Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/k2NJzqF8LvVank5thXpnspwnf5k.roa
File: k2NJzqF8LvVank5thXpnspwnf5k.roa (raw, json)
Hash identifier: l2m0d4h+Q9752q/J/pK90zLNFrkSXOk6yXfDnp/JG90=
Subject key identifier: 93:63:49:CE:A1:7C:2E:F5:5A:9E:4E:6D:85:7A:67:B2:9C:27:7F:99
Certificate issuer: /CN=2453da50e879bba7d7cff4f07d2caa5e9c01087d
Certificate serial: 018E66F263C573046E703881FB74210669E2
Authority key identifier: 24:53:DA:50:E8:79:BB:A7:D7:CF:F4:F0:7D:2C:AA:5E:9C:01:08:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFPaUOh5u6fXz_TwfSyqXpwBCH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/k2NJzqF8LvVank5thXpnspwnf5k.roa
Signing time: Fri 22 Mar 2024 16:15:44 +0000
ROA not before: Fri 22 Mar 2024 16:15:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207291
IP address blocks: 2.57.236.0/24 maxlen: 24
195.191.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 16:17:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:f2:63:c5:73:04:6e:70:38:81:fb:74:21:06:69:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2453da50e879bba7d7cff4f07d2caa5e9c01087d
Validity
Not Before: Mar 22 16:15:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=936349cea17c2ef55a9e4e6d857a67b29c277f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fb:54:33:70:e5:4b:37:9b:ee:86:6e:99:1a:
9f:18:7a:38:fb:3d:f8:b2:b5:03:e4:e0:d4:7d:1d:
1f:78:a5:73:27:78:9f:6f:f6:41:ab:8d:b7:bb:73:
c8:0e:cc:e1:55:d2:2d:a4:26:69:b8:ce:87:9f:a4:
d8:5e:ec:e2:2c:e7:6b:c5:53:77:ae:63:e5:62:b5:
10:c6:cb:3c:aa:eb:a5:0a:bf:73:26:6f:86:33:90:
c1:77:13:a3:32:72:1c:bd:14:a8:fc:14:f8:9c:89:
d1:04:91:79:fd:c1:f0:b4:ad:d9:49:b0:ea:e1:3f:
77:13:7b:97:92:4f:c6:db:f2:ce:05:d7:7a:25:d7:
cc:62:01:7c:16:f6:37:b0:cf:ad:a7:59:8a:1d:49:
23:0c:c8:f2:1f:7a:b3:46:cc:c6:16:74:fa:35:4b:
05:a7:28:97:4b:c5:7f:50:79:90:90:09:36:d5:2d:
14:59:80:20:86:2f:72:ac:73:d7:05:90:e1:ae:f7:
2a:6d:a0:13:87:f5:77:77:fd:b6:96:5b:4c:ba:ec:
09:ae:ca:eb:45:38:1a:4a:d1:e0:11:9e:5d:7d:13:
47:48:71:70:94:ac:a2:ea:0f:d7:28:9b:d8:e3:66:
8d:79:45:20:5e:a1:f9:82:2a:cd:5b:52:aa:9b:ca:
b7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:63:49:CE:A1:7C:2E:F5:5A:9E:4E:6D:85:7A:67:B2:9C:27:7F:99
X509v3 Authority Key Identifier:
keyid:24:53:DA:50:E8:79:BB:A7:D7:CF:F4:F0:7D:2C:AA:5E:9C:01:08:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFPaUOh5u6fXz_TwfSyqXpwBCH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/k2NJzqF8LvVank5thXpnspwnf5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/JFPaUOh5u6fXz_TwfSyqXpwBCH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.236.0/24
195.191.176.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:de:b9:93:f8:a6:b9:96:ac:4f:44:36:67:97:20:a0:0d:14:
23:38:8d:69:e8:dd:2f:69:09:16:ac:59:62:7f:49:a3:89:e5:
19:88:b6:42:60:f8:ee:b3:55:53:66:25:2c:84:d7:9e:5f:5b:
8e:e9:30:69:da:74:5a:21:25:68:d2:be:d2:c1:81:dd:50:af:
86:4b:e4:9c:48:58:a7:01:92:f6:f1:44:83:70:48:39:85:7c:
14:89:3b:d6:86:10:a8:36:59:0a:d1:59:04:b7:7a:a1:2d:aa:
99:eb:7a:2d:77:a8:9b:aa:ce:dd:d1:cc:dc:20:14:d7:45:36:
97:71:5b:8a:a9:ab:af:29:c8:a2:81:0d:ba:ae:5d:4b:e6:c9:
85:34:7e:3a:7b:f0:68:3f:d7:5e:4a:41:64:2f:cc:83:92:06:
23:ef:91:a6:d6:ce:f8:2e:c4:49:78:11:a6:8f:a1:62:fe:5d:
fa:b8:5d:fc:74:cd:b2:37:09:97:c1:32:cf:fd:e0:73:58:6d:
0b:29:65:7b:9c:2b:6d:f8:0c:ab:20:be:c2:bb:86:8c:0b:3b:
13:da:d5:39:a5:6a:b3:bf:71:96:ca:7c:f8:67:ff:49:31:48:
19:0c:76:03:de:7c:dd:9b:95:3a:6d:74:79:10:1e:60:23:66:
67:5e:b7:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5m8mPFcwRucDiB+3QhBmniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTNkYTUwZTg3OWJiYTdkN2NmZjRmMDdkMmNhYTVlOWMw
MTA4N2QwHhcNMjQwMzIyMTYxNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzYzNDljZWExN2MyZWY1NWE5ZTRlNmQ4NTdhNjdiMjljMjc3Zjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivtUM3DlSzeb7oZumRqfGHo4+z34
srUD5ODUfR0feKVzJ3ifb/ZBq423u3PIDszhVdItpCZpuM6Hn6TYXuziLOdrxVN3
rmPlYrUQxss8quulCr9zJm+GM5DBdxOjMnIcvRSo/BT4nInRBJF5/cHwtK3ZSbDq
4T93E3uXkk/G2/LOBdd6JdfMYgF8FvY3sM+tp1mKHUkjDMjyH3qzRszGFnT6NUsF
pyiXS8V/UHmQkAk21S0UWYAghi9yrHPXBZDhrvcqbaATh/V3d/22lltMuuwJrsrr
RTgaStHgEZ5dfRNHSHFwlKyi6g/XKJvY42aNeUUgXqH5girNW1Kqm8q36QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJNjSc6hfC71Wp5ObYV6Z7KcJ3+ZMB8GA1UdIwQY
MBaAFCRT2lDoebun18/08H0sql6cAQh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZQYVVPaDV1NmZYel9Ud2ZTeXFYcHdCQ0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yZjc4Y2YtMzI2MC00MzNiLTllOTEt
ZTQzYTUyYjYwNGNhLzEvazJOSnpxRjhMdlZhbms1dGhYcG5zcHduZjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yZjc4Y2YtMzI2MC00MzNiLTllOTEtZTQzYTUyYjYwNGNh
LzEvSkZQYVVPaDV1NmZYel9Ud2ZTeXFYcHdCQ0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjnsAwQA
w7+wMA0GCSqGSIb3DQEBCwUAA4IBAQCu3rmT+Ka5lqxPRDZnlyCgDRQjOI1p6N0v
aQkWrFlif0mjieUZiLZCYPjus1VTZiUshNeeX1uO6TBp2nRaISVo0r7SwYHdUK+G
S+ScSFinAZL28USDcEg5hXwUiTvWhhCoNlkK0VkEt3qhLaqZ63otd6ibqs7d0czc
IBTXRTaXcVuKqauvKciigQ26rl1L5smFNH46e/BoP9deSkFkL8yDkgYj75Gm1s74
LsRJeBGmj6Fi/l36uF38dM2yNwmXwTLP/eBzWG0LKWV7nCtt+AyrIL7Cu4aMCzsT
2tU5pWqzv3GWynz4Z/9JMUgZDHYD3nzdm5U6bXR5EB5gI2ZnXrca
-----END CERTIFICATE-----
Generated at Mon May 12 04:02:57 2025 by rpki-client