Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/2AlK9dlxktbof-Ad3prE23qb72g.roa
File: 2AlK9dlxktbof-Ad3prE23qb72g.roa (raw, json)
Hash identifier: 8GKu5UMW6fczvIJvVY2fwBL8Q6VT58QNiOURXtQFn0Q=
Subject key identifier: D8:09:4A:F5:D9:71:92:D6:E8:7F:E0:1D:DE:9A:C4:DB:7A:9B:EF:68
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBC2075A749AA616E7C2958D200515
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/2AlK9dlxktbof-Ad3prE23qb72g.roa
Signing time: Mon 02 Jan 2023 05:37:05 +0000
ROA not before: Mon 02 Jan 2023 05:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200462
IP address blocks: 31.47.238.0/24 maxlen: 32
94.247.43.0/24 maxlen: 32
5.180.192.0/23 maxlen: 24
2.58.52.0/23 maxlen: 32
45.86.124.0/23 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 48
2a0e:de80::/29 maxlen: 48
2a00:f826:8::/48 maxlen: 48
2a0c:8900::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c2:07:5a:74:9a:a6:16:e7:c2:95:8d:20:05:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8094af5d97192d6e87fe01dde9ac4db7a9bef68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e8:d9:9f:7d:79:64:81:46:c8:81:09:7c:a3:
f0:f3:73:d8:a7:f6:08:4e:47:95:56:0b:a4:af:e0:
4c:27:19:6a:40:d4:ed:11:f8:54:5c:d6:c4:9e:f4:
0d:98:34:d3:d4:dc:f7:16:7e:65:bd:cd:19:48:0a:
24:31:25:07:b0:26:ab:f7:65:f0:3f:c6:fd:6a:f3:
d3:0b:6d:bd:85:d2:e8:18:26:6d:28:75:3f:c7:e4:
d3:de:2c:25:93:78:9e:01:c2:21:0a:eb:f4:fe:77:
31:53:2d:ab:05:fc:23:20:ef:8f:68:3e:83:af:33:
9b:92:68:21:3e:e4:40:4b:04:01:30:47:39:f1:db:
60:99:3e:d8:18:82:3a:2d:d5:61:e5:6b:39:13:83:
15:43:e8:3d:15:51:68:ca:6c:42:73:f8:30:7f:55:
3e:80:3b:93:d4:0b:9a:b8:89:0c:c5:04:9c:fd:46:
63:37:ee:de:aa:05:0e:ec:e4:25:a0:8f:99:d1:c8:
cd:72:17:0e:b3:9d:78:e5:ae:6a:3b:7c:4b:f7:3c:
3b:77:3f:67:a0:73:1b:46:a8:a0:51:7b:81:28:9a:
62:8e:02:42:e2:e6:37:7c:78:ad:8e:c5:43:73:68:
aa:71:ce:85:7c:74:26:5a:4c:af:7b:44:f4:3b:d9:
8e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:09:4A:F5:D9:71:92:D6:E8:7F:E0:1D:DE:9A:C4:DB:7A:9B:EF:68
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/2AlK9dlxktbof-Ad3prE23qb72g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
31.47.238.0/24
45.86.124.0/23
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
b9:13:e0:9f:a0:e9:57:7f:d8:6e:17:9d:d5:a9:e8:2c:d2:f9:
c0:96:eb:58:33:8b:db:0a:39:fe:b4:c2:cc:18:80:7d:99:90:
e7:cf:77:6a:4e:82:ad:dc:04:46:4f:ea:47:1c:62:b5:81:75:
fa:81:18:e5:ad:6d:c1:34:ca:c6:2f:20:e8:76:ea:25:53:44:
58:bd:d1:70:eb:99:32:e9:9b:36:b7:37:34:08:f5:8b:6e:d7:
0a:4f:53:7e:3b:eb:dd:93:bc:44:40:05:26:02:a8:be:11:b4:
d3:11:c6:14:4b:70:b4:13:18:2e:f3:6d:09:aa:57:23:29:55:
26:01:9c:e0:7e:23:ca:43:84:28:4a:1b:5c:13:b0:67:e6:39:
77:ec:3e:36:c8:36:2a:5e:90:ad:13:fa:d2:22:05:2f:55:fa:
f9:9b:d0:44:80:78:33:69:ce:3d:98:90:0a:ae:47:93:ad:71:
8d:06:63:c5:ed:00:b6:a6:58:7e:cd:26:26:f2:09:af:56:72:
18:ba:8a:11:1c:61:a4:31:c2:28:8f:26:75:b9:4d:b2:4a:eb:
99:b5:cf:00:65:76:61:18:16:b9:3e:51:e8:d0:4d:24:3d:4e:
2e:ec:7b:60:2b:7b:33:a5:b7:67:0f:23:0a:e1:1d:20:1d:c7:
35:20:d5:4e
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYVw+8IHWnSaphbnwpWNIAUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODA5NGFmNWQ5NzE5MmQ2ZTg3ZmUwMWRkZTlhYzRkYjdhOWJlZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+jZn315ZIFGyIEJfKPw83PYp/YI
TkeVVgukr+BMJxlqQNTtEfhUXNbEnvQNmDTT1Nz3Fn5lvc0ZSAokMSUHsCar92Xw
P8b9avPTC229hdLoGCZtKHU/x+TT3iwlk3ieAcIhCuv0/ncxUy2rBfwjIO+PaD6D
rzObkmghPuRASwQBMEc58dtgmT7YGII6LdVh5Ws5E4MVQ+g9FVFoymxCc/gwf1U+
gDuT1AuauIkMxQSc/UZjN+7eqgUO7OQloI+Z0cjNchcOs5145a5qO3xL9zw7dz9n
oHMbRqigUXuBKJpijgJC4uY3fHitjsVDc2iqcc6FfHQmWkyve0T0O9mOoQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFNgJSvXZcZLW6H/gHd6axNt6m+9oMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvMkFsSzlkbHhrdGJvZi1BZDNwckUyM3FiNzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQBAjo0AwQB
BbTAAwQAHy/uAwQBLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABAD
BQAqCeHAAwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBALkT4J+g6Vd/
2G4XndWp6CzS+cCW61gzi9sKOf60wswYgH2ZkOfPd2pOgq3cBEZP6kccYrWBdfqB
GOWtbcE0ysYvIOh26iVTRFi90XDrmTLpmza3NzQI9Ytu1wpPU347692TvERABSYC
qL4RtNMRxhRLcLQTGC7zbQmqVyMpVSYBnOB+I8pDhChKG1wTsGfmOXfsPjbINipe
kK0T+tIiBS9V+vmb0ESAeDNpzj2YkAquR5OtcY0GY8XtALamWH7NJibyCa9Wchi6
ihEcYaQxwiiPJnW5TbJK65m1zwBldmEYFrk+UejQTSQ9Ti7se2ArezOlt2cPIwrh
HSAdxzUg1U4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org