Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/58vdCEzo3H2yXv8o65Ib53gmeoc.roa
File: 58vdCEzo3H2yXv8o65Ib53gmeoc.roa (raw, json)
Hash identifier: AwkLo8p0JakhNy56o/FBHtHhzXCWh3xThuWzMd2mlGw=
Subject key identifier: E7:CB:DD:08:4C:E8:DC:7D:B2:5E:FF:28:EB:92:1B:E7:78:26:7A:87
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018944FC986F0939241210AAD189BFBE4117
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/58vdCEzo3H2yXv8o65Ib53gmeoc.roa
Signing time: Tue 11 Jul 2023 12:45:51 +0000
ROA not before: Tue 11 Jul 2023 12:45:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 220.158.199.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:fc:98:6f:09:39:24:12:10:aa:d1:89:bf:be:41:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 11 12:45:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7cbdd084ce8dc7db25eff28eb921be778267a87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c7:82:36:0c:9b:e2:54:73:a3:b8:bb:66:a9:
54:39:b6:16:c2:e7:1f:5a:74:24:19:00:d5:50:da:
8c:63:67:eb:0a:08:7b:f3:95:20:29:86:f0:dc:02:
ee:19:d3:8e:58:e5:09:1f:cd:bc:56:95:85:0a:53:
e0:cd:0c:bf:a9:fd:f9:18:4e:74:d2:c7:48:dd:e0:
2a:01:13:ac:05:65:2b:50:6e:c8:49:cf:ad:12:2a:
2d:13:df:e8:cf:d6:d9:ed:9d:2a:ba:4f:56:1f:cd:
ac:46:05:62:52:7f:fa:dd:28:99:93:4f:f6:ff:90:
75:85:d5:a3:29:c0:1b:ec:fc:83:87:57:55:6a:7f:
fc:1f:8d:88:77:d7:87:46:c0:dd:ef:06:58:94:b6:
30:9f:ca:ef:5d:f3:88:27:f7:30:bd:fa:2a:4e:73:
f7:a7:3e:96:07:49:04:9a:93:d9:21:ed:11:3e:57:
22:1d:55:8e:92:5b:11:b6:cf:a6:2f:e7:10:36:38:
26:aa:b8:3f:03:72:3f:69:cc:37:c0:9e:c7:e3:a2:
26:46:36:de:ca:1f:03:dd:8c:65:5b:1f:90:81:56:
00:dd:fa:6f:b9:73:a7:d9:9a:2b:64:49:0b:d6:ff:
20:0f:b5:20:6a:6f:b4:9e:11:6b:84:25:ee:0e:ea:
92:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CB:DD:08:4C:E8:DC:7D:B2:5E:FF:28:EB:92:1B:E7:78:26:7A:87
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/58vdCEzo3H2yXv8o65Ib53gmeoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.108.0/24
220.158.199.0/24
Signature Algorithm: sha256WithRSAEncryption
35:85:3c:03:ca:7f:47:fc:27:1e:45:f0:1c:07:1d:6a:b3:db:
85:7c:93:86:11:20:94:41:c9:c6:11:5c:61:21:2b:ff:71:91:
12:26:34:b3:06:a0:1c:25:e6:4e:55:28:04:f0:63:2d:95:1e:
ac:16:6b:0a:74:c4:93:b3:51:60:b3:02:93:bd:05:c0:a9:e5:
a0:76:b4:f4:f4:a2:b3:33:29:d6:15:38:82:7a:8a:07:1c:e7:
15:f1:5d:84:4e:86:ed:18:02:bd:3e:12:a0:64:33:9c:49:ed:
3f:ec:f0:25:9f:83:28:6e:ce:82:17:82:3f:e3:d3:c5:db:70:
cf:15:64:0d:f9:84:c1:e0:a4:62:32:91:5f:aa:39:8a:7f:0d:
e2:3f:e4:d0:8c:b5:8b:35:4d:cf:be:ed:0f:d5:58:f8:4f:7b:
bd:e4:bb:1e:70:41:8e:9d:85:b2:66:4b:4a:91:f3:c3:df:8c:
8d:dd:a8:8e:67:cb:05:8d:30:c5:f6:dd:61:4c:83:ca:eb:55:
4a:02:04:62:d8:c9:38:5b:96:2c:eb:f8:c8:2a:9b:f9:02:34:
90:de:4f:e9:33:0f:ec:cb:17:87:55:82:cf:e2:bd:32:59:6d:
f6:80:93:d0:f5:f2:fa:4e:4d:5e:77:a9:19:8c:2e:02:58:79:
ae:c7:c0:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlE/JhvCTkkEhCq0Ym/vkEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzExMTI0NTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2NiZGQwODRjZThkYzdkYjI1ZWZmMjhlYjkyMWJlNzc4MjY3YTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkceCNgyb4lRzo7i7ZqlUObYWwucf
WnQkGQDVUNqMY2frCgh785UgKYbw3ALuGdOOWOUJH828VpWFClPgzQy/qf35GE50
0sdI3eAqAROsBWUrUG7ISc+tEiotE9/oz9bZ7Z0quk9WH82sRgViUn/63SiZk0/2
/5B1hdWjKcAb7PyDh1dVan/8H42Id9eHRsDd7wZYlLYwn8rvXfOIJ/cwvfoqTnP3
pz6WB0kEmpPZIe0RPlciHVWOklsRts+mL+cQNjgmqrg/A3I/acw3wJ7H46ImRjbe
yh8D3YxlWx+QgVYA3fpvuXOn2ZorZEkL1v8gD7Ugam+0nhFrhCXuDuqSAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOfL3QhM6Nx9sl7/KOuSG+d4JnqHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNTh2ZENFem8zSDJ5WHY4bzY1SWI1M2dtZW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA
3J7HMA0GCSqGSIb3DQEBCwUAA4IBAQA1hTwDyn9H/CceRfAcBx1qs9uFfJOGESCU
QcnGEVxhISv/cZESJjSzBqAcJeZOVSgE8GMtlR6sFmsKdMSTs1FgswKTvQXAqeWg
drT09KKzMynWFTiCeooHHOcV8V2ETobtGAK9PhKgZDOcSe0/7PAln4Mobs6CF4I/
49PF23DPFWQN+YTB4KRiMpFfqjmKfw3iP+TQjLWLNU3Pvu0P1Vj4T3u95LsecEGO
nYWyZktKkfPD34yN3aiOZ8sFjTDF9t1hTIPK61VKAgRi2Mk4W5Ys6/jIKpv5AjSQ
3k/pMw/syxeHVYLP4r0yWW32gJPQ9fL6Tk1ed6kZjC4CWHmux8DI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org