Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/2q1h_DZtyKi8FioTDvxb6RfgkiA.roa
File: 2q1h_DZtyKi8FioTDvxb6RfgkiA.roa (raw, json)
Hash identifier: B0IrRz5N2QoBxh8Y1aWKZ3NwY+gtK+FT6Zi7CYcmRw8=
Subject key identifier: DA:AD:61:FC:36:6D:C8:A8:BC:16:2A:13:0E:FC:5B:E9:17:E0:92:20
Certificate issuer: /CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278
Certificate serial: 01856F3916E1D849AEC449890192A0E13722
Authority key identifier: B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/2q1h_DZtyKi8FioTDvxb6RfgkiA.roa
Signing time: Sun 01 Jan 2023 21:24:50 +0000
ROA not before: Sun 01 Jan 2023 21:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62033
IP address blocks: 185.127.129.0/24 maxlen: 24
45.132.34.0/24 maxlen: 24
2a10:5d80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:16:e1:d8:49:ae:c4:49:89:01:92:a0:e1:37:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278
Validity
Not Before: Jan 1 21:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daad61fc366dc8a8bc162a130efc5be917e09220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:be:41:6a:36:57:ba:96:da:f7:dd:26:3f:fe:
cf:6b:69:26:e5:40:05:1e:3f:85:6c:c4:0c:41:a0:
7d:ab:a7:c5:5d:c2:5b:89:db:de:4d:88:86:73:88:
5e:a9:c7:69:6a:c5:17:4e:b8:99:58:e5:10:76:64:
de:e7:78:13:1d:72:b4:79:6d:61:cc:ec:ee:f9:88:
af:de:e7:92:0a:c7:c1:6b:c7:1b:ac:31:d2:fd:ae:
0c:38:c3:35:04:25:a6:2a:7f:92:98:6a:67:1c:27:
a8:e8:ef:c3:65:49:9d:49:40:0b:5b:19:04:db:97:
67:36:14:23:1e:c1:25:7a:87:f9:80:9c:f4:54:df:
6a:8d:3a:38:8f:04:b3:8e:44:28:39:c9:ca:13:56:
8b:a6:36:28:b9:e4:2a:56:f3:31:99:ed:53:d5:0b:
6d:ae:19:cf:9b:d3:e7:02:db:3a:9d:d5:3c:21:7f:
4e:6d:5f:c7:be:2d:12:6a:a4:3a:58:ef:8e:47:43:
f1:09:b3:93:65:f2:fd:04:28:95:0a:46:21:7b:8b:
49:a5:08:73:1c:66:ef:21:6c:9a:c6:58:18:96:69:
d1:f2:cd:17:a2:85:3a:e0:50:17:55:48:1b:24:0d:
d6:3a:b6:7c:81:97:56:96:89:39:ef:f9:26:24:64:
bc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AD:61:FC:36:6D:C8:A8:BC:16:2A:13:0E:FC:5B:E9:17:E0:92:20
X509v3 Authority Key Identifier:
keyid:B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/2q1h_DZtyKi8FioTDvxb6RfgkiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.34.0/24
185.127.129.0/24
IPv6:
2a10:5d80:1::/48
Signature Algorithm: sha256WithRSAEncryption
96:5d:88:9a:aa:5b:ca:44:3c:50:6a:85:39:1d:da:9b:2a:11:
ce:8a:72:d0:3e:0a:55:de:b6:46:a1:14:c5:a4:65:b2:74:32:
ed:53:5a:6e:da:9f:cd:f9:54:7e:ba:d2:eb:33:de:7c:ea:33:
ab:b4:2b:9f:4f:fd:ff:22:e2:2a:70:63:d1:ba:92:3b:1e:e5:
bc:40:15:6c:a4:0d:1c:de:fb:a3:77:f5:ed:a6:d7:b4:83:ca:
33:6f:c5:a4:1b:5a:06:a6:6a:09:bc:06:8a:ed:19:40:e4:95:
55:76:a3:e9:c2:db:e5:52:18:9d:2d:80:fa:ec:18:94:aa:b4:
47:5a:09:e4:9d:7c:19:55:69:6e:35:0f:81:30:3f:88:0d:0f:
44:5e:65:cf:aa:55:cd:07:3d:d7:6d:cb:88:e4:45:be:e3:6d:
54:cb:6b:57:61:29:47:f3:de:61:31:3e:00:a3:27:85:d5:3a:
1e:e5:32:da:77:09:61:da:32:a0:56:c1:f2:6e:18:6b:21:07:
1f:95:48:7f:17:7a:24:61:fa:53:80:90:2a:0c:ba:59:94:6d:
76:f2:68:5b:d1:52:13:83:08:ca:95:ed:f1:3d:d6:f2:8e:41:
0a:c9:27:82:02:5f:67:f8:e3:d2:64:95:73:18:71:ca:d1:8a:
37:6a:de:85
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvORbh2EmuxEmJAZKg4TciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWIwYzhhNzU4OTNhNGY4ZTFlZjBkOWE0ZDQxNDc4ZDhi
MzMyNzgwHhcNMjMwMTAxMjEyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFkNjFmYzM2NmRjOGE4YmMxNjJhMTMwZWZjNWJlOTE3ZTA5MjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAib5BajZXupba990mP/7Pa2km5UAF
Hj+FbMQMQaB9q6fFXcJbidveTYiGc4heqcdpasUXTriZWOUQdmTe53gTHXK0eW1h
zOzu+Yiv3ueSCsfBa8cbrDHS/a4MOMM1BCWmKn+SmGpnHCeo6O/DZUmdSUALWxkE
25dnNhQjHsEleof5gJz0VN9qjTo4jwSzjkQoOcnKE1aLpjYoueQqVvMxme1T1Qtt
rhnPm9PnAts6ndU8IX9ObV/Hvi0SaqQ6WO+OR0PxCbOTZfL9BCiVCkYhe4tJpQhz
HGbvIWyaxlgYlmnR8s0XooU64FAXVUgbJA3WOrZ8gZdWlok57/kmJGS8DwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNqtYfw2bciovBYqEw78W+kX4JIgMB8GA1UdIwQY
MBaAFLhbDIp1iTpPjh7w2aTUFHjYszJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMt
MzA1ZDQxZDUzYTY1LzEvMnExaF9EWnR5S2k4RmlvVER2eGI2UmZna2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMtMzA1ZDQxZDUzYTY1
LzEvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALYQiAwQA
uX+BMA8EAgACMAkDBwAqEF2AAAEwDQYJKoZIhvcNAQELBQADggEBAJZdiJqqW8pE
PFBqhTkd2psqEc6KctA+ClXetkahFMWkZbJ0Mu1TWm7an835VH660usz3nzqM6u0
K59P/f8i4ipwY9G6kjse5bxAFWykDRze+6N39e2m17SDyjNvxaQbWgamagm8Bort
GUDklVV2o+nC2+VSGJ0tgPrsGJSqtEdaCeSdfBlVaW41D4EwP4gND0ReZc+qVc0H
Pddty4jkRb7jbVTLa1dhKUfz3mExPgCjJ4XVOh7lMtp3CWHaMqBWwfJuGGshBx+V
SH8XeiRh+lOAkCoMulmUbXbyaFvRUhODCMqV7fE91vKOQQrJJ4ICX2f449JklXMY
ccrRijdq3oU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:56 2024 by rpki-client on console-fra.rpki-client.org