Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/ip_2yeLq-C4bgim8UiOU2Ky50Yo.roa
File: ip_2yeLq-C4bgim8UiOU2Ky50Yo.roa (raw, json)
Hash identifier: grtkj/xl+8Zdtrg6fzZQxVG3gx3xRBnDszBhOUZ07JI=
Subject key identifier: 8A:9F:F6:C9:E2:EA:F8:2E:1B:82:29:BC:52:23:94:D8:AC:B9:D1:8A
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 0185711E66BB7C3F4B17B80048B2250A2D93
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/ip_2yeLq-C4bgim8UiOU2Ky50Yo.roa
Signing time: Mon 02 Jan 2023 06:14:55 +0000
ROA not before: Mon 02 Jan 2023 06:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2.59.180.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:66:bb:7c:3f:4b:17:b8:00:48:b2:25:0a:2d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 2 06:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a9ff6c9e2eaf82e1b8229bc522394d8acb9d18a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8a:66:43:59:b7:9e:63:e8:a9:a2:00:e1:db:
88:12:a8:d3:3e:fd:85:2d:f5:cf:85:84:76:c0:11:
f9:c0:0c:0a:4e:d6:78:dc:6e:ed:92:e7:2e:41:11:
36:29:0a:3a:90:ba:c5:f1:43:f9:71:94:7f:5f:33:
65:38:56:1d:a9:62:64:4a:23:0f:60:58:13:bd:3c:
5a:58:23:76:bc:d3:cc:f3:7f:d4:02:b2:6c:b8:a8:
f4:fa:e8:52:9a:a4:7f:66:df:e1:76:c2:3c:46:03:
cf:c3:7e:1b:91:2d:4d:9f:6f:24:17:69:7c:36:1e:
a3:3c:3b:41:06:81:d1:ad:4c:70:48:5d:4b:c2:e1:
72:59:7c:d0:2f:88:7d:e7:9f:fc:10:9b:37:92:b6:
c0:04:6d:fd:dc:bf:00:e8:10:70:46:44:a8:bf:08:
64:bd:b0:96:20:d1:29:ac:3b:9a:4a:b5:47:07:3b:
ba:c8:39:ea:23:03:5d:00:f7:5a:eb:81:af:e6:d0:
9e:01:39:b0:9f:ee:4d:d6:ec:10:92:29:65:f3:33:
9d:fc:3c:36:23:de:48:34:85:25:9c:1a:cc:c9:30:
31:c2:7b:3f:51:18:02:94:38:e2:38:a5:96:46:d1:
6a:02:34:44:1d:4a:47:fe:c0:4f:35:fd:1f:e9:45:
75:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:9F:F6:C9:E2:EA:F8:2E:1B:82:29:BC:52:23:94:D8:AC:B9:D1:8A
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/ip_2yeLq-C4bgim8UiOU2Ky50Yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.180.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:5e:d6:5e:30:eb:a4:9a:03:f2:2b:52:eb:fe:80:81:0e:02:
ac:e2:68:f2:2e:2e:e8:5f:ad:97:0b:51:7f:ed:28:4b:41:5a:
98:ab:d7:63:2e:30:d1:de:09:89:22:11:1c:02:52:79:b1:f7:
39:46:2a:bc:3a:66:46:6f:01:31:a3:4b:87:fa:03:5b:af:00:
24:4d:8d:1e:02:36:5f:71:51:06:cd:b2:29:d0:cd:eb:6c:d6:
42:97:45:af:de:2b:15:86:84:b3:ba:85:f1:c6:97:18:b9:5b:
5a:21:9c:4a:2c:ac:82:e2:d1:ae:26:44:90:fc:e2:60:83:15:
15:bb:72:fb:79:85:82:a3:93:96:35:99:df:c2:f5:8c:ce:e2:
0e:bb:cf:d0:75:43:4a:ce:3e:b9:dd:56:f2:ca:4b:e6:6a:ea:
e9:46:a2:7a:06:68:64:25:07:a0:ba:f0:cd:4f:1f:9d:a4:23:
74:2d:51:c8:47:4f:32:2b:3c:a9:78:1d:d9:76:49:67:4e:5f:
85:09:a6:48:93:8e:99:a7:da:2a:0c:ce:87:10:fe:97:0e:6b:
6c:8a:1c:ab:fa:61:7a:28:78:23:21:2e:5b:6f:31:76:1a:a5:
db:24:70:49:b6:0a:37:04:18:b5:ec:cc:99:1b:ca:da:16:97:
16:b4:c6:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHma7fD9LF7gASLIlCi2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMwMTAyMDYxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTlmZjZjOWUyZWFmODJlMWI4MjI5YmM1MjIzOTRkOGFjYjlkMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIpmQ1m3nmPoqaIA4duIEqjTPv2F
LfXPhYR2wBH5wAwKTtZ43G7tkucuQRE2KQo6kLrF8UP5cZR/XzNlOFYdqWJkSiMP
YFgTvTxaWCN2vNPM83/UArJsuKj0+uhSmqR/Zt/hdsI8RgPPw34bkS1Nn28kF2l8
Nh6jPDtBBoHRrUxwSF1LwuFyWXzQL4h955/8EJs3krbABG393L8A6BBwRkSovwhk
vbCWINEprDuaSrVHBzu6yDnqIwNdAPda64Gv5tCeATmwn+5N1uwQkill8zOd/Dw2
I95INIUlnBrMyTAxwns/URgClDjiOKWWRtFqAjREHUpH/sBPNf0f6UV1LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqf9sni6vguG4IpvFIjlNisudGKMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvaXBfMnllTHEtQzRiZ2ltOFVpT1UyS3k1MFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAju0MA0G
CSqGSIb3DQEBCwUAA4IBAQC1XtZeMOukmgPyK1Lr/oCBDgKs4mjyLi7oX62XC1F/
7ShLQVqYq9djLjDR3gmJIhEcAlJ5sfc5Riq8OmZGbwExo0uH+gNbrwAkTY0eAjZf
cVEGzbIp0M3rbNZCl0Wv3isVhoSzuoXxxpcYuVtaIZxKLKyC4tGuJkSQ/OJggxUV
u3L7eYWCo5OWNZnfwvWMzuIOu8/QdUNKzj653VbyykvmaurpRqJ6BmhkJQeguvDN
Tx+dpCN0LVHIR08yKzypeB3ZdklnTl+FCaZIk46Zp9oqDM6HEP6XDmtsihyr+mF6
KHgjIS5bbzF2GqXbJHBJtgo3BBi17MyZG8raFpcWtMag
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-fra.rpki-client.org