Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/t2v8a1uY-N5D9DeAvC6ZBiO-eCM.roa
File: t2v8a1uY-N5D9DeAvC6ZBiO-eCM.roa (raw, json)
Hash identifier: we58nu+Zy5aMcxlZf8t1sz0vq9MXKHqu9Qa9H2qI6V0=
Subject key identifier: B7:6B:FC:6B:5B:98:F8:DE:43:F4:37:80:BC:2E:99:06:23:BE:78:23
Certificate issuer: /CN=262341b433e1f8fcb796322d2fd926409396e7ad
Certificate serial: 018CC6B8FD91F7E9FECD10A48AF548A184E1
Authority key identifier: 26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/t2v8a1uY-N5D9DeAvC6ZBiO-eCM.roa
Signing time: Mon 01 Jan 2024 20:31:01 +0000
ROA not before: Mon 01 Jan 2024 20:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57030
IP address blocks: 185.66.0.0/22 maxlen: 22
176.62.200.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 17 Apr 2024 12:46:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:fd:91:f7:e9:fe:cd:10:a4:8a:f5:48:a1:84:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=262341b433e1f8fcb796322d2fd926409396e7ad
Validity
Not Before: Jan 1 20:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b76bfc6b5b98f8de43f43780bc2e990623be7823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e0:60:5a:e8:cb:c0:80:1e:d1:92:4c:5b:d5:
61:af:6e:dc:f0:77:3a:57:5c:e9:ce:8d:3d:c3:71:
ee:2c:9e:5f:02:ce:22:dc:74:e0:ef:92:97:32:49:
15:72:5a:78:d1:25:41:49:79:45:dc:81:84:03:52:
41:a6:d9:bf:57:68:7f:cc:48:d2:da:8d:1a:b4:c6:
b2:44:9f:a8:ac:3d:35:cd:50:dd:8d:88:c3:45:7c:
57:c9:f7:18:4f:5a:09:cb:83:c4:e8:c5:26:9c:1c:
ad:b0:f6:56:46:e6:db:42:43:d1:81:7e:6d:9e:33:
ca:8b:86:62:be:95:d9:84:07:5c:a2:34:d9:45:8e:
a9:6c:9e:9a:58:c8:11:17:dc:5a:f5:df:8c:19:e0:
93:f7:e7:e8:5d:0d:91:fe:df:fb:6d:fd:b5:d8:6f:
8b:24:66:b5:88:5a:4f:c8:a5:b1:eb:e4:5d:68:e1:
c9:1f:d1:68:5b:3c:8d:e9:44:18:b8:15:63:25:99:
c3:61:4e:4d:d9:45:2e:cf:e0:2a:2c:7a:b0:e1:ce:
66:98:bd:c2:ad:34:8b:fa:9b:46:4c:7b:32:7b:53:
3b:e3:87:de:38:ab:af:6f:8d:70:9b:84:ec:ac:f4:
4d:97:03:b1:b2:0b:9d:88:cd:bb:75:39:a7:2a:4c:
88:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6B:FC:6B:5B:98:F8:DE:43:F4:37:80:BC:2E:99:06:23:BE:78:23
X509v3 Authority Key Identifier:
keyid:26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/t2v8a1uY-N5D9DeAvC6ZBiO-eCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/JiNBtDPh-Py3ljItL9kmQJOW560.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.62.200.0/21
185.66.0.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:64:7e:91:2e:eb:73:24:23:97:e3:95:ef:97:23:97:63:10:
29:a0:db:9a:65:22:50:24:3c:05:b6:55:73:b6:e7:73:ef:7a:
a7:55:6e:8d:9e:b4:63:c6:f4:53:a8:4c:43:58:16:95:d8:f1:
0e:b7:28:8b:b7:fc:c2:0b:09:19:a7:78:e8:4c:8a:39:f9:f3:
2e:39:68:92:8c:74:56:d5:d6:64:fe:0f:ea:96:21:a2:cc:b7:
30:18:f1:81:94:7b:e7:39:c4:d1:63:dc:0d:d3:10:82:2c:be:
15:ff:c2:79:66:af:7b:e6:4f:68:20:e6:f6:15:96:84:05:82:
60:34:74:ec:e4:0d:73:59:04:51:4c:04:56:ef:51:7c:74:79:
f0:9e:58:8f:5f:3c:2a:24:72:e4:a0:17:a0:16:2e:1c:a4:8b:
40:6b:5c:d6:01:a5:b5:b9:51:88:d0:a8:f1:4e:11:8e:aa:b0:
ac:54:0e:97:27:18:d6:73:45:8c:cc:cb:58:da:0e:2f:8a:e7:
40:1c:8e:f1:14:6f:18:e8:22:a7:f3:95:b7:0b:76:83:b3:85:
e2:95:a8:7f:63:4f:e5:62:83:40:9a:37:a6:b5:b7:bd:2f:cf:
a5:69:79:43:cc:3f:fc:97:d0:a7:a8:0f:0a:fc:ad:f4:4b:0b:
3b:7a:a1:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuP2R9+n+zRCkivVIoYThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MjM0MWI0MzNlMWY4ZmNiNzk2MzIyZDJmZDkyNjQwOTM5
NmU3YWQwHhcNMjQwMTAxMjAzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzZiZmM2YjViOThmOGRlNDNmNDM3ODBiYzJlOTkwNjIzYmU3ODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeBgWujLwIAe0ZJMW9Vhr27c8Hc6
V1zpzo09w3HuLJ5fAs4i3HTg75KXMkkVclp40SVBSXlF3IGEA1JBptm/V2h/zEjS
2o0atMayRJ+orD01zVDdjYjDRXxXyfcYT1oJy4PE6MUmnBytsPZWRubbQkPRgX5t
njPKi4ZivpXZhAdcojTZRY6pbJ6aWMgRF9xa9d+MGeCT9+foXQ2R/t/7bf212G+L
JGa1iFpPyKWx6+RdaOHJH9FoWzyN6UQYuBVjJZnDYU5N2UUuz+AqLHqw4c5mmL3C
rTSL+ptGTHsye1M744feOKuvb41wm4TsrPRNlwOxsgudiM27dTmnKkyIaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLdr/GtbmPjeQ/Q3gLwumQYjvngjMB8GA1UdIwQY
MBaAFCYjQbQz4fj8t5YyLS/ZJkCTluetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTct
OTgyODJjODlmNTE2LzEvdDJ2OGExdVktTjVEOURlQXZDNlpCaU8tZUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTctOTgyODJjODlmNTE2
LzEvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsD7IAwQC
uUIAMA0GCSqGSIb3DQEBCwUAA4IBAQCOZH6RLutzJCOX45XvlyOXYxApoNuaZSJQ
JDwFtlVztudz73qnVW6NnrRjxvRTqExDWBaV2PEOtyiLt/zCCwkZp3joTIo5+fMu
OWiSjHRW1dZk/g/qliGizLcwGPGBlHvnOcTRY9wN0xCCLL4V/8J5Zq975k9oIOb2
FZaEBYJgNHTs5A1zWQRRTARW71F8dHnwnliPXzwqJHLkoBegFi4cpItAa1zWAaW1
uVGI0KjxThGOqrCsVA6XJxjWc0WMzMtY2g4viudAHI7xFG8Y6CKn85W3C3aDs4Xi
lah/Y0/lYoNAmjemtbe9L8+laXlDzD/8l9CnqA8K/K30Sws7eqG3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:26 2024 by rpki-client on console-fra.rpki-client.org