Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/dd00c1-728a-4abb-8cc2-c9640d250afc/1/2CpbqNFi-uqL07QN7ltgy6_6A4Y.roa
File: 2CpbqNFi-uqL07QN7ltgy6_6A4Y.roa (raw, json)
Hash identifier: 2q104Ws74kObIQDJ0doaZLPSV/gkF8uwwmO4BQf//G8=
Subject key identifier: D8:2A:5B:A8:D1:62:FA:EA:8B:D3:B4:0D:EE:5B:60:CB:AF:FA:03:86
Certificate issuer: /CN=5a5d45654fa597d3522eda168839193ebe782eef
Certificate serial: 01888A3B24FC5EBF1411F068ABC33A6E7D7A
Authority key identifier: 5A:5D:45:65:4F:A5:97:D3:52:2E:DA:16:88:39:19:3E:BE:78:2E:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl1FZU-ll9NSLtoWiDkZPr54Lu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/dd00c1-728a-4abb-8cc2-c9640d250afc/1/2CpbqNFi-uqL07QN7ltgy6_6A4Y.roa
Signing time: Mon 05 Jun 2023 06:25:11 +0000
ROA not before: Mon 05 Jun 2023 06:25:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39078
IP address blocks: 217.68.32.0/20 maxlen: 20
81.25.80.0/21 maxlen: 21
2a06:3640::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:3b:24:fc:5e:bf:14:11:f0:68:ab:c3:3a:6e:7d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5d45654fa597d3522eda168839193ebe782eef
Validity
Not Before: Jun 5 06:25:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d82a5ba8d162faea8bd3b40dee5b60cbaffa0386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bb:bf:52:da:9f:78:80:c6:f8:c1:94:f3:7d:
1e:61:8c:1d:0b:1b:de:a0:dc:cd:90:dd:2b:9a:f7:
c7:4e:55:87:e9:90:18:33:1f:09:58:d1:38:96:2a:
82:bc:d6:da:3f:dd:da:65:76:e1:96:17:a7:27:f5:
ab:db:75:23:1e:a1:90:6b:14:49:d1:f6:31:90:d7:
71:c5:92:7c:a1:eb:74:e1:51:5c:46:0f:3f:68:cb:
8e:82:4b:60:75:b2:2d:46:46:10:7e:d3:0a:be:2b:
4a:90:8e:36:f4:a1:d1:c9:42:b2:c7:ae:6e:49:3f:
98:42:71:a5:1e:5b:52:6b:53:6f:77:bf:6c:d7:cf:
5e:18:12:b5:9a:39:3a:ba:e5:79:c5:d8:9d:78:ea:
74:5d:7b:a8:ed:d9:3a:ca:ce:a5:35:52:7c:0b:f6:
b0:38:cb:11:1a:74:16:87:7b:cd:d1:ed:be:9a:b3:
35:4d:79:96:28:50:45:0c:7a:1a:8a:9f:6f:c9:33:
fe:c8:82:b5:e2:83:a5:e5:da:15:ae:72:55:57:6c:
33:3a:32:63:7d:63:91:eb:f1:ca:21:ff:b5:f3:00:
ac:95:c6:6a:29:2a:00:5f:fb:b9:58:b4:aa:30:2a:
a9:d3:b8:ab:27:a7:ac:70:a8:1a:f4:ae:99:2c:aa:
0c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:2A:5B:A8:D1:62:FA:EA:8B:D3:B4:0D:EE:5B:60:CB:AF:FA:03:86
X509v3 Authority Key Identifier:
keyid:5A:5D:45:65:4F:A5:97:D3:52:2E:DA:16:88:39:19:3E:BE:78:2E:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl1FZU-ll9NSLtoWiDkZPr54Lu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/dd00c1-728a-4abb-8cc2-c9640d250afc/1/2CpbqNFi-uqL07QN7ltgy6_6A4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/dd00c1-728a-4abb-8cc2-c9640d250afc/1/Wl1FZU-ll9NSLtoWiDkZPr54Lu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.80.0/21
217.68.32.0/20
IPv6:
2a06:3640::/29
Signature Algorithm: sha256WithRSAEncryption
5e:a2:96:46:9a:cf:ee:f0:71:b3:59:da:9a:d9:06:64:02:09:
6a:75:84:e9:e0:b1:cc:28:d3:3b:11:03:99:c5:0f:ec:ea:b3:
db:8d:ba:60:36:e2:56:8b:f5:54:07:8d:65:58:19:55:b2:85:
5c:00:f6:e5:46:22:c6:4c:47:60:9a:75:e4:a8:c6:43:ef:7b:
92:e6:5d:72:22:07:c2:7f:a5:5c:f9:12:6d:02:71:bd:89:c2:
81:85:c2:2a:1f:19:86:1f:49:84:04:c6:ce:a3:6d:29:b2:d9:
51:32:36:f4:0d:80:f4:dc:4b:1f:69:49:c4:e9:4c:cd:d5:1d:
7d:08:d0:91:30:64:f6:2e:d7:4d:00:e7:09:1e:78:9f:7c:d7:
0f:eb:b4:f6:d6:4f:a7:93:02:a3:5b:02:62:11:50:e1:4b:ab:
a2:3b:c4:c6:06:04:9b:ca:4d:4b:14:7c:a5:7f:53:3c:50:5d:
55:8a:e4:eb:f9:f9:63:7a:83:ef:0d:12:6d:f0:98:d7:80:9c:
5c:e8:c0:40:95:c4:9d:46:db:21:40:b6:04:33:40:e4:99:02:
51:49:38:76:5e:7a:84:27:e7:fd:17:cd:8e:29:65:83:38:14:
9e:ed:e4:be:ef:fc:f8:72:8c:23:d8:78:64:9f:ee:24:09:40:
dc:38:41:9e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYiKOyT8Xr8UEfBoq8M6bn16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWQ0NTY1NGZhNTk3ZDM1MjJlZGExNjg4MzkxOTNlYmU3
ODJlZWYwHhcNMjMwNjA1MDYyNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODJhNWJhOGQxNjJmYWVhOGJkM2I0MGRlZTViNjBjYmFmZmEwMzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7u/UtqfeIDG+MGU830eYYwdCxve
oNzNkN0rmvfHTlWH6ZAYMx8JWNE4liqCvNbaP93aZXbhlhenJ/Wr23UjHqGQaxRJ
0fYxkNdxxZJ8oet04VFcRg8/aMuOgktgdbItRkYQftMKvitKkI429KHRyUKyx65u
ST+YQnGlHltSa1Nvd79s189eGBK1mjk6uuV5xdideOp0XXuo7dk6ys6lNVJ8C/aw
OMsRGnQWh3vN0e2+mrM1TXmWKFBFDHoaip9vyTP+yIK14oOl5doVrnJVV2wzOjJj
fWOR6/HKIf+18wCslcZqKSoAX/u5WLSqMCqp07irJ6escKga9K6ZLKoMgwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNgqW6jRYvrqi9O0De5bYMuv+gOGMB8GA1UdIwQY
MBaAFFpdRWVPpZfTUi7aFog5GT6+eC7vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2wxRlpVLWxsOU5TTHRvV2lEa1pQcjU0THU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kZDAwYzEtNzI4YS00YWJiLThjYzIt
Yzk2NDBkMjUwYWZjLzEvMkNwYnFORmktdXFMMDdRTjdsdGd5Nl82QTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kZDAwYzEtNzI4YS00YWJiLThjYzItYzk2NDBkMjUwYWZj
LzEvV2wxRlpVLWxsOU5TTHRvV2lEa1pQcjU0THU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDURlQAwQE
2UQgMA0EAgACMAcDBQMqBjZAMA0GCSqGSIb3DQEBCwUAA4IBAQBeopZGms/u8HGz
Wdqa2QZkAglqdYTp4LHMKNM7EQOZxQ/s6rPbjbpgNuJWi/VUB41lWBlVsoVcAPbl
RiLGTEdgmnXkqMZD73uS5l1yIgfCf6Vc+RJtAnG9icKBhcIqHxmGH0mEBMbOo20p
stlRMjb0DYD03EsfaUnE6UzN1R19CNCRMGT2LtdNAOcJHniffNcP67T21k+nkwKj
WwJiEVDhS6uiO8TGBgSbyk1LFHylf1M8UF1ViuTr+fljeoPvDRJt8JjXgJxc6MBA
lcSdRtshQLYEM0DkmQJRSTh2XnqEJ+f9F82OKWWDOBSe7eS+7/z4cowj2Hhkn+4k
CUDcOEGe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:10 2024 by rpki-client on console-fra.rpki-client.org