Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/M26GGIBWg3ezaOItaClG49u7a1M.roa
File: M26GGIBWg3ezaOItaClG49u7a1M.roa (raw, json)
Hash identifier: oun2HpLjJkx6ZLTcHCzBP4CF/Mq0qzQ9yV8R8i6efjs=
Subject key identifier: 33:6E:86:18:80:56:83:77:B3:68:E2:2D:68:29:46:E3:DB:BB:6B:53
Certificate issuer: /CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Certificate serial: 01856CF864149701950619F9F34D7FD21EFD
Authority key identifier: 58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/M26GGIBWg3ezaOItaClG49u7a1M.roa
Signing time: Sun 01 Jan 2023 10:54:55 +0000
ROA not before: Sun 01 Jan 2023 10:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8356
IP address blocks: 217.198.48.0/20 maxlen: 24
217.198.56.0/21 maxlen: 24
185.109.124.0/22 maxlen: 24
2001:768::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:64:14:97:01:95:06:19:f9:f3:4d:7f:d2:1e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Validity
Not Before: Jan 1 10:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=336e861880568377b368e22d682946e3dbbb6b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:76:11:36:41:01:ae:8b:43:77:c6:d9:27:29:
cc:72:be:ca:a2:b5:d6:9f:32:97:c2:80:36:1c:ac:
36:7d:30:52:a3:bc:d2:3e:4b:fd:39:d2:d7:72:98:
f7:d6:37:a6:19:c6:d4:a6:f9:79:30:96:a4:98:35:
12:93:86:fa:f4:7a:b6:5c:e4:37:e4:51:5c:1b:13:
0e:b0:1d:9d:c8:9d:da:c3:93:36:d7:a7:18:f6:13:
76:46:2f:85:02:b1:bf:cc:f0:87:75:62:6a:90:39:
62:50:ea:58:e3:cc:b8:d2:75:8e:0b:7f:eb:3c:63:
8e:94:de:aa:2c:54:f1:6a:49:db:b0:22:2b:48:bd:
9a:e4:db:0c:1c:8c:e8:d5:38:7b:34:d0:0a:7e:15:
5c:3d:03:98:fe:3a:8e:6c:3d:81:59:da:23:eb:b0:
c8:49:20:c9:4c:24:6a:c3:f3:08:44:eb:b4:77:65:
57:85:37:27:86:28:c3:66:00:15:07:0a:b8:3c:8c:
37:fa:0a:f1:6e:0e:a1:db:eb:bd:44:a6:ee:5c:7a:
8c:8b:56:64:d3:bf:16:6d:cb:53:4e:a3:cd:e6:fe:
9d:ca:9c:91:4f:a6:05:b8:29:cc:5a:aa:4f:48:f4:
62:f2:7b:00:e0:71:5e:5f:e7:94:64:fe:da:b0:b4:
6e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6E:86:18:80:56:83:77:B3:68:E2:2D:68:29:46:E3:DB:BB:6B:53
X509v3 Authority Key Identifier:
keyid:58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/M26GGIBWg3ezaOItaClG49u7a1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.124.0/22
217.198.48.0/20
IPv6:
2001:768::/32
Signature Algorithm: sha256WithRSAEncryption
33:79:c8:25:e6:29:a0:91:ef:1d:19:e6:24:67:44:6b:dc:9e:
e1:85:98:67:64:7e:b2:d9:4c:5e:cf:d7:02:d4:49:0c:2c:43:
2b:a4:3b:1b:a4:1c:d8:65:fe:e8:70:0c:11:29:68:a7:f1:2f:
e0:20:e6:f9:58:1e:41:bd:4a:c9:1a:ea:55:77:6f:5d:00:ee:
be:3b:31:45:22:6a:c7:0d:f3:1c:3f:88:a3:b1:3e:de:0d:6e:
49:79:27:d9:35:a7:0a:56:90:d6:9f:0a:49:a2:1d:f4:9b:3e:
36:fe:3a:b9:af:fb:c8:97:e5:89:c4:87:32:64:d7:21:cc:36:
17:0e:6b:ec:8e:b7:5e:0c:5e:ce:68:7f:97:64:7c:1e:45:05:
1b:5f:6b:7f:b5:72:36:25:9e:c9:36:5c:85:fb:cd:a4:72:9e:
e9:de:8b:08:47:cb:f3:77:66:e9:9e:80:ef:47:df:f8:0c:61:
7d:8d:dc:7b:04:6c:91:40:de:db:a3:f1:df:ed:3d:5c:82:86:
5d:ba:b1:95:d2:d2:93:2e:ce:33:14:2e:a6:33:ff:cc:b5:2a:
13:8f:97:6e:3f:a0:d0:d9:42:96:55:ee:b7:f4:2b:b0:10:94:
28:94:b7:90:8a:53:6e:95:aa:ab:94:c9:c3:8d:a6:47:b6:de:
1a:1f:57:c3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVs+GQUlwGVBhn5801/0h79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmI4ZWUzYTc0N2VkOGI1Nzg2NTdjZGQ0NzM3NTg2ZjVm
ZGI5MzEwHhcNMjMwMTAxMTA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzZlODYxODgwNTY4Mzc3YjM2OGUyMmQ2ODI5NDZlM2RiYmI2YjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXYRNkEBrotDd8bZJynMcr7KorXW
nzKXwoA2HKw2fTBSo7zSPkv9OdLXcpj31jemGcbUpvl5MJakmDUSk4b69Hq2XOQ3
5FFcGxMOsB2dyJ3aw5M216cY9hN2Ri+FArG/zPCHdWJqkDliUOpY48y40nWOC3/r
PGOOlN6qLFTxaknbsCIrSL2a5NsMHIzo1Th7NNAKfhVcPQOY/jqObD2BWdoj67DI
SSDJTCRqw/MIROu0d2VXhTcnhijDZgAVBwq4PIw3+grxbg6h2+u9RKbuXHqMi1Zk
078WbctTTqPN5v6dypyRT6YFuCnMWqpPSPRi8nsA4HFeX+eUZP7asLRuhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDNuhhiAVoN3s2jiLWgpRuPbu2tTMB8GA1UdIwQY
MBaAFFi7juOnR+2LV4ZXzdRzdYb1/bkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDkt
YTgzZjkxNDAzNWIzLzEvTTI2R0dJQldnM2V6YU9JdGFDbEc0OXU3YTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDktYTgzZjkxNDAzNWIz
LzEvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuW18AwQE
2cYwMA0EAgACMAcDBQAgAQdoMA0GCSqGSIb3DQEBCwUAA4IBAQAzecgl5imgke8d
GeYkZ0Rr3J7hhZhnZH6y2Uxez9cC1EkMLEMrpDsbpBzYZf7ocAwRKWin8S/gIOb5
WB5BvUrJGupVd29dAO6+OzFFImrHDfMcP4ijsT7eDW5JeSfZNacKVpDWnwpJoh30
mz42/jq5r/vIl+WJxIcyZNchzDYXDmvsjrdeDF7OaH+XZHweRQUbX2t/tXI2JZ7J
NlyF+82kcp7p3osIR8vzd2bpnoDvR9/4DGF9jdx7BGyRQN7bo/Hf7T1cgoZdurGV
0tKTLs4zFC6mM//MtSoTj5duP6DQ2UKWVe639CuwEJQolLeQilNulaqrlMnDjaZH
tt4aH1fD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:12 2024 by rpki-client on console-ams.rpki-client.org