Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/Up509E2a_y3gCrT3WlP7cQ5L2EA.roa
File: Up509E2a_y3gCrT3WlP7cQ5L2EA.roa (raw, json)
Hash identifier: H84zTTXMGeWHvKVf4cSKJkYb5dBWcgHsgKeLGC8FvGE=
Subject key identifier: 52:9E:74:F4:4D:9A:FF:2D:E0:0A:B4:F7:5A:53:FB:71:0E:4B:D8:40
Certificate issuer: /CN=a42000c4f4ec4a03cd4d3657e01b70034ec23b97
Certificate serial: 01856F795D377DD14EDEDDFAD6BDD9C93ABD
Authority key identifier: A4:20:00:C4:F4:EC:4A:03:CD:4D:36:57:E0:1B:70:03:4E:C2:3B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/Up509E2a_y3gCrT3WlP7cQ5L2EA.roa
Signing time: Sun 01 Jan 2023 22:35:02 +0000
ROA not before: Sun 01 Jan 2023 22:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 178.218.240.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:5d:37:7d:d1:4e:de:dd:fa:d6:bd:d9:c9:3a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42000c4f4ec4a03cd4d3657e01b70034ec23b97
Validity
Not Before: Jan 1 22:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=529e74f44d9aff2de00ab4f75a53fb710e4bd840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b2:12:79:14:37:0f:7b:6b:4e:24:63:f1:20:
42:82:a0:29:52:6a:fa:df:09:7a:40:16:40:6a:22:
b6:7d:06:7d:ce:67:d0:8a:ac:a3:11:49:5b:c4:ea:
bc:3f:5f:1c:7b:32:17:d6:cc:34:58:10:c6:2a:19:
70:7d:8a:21:e4:29:22:09:7b:84:e8:15:1c:ca:c9:
0e:d8:b6:56:fb:33:10:47:54:06:a3:a9:c6:22:14:
ea:bd:c2:b2:6a:89:62:56:33:ca:79:45:2d:bf:97:
d0:a8:c0:53:b1:b0:25:11:40:f0:15:aa:2c:61:ce:
e9:e6:ee:72:b0:2c:5c:c1:f3:b2:df:91:56:3d:ec:
d8:46:56:83:35:c1:f8:d7:2b:bd:c1:51:39:6f:04:
9a:b7:1a:8f:49:c0:ae:e0:8b:ab:50:92:23:f9:24:
2a:10:4e:ac:21:c2:23:51:e1:5c:a7:44:a9:b4:da:
6f:59:99:d7:cd:76:9e:8e:2e:8d:ee:cf:6c:4d:a0:
bf:aa:0a:c1:d9:d0:0e:bd:67:0b:ab:86:df:2f:6d:
e7:d9:56:f0:1e:3f:9e:66:cd:58:07:b1:a5:96:56:
13:5b:1a:fc:9a:d8:e3:6b:bd:a2:5b:0a:a4:99:36:
a3:24:4d:93:d8:6b:af:a6:0f:61:92:f3:b3:2e:ba:
43:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9E:74:F4:4D:9A:FF:2D:E0:0A:B4:F7:5A:53:FB:71:0E:4B:D8:40
X509v3 Authority Key Identifier:
keyid:A4:20:00:C4:F4:EC:4A:03:CD:4D:36:57:E0:1B:70:03:4E:C2:3B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/Up509E2a_y3gCrT3WlP7cQ5L2EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/pCAAxPTsSgPNTTZX4BtwA07CO5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.218.240.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:20:71:48:19:f2:d3:51:06:8d:eb:e3:6d:9b:41:40:41:ca:
b3:3a:8b:5d:07:9e:74:98:a0:52:e7:f3:3d:99:c5:09:f9:fa:
1d:3f:62:25:a8:bf:84:91:9d:86:a2:d2:84:76:84:01:13:40:
d3:60:cc:6e:70:8a:66:e4:aa:df:23:ee:9d:b2:6d:6d:5d:83:
d8:be:0e:2f:50:79:20:bd:c4:8a:25:25:e1:51:4e:69:39:05:
46:dd:c3:38:be:40:b9:f8:29:2f:8b:65:7e:88:57:59:53:38:
cc:b0:cb:90:71:67:d6:fa:d1:71:ea:e7:ae:d8:3d:98:0f:fe:
db:93:6c:9d:d1:2c:d8:58:3b:38:6f:f8:51:76:70:d4:ed:91:
52:2e:b5:1a:39:52:e8:0a:19:bc:d9:5d:72:66:f2:7b:8b:e0:
d7:77:f5:88:01:45:e5:17:2c:a7:fc:5a:17:a6:9e:a4:b1:ad:
80:d9:77:42:67:fc:32:42:b7:b4:be:c3:c6:38:1e:44:75:89:
b2:68:ec:b7:ef:d1:bc:d3:bb:6d:e4:03:06:03:57:49:57:8a:
40:2e:17:18:24:06:dd:22:66:a6:35:06:8c:8b:3e:ac:23:72:
e0:c7:36:97:a7:34:c9:5f:e5:6a:5c:ed:76:86:2d:2a:53:0f:
4e:a0:f5:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveV03fdFO3t361r3ZyTq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjAwMGM0ZjRlYzRhMDNjZDRkMzY1N2UwMWI3MDAzNGVj
MjNiOTcwHhcNMjMwMTAxMjIzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjllNzRmNDRkOWFmZjJkZTAwYWI0Zjc1YTUzZmI3MTBlNGJkODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorISeRQ3D3trTiRj8SBCgqApUmr6
3wl6QBZAaiK2fQZ9zmfQiqyjEUlbxOq8P18cezIX1sw0WBDGKhlwfYoh5CkiCXuE
6BUcyskO2LZW+zMQR1QGo6nGIhTqvcKyaoliVjPKeUUtv5fQqMBTsbAlEUDwFaos
Yc7p5u5ysCxcwfOy35FWPezYRlaDNcH41yu9wVE5bwSatxqPScCu4IurUJIj+SQq
EE6sIcIjUeFcp0SptNpvWZnXzXaeji6N7s9sTaC/qgrB2dAOvWcLq4bfL23n2Vbw
Hj+eZs1YB7GlllYTWxr8mtjja72iWwqkmTajJE2T2Guvpg9hkvOzLrpDWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFKedPRNmv8t4Aq091pT+3EOS9hAMB8GA1UdIwQY
MBaAFKQgAMT07EoDzU02V+AbcANOwjuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENBQXhQVHNTZ1BOVFRaWDRCdHdBMDdDTzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNjNkNzctNGZlYS00MTMxLWJlY2It
MGYyMmQ4OTY4OWEwLzEvVXA1MDlFMmFfeTNnQ3JUM1dsUDdjUTVMMkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNjNkNzctNGZlYS00MTMxLWJlY2ItMGYyMmQ4OTY4OWEw
LzEvcENBQXhQVHNTZ1BOVFRaWDRCdHdBMDdDTzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCstrwMA0G
CSqGSIb3DQEBCwUAA4IBAQAOIHFIGfLTUQaN6+Ntm0FAQcqzOotdB550mKBS5/M9
mcUJ+fodP2IlqL+EkZ2GotKEdoQBE0DTYMxucIpm5KrfI+6dsm1tXYPYvg4vUHkg
vcSKJSXhUU5pOQVG3cM4vkC5+Ckvi2V+iFdZUzjMsMuQcWfW+tFx6ueu2D2YD/7b
k2yd0SzYWDs4b/hRdnDU7ZFSLrUaOVLoChm82V1yZvJ7i+DXd/WIAUXlFyyn/FoX
pp6ksa2A2XdCZ/wyQre0vsPGOB5EdYmyaOy379G807tt5AMGA1dJV4pALhcYJAbd
ImamNQaMiz6sI3LgxzaXpzTJX+VqXO12hi0qUw9OoPWx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:05 2024 by rpki-client on console-fra.rpki-client.org