Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/2gZ6YVtqsl4w-VXs-oOnvFD1u5s.roa
File: 2gZ6YVtqsl4w-VXs-oOnvFD1u5s.roa (raw, json)
Hash identifier: lHRmVvbjJGnAwR6htNPV+wmRyWJ9WxfEZWLPsf5qJtw=
Subject key identifier: DA:06:7A:61:5B:6A:B2:5E:30:F9:55:EC:FA:83:A7:BC:50:F5:BB:9B
Certificate issuer: /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial: 01878F95AE833B057523B67E5F42499ED3B1
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/2gZ6YVtqsl4w-VXs-oOnvFD1u5s.roa
Signing time: Mon 17 Apr 2023 14:19:23 +0000
ROA not before: Mon 17 Apr 2023 14:19:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200017
IP address blocks: 193.222.50.0/24 maxlen: 24
193.222.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8f:95:ae:83:3b:05:75:23:b6:7e:5f:42:49:9e:d3:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Validity
Not Before: Apr 17 14:19:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da067a615b6ab25e30f955ecfa83a7bc50f5bb9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:71:b2:2c:77:1c:b4:11:31:53:4d:88:20:b5:
7d:2f:95:8b:9b:06:a3:96:70:c5:db:c1:03:80:9f:
49:cd:21:8a:28:a3:02:e2:57:2d:d8:c6:9c:8f:36:
1a:7d:7f:6e:90:98:c6:f0:ae:84:36:87:b9:0c:6d:
09:56:16:31:b9:a0:74:38:31:ae:5f:d3:84:e0:33:
86:62:8e:48:44:e0:e8:7a:85:25:76:06:73:b1:c0:
b7:ac:79:84:c5:49:87:76:04:f4:84:8e:74:8c:f1:
43:bc:9e:40:18:a1:bb:4d:cc:4d:16:9e:bf:7f:11:
a3:08:f5:80:85:6f:cb:1d:d8:6f:cb:fe:76:e6:80:
13:86:8f:3f:ec:18:e2:e4:43:2c:38:dd:f5:c8:f3:
77:d5:68:31:bf:25:1f:a5:97:ee:d9:aa:0d:b4:4f:
52:23:00:81:37:82:5c:ea:dd:17:68:92:00:1e:8c:
d1:8c:8a:79:93:bd:09:bf:6d:7d:d9:e4:b1:66:66:
02:83:9e:0d:65:65:9e:5e:a4:6d:22:03:87:8d:db:
33:9d:c5:dc:15:dd:b6:c0:0b:96:de:62:c8:e8:aa:
f0:1f:8c:17:ac:9a:4c:e2:d6:97:ab:e9:ce:80:6b:
26:1a:c9:6b:ba:5d:c3:05:35:fa:27:dd:55:3f:a9:
1f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:06:7A:61:5B:6A:B2:5E:30:F9:55:EC:FA:83:A7:BC:50:F5:BB:9B
X509v3 Authority Key Identifier:
keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/2gZ6YVtqsl4w-VXs-oOnvFD1u5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.222.50.0/24
193.222.60.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:41:a3:c0:6c:ad:14:4e:51:d9:9f:a4:1c:c3:03:73:d0:ab:
eb:1c:ab:25:7e:3e:15:6c:f7:11:99:54:b5:52:64:8c:3c:ed:
79:43:2f:c6:aa:46:88:46:15:f7:b6:4f:27:97:4b:8b:7e:76:
53:d8:2e:c1:5e:61:cc:4b:2d:89:59:b3:61:62:e1:36:30:10:
bd:0a:61:a3:23:75:b2:76:77:d8:86:bd:a3:96:f8:8e:77:54:
2d:42:85:0d:5b:b9:46:19:50:e9:24:7d:40:41:94:d3:64:27:
e4:47:75:54:dd:81:d2:ff:de:1f:9d:e5:9d:3a:60:3c:5b:c6:
9f:37:42:cb:d5:6e:53:cd:07:ad:91:e2:64:a3:be:fd:dc:10:
ab:a5:c0:d6:63:75:96:dc:7c:34:04:1c:15:85:1d:be:40:20:
f5:b7:c5:69:e3:8a:07:3d:d6:bb:8d:c6:d8:29:72:c2:ea:f7:
ac:2d:6e:59:12:f8:61:da:ae:55:dc:59:7f:70:9b:d0:8c:8f:
d7:a6:0d:c2:4f:f5:2c:61:f8:31:05:74:41:0c:37:ed:5f:14:
a9:7e:52:62:ab:66:71:bb:a0:e9:6a:ec:3a:55:20:e9:05:d7:
b5:f9:dc:d0:df:45:c6:a3:40:fa:76:b0:74:3c:41:5d:12:30:
69:0c:46:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYePla6DOwV1I7Z+X0JJntOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjMwNDE3MTQxOTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTA2N2E2MTViNmFiMjVlMzBmOTU1ZWNmYTgzYTdiYzUwZjViYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXGyLHcctBExU02IILV9L5WLmwaj
lnDF28EDgJ9JzSGKKKMC4lct2MacjzYafX9ukJjG8K6ENoe5DG0JVhYxuaB0ODGu
X9OE4DOGYo5IRODoeoUldgZzscC3rHmExUmHdgT0hI50jPFDvJ5AGKG7TcxNFp6/
fxGjCPWAhW/LHdhvy/525oATho8/7Bji5EMsON31yPN31WgxvyUfpZfu2aoNtE9S
IwCBN4Jc6t0XaJIAHozRjIp5k70Jv2192eSxZmYCg54NZWWeXqRtIgOHjdszncXc
Fd22wAuW3mLI6KrwH4wXrJpM4taXq+nOgGsmGslrul3DBTX6J91VP6kfpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNoGemFbarJeMPlV7PqDp7xQ9bubMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvMmdaNllWdHFzbDR3LVZYcy1vT252RkQxdTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm
LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwd4yAwQA
wd48MA0GCSqGSIb3DQEBCwUAA4IBAQAsQaPAbK0UTlHZn6QcwwNz0KvrHKslfj4V
bPcRmVS1UmSMPO15Qy/GqkaIRhX3tk8nl0uLfnZT2C7BXmHMSy2JWbNhYuE2MBC9
CmGjI3WydnfYhr2jlviOd1QtQoUNW7lGGVDpJH1AQZTTZCfkR3VU3YHS/94fneWd
OmA8W8afN0LL1W5TzQetkeJko7793BCrpcDWY3WW3Hw0BBwVhR2+QCD1t8Vp44oH
Pda7jcbYKXLC6vesLW5ZEvhh2q5V3Fl/cJvQjI/Xpg3CT/UsYfgxBXRBDDftXxSp
flJiq2Zxu6Dpauw6VSDpBde1+dzQ30XGo0D6drB0PEFdEjBpDEaA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:50 2024 by rpki-client on console-ams.rpki-client.org