Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/a7d7JXD4ZwNqJ6onIHhamatcqiU.roa
File: a7d7JXD4ZwNqJ6onIHhamatcqiU.roa (raw, json)
Hash identifier: GZycIP5Bn0UhHoYCbN1h12sVJYeHdz/2dSXV4zxdaXc=
Subject key identifier: 6B:B7:7B:25:70:F8:67:03:6A:27:AA:27:20:78:5A:99:AB:5C:AA:25
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018F52F5E22E00F7D57447FFCBD4512A9ACD
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/a7d7JXD4ZwNqJ6onIHhamatcqiU.roa
Signing time: Tue 07 May 2024 12:09:56 +0000
ROA not before: Tue 07 May 2024 12:09:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200462
IP address blocks: 2.58.52.0/23 maxlen: 32
5.180.192.0/23 maxlen: 24
45.86.124.0/22 maxlen: 24
94.247.43.0/24 maxlen: 32
2a00:f826:8::/48 maxlen: 48
2a07:6fc0:10::/44 maxlen: 48
2a09:e1c0::/32 maxlen: 128
2a0c:8900::/29 maxlen: 128
2a0e:de80::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 May 2024 16:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:52:f5:e2:2e:00:f7:d5:74:47:ff:cb:d4:51:2a:9a:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: May 7 12:09:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bb77b2570f867036a27aa2720785a99ab5caa25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b8:c6:28:f7:76:1a:95:98:24:46:fe:68:87:
60:3e:38:4f:f3:0d:5b:71:93:50:64:4b:e5:7b:bf:
ef:a7:f5:53:dc:3d:d1:7d:1d:fb:00:d4:21:62:13:
e3:82:f5:bc:4f:8c:5c:da:45:ed:bb:59:2d:7b:f7:
f7:bf:19:b4:67:5c:21:6a:a6:7e:d7:2c:96:f4:b2:
b0:19:5f:10:86:20:2e:a0:f4:32:2e:a8:9a:42:cb:
87:8c:ee:4e:c8:6b:01:25:92:77:4e:e1:34:31:76:
49:bd:50:df:21:75:9d:26:3d:29:e5:31:03:57:2e:
58:9d:35:ef:a5:b9:00:37:98:6f:b0:ec:2b:a0:c9:
89:cd:56:11:64:e9:11:c5:b1:33:9a:25:3f:54:0d:
34:e8:da:75:6f:ea:a4:6e:b0:9b:c2:eb:6b:ac:dc:
b5:73:0f:0e:78:4c:95:e8:f0:93:95:07:98:69:c3:
81:ef:01:03:b1:c9:cb:d2:d6:12:bf:6b:fc:2a:db:
36:23:bb:74:fc:90:64:f6:cf:13:ed:49:bd:72:79:
e0:67:5e:1a:4e:a1:f7:7f:cc:4c:3b:0c:67:35:88:
0e:bd:73:68:67:ac:08:0d:c6:47:eb:b8:33:37:e8:
cf:53:c1:58:95:83:83:90:49:f0:24:9d:aa:02:ea:
26:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B7:7B:25:70:F8:67:03:6A:27:AA:27:20:78:5A:99:AB:5C:AA:25
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/a7d7JXD4ZwNqJ6onIHhamatcqiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:18:ce:13:ee:11:4a:b9:aa:c8:e9:f4:83:f9:46:e0:43:28:
e3:8d:c4:84:3b:6e:72:9a:a1:8a:58:4b:5c:9e:09:a6:6a:8c:
25:b6:0e:23:2f:a8:82:e3:1f:c9:cc:ea:3d:68:aa:2a:b9:6a:
b9:1e:19:f3:36:87:43:af:68:f1:84:84:69:18:d1:73:31:35:
c1:5c:10:14:d0:28:a5:fa:f5:03:df:dd:ce:86:34:e0:f2:ec:
b7:d0:d0:c0:6d:f4:b7:38:cf:70:c7:81:fa:19:f5:ff:01:ff:
ff:4a:08:1f:48:ea:ca:bb:97:2d:24:4a:a9:37:98:2d:b4:0b:
14:8b:72:88:85:1c:e5:05:6b:30:c0:40:32:45:e9:d7:2b:f7:
53:ab:9c:49:ec:57:20:03:5e:2f:18:44:12:42:0d:e3:de:f7:
28:cd:bc:69:2f:59:8b:89:ff:cf:6b:05:6b:80:f3:d9:00:5d:
d9:51:b5:de:9b:26:06:56:d1:fa:1e:57:4b:4f:20:87:73:0e:
17:75:85:8d:d5:b9:58:41:76:f4:7f:25:8f:2f:db:0c:67:53:
4b:e1:6e:fc:6f:6f:3c:0e:0d:f6:96:4d:e6:26:3e:f8:00:f9:
3e:00:7c:5f:6e:4d:a8:d5:c0:c3:58:c3:e1:26:09:80:5b:a5:
cf:da:3c:83
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY9S9eIuAPfVdEf/y9RRKprNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwNTA3MTIwOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmI3N2IyNTcwZjg2NzAzNmEyN2FhMjcyMDc4NWE5OWFiNWNhYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorjGKPd2GpWYJEb+aIdgPjhP8w1b
cZNQZEvle7/vp/VT3D3RfR37ANQhYhPjgvW8T4xc2kXtu1kte/f3vxm0Z1whaqZ+
1yyW9LKwGV8QhiAuoPQyLqiaQsuHjO5OyGsBJZJ3TuE0MXZJvVDfIXWdJj0p5TED
Vy5YnTXvpbkAN5hvsOwroMmJzVYRZOkRxbEzmiU/VA006Np1b+qkbrCbwutrrNy1
cw8OeEyV6PCTlQeYacOB7wEDscnL0tYSv2v8Kts2I7t0/JBk9s8T7Um9cnngZ14a
TqH3f8xMOwxnNYgOvXNoZ6wIDcZH67gzN+jPU8FYlYODkEnwJJ2qAuomTwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGu3eyVw+GcDaieqJyB4WpmrXKolMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvYTdkN0pYRDRad05xSjZvbklIaGFtYXRjcWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAeBAIAATAYAwQBAjo0AwQB
BbTAAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABADBQAqCeHA
AwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAGoYzhPuEUq5qsjp9IP5
RuBDKOONxIQ7bnKaoYpYS1yeCaZqjCW2DiMvqILjH8nM6j1oqiq5arkeGfM2h0Ov
aPGEhGkY0XMxNcFcEBTQKKX69QPf3c6GNODy7LfQ0MBt9Lc4z3DHgfoZ9f8B//9K
CB9I6sq7ly0kSqk3mC20CxSLcoiFHOUFazDAQDJF6dcr91OrnEnsVyADXi8YRBJC
DePe9yjNvGkvWYuJ/89rBWuA89kAXdlRtd6bJgZW0foeV0tPIIdzDhd1hY3VuVhB
dvR/JY8v2wxnU0vhbvxvbzwODfaWTeYmPvgA+T4AfF9uTajVwMNYw+EmCYBbpc/a
PIM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:31 2024 by rpki-client on console-ams.rpki-client.org