Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/2FgDDrz0myLyuHjHJw2o8yHfqi8.roa
File: 2FgDDrz0myLyuHjHJw2o8yHfqi8.roa (raw, json)
Hash identifier: PgYwIY+C5oOymwl7odLAwwEPoIq+F0c3pmlv8FnN/lg=
Subject key identifier: D8:58:03:0E:BC:F4:9B:22:F2:B8:78:C7:27:0D:A8:F3:21:DF:AA:2F
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 018896C6A9A9960E0820613B2E2EC2D021E2
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/2FgDDrz0myLyuHjHJw2o8yHfqi8.roa
Signing time: Wed 07 Jun 2023 16:53:01 +0000
ROA not before: Wed 07 Jun 2023 16:53:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 37.143.0.0/22 maxlen: 22
37.143.4.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:96:c6:a9:a9:96:0e:08:20:61:3b:2e:2e:c2:d0:21:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Jun 7 16:53:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d858030ebcf49b22f2b878c7270da8f321dfaa2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b4:ff:c2:d3:99:9d:ac:90:41:24:ce:0c:cc:
0c:3c:a5:f2:8f:8b:54:a2:54:ec:70:ad:f2:be:1e:
89:be:24:09:67:8a:86:7e:f0:9e:ac:19:d0:2c:af:
88:91:38:62:72:f6:e3:83:97:38:db:eb:49:d0:84:
12:c2:a6:e1:8b:2a:85:0a:83:32:8c:1b:34:36:bb:
65:97:bf:1b:a0:1b:d6:8c:a7:38:84:75:a5:ac:27:
81:ae:00:cc:c2:20:01:8b:62:15:14:92:aa:27:b8:
82:df:cd:4e:02:be:7e:d6:7a:0a:74:6a:c4:ca:00:
c9:3e:42:2b:75:b3:6f:67:b8:42:31:b9:99:a1:6d:
db:78:ce:bc:33:4c:d3:78:cd:8d:b2:3b:39:1b:33:
e9:65:c1:a1:a9:64:c6:3d:22:8b:82:84:c8:fc:38:
0d:4d:01:90:6e:a8:40:c4:9b:d8:2a:6f:a7:13:6c:
71:bd:e8:71:98:4b:79:df:2a:9f:df:c3:35:ad:93:
cb:37:97:31:8e:db:cb:20:b7:17:3a:bd:6f:a7:cc:
15:2b:17:86:85:e4:44:e6:09:57:d9:3e:18:be:42:
fd:4c:6c:b6:f3:b8:54:c2:97:0d:3d:4c:59:f1:8f:
21:54:7a:95:75:21:a0:1d:25:3d:12:c8:26:55:39:
83:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:58:03:0E:BC:F4:9B:22:F2:B8:78:C7:27:0D:A8:F3:21:DF:AA:2F
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/2FgDDrz0myLyuHjHJw2o8yHfqi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:ac:09:87:34:4a:8c:90:73:f8:b6:90:98:75:3a:69:6c:e8:
85:d4:d6:db:44:a5:7a:58:1a:08:e7:4c:46:fd:b3:23:eb:e2:
75:03:de:4e:40:3a:3c:87:a1:cd:2c:98:75:a0:01:fb:e9:f3:
1d:01:cc:a1:d3:98:b6:6d:bd:9b:84:cb:ba:ce:56:b8:f3:83:
62:1a:34:a3:de:3d:df:e4:93:75:57:c3:e0:b1:47:f0:fe:ed:
de:36:10:32:e6:bc:69:0d:45:69:9b:71:9c:ab:c0:76:91:f9:
b7:f8:c2:3c:1d:d5:ae:4f:9b:39:c9:84:b9:18:37:a4:4e:b9:
c8:67:7b:e1:31:b6:9b:a4:e9:50:90:27:14:53:b1:9d:2e:78:
bc:85:06:c7:66:c3:a2:9a:28:f4:d9:53:4f:50:b7:79:0b:a2:
1f:25:fc:b5:23:47:7e:73:0b:e0:28:98:87:2c:3e:a5:e2:e8:
f2:bc:f4:5e:c0:80:27:a0:31:ed:ea:00:60:2d:76:6a:e6:af:
20:1a:15:cb:35:4d:02:db:9b:ce:0f:74:f4:22:aa:7e:be:f5:
88:86:35:ce:60:3c:1c:45:70:bd:00:9d:52:92:10:2f:d4:ba:
58:86:fd:cf:8b:4a:48:03:e3:1d:44:e6:04:60:8c:cc:a7:3d:
81:aa:12:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiWxqmplg4IIGE7Li7C0CHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjMwNjA3MTY1MzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODU4MDMwZWJjZjQ5YjIyZjJiODc4YzcyNzBkYThmMzIxZGZhYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrT/wtOZnayQQSTODMwMPKXyj4tU
olTscK3yvh6JviQJZ4qGfvCerBnQLK+IkThicvbjg5c42+tJ0IQSwqbhiyqFCoMy
jBs0Nrtll78boBvWjKc4hHWlrCeBrgDMwiABi2IVFJKqJ7iC381OAr5+1noKdGrE
ygDJPkIrdbNvZ7hCMbmZoW3beM68M0zTeM2Nsjs5GzPpZcGhqWTGPSKLgoTI/DgN
TQGQbqhAxJvYKm+nE2xxvehxmEt53yqf38M1rZPLN5cxjtvLILcXOr1vp8wVKxeG
heRE5glX2T4YvkL9TGy287hUwpcNPUxZ8Y8hVHqVdSGgHSU9EsgmVTmD1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhYAw689Jsi8rh4xycNqPMh36ovMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvMkZnRERyejBteUx5dUhqSEp3Mm84eUhmcWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJY8AMA0G
CSqGSIb3DQEBCwUAA4IBAQCqrAmHNEqMkHP4tpCYdTppbOiF1NbbRKV6WBoI50xG
/bMj6+J1A95OQDo8h6HNLJh1oAH76fMdAcyh05i2bb2bhMu6zla484NiGjSj3j3f
5JN1V8PgsUfw/u3eNhAy5rxpDUVpm3Gcq8B2kfm3+MI8HdWuT5s5yYS5GDekTrnI
Z3vhMbabpOlQkCcUU7GdLni8hQbHZsOimij02VNPULd5C6IfJfy1I0d+cwvgKJiH
LD6l4ujyvPRewIAnoDHt6gBgLXZq5q8gGhXLNU0C25vOD3T0Iqp+vvWIhjXOYDwc
RXC9AJ1SkhAv1LpYhv3Pi0pIA+MdROYEYIzMpz2BqhIM
-----END CERTIFICATE-----
Generated at Tue Nov 7 08:08:28 2023 by rpki-client on console-fra.rpki-client.org