Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/dndRFgz9hqYcmkHvpYT8QrT01bw.roa
File: dndRFgz9hqYcmkHvpYT8QrT01bw.roa (raw, json)
Hash identifier: R+ptyt/e21B3qCKuqcKs4XVThDkQY9QFccf+Ywk5Lgw=
Subject key identifier: 76:77:51:16:0C:FD:86:A6:1C:9A:41:EF:A5:84:FC:42:B4:F4:D5:BC
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018CC56E056F8F6920ECB1212EB5D93537B0
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/dndRFgz9hqYcmkHvpYT8QrT01bw.roa
Signing time: Mon 01 Jan 2024 14:29:31 +0000
ROA not before: Mon 01 Jan 2024 14:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212669
IP address blocks: 2.58.232.0/22 maxlen: 22
178.239.30.0/23 maxlen: 23
37.44.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 10:52:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:05:6f:8f:69:20:ec:b1:21:2e:b5:d9:35:37:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 1 14:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=767751160cfd86a61c9a41efa584fc42b4f4d5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b4:3d:b4:33:4a:f0:74:26:f5:ca:fc:7f:61:
2f:58:51:a2:3a:f9:98:14:3f:bb:63:db:dd:73:2e:
51:96:2e:17:87:cd:1e:20:57:6e:d1:99:a1:e7:08:
5b:43:23:ef:76:df:7f:40:01:a1:aa:51:df:3a:bf:
81:a7:ff:d9:dc:66:a2:ed:99:eb:54:6c:6f:5f:59:
ab:38:74:ed:09:f4:b8:2b:64:36:42:c4:c2:5a:e4:
98:32:48:bb:68:1f:d2:4c:53:31:de:bd:5b:ba:58:
ef:09:3a:c3:d2:a7:87:39:11:b3:e7:1e:1b:b7:69:
2f:93:50:38:52:76:49:28:db:5a:44:60:d3:49:db:
ef:0f:7e:f8:08:31:a0:6d:ce:65:c6:36:fd:ec:9f:
73:86:b5:df:a5:ae:92:2a:73:1c:ee:80:c4:42:fe:
58:73:c5:60:b4:86:c7:24:d3:f9:5a:c8:c7:40:ba:
f6:40:a7:14:c2:ff:f5:d0:e1:f4:70:0f:ee:76:47:
99:7c:d5:f0:c4:f4:3b:6f:56:73:0f:2c:c3:43:a7:
ee:56:8d:d8:62:df:f7:4b:46:89:17:c5:5d:36:7a:
7a:ee:20:4f:f2:84:db:01:d0:77:ab:1c:e5:db:30:
6c:cc:b0:c3:ac:c7:e0:38:0b:a1:58:88:3f:1a:51:
55:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:77:51:16:0C:FD:86:A6:1C:9A:41:EF:A5:84:FC:42:B4:F4:D5:BC
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/dndRFgz9hqYcmkHvpYT8QrT01bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.232.0/22
37.44.212.0/24
178.239.30.0/23
Signature Algorithm: sha256WithRSAEncryption
39:c4:60:03:46:5e:c0:91:f8:cb:82:2c:44:0b:e9:7a:b7:ca:
32:9b:b1:5a:ed:5a:f3:d0:db:c9:ad:45:87:ba:c0:04:f0:f1:
04:e3:08:e5:5e:96:db:1d:a1:fa:5a:40:46:dc:e2:9b:b3:80:
ee:92:e1:bb:d1:4a:d9:6b:f2:55:47:45:4a:ef:38:d7:38:03:
1c:d4:36:9b:d5:a3:73:75:9f:2b:8a:4c:cc:1c:87:ad:e1:b5:
ee:8f:e2:52:31:87:ac:17:fa:0e:65:3e:a6:e0:a8:b1:37:23:
60:ce:29:e3:3c:43:da:10:dc:fe:5b:9b:62:b7:71:37:90:ab:
a8:55:52:e7:87:8f:b3:8f:2a:cd:25:94:a0:b1:1e:9a:c9:50:
7b:f2:1a:91:b2:22:3c:c0:9d:54:dd:58:c2:ca:e0:54:1f:3f:
7c:b1:f0:c6:77:2a:b9:42:92:9d:03:28:4a:d7:a7:fc:6b:e3:
4b:40:49:1d:60:ec:dd:e3:76:3a:b1:05:79:ec:bc:1b:02:9e:
6b:70:e3:56:73:d0:a4:ff:17:26:75:a5:6d:f7:46:70:7c:09:
e6:a4:09:35:cf:6f:04:86:cf:94:80:4f:a6:28:f8:e4:ef:79:
37:5c:ce:f5:25:10:02:52:8e:88:93:c4:53:81:3f:3a:90:09:
a1:f3:79:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbgVvj2kg7LEhLrXZNTewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQwMTAxMTQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njc3NTExNjBjZmQ4NmE2MWM5YTQxZWZhNTg0ZmM0MmI0ZjRkNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rQ9tDNK8HQm9cr8f2EvWFGiOvmY
FD+7Y9vdcy5Rli4Xh80eIFdu0Zmh5whbQyPvdt9/QAGhqlHfOr+Bp//Z3Gai7Znr
VGxvX1mrOHTtCfS4K2Q2QsTCWuSYMki7aB/STFMx3r1buljvCTrD0qeHORGz5x4b
t2kvk1A4UnZJKNtaRGDTSdvvD374CDGgbc5lxjb97J9zhrXfpa6SKnMc7oDEQv5Y
c8VgtIbHJNP5WsjHQLr2QKcUwv/10OH0cA/udkeZfNXwxPQ7b1ZzDyzDQ6fuVo3Y
Yt/3S0aJF8VdNnp67iBP8oTbAdB3qxzl2zBszLDDrMfgOAuhWIg/GlFVPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHZ3URYM/YamHJpB76WE/EK09NW8MB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvZG5kUkZnejlocVljbWtIdnBZVDhRclQwMWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjroAwQA
JSzUAwQBsu8eMA0GCSqGSIb3DQEBCwUAA4IBAQA5xGADRl7AkfjLgixEC+l6t8oy
m7Fa7Vrz0NvJrUWHusAE8PEE4wjlXpbbHaH6WkBG3OKbs4DukuG70UrZa/JVR0VK
7zjXOAMc1Dab1aNzdZ8rikzMHIet4bXuj+JSMYesF/oOZT6m4KixNyNgzinjPEPa
ENz+W5tit3E3kKuoVVLnh4+zjyrNJZSgsR6ayVB78hqRsiI8wJ1U3VjCyuBUHz98
sfDGdyq5QpKdAyhK16f8a+NLQEkdYOzd43Y6sQV57LwbAp5rcONWc9Ck/xcmdaVt
90ZwfAnmpAk1z28Ehs+UgE+mKPjk73k3XM71JRACUo6Ik8RTgT86kAmh83l2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org