Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/aGinR-yyMno6KbRRJGlJtLtmPx4.roa
File: aGinR-yyMno6KbRRJGlJtLtmPx4.roa (raw, json)
Hash identifier: Lg3kTu4ROMvW8AROZ1VvDcit/EQqEdHTTQtYOEFEtPU=
Subject key identifier: 68:68:A7:47:EC:B2:32:7A:3A:29:B4:51:24:69:49:B4:BB:66:3F:1E
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 01876AB99FD1A1E2ADA70F45F7A387FD977B
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/aGinR-yyMno6KbRRJGlJtLtmPx4.roa
Signing time: Mon 10 Apr 2023 10:32:42 +0000
ROA not before: Mon 10 Apr 2023 10:32:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 2.58.54.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6a:b9:9f:d1:a1:e2:ad:a7:0f:45:f7:a3:87:fd:97:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Apr 10 10:32:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6868a747ecb2327a3a29b451246949b4bb663f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e3:f7:a2:98:a7:1f:3c:59:f7:8a:2b:8c:71:
76:ca:fa:26:6d:69:ea:cc:a0:11:99:75:7f:13:09:
bc:72:ce:14:50:40:24:cb:ea:ff:93:3a:fa:a1:5b:
6c:31:3a:1b:ee:91:c8:d7:2b:fe:6f:9c:db:8f:dd:
6e:93:be:c1:85:60:ce:c8:af:87:0e:33:c5:07:3b:
48:91:44:76:20:1f:d8:ab:14:5a:f4:39:4b:a6:ea:
64:3a:69:06:6b:e2:af:fd:58:b2:b1:6b:d1:bd:74:
7c:b1:e2:6d:31:ef:35:bc:43:1a:38:81:6c:ac:86:
b8:56:74:0a:c4:81:01:26:25:b2:07:e9:d0:a0:a4:
72:56:d3:ca:de:76:55:29:42:85:bd:30:f0:0d:93:
ca:3e:2e:cd:49:8b:b9:42:f4:b7:d4:eb:de:8e:3b:
12:92:9f:0d:1f:7e:ca:9f:6c:32:58:29:66:9b:cc:
62:fa:f2:76:58:3b:3f:94:f2:c3:b3:6d:e9:9c:a2:
3c:c3:8d:4b:a0:c7:f8:fe:de:86:72:74:f2:90:77:
7a:22:d9:95:84:8c:24:95:d6:93:d0:1b:38:19:7d:
e2:4b:03:b5:0d:67:e2:1c:d2:80:5b:0f:25:4b:01:
4c:79:b7:31:fb:37:6d:f5:8b:b5:16:0e:55:e6:0b:
d1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:68:A7:47:EC:B2:32:7A:3A:29:B4:51:24:69:49:B4:BB:66:3F:1E
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/aGinR-yyMno6KbRRJGlJtLtmPx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.54.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:04:ec:6c:b7:58:7a:af:b8:7a:9e:88:89:61:58:8c:eb:cf:
2a:55:91:4d:ac:15:a4:5d:4f:9f:bb:7f:a1:a4:94:21:e4:8b:
35:c3:ff:ed:e3:80:85:5e:b9:f3:99:55:ee:79:c2:ba:fe:d5:
55:c8:e1:d5:b2:6d:65:cb:7a:54:36:23:b0:33:57:77:60:e8:
50:fe:55:c7:c0:68:30:a6:61:f2:be:dc:64:40:3f:25:bb:30:
ce:b3:32:ce:6d:53:4f:63:7f:34:43:bb:c7:6a:5b:a6:1f:61:
23:43:30:0f:3c:1a:76:36:f2:7f:89:f5:97:86:22:49:11:0e:
3c:f0:07:f7:0d:ad:7c:b6:0a:47:84:f4:3f:88:39:d8:f9:48:
4d:a2:1d:52:32:b9:b0:3e:85:b1:dd:56:74:eb:41:5e:d0:8e:
84:1c:43:42:31:95:b9:ce:6b:4f:a0:4b:a4:d0:5c:cc:e9:aa:
f6:7c:9d:90:3c:1d:76:9c:09:01:7d:e3:24:34:2b:77:1c:ff:
28:ac:7c:f2:5a:03:4d:e5:a5:d9:60:d3:e2:9c:e4:8a:1d:78:
64:38:44:13:1d:98:25:a6:2a:cc:4a:e5:0e:01:34:6f:9f:2f:
dc:64:1b:29:25:20:5d:ec:27:cb:c8:b8:26:47:d2:92:38:59:
89:65:c9:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdquZ/RoeKtpw9F96OH/Zd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwNDEwMTAzMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODY4YTc0N2VjYjIzMjdhM2EyOWI0NTEyNDY5NDliNGJiNjYzZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguP3opinHzxZ94orjHF2yvombWnq
zKARmXV/Ewm8cs4UUEAky+r/kzr6oVtsMTob7pHI1yv+b5zbj91uk77BhWDOyK+H
DjPFBztIkUR2IB/YqxRa9DlLpupkOmkGa+Kv/ViysWvRvXR8seJtMe81vEMaOIFs
rIa4VnQKxIEBJiWyB+nQoKRyVtPK3nZVKUKFvTDwDZPKPi7NSYu5QvS31OvejjsS
kp8NH37Kn2wyWClmm8xi+vJ2WDs/lPLDs23pnKI8w41LoMf4/t6GcnTykHd6ItmV
hIwkldaT0Bs4GX3iSwO1DWfiHNKAWw8lSwFMebcx+zdt9Yu1Fg5V5gvRwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhop0fssjJ6Oim0USRpSbS7Zj8eMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvYUdpblIteXlNbm82S2JSUkpHbEp0THRtUHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjo2MA0G
CSqGSIb3DQEBCwUAA4IBAQBvBOxst1h6r7h6noiJYViM688qVZFNrBWkXU+fu3+h
pJQh5Is1w//t44CFXrnzmVXuecK6/tVVyOHVsm1ly3pUNiOwM1d3YOhQ/lXHwGgw
pmHyvtxkQD8luzDOszLObVNPY380Q7vHalumH2EjQzAPPBp2NvJ/ifWXhiJJEQ48
8Af3Da18tgpHhPQ/iDnY+UhNoh1SMrmwPoWx3VZ060Fe0I6EHENCMZW5zmtPoEuk
0FzM6ar2fJ2QPB12nAkBfeMkNCt3HP8orHzyWgNN5aXZYNPinOSKHXhkOEQTHZgl
pirMSuUOATRvny/cZBspJSBd7CfLyLgmR9KSOFmJZclf
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org