Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/2VqiHQaiQFLl6XV7dbDko2Uyj8g.roa
File: 2VqiHQaiQFLl6XV7dbDko2Uyj8g.roa (raw, json)
Hash identifier: 2Hyi0GFOvjtmxYTIC4q/UfoPYRSpCPaiujlPC3Hp4w8=
Subject key identifier: D9:5A:A2:1D:06:A2:40:52:E5:E9:75:7B:75:B0:E4:A3:65:32:8F:C8
Certificate issuer: /CN=7a49eeaf24342c3b2c632c9e48463138de2dc00b
Certificate serial: 01856FA6DDDEC5F98B7966A12327CD551612
Authority key identifier: 7A:49:EE:AF:24:34:2C:3B:2C:63:2C:9E:48:46:31:38:DE:2D:C0:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eknuryQ0LDssYyyeSEYxON4twAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/2VqiHQaiQFLl6XV7dbDko2Uyj8g.roa
Signing time: Sun 01 Jan 2023 23:24:44 +0000
ROA not before: Sun 01 Jan 2023 23:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15757
IP address blocks: 94.124.224.0/21 maxlen: 23
185.165.200.0/22 maxlen: 24
217.17.160.0/19 maxlen: 24
82.114.128.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:dd:de:c5:f9:8b:79:66:a1:23:27:cd:55:16:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a49eeaf24342c3b2c632c9e48463138de2dc00b
Validity
Not Before: Jan 1 23:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d95aa21d06a24052e5e9757b75b0e4a365328fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:32:dd:37:69:81:7d:66:f6:9a:90:3f:14:42:
fe:bb:ff:d6:3c:e4:41:c4:c1:28:03:cd:c0:4b:d8:
74:00:df:61:d8:cc:0b:59:9d:a6:2e:ae:15:73:42:
4f:e2:66:dd:e2:f1:34:3c:a9:3f:f0:2c:2d:3c:7a:
55:4c:51:6b:99:67:2a:a6:df:73:d3:12:4d:da:7a:
e4:84:1a:e3:8c:51:a3:a2:99:dd:41:11:8e:09:18:
0d:75:70:3e:54:f5:e7:31:fa:e1:45:ee:cd:9c:3d:
23:f4:d1:01:b1:95:6a:52:2f:70:d3:8b:19:1e:7f:
85:e8:b0:e5:11:cd:be:71:6b:5a:54:6e:80:b0:2b:
e2:a3:82:d1:6d:32:56:ce:af:1f:d9:0f:7c:39:96:
f9:32:2d:2f:ea:ca:d3:a5:e6:8a:83:c4:95:e0:0f:
ff:f3:a4:53:8c:0a:2d:ba:47:ee:7d:1b:35:80:87:
47:b9:8a:62:65:d4:df:53:22:b0:93:f2:fc:4e:ba:
04:27:a8:c2:b8:fe:60:cb:9e:6e:b4:ea:3e:3f:72:
9a:83:86:0a:2a:76:7b:ea:8e:5e:89:c9:46:2b:d9:
ba:d3:13:77:0e:ba:17:49:7f:ab:c8:a7:dd:e1:3f:
f4:28:9b:62:0d:c6:b0:52:da:8b:47:98:30:87:a5:
52:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:5A:A2:1D:06:A2:40:52:E5:E9:75:7B:75:B0:E4:A3:65:32:8F:C8
X509v3 Authority Key Identifier:
keyid:7A:49:EE:AF:24:34:2C:3B:2C:63:2C:9E:48:46:31:38:DE:2D:C0:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eknuryQ0LDssYyyeSEYxON4twAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/2VqiHQaiQFLl6XV7dbDko2Uyj8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/eknuryQ0LDssYyyeSEYxON4twAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.114.128.0/19
94.124.224.0/21
185.165.200.0/22
217.17.160.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:7b:79:2d:03:f3:cd:ed:eb:ec:a0:a7:36:0f:4d:0c:6d:5e:
fd:b4:40:d4:e7:b3:8d:c5:4d:e9:22:f6:9c:cd:9f:25:4b:e4:
be:c4:8e:19:b7:ef:98:2e:7a:a1:14:d5:76:7c:30:aa:0d:31:
b9:05:06:af:a0:f7:bf:5a:56:44:36:e2:b9:b8:fe:78:30:f3:
f7:5f:97:9d:8f:da:f3:c0:12:68:cf:ad:bc:58:b7:2a:fc:80:
3b:a3:59:67:8f:99:49:8e:0e:c7:3e:81:3d:0d:2b:ac:bf:95:
cc:35:f6:db:0b:a3:f7:90:19:1c:b9:e6:78:69:c5:a1:42:d9:
19:53:8d:65:eb:01:a9:9c:d8:80:f2:27:19:cf:22:05:64:05:
ff:6f:54:b3:e7:44:32:11:e2:c2:22:86:a9:c9:2d:0f:e2:54:
8d:c1:f5:51:2c:30:16:c0:b3:01:59:1c:ae:9b:60:9a:30:ee:
c1:e8:c9:bf:9a:2a:73:b4:5a:e4:94:ec:ef:3e:e5:7f:fe:ae:
ad:d2:e7:54:ab:17:4e:bd:c8:8a:05:92:bb:4f:1b:dd:6e:67:
b9:dc:51:51:49:44:bd:3e:e9:b3:61:89:b8:27:43:1a:f8:9f:
f2:ff:36:a4:67:75:55:b9:26:cc:8d:e8:f0:f1:25:de:1f:28:
a2:d6:85:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvpt3exfmLeWahIyfNVRYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNDllZWFmMjQzNDJjM2IyYzYzMmM5ZTQ4NDYzMTM4ZGUy
ZGMwMGIwHhcNMjMwMTAxMjMyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTVhYTIxZDA2YTI0MDUyZTVlOTc1N2I3NWIwZTRhMzY1MzI4ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzLdN2mBfWb2mpA/FEL+u//WPORB
xMEoA83AS9h0AN9h2MwLWZ2mLq4Vc0JP4mbd4vE0PKk/8CwtPHpVTFFrmWcqpt9z
0xJN2nrkhBrjjFGjopndQRGOCRgNdXA+VPXnMfrhRe7NnD0j9NEBsZVqUi9w04sZ
Hn+F6LDlEc2+cWtaVG6AsCvio4LRbTJWzq8f2Q98OZb5Mi0v6srTpeaKg8SV4A//
86RTjAotukfufRs1gIdHuYpiZdTfUyKwk/L8TroEJ6jCuP5gy55utOo+P3Kag4YK
KnZ76o5eiclGK9m60xN3DroXSX+ryKfd4T/0KJtiDcawUtqLR5gwh6VS4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNlaoh0GokBS5el1e3Ww5KNlMo/IMB8GA1UdIwQY
MBaAFHpJ7q8kNCw7LGMsnkhGMTjeLcALMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWtudXJ5UTBMRHNzWXl5ZVNFWXhPTjR0d0FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy82M2I4YWEtNzIyZi00MDA5LWFkYTct
ZjliNjA3MTE0NTNjLzEvMlZxaUhRYWlRRkxsNlhWN2RiRGtvMlV5ajhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy82M2I4YWEtNzIyZi00MDA5LWFkYTctZjliNjA3MTE0NTNj
LzEvZWtudXJ5UTBMRHNzWXl5ZVNFWXhPTjR0d0FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUnKAAwQD
XnzgAwQCuaXIAwQF2RGgMA0GCSqGSIb3DQEBCwUAA4IBAQBbe3ktA/PN7evsoKc2
D00MbV79tEDU57ONxU3pIvaczZ8lS+S+xI4Zt++YLnqhFNV2fDCqDTG5BQavoPe/
WlZENuK5uP54MPP3X5edj9rzwBJoz628WLcq/IA7o1lnj5lJjg7HPoE9DSusv5XM
NfbbC6P3kBkcueZ4acWhQtkZU41l6wGpnNiA8icZzyIFZAX/b1Sz50QyEeLCIoap
yS0P4lSNwfVRLDAWwLMBWRyum2CaMO7B6Mm/mipztFrklOzvPuV//q6t0udUqxdO
vciKBZK7Txvdbme53FFRSUS9PumzYYm4J0Ma+J/y/zakZ3VVuSbMjejw8SXeHyii
1oX0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:11 2024 by rpki-client on console-ams.rpki-client.org