Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/2q8NSn86PVMEP0mndGgP16a2oxQ.roa
File: 2q8NSn86PVMEP0mndGgP16a2oxQ.roa (raw, json)
Hash identifier: r2MfrrbkW5sXsYIfDrYxYttcGeNnaqa4EGPsnVBMeCY=
Subject key identifier: DA:AF:0D:4A:7F:3A:3D:53:04:3F:49:A7:74:68:0F:D7:A6:B6:A3:14
Certificate issuer: /CN=d22f3bd0bae603ab790602a96bbbc42b5322e88f
Certificate serial: 018571F0DB0FEADDEA1C8EE98629BEA371E4
Authority key identifier: D2:2F:3B:D0:BA:E6:03:AB:79:06:02:A9:6B:BB:C4:2B:53:22:E8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/2q8NSn86PVMEP0mndGgP16a2oxQ.roa
Signing time: Mon 02 Jan 2023 10:04:48 +0000
ROA not before: Mon 02 Jan 2023 10:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12125
IP address blocks: 194.38.4.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:db:0f:ea:dd:ea:1c:8e:e9:86:29:be:a3:71:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d22f3bd0bae603ab790602a96bbbc42b5322e88f
Validity
Not Before: Jan 2 10:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daaf0d4a7f3a3d53043f49a774680fd7a6b6a314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:86:e8:a6:56:90:d2:b8:d2:75:35:98:b2:37:
3d:5b:2f:17:b6:30:e6:e5:af:12:16:10:d2:29:6b:
6f:6b:21:f8:a6:0e:f9:a5:31:8a:c5:16:bf:5f:58:
c2:5a:2d:75:c3:3e:a2:f4:58:40:50:31:13:df:0a:
2c:a7:e7:88:fa:f3:08:5e:ec:7d:2d:56:28:2d:13:
04:85:a5:33:d6:84:d3:94:00:a4:0d:3e:7d:1d:ea:
d0:c7:31:a4:ac:ab:89:a5:8e:cf:c7:4d:60:a5:7b:
cc:6b:ca:10:af:1f:ff:b9:a1:4b:4b:b5:fb:c7:91:
ae:f5:4e:79:2e:d0:6b:7b:14:ba:eb:de:a1:5c:00:
c6:d4:7c:b6:ad:a3:ac:db:1f:10:6b:ca:13:48:c3:
bf:80:e2:ab:45:ae:53:27:58:b6:6f:22:34:b0:0d:
d3:ff:55:e7:c0:ce:a3:ca:f5:11:e8:77:77:e2:ab:
2c:81:a7:56:51:51:2b:bf:24:6a:64:69:ac:da:d7:
22:1d:f0:02:8c:98:a7:2e:76:89:b3:20:19:e9:aa:
b1:e6:6d:a1:36:28:da:44:17:c8:8f:c8:c4:b1:74:
e3:49:c5:5a:b6:7d:f0:9f:aa:87:c5:a1:bc:a3:a2:
b4:23:14:9f:a6:6e:31:4f:84:93:29:fa:8c:73:59:
e0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AF:0D:4A:7F:3A:3D:53:04:3F:49:A7:74:68:0F:D7:A6:B6:A3:14
X509v3 Authority Key Identifier:
keyid:D2:2F:3B:D0:BA:E6:03:AB:79:06:02:A9:6B:BB:C4:2B:53:22:E8:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/2q8NSn86PVMEP0mndGgP16a2oxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/0i870LrmA6t5BgKpa7vEK1Mi6I8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.4.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:e5:f4:9c:59:c2:e8:95:82:4a:78:10:3c:15:ff:7c:76:93:
8a:22:bc:e6:74:3e:92:e8:00:1b:f2:4b:7f:2e:b1:70:9c:d8:
d3:ad:23:28:3f:85:29:70:c8:58:6d:f5:c9:35:a3:b0:fa:9c:
91:eb:a1:da:01:91:b8:4b:70:46:ed:5c:03:2e:58:a3:99:c1:
23:b4:61:9a:57:81:32:bc:19:9c:de:f1:12:f8:ec:9e:8d:cc:
ef:34:9c:e4:07:70:87:e7:72:a6:23:66:a6:a5:20:35:30:54:
dc:6f:5d:f5:97:07:af:d3:65:e9:eb:2b:b5:fe:e2:2a:eb:fd:
83:df:f8:cc:aa:e9:0d:86:22:22:4f:a7:53:75:94:36:d0:92:
4e:2b:16:af:17:83:a3:1b:eb:c9:06:a4:e1:d0:0e:cf:9a:60:
8d:cb:73:41:32:f9:0e:db:f6:d4:c1:c8:8d:7f:bd:ec:78:b0:
9a:de:aa:57:dc:7b:fb:8c:a8:36:9d:65:5c:a2:2a:3e:5c:21:
af:3e:95:c4:a0:e8:ed:cc:f8:08:01:31:ff:ec:85:20:26:e1:
12:f4:31:69:f8:fa:07:64:14:53:a6:96:a9:a8:bb:49:37:6b:
f7:fc:95:d5:df:51:49:8b:8d:9d:f6:fa:6a:9f:2f:01:f9:d4:
58:9e:ab:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8NsP6t3qHI7phim+o3HkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMmYzYmQwYmFlNjAzYWI3OTA2MDJhOTZiYmJjNDJiNTMy
MmU4OGYwHhcNMjMwMTAyMTAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFmMGQ0YTdmM2EzZDUzMDQzZjQ5YTc3NDY4MGZkN2E2YjZhMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIboplaQ0rjSdTWYsjc9Wy8XtjDm
5a8SFhDSKWtvayH4pg75pTGKxRa/X1jCWi11wz6i9FhAUDET3wosp+eI+vMIXux9
LVYoLRMEhaUz1oTTlACkDT59HerQxzGkrKuJpY7Px01gpXvMa8oQrx//uaFLS7X7
x5Gu9U55LtBrexS6696hXADG1Hy2raOs2x8Qa8oTSMO/gOKrRa5TJ1i2byI0sA3T
/1XnwM6jyvUR6Hd34qssgadWUVErvyRqZGms2tciHfACjJinLnaJsyAZ6aqx5m2h
NijaRBfIj8jEsXTjScVatn3wn6qHxaG8o6K0IxSfpm4xT4STKfqMc1ngywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqvDUp/Oj1TBD9Jp3RoD9emtqMUMB8GA1UdIwQY
MBaAFNIvO9C65gOreQYCqWu7xCtTIuiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGk4NzBMcm1BNnQ1QmdLcGE3dkVLMU1pNkk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82ZTUxY2ItNTE3Zi00Y2IxLWEzYTAt
ZDcyMWJkMmU5ZDUzLzEvMnE4TlNuODZQVk1FUDBtbmRHZ1AxNmEyb3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82ZTUxY2ItNTE3Zi00Y2IxLWEzYTAtZDcyMWJkMmU5ZDUz
LzEvMGk4NzBMcm1BNnQ1QmdLcGE3dkVLMU1pNkk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiYEMA0G
CSqGSIb3DQEBCwUAA4IBAQA/5fScWcLolYJKeBA8Ff98dpOKIrzmdD6S6AAb8kt/
LrFwnNjTrSMoP4UpcMhYbfXJNaOw+pyR66HaAZG4S3BG7VwDLlijmcEjtGGaV4Ey
vBmc3vES+OyejczvNJzkB3CH53KmI2ampSA1MFTcb131lwev02Xp6yu1/uIq6/2D
3/jMqukNhiIiT6dTdZQ20JJOKxavF4OjG+vJBqTh0A7PmmCNy3NBMvkO2/bUwciN
f73seLCa3qpX3Hv7jKg2nWVcoio+XCGvPpXEoOjtzPgIATH/7IUgJuES9DFp+PoH
ZBRTppapqLtJN2v3/JXV31FJi42d9vpqny8B+dRYnquC
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:42 2024 by rpki-client on console-fra.rpki-client.org