Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/s2Vfo4XPefBihbXKYj-VLR2l_Xo.roa
File: s2Vfo4XPefBihbXKYj-VLR2l_Xo.roa (raw, json)
Hash identifier: 2MBSv5YThRSxIGj+xqKlKB4S6+GTkG3p/17Y3QYZsb4=
Subject key identifier: B3:65:5F:A3:85:CF:79:F0:62:85:B5:CA:62:3F:95:2D:1D:A5:FD:7A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01888C3CC1794778762793FC6F9692D7DFE6
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/s2Vfo4XPefBihbXKYj-VLR2l_Xo.roa
Signing time: Mon 05 Jun 2023 15:46:11 +0000
ROA not before: Mon 05 Jun 2023 15:46:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
2.56.108.0/22 maxlen: 24
45.88.136.0/23 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.122.0/23 maxlen: 24
194.242.97.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Jun 2023 14:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8c:3c:c1:79:47:78:76:27:93:fc:6f:96:92:d7:df:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 5 15:46:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3655fa385cf79f06285b5ca623f952d1da5fd7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1f:ea:50:a1:35:ee:46:52:29:13:7f:72:cf:
64:f2:ae:fe:66:fd:e0:31:7b:fd:6e:9f:41:f4:8a:
75:62:b3:ac:13:6b:75:f3:1d:81:95:4b:67:72:a2:
75:0e:a0:f2:86:71:da:5e:d3:18:bb:4e:fe:3a:95:
f0:ce:17:ae:37:1d:00:7f:25:50:1f:8b:4a:27:58:
f7:0d:38:08:bd:df:c8:f8:5c:2a:64:98:39:2f:43:
35:c8:42:77:c4:45:96:c7:15:ca:60:34:96:33:ef:
c0:6b:d9:1d:bf:d6:e8:e4:3f:1a:b8:f7:18:8e:a6:
60:0a:45:6f:1c:9e:96:af:b6:21:a6:6b:b7:67:f0:
22:cd:c2:1b:7a:73:25:56:93:44:59:fa:72:2a:1f:
d5:c3:50:46:ef:40:79:3c:5e:ca:cb:fc:04:c1:0d:
69:25:2f:d6:54:ca:7f:83:ae:8f:f6:db:9f:a4:dc:
38:a3:c1:5a:1a:6e:37:2a:3d:a0:1c:d2:4a:92:db:
48:aa:46:fd:60:09:5a:f8:a0:8f:c5:0f:64:06:c5:
55:02:68:a3:53:8c:02:a5:d7:7f:d4:f4:72:fd:27:
7e:5b:30:62:78:82:77:be:dc:d3:46:cc:8e:7d:93:
37:fb:80:0a:29:87:96:51:95:ac:55:db:b8:7a:ba:
e5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:65:5F:A3:85:CF:79:F0:62:85:B5:CA:62:3F:95:2D:1D:A5:FD:7A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/s2Vfo4XPefBihbXKYj-VLR2l_Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.84.0/23
5.181.87.0/24
45.13.189.0-45.13.190.255
45.81.112.0/22
45.88.136.0/23
45.132.181.0-45.132.183.255
45.144.212.0/24
45.151.3.0/24
77.83.39.0/24
85.209.122.0/23
194.242.97.0/24
195.177.92.0/23
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:86:fc:cc:17:b2:59:fd:d7:2a:f8:a5:5e:00:27:3a:43:5e:
90:93:63:aa:dc:61:f7:71:ff:b8:be:19:50:f0:01:5f:21:d3:
1d:65:7c:aa:33:fe:d4:e5:a8:d0:87:b5:e7:49:f0:86:bb:f9:
7b:4e:80:65:26:42:a5:5f:76:c7:dd:05:e7:44:05:19:82:91:
2c:34:38:8f:d4:23:2e:ea:6d:d4:61:e4:f9:d2:9a:03:ae:4e:
21:d4:bb:8c:0b:4b:9d:41:36:13:f9:9e:f2:30:05:e9:e0:d6:
d9:89:c4:b8:d4:6f:a0:d3:38:c4:a6:f2:71:27:21:91:5d:13:
7f:82:a3:83:26:a1:12:75:7b:1c:1a:d7:e8:c4:86:f0:a5:ef:
ef:19:b9:7e:84:8d:bb:59:10:a0:89:a2:88:82:03:78:80:fd:
b7:4c:92:f3:91:ab:7d:d2:df:bd:9b:d0:3b:5c:25:53:15:b9:
be:7f:a2:76:60:fd:75:79:5e:71:13:95:7a:f3:f9:9d:f7:d8:
03:44:c9:b3:7c:7f:3b:1c:e8:d1:14:c9:d7:20:11:cb:9a:aa:
11:8d:5f:bb:85:1a:9e:4d:79:0f:6c:e9:e1:2e:c0:43:8e:46:
45:38:d6:f8:a0:aa:98:85:01:dc:41:94:03:a3:f3:a1:c6:5e:
41:55:91:fc
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYiMPMF5R3h2J5P8b5aS19/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjA1MTU0NjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzY1NWZhMzg1Y2Y3OWYwNjI4NWI1Y2E2MjNmOTUyZDFkYTVmZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB/qUKE17kZSKRN/cs9k8q7+Zv3g
MXv9bp9B9Ip1YrOsE2t18x2BlUtncqJ1DqDyhnHaXtMYu07+OpXwzheuNx0AfyVQ
H4tKJ1j3DTgIvd/I+FwqZJg5L0M1yEJ3xEWWxxXKYDSWM+/Aa9kdv9bo5D8auPcY
jqZgCkVvHJ6Wr7Yhpmu3Z/AizcIbenMlVpNEWfpyKh/Vw1BG70B5PF7Ky/wEwQ1p
JS/WVMp/g66P9tufpNw4o8FaGm43Kj2gHNJKkttIqkb9YAla+KCPxQ9kBsVVAmij
U4wCpdd/1PRy/Sd+WzBieIJ3vtzTRsyOfZM3+4AKKYeWUZWsVdu4errluQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFLNlX6OFz3nwYoW1ymI/lS0dpf16MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvczJWZm80WFBlZkJpaGJYS1lqLVZMUjJsX1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQCAjhsAwQB
BbVUAwQABbVXMAwDBAAtDb0DBAAtDb4DBAItUXADBAEtWIgwDAMEAC2EtQMEAy2E
sAMEAC2Q1AMEAC2XAwMEAE1TJwMEAVXRegMEAMLyYQMEAcOxXAMEAsPTvDANBgkq
hkiG9w0BAQsFAAOCAQEAe4b8zBeyWf3XKvilXgAnOkNekJNjqtxh93H/uL4ZUPAB
XyHTHWV8qjP+1OWo0Ie150nwhrv5e06AZSZCpV92x90F50QFGYKRLDQ4j9QjLupt
1GHk+dKaA65OIdS7jAtLnUE2E/me8jAF6eDW2YnEuNRvoNM4xKbycSchkV0Tf4Kj
gyahEnV7HBrX6MSG8KXv7xm5foSNu1kQoImiiIIDeID9t0yS85GrfdLfvZvQO1wl
UxW5vn+idmD9dXlecROVevP5nffYA0TJs3x/Oxzo0RTJ1yARy5qqEY1fu4Uank15
D2zp4S7AQ45GRTjW+KCqmIUB3EGUA6PzocZeQVWR/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org