Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2tQXTUZXhhpXesqSVc0dbBozXNQ.roa
File: 2tQXTUZXhhpXesqSVc0dbBozXNQ.roa (raw, json)
Hash identifier: WJnjsAcU6VyIU2tjRSx/1iTnW3GRPPwBhFl/bCotkzA=
Subject key identifier: DA:D4:17:4D:46:57:86:1A:57:7A:CA:92:55:CD:1D:6C:1A:33:5C:D4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D1BBC2602847BA40C5387A76B6F4BD2E7
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2tQXTUZXhhpXesqSVc0dbBozXNQ.roa
Signing time: Thu 18 Jan 2024 08:42:11 +0000
ROA not before: Thu 18 Jan 2024 08:42:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26042
IP address blocks: 185.230.65.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
194.76.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 10:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:bc:26:02:84:7b:a4:0c:53:87:a7:6b:6f:4b:d2:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 18 08:42:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dad4174d4657861a577aca9255cd1d6c1a335cd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4f:f3:63:99:84:8b:8c:54:91:05:5c:d0:02:
12:b2:b4:74:c4:b4:ed:3c:ce:c5:33:19:e6:f2:be:
d5:1b:91:3a:09:f9:a0:70:e9:d2:24:21:a7:e7:e5:
0b:ea:11:c4:61:0b:65:3b:a0:45:88:59:0f:a3:c1:
ae:ac:1c:2f:d8:fc:36:64:e8:9c:bd:4d:22:e1:1f:
fa:ea:08:91:d2:b9:d4:45:30:4d:72:8e:cd:89:07:
47:38:28:1a:ef:29:31:e0:bd:a0:d8:ca:01:50:98:
d5:99:ea:97:6b:36:3d:34:61:dd:22:a6:cc:aa:73:
fc:cd:75:86:e8:6f:de:47:cd:ca:e2:15:fb:41:4f:
1d:41:40:55:f3:2a:62:e7:3d:e9:57:1d:b0:9a:8d:
c5:0b:e8:fe:fc:13:de:35:f9:fd:13:fa:33:b8:be:
05:59:c4:40:3e:71:5b:18:3e:5a:b1:53:9f:5a:68:
b2:a5:7c:4b:5f:cb:14:6d:57:e9:de:7b:98:d1:17:
2a:16:21:bf:e0:16:d4:8c:3a:99:a3:e9:d5:66:c7:
63:df:fc:aa:ad:37:b0:22:c9:90:6a:05:55:c5:ba:
30:ad:8f:c2:1e:73:a3:46:8f:c0:ac:0f:b2:01:3a:
0b:65:af:22:d4:b6:37:53:41:48:f5:1f:0a:01:2c:
7d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D4:17:4D:46:57:86:1A:57:7A:CA:92:55:CD:1D:6C:1A:33:5C:D4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2tQXTUZXhhpXesqSVc0dbBozXNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.65.0/24
193.8.114.0/24
194.76.168.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:e4:30:8a:f7:d5:66:d2:8f:e9:0e:4e:78:59:9e:1b:02:fb:
26:3b:d8:54:96:2f:92:b9:0b:8e:a6:d7:f1:fd:3c:83:1f:8f:
a9:4c:8f:f7:c7:8e:68:25:d1:a1:e7:d5:ad:2b:50:48:77:ab:
c7:a8:85:3f:61:ce:ee:b1:72:76:7b:53:d0:e9:27:ae:e6:09:
09:73:cc:22:55:00:41:3b:69:12:20:d5:4f:b9:0c:09:cb:64:
5d:96:49:fe:b6:35:94:ba:cc:49:9a:4c:79:d4:0f:0b:1d:04:
90:a2:e3:12:2b:fc:09:53:fc:b2:47:54:58:b6:78:d4:5b:23:
3b:56:a8:aa:5c:eb:19:0b:62:b1:2b:cc:54:c0:72:ae:f4:18:
54:94:9d:7f:6c:8f:06:12:5d:f7:01:e3:f3:35:0b:63:2e:42:
27:41:87:40:a9:13:3f:2c:5e:b7:9f:87:a7:b3:2d:09:ee:3a:
a8:d4:a9:b6:a6:87:48:3a:03:a1:e0:88:87:99:63:5c:da:a1:
bf:38:b1:64:40:65:f3:a8:dc:d8:09:ca:85:6a:ac:f0:f5:8d:
d6:07:bd:80:a7:ae:0b:a3:2c:0f:10:da:50:04:85:ac:f2:be:
e3:34:e5:83:41:db:2f:9c:71:1f:a9:e1:f9:2b:97:b8:22:ef:
0e:cd:f6:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0bvCYChHukDFOHp2tvS9LnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTE4MDg0MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQ0MTc0ZDQ2NTc4NjFhNTc3YWNhOTI1NWNkMWQ2YzFhMzM1Y2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlk/zY5mEi4xUkQVc0AISsrR0xLTt
PM7FMxnm8r7VG5E6CfmgcOnSJCGn5+UL6hHEYQtlO6BFiFkPo8GurBwv2Pw2ZOic
vU0i4R/66giR0rnURTBNco7NiQdHOCga7ykx4L2g2MoBUJjVmeqXazY9NGHdIqbM
qnP8zXWG6G/eR83K4hX7QU8dQUBV8ypi5z3pVx2wmo3FC+j+/BPeNfn9E/ozuL4F
WcRAPnFbGD5asVOfWmiypXxLX8sUbVfp3nuY0RcqFiG/4BbUjDqZo+nVZsdj3/yq
rTewIsmQagVVxbowrY/CHnOjRo/ArA+yAToLZa8i1LY3U0FI9R8KASx9yQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNrUF01GV4YaV3rKklXNHWwaM1zUMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMnRRWFRVWlhoaHBYZXNxU1ZjMGRiQm96WE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAueZBAwQA
wQhyAwQAwkyoMA0GCSqGSIb3DQEBCwUAA4IBAQCk5DCK99Vm0o/pDk54WZ4bAvsm
O9hUli+SuQuOptfx/TyDH4+pTI/3x45oJdGh59WtK1BId6vHqIU/Yc7usXJ2e1PQ
6Seu5gkJc8wiVQBBO2kSINVPuQwJy2Rdlkn+tjWUusxJmkx51A8LHQSQouMSK/wJ
U/yyR1RYtnjUWyM7VqiqXOsZC2KxK8xUwHKu9BhUlJ1/bI8GEl33AePzNQtjLkIn
QYdAqRM/LF63n4ensy0J7jqo1Km2podIOgOh4IiHmWNc2qG/OLFkQGXzqNzYCcqF
aqzw9Y3WB72Ap64LoywPENpQBIWs8r7jNOWDQdsvnHEfqeH5K5e4Iu8OzfbY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org