Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DQgb2bB4-uBQnBU3sw_8JLoezM8.roa
File: DQgb2bB4-uBQnBU3sw_8JLoezM8.roa (raw, json)
Hash identifier: i7TkRiWAyIJrREFf3cliebd6kSt72U0As9oxhuPUTDk=
Subject key identifier: 0D:08:1B:D9:B0:78:FA:E0:50:9C:15:37:B3:0F:FC:24:BA:1E:CC:CF
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188AEB2C8F46451AF9B29A38D88416AEBCB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DQgb2bB4-uBQnBU3sw_8JLoezM8.roa
Signing time: Mon 12 Jun 2023 08:22:12 +0000
ROA not before: Mon 12 Jun 2023 08:22:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 2.58.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:b2:c8:f4:64:51:af:9b:29:a3:8d:88:41:6a:eb:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 12 08:22:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d081bd9b078fae0509c1537b30ffc24ba1ecccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0f:1c:87:c8:09:d9:cd:80:6a:4f:f0:58:52:
fa:00:77:52:f4:e2:7e:4c:95:13:57:d4:c9:5b:cd:
dc:35:c5:f0:b4:35:ae:19:83:fd:aa:b1:9f:34:dd:
c7:6d:4a:5c:0c:2a:22:8d:e2:e1:6b:35:ba:97:05:
e8:00:7f:18:f2:ad:a9:a6:5f:9e:3b:9e:9c:09:45:
66:22:c8:5c:bd:14:6e:70:92:8d:99:dd:ad:ca:ef:
df:f4:1f:02:96:5e:48:ba:2f:9e:c8:aa:92:3a:75:
8c:b0:9e:56:9a:7a:b7:90:bc:49:88:e5:f4:6b:2c:
f5:41:b6:36:60:fa:2d:6b:42:06:ac:f7:dd:b5:fc:
da:a7:b9:cd:b5:01:48:d8:13:e7:dc:ff:e4:06:02:
4b:af:15:f6:6f:13:14:39:38:5f:e2:da:60:25:13:
b8:df:6b:fa:d8:d3:e3:60:5c:fd:b7:8c:90:07:53:
57:0a:a8:87:64:54:71:80:71:7b:13:2a:04:df:6d:
a9:21:37:13:ef:76:99:a3:b4:8b:5f:74:5c:9f:67:
e4:68:2e:22:7d:b0:30:bf:2d:06:b0:27:f8:75:30:
a9:96:73:a7:fd:27:71:c6:f2:e6:05:bc:3a:30:e6:
cd:ae:7e:97:06:93:0d:65:25:20:eb:f4:d4:3c:45:
13:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:08:1B:D9:B0:78:FA:E0:50:9C:15:37:B3:0F:FC:24:BA:1E:CC:CF
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DQgb2bB4-uBQnBU3sw_8JLoezM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.170.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ff:f7:6c:c1:ff:fd:2a:9c:84:ed:6a:58:d2:fe:f7:38:f9:
7b:12:61:7d:1f:1b:35:44:4d:df:5f:8a:d8:b1:ba:c7:bf:39:
ef:df:a1:5c:7d:a5:04:86:c1:16:93:00:bc:9a:bf:ae:7c:fa:
49:49:7a:09:9d:f1:ca:64:8c:62:09:61:bb:1f:99:2b:d1:92:
17:64:34:c1:f4:28:ea:43:40:8c:8d:f2:fa:2e:bc:f4:0c:a0:
3d:15:c7:5e:ab:75:fd:03:f4:2c:3d:e5:ba:9f:40:78:a7:77:
99:89:ac:bd:2e:db:47:33:6b:55:ce:15:a0:49:ab:c2:af:f9:
57:b2:94:02:9c:e0:c1:fc:5f:a3:89:2e:b9:1f:2a:5d:b9:48:
83:e1:5f:66:31:04:7a:4c:53:42:d4:23:d1:50:a5:19:5e:61:
42:3b:b4:d3:8b:f5:9f:0d:dc:5c:59:c5:fa:a1:86:19:8e:16:
88:af:32:aa:1a:69:f9:41:18:03:9e:41:cc:0b:41:71:da:5f:
81:31:67:89:c3:25:fe:cf:04:73:8d:df:b3:4a:9e:ab:f7:8f:
8f:bd:a7:23:2a:be:12:0d:19:f4:d4:7d:a6:03:fe:71:49:e5:
d0:8d:c1:5a:65:cd:b5:a0:1a:31:30:49:b1:14:e0:2a:ac:93:
0d:5c:39:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiussj0ZFGvmymjjYhBauvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjEyMDgyMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDA4MWJkOWIwNzhmYWUwNTA5YzE1MzdiMzBmZmMyNGJhMWVjY2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgg8ch8gJ2c2Aak/wWFL6AHdS9OJ+
TJUTV9TJW83cNcXwtDWuGYP9qrGfNN3HbUpcDCoijeLhazW6lwXoAH8Y8q2ppl+e
O56cCUVmIshcvRRucJKNmd2tyu/f9B8Cll5Iui+eyKqSOnWMsJ5Wmnq3kLxJiOX0
ayz1QbY2YPota0IGrPfdtfzap7nNtQFI2BPn3P/kBgJLrxX2bxMUOThf4tpgJRO4
32v62NPjYFz9t4yQB1NXCqiHZFRxgHF7EyoE322pITcT73aZo7SLX3Rcn2fkaC4i
fbAwvy0GsCf4dTCplnOn/SdxxvLmBbw6MObNrn6XBpMNZSUg6/TUPEUTbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0IG9mwePrgUJwVN7MP/CS6HszPMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRFFnYjJiQjQtdUJRbkJVM3N3XzhKTG9lek04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjqqMA0G
CSqGSIb3DQEBCwUAA4IBAQCa//dswf/9KpyE7WpY0v73OPl7EmF9Hxs1RE3fX4rY
sbrHvznv36FcfaUEhsEWkwC8mr+ufPpJSXoJnfHKZIxiCWG7H5kr0ZIXZDTB9Cjq
Q0CMjfL6Lrz0DKA9Fcdeq3X9A/QsPeW6n0B4p3eZiay9LttHM2tVzhWgSavCr/lX
spQCnODB/F+jiS65HypduUiD4V9mMQR6TFNC1CPRUKUZXmFCO7TTi/WfDdxcWcX6
oYYZjhaIrzKqGmn5QRgDnkHMC0Fx2l+BMWeJwyX+zwRzjd+zSp6r94+PvacjKr4S
DRn01H2mA/5xSeXQjcFaZc21oBoxMEmxFOAqrJMNXDm9
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:00 2023 by rpki-client on console-fra.rpki-client.org