Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2KU6Df2DN024Mw_5peXvFlE6fFs.roa
File: 2KU6Df2DN024Mw_5peXvFlE6fFs.roa (raw, json)
Hash identifier: 54gTGHJWUY+b9IQCr49FDNt/8x5X2V5jYBRi78vNJL4=
Subject key identifier: D8:A5:3A:0D:FD:83:37:4D:B8:33:0F:F9:A5:E5:EF:16:51:3A:7C:5B
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018A902BE4D2A37DECC19E426E8F23D97892
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2KU6Df2DN024Mw_5peXvFlE6fFs.roa
Signing time: Wed 13 Sep 2023 20:11:50 +0000
ROA not before: Wed 13 Sep 2023 20:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 85.8.160.0/22 maxlen: 22
193.38.44.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
5.133.124.0/22 maxlen: 22
194.93.48.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 19 Sep 2023 18:34:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:90:2b:e4:d2:a3:7d:ec:c1:9e:42:6e:8f:23:d9:78:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Sep 13 20:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8a53a0dfd83374db8330ff9a5e5ef16513a7c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8c:da:fb:54:f7:6c:84:ea:73:d3:54:49:0b:
90:81:ac:56:26:eb:5f:1e:17:f4:9a:e0:47:b9:08:
87:13:d5:09:2e:c2:37:21:67:59:b4:12:6a:1b:af:
37:09:e4:62:a6:1d:d9:db:13:70:53:10:8e:33:9b:
73:d3:89:a7:e8:5d:94:91:4e:ed:44:ef:d9:e1:81:
09:9d:77:8e:e7:f7:9c:22:0c:52:ce:53:b4:43:26:
ba:dc:52:44:f1:b4:8b:69:cd:64:04:36:e6:15:75:
6a:42:6a:e2:af:9f:6c:6f:11:cd:85:f5:bc:d2:4e:
fd:d0:03:58:47:99:c1:73:00:97:bf:10:1a:90:09:
70:50:85:a0:2b:c3:d6:c5:e7:32:9e:7c:3c:5c:f7:
b6:89:89:10:7f:9e:eb:3f:09:f6:d9:b4:f1:34:8b:
98:9a:f2:25:50:25:47:03:3d:2d:7e:fa:10:50:bc:
ed:52:1d:41:61:0c:a8:d3:71:46:d6:3e:8e:88:0c:
b3:d0:85:eb:49:10:ea:4d:17:72:c4:95:c7:f1:ec:
46:b7:26:37:ff:f4:f9:40:c1:72:f1:2c:ef:23:ce:
41:17:11:ba:52:03:77:92:33:9b:bf:4e:e1:16:d2:
dd:02:d2:b1:6b:0b:94:c0:f8:3d:71:1c:59:d6:71:
ae:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A5:3A:0D:FD:83:37:4D:B8:33:0F:F9:A5:E5:EF:16:51:3A:7C:5B
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2KU6Df2DN024Mw_5peXvFlE6fFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
83.171.244.0/22
85.8.160.0/22
92.249.60.0/22
193.38.44.0/22
194.93.48.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:98:fa:e7:c3:dd:bc:b7:2c:a4:49:ad:9a:60:55:66:ad:23:
ab:45:b5:cc:c6:27:94:14:cc:8c:30:26:71:8e:e3:0f:c7:5c:
96:20:66:57:8d:b4:b3:43:14:b1:2c:e4:89:fe:bf:0c:ef:f9:
0d:1c:f2:0c:cd:04:63:21:55:52:75:d5:3e:89:8f:cf:65:e7:
44:db:4c:09:81:aa:a5:f4:b4:67:55:65:e6:65:49:8a:9d:3d:
d1:99:f9:3a:73:4a:40:9f:09:db:6d:c0:20:bc:a4:38:1a:ff:
e0:9e:c4:e3:25:dc:cc:14:c8:d3:30:d2:f3:fc:09:7f:2e:ef:
01:31:d8:0a:76:d1:76:23:97:7b:31:bf:ba:8d:f9:6a:2a:bd:
13:bb:1b:10:bf:bc:3c:85:d0:4d:07:58:66:8b:93:79:88:d2:
42:b1:19:85:01:0d:78:19:6c:e2:2a:90:26:6f:87:f9:a6:ac:
f8:75:8f:2e:df:61:dd:42:7c:d5:f6:54:5d:e3:93:95:d0:4f:
4c:53:76:b3:c2:a6:ac:aa:ee:46:9e:4c:c4:22:90:9d:c4:83:
d0:da:e3:ff:80:18:8e:59:5f:bc:16:7b:85:d8:48:a2:86:dd:
8e:ad:c2:5a:4c:a8:5c:1b:86:f8:53:a7:e6:06:44:00:15:10:
9e:df:9e:11
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYqQK+TSo33swZ5Cbo8j2XiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwOTEzMjAxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE1M2EwZGZkODMzNzRkYjgzMzBmZjlhNWU1ZWYxNjUxM2E3YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oza+1T3bITqc9NUSQuQgaxWJutf
Hhf0muBHuQiHE9UJLsI3IWdZtBJqG683CeRiph3Z2xNwUxCOM5tz04mn6F2UkU7t
RO/Z4YEJnXeO5/ecIgxSzlO0Qya63FJE8bSLac1kBDbmFXVqQmrir59sbxHNhfW8
0k790ANYR5nBcwCXvxAakAlwUIWgK8PWxecynnw8XPe2iYkQf57rPwn22bTxNIuY
mvIlUCVHAz0tfvoQULztUh1BYQyo03FG1j6OiAyz0IXrSRDqTRdyxJXH8exGtyY3
//T5QMFy8SzvI85BFxG6UgN3kjObv07hFtLdAtKxawuUwPg9cRxZ1nGucQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNilOg39gzdNuDMP+aXl7xZROnxbMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvMktVNkRmMkROMDI0TXdfNXBlWHZGbEU2ZkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBYV8AwQC
U6v0AwQCVQigAwQCXPk8AwQCwSYsAwQCwl0wMA0GCSqGSIb3DQEBCwUAA4IBAQDP
mPrnw928tyykSa2aYFVmrSOrRbXMxieUFMyMMCZxjuMPx1yWIGZXjbSzQxSxLOSJ
/r8M7/kNHPIMzQRjIVVSddU+iY/PZedE20wJgaql9LRnVWXmZUmKnT3Rmfk6c0pA
nwnbbcAgvKQ4Gv/gnsTjJdzMFMjTMNLz/Al/Lu8BMdgKdtF2I5d7Mb+6jflqKr0T
uxsQv7w8hdBNB1hmi5N5iNJCsRmFAQ14GWziKpAmb4f5pqz4dY8u32HdQnzV9lRd
45OV0E9MU3azwqasqu5GnkzEIpCdxIPQ2uP/gBiOWV+8FnuF2Eiiht2OrcJaTKhc
G4b4U6fmBkQAFRCe354R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:49 2024 by rpki-client on console-fra.rpki-client.org