Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/VXdjP2obQVZOICHGeWXlWtVFNKY.roa
File: VXdjP2obQVZOICHGeWXlWtVFNKY.roa (raw, json)
Hash identifier: UyieJEDz1ZTjoZsqasCLiYHcXPkoCykwbQBZVtvFz28=
Subject key identifier: 55:77:63:3F:6A:1B:41:56:4E:20:21:C6:79:65:E5:5A:D5:45:34:A6
Certificate issuer: /CN=2e1620890f700f012b0ba60172314e3c85919513
Certificate serial: 01856D662C7BBFDEC30DE2FCE24FFC342EA3
Authority key identifier: 2E:16:20:89:0F:70:0F:01:2B:0B:A6:01:72:31:4E:3C:85:91:95:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhYgiQ9wDwErC6YBcjFOPIWRlRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/VXdjP2obQVZOICHGeWXlWtVFNKY.roa
Signing time: Sun 01 Jan 2023 12:54:50 +0000
ROA not before: Sun 01 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9051
IP address blocks: 212.28.224.0/19 maxlen: 24
80.81.144.0/20 maxlen: 24
195.112.192.0/19 maxlen: 24
92.62.160.0/20 maxlen: 24
141.105.80.0/20 maxlen: 24
185.3.20.0/22 maxlen: 24
2a00:16e8::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:2c:7b:bf:de:c3:0d:e2:fc:e2:4f:fc:34:2e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1620890f700f012b0ba60172314e3c85919513
Validity
Not Before: Jan 1 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5577633f6a1b41564e2021c67965e55ad54534a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2f:46:2f:7b:b4:d6:da:98:f4:b8:52:eb:94:
e4:21:4c:9c:2f:53:4b:35:d9:bd:b6:82:bd:4d:b5:
16:32:23:fa:45:76:70:da:f7:6a:e8:54:63:24:0c:
f0:91:7f:86:ce:61:42:8b:66:e2:e6:a3:9c:be:e4:
0b:29:c7:1e:a7:9d:1c:ef:6f:e4:7f:60:da:7a:7f:
1b:e3:86:6f:01:a2:4f:09:ce:04:2a:99:a4:3d:07:
8c:b3:e5:b5:70:45:25:7d:87:59:63:6d:2a:04:3d:
7b:b1:de:86:44:01:26:74:f3:93:8e:61:09:bd:b7:
04:b9:c0:1a:0a:a4:fe:24:9d:46:f1:6f:0b:c3:0f:
92:d3:dd:f4:30:9e:27:7f:73:ce:4f:cc:f6:6b:bc:
65:38:a3:28:52:f4:8d:72:5d:00:ed:5e:94:8f:87:
ce:69:0a:64:1c:79:85:d6:d2:35:eb:78:06:57:de:
8d:4b:b6:47:da:7d:83:3a:68:aa:70:27:cc:ea:73:
50:5f:28:a8:f4:5a:b8:02:4c:97:bf:31:fa:ef:b4:
2a:de:4b:89:80:31:0c:b0:90:f4:28:fa:72:50:2c:
7a:4a:95:31:36:d4:53:65:f2:56:7b:59:67:68:48:
74:47:ea:3b:15:2a:de:56:8b:39:85:d3:bf:3a:bc:
c7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:77:63:3F:6A:1B:41:56:4E:20:21:C6:79:65:E5:5A:D5:45:34:A6
X509v3 Authority Key Identifier:
keyid:2E:16:20:89:0F:70:0F:01:2B:0B:A6:01:72:31:4E:3C:85:91:95:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhYgiQ9wDwErC6YBcjFOPIWRlRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/VXdjP2obQVZOICHGeWXlWtVFNKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/LhYgiQ9wDwErC6YBcjFOPIWRlRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.144.0/20
92.62.160.0/20
141.105.80.0/20
185.3.20.0/22
195.112.192.0/19
212.28.224.0/19
IPv6:
2a00:16e8::/32
Signature Algorithm: sha256WithRSAEncryption
18:02:12:e5:d0:80:1b:38:da:8e:c8:70:f4:dd:55:eb:3f:0e:
96:e1:da:cc:5d:8b:0a:73:8c:a4:e5:cc:5a:0b:20:d9:fe:99:
68:f8:68:4f:3f:3e:66:90:4d:41:0a:d8:01:7e:cc:fc:bc:3a:
c1:86:ed:54:5e:ff:52:68:cf:85:45:35:14:16:46:40:bc:a2:
ab:91:8e:00:49:2d:20:be:f8:b5:2b:0a:14:aa:86:a7:c7:ea:
8e:c2:6b:52:60:43:14:bc:9e:33:4f:4e:29:72:d3:f4:84:cb:
56:7e:fe:48:f1:b8:ac:09:b4:93:43:c6:e3:8f:fd:07:8a:2c:
a7:53:70:7a:7d:c1:03:1d:e2:71:77:ef:ea:84:74:db:47:58:
d3:e9:a9:63:41:fa:8d:a5:25:ef:ee:08:85:f0:11:0e:3d:4f:
67:d3:34:63:31:5e:32:d3:56:2f:e3:8a:54:dc:34:2d:4a:92:
fa:86:22:89:b4:5c:32:df:2c:2b:ce:7f:c3:d7:c0:da:51:20:
55:7f:83:a2:f7:f6:3b:be:11:cd:cc:80:0e:e4:d9:d4:a9:11:
27:f2:2a:45:88:ce:62:f7:60:bd:ab:5e:78:d6:d5:1e:72:1a:
18:1b:42:ef:1f:61:5b:2d:02:28:25:67:44:84:b1:b4:1c:74:
db:1e:c2:c8
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVtZix7v97DDeL84k/8NC6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTYyMDg5MGY3MDBmMDEyYjBiYTYwMTcyMzE0ZTNjODU5
MTk1MTMwHhcNMjMwMTAxMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTc3NjMzZjZhMWI0MTU2NGUyMDIxYzY3OTY1ZTU1YWQ1NDUzNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjS9GL3u01tqY9LhS65TkIUycL1NL
Ndm9toK9TbUWMiP6RXZw2vdq6FRjJAzwkX+GzmFCi2bi5qOcvuQLKccep50c72/k
f2Daen8b44ZvAaJPCc4EKpmkPQeMs+W1cEUlfYdZY20qBD17sd6GRAEmdPOTjmEJ
vbcEucAaCqT+JJ1G8W8Lww+S0930MJ4nf3POT8z2a7xlOKMoUvSNcl0A7V6Uj4fO
aQpkHHmF1tI163gGV96NS7ZH2n2DOmiqcCfM6nNQXyio9Fq4AkyXvzH677Qq3kuJ
gDEMsJD0KPpyUCx6SpUxNtRTZfJWe1lnaEh0R+o7FSreVos5hdO/OrzHXQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFV3Yz9qG0FWTiAhxnll5VrVRTSmMB8GA1UdIwQY
MBaAFC4WIIkPcA8BKwumAXIxTjyFkZUTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhZZ2lROXdEd0VyQzZZQmNqRk9QSVdSbFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy84MjExNTItOWYxMy00YzA5LTlkY2Qt
NDViYmIyM2ExNWQ4LzEvVlhkalAyb2JRVlpPSUNIR2VXWGxXdFZGTktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy84MjExNTItOWYxMy00YzA5LTlkY2QtNDViYmIyM2ExNWQ4
LzEvTGhZZ2lROXdEd0VyQzZZQmNqRk9QSVdSbFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUFGQAwQE
XD6gAwQEjWlQAwQCuQMUAwQFw3DAAwQF1BzgMA0EAgACMAcDBQAqABboMA0GCSqG
SIb3DQEBCwUAA4IBAQAYAhLl0IAbONqOyHD03VXrPw6W4drMXYsKc4yk5cxaCyDZ
/plo+GhPPz5mkE1BCtgBfsz8vDrBhu1UXv9SaM+FRTUUFkZAvKKrkY4ASS0gvvi1
KwoUqoanx+qOwmtSYEMUvJ4zT04pctP0hMtWfv5I8bisCbSTQ8bjj/0HiiynU3B6
fcEDHeJxd+/qhHTbR1jT6aljQfqNpSXv7giF8BEOPU9n0zRjMV4y01Yv44pU3DQt
SpL6hiKJtFwy3ywrzn/D18DaUSBVf4Oi9/Y7vhHNzIAO5NnUqREn8ipFiM5i92C9
q1541tUechoYG0LvH2FbLQIoJWdEhLG0HHTbHsLI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:30 2024 by rpki-client on console-ams.rpki-client.org