Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1B7CpOkuneSw8AwmxxOVG7CoREc.roa
File: 1B7CpOkuneSw8AwmxxOVG7CoREc.roa (raw, json)
Hash identifier: p6TkuAgizbr03f/cBG1LWgBI0XOh/1bmHqpw16rm680=
Subject key identifier: D4:1E:C2:A4:E9:2E:9D:E4:B0:F0:0C:26:C7:13:95:1B:B0:A8:44:47
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01922F55DB252A8E08CAFA8C7B30576D37AB
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1B7CpOkuneSw8AwmxxOVG7CoREc.roa
Signing time: Thu 26 Sep 2024 17:16:48 +0000
ROA not before: Thu 26 Sep 2024 17:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 2.58.235.0/24 maxlen: 24
45.9.152.0/22 maxlen: 24
185.238.142.0/24 maxlen: 24
213.109.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 09:25:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2f:55:db:25:2a:8e:08:ca:fa:8c:7b:30:57:6d:37:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Sep 26 17:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d41ec2a4e92e9de4b0f00c26c713951bb0a84447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:8f:5c:f9:5d:ca:08:07:e0:02:a5:c3:48:36:
d4:9e:a9:e8:95:0c:25:ed:d2:84:9d:21:ba:65:98:
a1:4e:4e:d6:a9:57:de:b2:61:28:71:3c:48:73:a4:
d0:6f:6c:6d:a0:5f:90:30:d9:b9:21:dd:fd:28:7b:
b4:31:d2:31:7a:4a:7a:cd:4d:34:19:e6:48:69:c8:
a9:d9:90:84:d4:c8:3b:6a:2d:d0:24:4d:91:77:32:
2a:14:42:38:23:0d:58:2d:95:70:75:00:69:75:41:
8b:7c:61:7e:ee:de:c2:41:06:f4:4c:f1:46:1d:db:
02:ca:2f:a9:de:17:45:33:99:94:6f:37:9a:05:41:
29:4d:8c:f4:ff:2d:e3:8c:9c:4b:06:1a:81:a5:dc:
34:5b:b1:76:bb:a2:8e:9e:66:7e:c8:bf:d3:93:97:
c4:0f:75:d1:9f:db:dc:1c:ea:22:53:8f:85:6c:08:
96:fc:6a:28:bd:3e:83:10:a2:ae:1c:97:5b:71:0e:
00:59:3f:ef:fb:e8:78:0c:b3:f4:a2:fe:ab:e6:58:
aa:ca:9e:ec:9f:33:3e:31:03:3a:89:eb:89:fa:0a:
ab:98:48:1c:36:b8:fb:01:f3:d7:06:f7:4b:97:d9:
39:22:fc:54:17:8f:ee:dd:2b:ed:10:27:b8:68:a9:
c7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:1E:C2:A4:E9:2E:9D:E4:B0:F0:0C:26:C7:13:95:1B:B0:A8:44:47
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1B7CpOkuneSw8AwmxxOVG7CoREc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.235.0/24
45.9.152.0/22
185.238.142.0/24
213.109.155.0/24
Signature Algorithm: sha256WithRSAEncryption
83:52:90:8c:27:c5:d8:f4:65:36:6f:56:4e:7f:fe:4e:96:fc:
4a:f1:06:33:c0:e9:a1:40:43:b9:fd:d7:47:87:36:2c:d7:67:
dc:25:48:39:93:89:a6:26:40:cf:c9:45:a7:6e:37:64:81:91:
8d:52:5e:07:dd:9f:8c:cf:32:41:3b:84:59:ba:1d:88:f4:0c:
60:9d:b3:4e:f2:81:b2:aa:f6:62:44:08:3c:0e:2b:00:4d:d2:
82:1c:2a:9c:30:ee:44:4e:c3:ca:44:44:62:4e:1b:8f:6d:e4:
48:03:99:1f:35:70:10:51:4f:d3:b7:fd:87:ee:08:88:cb:fe:
2c:f6:7d:f0:1d:ab:72:87:41:ce:08:2c:58:62:19:1a:e3:65:
3b:c1:c5:5f:2f:af:46:67:ef:e9:ba:2c:c6:ba:3c:cb:9b:6e:
01:aa:3e:c1:8b:1e:fd:ad:cf:55:cb:80:ec:45:e9:37:d9:f1:
45:ce:da:5f:dd:8a:e5:ce:3b:e6:8a:b0:56:d5:a2:8c:c5:e8:
ff:a0:d8:c1:7c:12:3f:d0:2d:b4:2e:52:56:a5:a5:cd:5f:54:
fc:1d:f4:c9:7c:1e:be:90:e2:4d:6e:b8:84:03:bb:18:85:46:
90:a3:f9:90:7c:28:f0:03:f4:1f:a5:2b:70:5b:6f:b5:dd:40:
82:5f:82:b8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZIvVdslKo4IyvqMezBXbTerMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQwOTI2MTcxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDFlYzJhNGU5MmU5ZGU0YjBmMDBjMjZjNzEzOTUxYmIwYTg0NDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2I9c+V3KCAfgAqXDSDbUnqnolQwl
7dKEnSG6ZZihTk7WqVfesmEocTxIc6TQb2xtoF+QMNm5Id39KHu0MdIxekp6zU00
GeZIacip2ZCE1Mg7ai3QJE2RdzIqFEI4Iw1YLZVwdQBpdUGLfGF+7t7CQQb0TPFG
HdsCyi+p3hdFM5mUbzeaBUEpTYz0/y3jjJxLBhqBpdw0W7F2u6KOnmZ+yL/Tk5fE
D3XRn9vcHOoiU4+FbAiW/GoovT6DEKKuHJdbcQ4AWT/v++h4DLP0ov6r5liqyp7s
nzM+MQM6ieuJ+gqrmEgcNrj7AfPXBvdLl9k5IvxUF4/u3SvtECe4aKnHWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNQewqTpLp3ksPAMJscTlRuwqERHMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvMUI3Q3BPa3VuZVN3OEF3bXh4T1ZHN0NvUkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjrrAwQC
LQmYAwQAue6OAwQA1W2bMA0GCSqGSIb3DQEBCwUAA4IBAQCDUpCMJ8XY9GU2b1ZO
f/5OlvxK8QYzwOmhQEO5/ddHhzYs12fcJUg5k4mmJkDPyUWnbjdkgZGNUl4H3Z+M
zzJBO4RZuh2I9AxgnbNO8oGyqvZiRAg8DisATdKCHCqcMO5ETsPKRERiThuPbeRI
A5kfNXAQUU/Tt/2H7giIy/4s9n3wHatyh0HOCCxYYhka42U7wcVfL69GZ+/puizG
ujzLm24Bqj7Bix79rc9Vy4DsRek32fFFztpf3YrlzjvmirBW1aKMxej/oNjBfBI/
0C20LlJWpaXNX1T8HfTJfB6+kOJNbriEA7sYhUaQo/mQfCjwA/QfpStwW2+13UCC
X4K4
-----END CERTIFICATE-----
Generated at Wed Oct 16 13:21:10 2024 by rpki-client on console-ams.rpki-client.org