Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/250127-85d7-46b4-8865-bf0da5e8ce7f/1/2BrQqsLCRYLSU27_ikMZe4Ytb6E.roa
File: 2BrQqsLCRYLSU27_ikMZe4Ytb6E.roa (raw, json)
Hash identifier: AfMnth2FbwxYxW9srbRj1I3bAzrS/5mu2yG36vtJJnI=
Subject key identifier: D8:1A:D0:AA:C2:C2:45:82:D2:53:6E:FF:8A:43:19:7B:86:2D:6F:A1
Certificate issuer: /CN=4de70403c9d2d7962cf113d93c462f9493d87362
Certificate serial: 018572B4352F70EC50195A17588442BC8B9F
Authority key identifier: 4D:E7:04:03:C9:D2:D7:96:2C:F1:13:D9:3C:46:2F:94:93:D8:73:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TecEA8nS15Ys8RPZPEYvlJPYc2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/250127-85d7-46b4-8865-bf0da5e8ce7f/1/2BrQqsLCRYLSU27_ikMZe4Ytb6E.roa
Signing time: Mon 02 Jan 2023 13:38:10 +0000
ROA not before: Mon 02 Jan 2023 13:38:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25540
IP address blocks: 185.31.2.0/24 maxlen: 24
185.31.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:35:2f:70:ec:50:19:5a:17:58:84:42:bc:8b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4de70403c9d2d7962cf113d93c462f9493d87362
Validity
Not Before: Jan 2 13:38:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d81ad0aac2c24582d2536eff8a43197b862d6fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b7:fc:97:d7:3b:17:c8:7e:8d:a2:4e:52:e7:
bd:a2:08:44:bd:6e:32:3a:e1:9a:33:f1:4c:cb:a1:
63:de:b6:59:da:bc:04:89:a7:65:61:54:69:4b:0a:
da:2c:6c:f7:7e:01:d7:be:ec:56:f5:59:64:ae:ea:
6f:bd:65:d2:69:23:25:eb:a0:b3:a6:52:3e:f8:b8:
a1:e4:66:ce:06:f5:fc:1d:81:92:03:63:12:a3:0b:
b7:5c:12:c9:3a:10:d5:38:fd:63:6a:b0:5e:b6:78:
00:a0:4a:e8:b0:1b:da:d7:f4:96:c7:15:cf:b1:ac:
16:df:14:92:e7:8a:ff:78:16:db:e8:fb:f8:ed:c7:
7f:70:c8:fd:1a:f0:c9:84:00:a1:18:03:d2:ec:be:
f6:f1:8c:7e:f3:9a:a5:59:69:6b:26:b0:aa:17:9e:
ae:df:23:cd:59:bf:40:05:ee:b2:d6:b9:d8:c2:9f:
cb:09:27:ef:73:79:d6:43:f5:64:7d:c8:dc:e9:f0:
71:87:51:bf:1b:76:cb:a1:f3:1d:99:e8:c7:ce:cc:
3f:13:c6:24:ca:de:5d:31:a4:35:1c:df:9c:84:d8:
8e:6e:f1:5b:ae:37:8f:95:2f:ce:61:89:1d:36:04:
b8:20:f7:00:95:94:4c:69:41:22:8a:e0:34:a3:98:
77:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1A:D0:AA:C2:C2:45:82:D2:53:6E:FF:8A:43:19:7B:86:2D:6F:A1
X509v3 Authority Key Identifier:
keyid:4D:E7:04:03:C9:D2:D7:96:2C:F1:13:D9:3C:46:2F:94:93:D8:73:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TecEA8nS15Ys8RPZPEYvlJPYc2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/250127-85d7-46b4-8865-bf0da5e8ce7f/1/2BrQqsLCRYLSU27_ikMZe4Ytb6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/250127-85d7-46b4-8865-bf0da5e8ce7f/1/TecEA8nS15Ys8RPZPEYvlJPYc2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.0.0-185.31.2.255
Signature Algorithm: sha256WithRSAEncryption
0c:a0:ac:47:ba:06:3d:15:26:49:a6:31:f3:7e:d1:05:e9:15:
24:6f:75:4b:1c:17:0a:a7:49:33:8e:b5:54:91:89:48:9d:6b:
5d:9e:a3:1c:45:b5:e1:d6:fa:60:84:0e:3f:93:9b:51:f8:42:
be:af:a2:1c:91:7d:0d:ad:19:48:ea:a2:b5:a3:08:8f:e9:0f:
4c:04:1a:cf:12:69:cc:dc:bf:6d:31:84:b6:c8:d6:e6:61:f6:
73:ae:79:27:b7:3d:48:f1:1a:ec:d2:6b:b6:b5:a3:9b:ad:7f:
fa:54:3d:81:83:ef:6d:15:9c:7b:00:5f:02:7b:4d:73:0e:ff:
e0:a2:f7:04:0a:a3:d1:1f:63:3c:c4:ea:ce:40:53:c4:a5:79:
5c:37:ba:14:68:53:61:e8:1f:0c:bc:10:49:4d:e6:64:14:2b:
9c:80:46:1b:96:93:fb:96:31:20:b8:3d:fe:55:9f:3a:23:e2:
07:04:f7:77:57:db:49:0b:e3:f5:76:bc:75:21:68:ef:54:78:
52:a9:ed:64:52:01:15:9f:6f:93:18:1c:09:cf:63:4d:f3:ae:
32:cd:c9:5d:f4:f9:7d:63:5a:13:0f:f8:52:40:9c:3e:1f:16:
1d:e3:f8:53:71:05:a9:22:ec:bd:ce:cc:ab:db:78:55:20:64:
ce:b1:1c:81
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVytDUvcOxQGVoXWIRCvIufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZTcwNDAzYzlkMmQ3OTYyY2YxMTNkOTNjNDYyZjk0OTNk
ODczNjIwHhcNMjMwMTAyMTMzODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFhZDBhYWMyYzI0NTgyZDI1MzZlZmY4YTQzMTk3Yjg2MmQ2ZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7f8l9c7F8h+jaJOUue9oghEvW4y
OuGaM/FMy6Fj3rZZ2rwEiadlYVRpSwraLGz3fgHXvuxW9VlkrupvvWXSaSMl66Cz
plI++Lih5GbOBvX8HYGSA2MSowu3XBLJOhDVOP1jarBetngAoErosBva1/SWxxXP
sawW3xSS54r/eBbb6Pv47cd/cMj9GvDJhAChGAPS7L728Yx+85qlWWlrJrCqF56u
3yPNWb9ABe6y1rnYwp/LCSfvc3nWQ/Vkfcjc6fBxh1G/G3bLofMdmejHzsw/E8Yk
yt5dMaQ1HN+chNiObvFbrjePlS/OYYkdNgS4IPcAlZRMaUEiiuA0o5h3IQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFNga0KrCwkWC0lNu/4pDGXuGLW+hMB8GA1UdIwQY
MBaAFE3nBAPJ0teWLPET2TxGL5ST2HNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGVjRUE4blMxNVlzOFJQWlBFWXZsSlBZYzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yNTAxMjctODVkNy00NmI0LTg4NjUt
YmYwZGE1ZThjZTdmLzEvMkJyUXFzTENSWUxTVTI3X2lrTVplNFl0YjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yNTAxMjctODVkNy00NmI0LTg4NjUtYmYwZGE1ZThjZTdm
LzEvVGVjRUE4blMxNVlzOFJQWlBFWXZsSlBZYzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwC5HwME
ALkfAjANBgkqhkiG9w0BAQsFAAOCAQEADKCsR7oGPRUmSaYx837RBekVJG91SxwX
CqdJM461VJGJSJ1rXZ6jHEW14db6YIQOP5ObUfhCvq+iHJF9Da0ZSOqitaMIj+kP
TAQazxJpzNy/bTGEtsjW5mH2c655J7c9SPEa7NJrtrWjm61/+lQ9gYPvbRWcewBf
AntNcw7/4KL3BAqj0R9jPMTqzkBTxKV5XDe6FGhTYegfDLwQSU3mZBQrnIBGG5aT
+5YxILg9/lWfOiPiBwT3d1fbSQvj9Xa8dSFo71R4UqntZFIBFZ9vkxgcCc9jTfOu
Ms3JXfT5fWNaEw/4UkCcPh8WHeP4U3EFqSLsvc7Mq9t4VSBkzrEcgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org