Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/2B7FmGzYBhMevMEvVeZX5hz8fT4.roa
File: 2B7FmGzYBhMevMEvVeZX5hz8fT4.roa (raw, json)
Hash identifier: JZE/LtSP+3y0jmlmgj1cK3FpR0JApNbAHChjcveVT+A=
Subject key identifier: D8:1E:C5:98:6C:D8:06:13:1E:BC:C1:2F:55:E6:57:E6:1C:FC:7D:3E
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01856FB11A9A619BF1F174EA049889A616C2
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/2B7FmGzYBhMevMEvVeZX5hz8fT4.roa
Signing time: Sun 01 Jan 2023 23:35:55 +0000
ROA not before: Sun 01 Jan 2023 23:35:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21211
IP address blocks: 62.192.182.0/23 maxlen: 23
62.192.180.0/23 maxlen: 23
5.253.240.0/23 maxlen: 23
5.253.242.0/23 maxlen: 23
147.78.112.0/23 maxlen: 23
171.22.4.0/23 maxlen: 23
147.78.114.0/23 maxlen: 23
171.22.6.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:1a:9a:61:9b:f1:f1:74:ea:04:98:89:a6:16:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 1 23:35:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d81ec5986cd806131ebcc12f55e657e61cfc7d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d1:f2:27:67:a4:40:5d:c6:1a:5e:90:cc:88:
09:40:ee:75:88:90:c6:0c:f1:6b:87:40:48:6a:c8:
f8:13:b5:19:d3:9a:67:17:7c:27:23:a8:32:20:ba:
90:ac:3e:79:09:d4:12:55:4e:29:bb:03:3b:b2:c4:
53:c3:12:bf:f5:be:a8:21:be:26:d5:12:4e:c0:50:
30:63:a1:91:62:11:83:3b:ed:c3:0b:94:79:f9:25:
22:af:9e:95:37:78:5b:e0:b2:1b:b6:08:53:0a:1a:
bb:57:0f:ad:29:ba:7e:3b:bb:44:8b:84:1a:3e:40:
f4:6a:53:1e:5b:db:20:57:2e:0a:05:0c:fd:48:ef:
2f:58:c3:58:57:82:2f:43:7a:b2:e0:37:9c:fc:7c:
67:cb:1c:ce:95:0e:4f:a2:0c:f2:17:7e:af:ec:2b:
e1:11:a6:37:ee:a1:7b:73:84:01:98:23:cf:83:06:
88:be:bf:89:a5:24:cb:f5:ce:4c:12:74:ab:d7:4c:
3f:02:c0:ed:a3:14:14:3f:06:36:36:5e:70:91:24:
1d:07:1c:6a:8a:63:28:b8:7c:8a:7f:5b:25:a9:84:
58:6a:5e:5f:e8:ca:35:9c:52:16:2c:6b:57:f1:9d:
61:0a:93:cd:93:be:4d:35:9b:87:7d:1a:f4:7a:e6:
bc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1E:C5:98:6C:D8:06:13:1E:BC:C1:2F:55:E6:57:E6:1C:FC:7D:3E
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/2B7FmGzYBhMevMEvVeZX5hz8fT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.240.0/22
62.192.180.0/22
147.78.112.0/22
171.22.4.0/22
Signature Algorithm: sha256WithRSAEncryption
35:8c:ac:b0:ab:6e:83:d9:8f:2c:48:e6:2b:21:9e:c2:f4:df:
bc:95:3e:52:e4:e6:2c:56:4d:f8:75:2d:f3:92:98:b6:2d:73:
98:a4:5a:9e:e0:6b:83:35:ad:01:ef:0a:80:63:23:08:fe:2a:
08:4d:81:ae:71:0d:4a:37:28:7f:f2:36:97:56:77:58:35:fb:
54:ad:e6:dd:b3:9b:2d:e0:13:d6:b9:c3:d8:8c:db:e5:c5:37:
fd:fe:ae:65:13:df:bb:c6:f2:0e:41:36:34:66:b3:c2:7e:66:
cd:e9:fa:31:26:e8:64:b5:1e:31:37:f8:25:f1:27:09:f1:d9:
d3:3f:b4:54:bc:ea:98:41:26:4d:c2:ab:bd:95:00:56:af:8a:
87:f4:3b:92:7c:0b:3e:84:55:a7:72:bc:df:1a:4b:af:56:7e:
3c:82:72:c2:ba:b9:0d:5d:15:c7:bd:b2:a8:79:c6:0a:30:3e:
82:e6:92:29:5f:f1:1a:de:c1:3f:ae:08:87:aa:cf:a5:fa:f4:
bf:7a:05:c9:4d:38:ea:cf:98:96:48:c2:22:1d:4e:86:32:ef:
24:21:a4:f9:21:b8:4f:ef:a9:42:89:89:8e:8c:dc:24:9b:7f:
e8:e8:3d:61:06:50:27:ba:29:a8:ab:60:50:8d:d3:67:04:6c:
9a:f4:1a:a3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvsRqaYZvx8XTqBJiJphbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjMwMTAxMjMzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFlYzU5ODZjZDgwNjEzMWViY2MxMmY1NWU2NTdlNjFjZmM3ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidHyJ2ekQF3GGl6QzIgJQO51iJDG
DPFrh0BIasj4E7UZ05pnF3wnI6gyILqQrD55CdQSVU4puwM7ssRTwxK/9b6oIb4m
1RJOwFAwY6GRYhGDO+3DC5R5+SUir56VN3hb4LIbtghTChq7Vw+tKbp+O7tEi4Qa
PkD0alMeW9sgVy4KBQz9SO8vWMNYV4IvQ3qy4Dec/HxnyxzOlQ5PogzyF36v7Cvh
EaY37qF7c4QBmCPPgwaIvr+JpSTL9c5MEnSr10w/AsDtoxQUPwY2Nl5wkSQdBxxq
imMouHyKf1slqYRYal5f6Mo1nFIWLGtX8Z1hCpPNk75NNZuHfRr0eua8kwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNgexZhs2AYTHrzBL1XmV+Yc/H0+MB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvMkI3Rm1HellCaE1ldk1FdlZlWlg1aHo4ZlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBf3wAwQC
PsC0AwQCk05wAwQCqxYEMA0GCSqGSIb3DQEBCwUAA4IBAQA1jKywq26D2Y8sSOYr
IZ7C9N+8lT5S5OYsVk34dS3zkpi2LXOYpFqe4GuDNa0B7wqAYyMI/ioITYGucQ1K
Nyh/8jaXVndYNftUrebds5st4BPWucPYjNvlxTf9/q5lE9+7xvIOQTY0ZrPCfmbN
6foxJuhktR4xN/gl8ScJ8dnTP7RUvOqYQSZNwqu9lQBWr4qH9DuSfAs+hFWncrzf
GkuvVn48gnLCurkNXRXHvbKoecYKMD6C5pIpX/Ea3sE/rgiHqs+l+vS/egXJTTjq
z5iWSMIiHU6GMu8kIaT5IbhP76lCiYmOjNwkm3/o6D1hBlAnuimoq2BQjdNnBGya
9Bqj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:36 2024 by rpki-client on console-ams.rpki-client.org