3d:3a:8e:8b:52:e5:7e:fe:74:
2a:23:05:d5:fa:51:28:3c:cd:b5:79:fd:da:0b:9e:
02:05:32:7b:c1:b3:79:cf:ed:24:1e:74:46:d0:d2:
56:3b:2e:fe:dc:21:cf:69:f6:a1:a9:36:53:e4:bd:
83:14:8d:30:69:d4:90:90:a9:68:37:b4:7f:f9:f5:
b3:0e:a1:d9:6b:c7:e4:fc:34:62:6e:a8:17:0d:33:
e1:e3:02:0a:9d:f9:25:38:5e:bb:c4:17:db:32:ba:
bc:64:db:9d:d9:7d:80:de:bc:2a:95:12:dd:1e:53:
86:f6:44:ef:59:32:5a:f7:ef:eb:c9:b2:d1:ff:db:
39:e6:de:31:f1:33:ce:71:82:e8:9a:e4:bc:95:17:
fd:b9:93:a8:4f:39:e0:a0:78:fa:f2:26:3f:2a:09:
b4:71:7c:2a:ac:e7:b6:ba:55:6c:77:96:6f:ee:f0:
c2:dc:29:4a:f5:8a:9d:b9:22:39:c4:72:79:ae:5a:
c1:55:67:f1:c5:7e:a1:a7:13:ef:52:24:86:31:a3:
db:67:97:c4:55:a3:ae:c6:1f:1a:8e:83:bb:aa:d4:
ba:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A5:B7:CE:32:86:94:53:E4:07:AF:BE:0E:69:7B:84:62:76:80:86
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0aW3zjKGlFPkB6--Dml7hGJ2gIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.56.0/22
2.58.148.0/22
37.46.150.0/24
185.239.242.0/23
Signature Algorithm: sha256WithRSAEncryption
47:14:fd:7c:cf:de:93:17:f8:fd:70:34:05:ae:f8:ea:84:72:
5a:fb:3b:08:b5:34:34:cd:f9:c3:18:89:e0:e5:0c:ca:b9:8f:
c9:80:7f:93:22:7f:18:e1:5d:4b:16:b3:8f:0f:fc:ff:55:00:
c2:8a:77:f1:8d:eb:1a:15:89:d4:c7:5a:50:0b:fa:48:8f:4e:
ac:49:69:65:37:5c:f2:e4:26:b7:07:ed:7d:31:2b:f6:c4:b1:
d5:f4:3d:dc:b6:6e:e2:22:44:7d:e8:db:22:c3:20:15:28:64:
2a:f4:ee:c9:ba:72:46:52:fe:a4:86:a0:c4:97:50:91:22:43:
3c:f5:b0:1c:9d:19:7d:62:bc:15:9e:82:f1:62:05:cb:63:f0:
4c:b3:c3:35:ea:fa:1f:12:a5:42:f5:4b:6e:d8:f1:95:08:6c:
91:1a:53:0a:6a:98:27:b9:f9:72:06:48:b9:ff:39:02:01:f4:
85:5c:b4:16:61:a9:d7:7d:89:c9:d6:2a:48:06:cc:f1:ab:62:
6d:27:b0:7e:58:13:8d:d8:7d:8f:e7:43:4c:aa:1d:d3:49:6d:
39:45:36:56:18:37:8a:ad:9e:62:6e:91:04:e1:bc:d9:f5:74:
49:87:1a:51:5c:f4:23:8a:5a:8b:93:98:38:77:b3:6d:9c:3d:
a4:83:11:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaYBT6l/morVBH2XoxFB5FvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjI4MTIzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWE1YjdjZTMyODY5NDUzZTQwN2FmYmUwZTY5N2I4NDYyNzY4MDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA4hEOM5qDATKml4PrTB1xM4SJH0
y+5hz7TEcoBO7Kbd5Uk9Oo6LUuV+/nQqIwXV+lEoPM21ef3aC54CBTJ7wbN5z+0k
HnRG0NJWOy7+3CHPafahqTZT5L2DFI0wadSQkKloN7R/+fWzDqHZa8fk/DRibqgX
DTPh4wIKnfklOF67xBfbMrq8ZNud2X2A3rwqlRLdHlOG9kTvWTJa9+/rybLR/9s5
5t4x8TPOcYLomuS8lRf9uZOoTzngoHj68iY/Kgm0cXwqrOe2ulVsd5Zv7vDC3ClK
9YqduSI5xHJ5rlrBVWfxxX6hpxPvUiSGMaPbZ5fEVaOuxh8ajoO7qtS6zwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNGlt84yhpRT5Aevvg5pe4RidoCGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMGFXM3pqS0dsRlBrQjYtLURtbDdoR0oyZ0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjg4AwQC
AjqUAwQAJS6WAwQBue/yMA0GCSqGSIb3DQEBCwUAA4IBAQBHFP18z96TF/j9cDQF
rvjqhHJa+zsItTQ0zfnDGIng5QzKuY/JgH+TIn8Y4V1LFrOPD/z/VQDCinfxjesa
FYnUx1pQC/pIj06sSWllN1zy5Ca3B+19MSv2xLHV9D3ctm7iIkR96NsiwyAVKGQq
9O7JunJGUv6khqDEl1CRIkM89bAcnRl9YrwVnoLxYgXLY/BMs8M16vofEqVC9Utu
2PGVCGyRGlMKapgnuflyBki5/zkCAfSFXLQWYanXfYnJ1ipIBszxq2JtJ7B+WBON
2H2P50NMqh3TSW05RTZWGDeKrZ5ibpEE4bzZ9XRJhxpRXPQjilqLk5g4d7NtnD2k
gxEb
Generated at Tue Aug 1 05:24:36 2023 by rpki-client on console-fra.rpki-client.org