Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/2prZ3MRU0I-21oXlq9hj4nW8WNs.roa
File: 2prZ3MRU0I-21oXlq9hj4nW8WNs.roa (raw, json)
Hash identifier: OkIRg+eU+d4zfD5g1h0iNHngK44QWTHSrtZKZmk2cVU=
Subject key identifier: DA:9A:D9:DC:C4:54:D0:8F:B6:D6:85:E5:AB:D8:63:E2:75:BC:58:DB
Certificate issuer: /CN=9a8053bcd2c4d8a7a2a325e2b7464166a5e48ddd
Certificate serial: 01856F0B3374CFBA1624FD4CEA7BC6BB40FB
Authority key identifier: 9A:80:53:BC:D2:C4:D8:A7:A2:A3:25:E2:B7:46:41:66:A5:E4:8D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/2prZ3MRU0I-21oXlq9hj4nW8WNs.roa
Signing time: Sun 01 Jan 2023 20:34:43 +0000
ROA not before: Sun 01 Jan 2023 20:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39862
IP address blocks: 193.34.141.0/24 maxlen: 24
193.34.140.0/24 maxlen: 24
194.50.254.0/24 maxlen: 24
45.132.95.0/24 maxlen: 24
45.132.92.0/24 maxlen: 24
45.132.94.0/24 maxlen: 24
45.132.93.0/24 maxlen: 24
2a0e:69c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:33:74:cf:ba:16:24:fd:4c:ea:7b:c6:bb:40:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a8053bcd2c4d8a7a2a325e2b7464166a5e48ddd
Validity
Not Before: Jan 1 20:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da9ad9dcc454d08fb6d685e5abd863e275bc58db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5a:b8:37:59:ee:12:2b:e4:76:2e:67:b3:76:
db:ed:f2:91:94:77:e8:07:a3:e8:6a:49:cb:0e:38:
90:f3:6c:b3:74:f7:86:54:e1:ab:86:36:33:63:c8:
6c:d0:02:01:0d:10:6e:98:71:6c:e8:84:ba:d3:83:
12:18:e7:ad:91:6c:12:15:b8:4a:55:53:49:da:e1:
f9:18:a1:90:8f:d3:db:03:d0:a4:c2:3f:40:88:1d:
0c:46:b2:e2:4a:ea:15:0d:e3:64:b4:b4:95:d7:5d:
83:4d:bf:c7:a3:0a:cb:02:0d:d2:62:a7:d3:a9:72:
52:41:e6:25:9c:e5:3d:4e:cb:a7:8e:76:d2:b7:e5:
d1:76:3d:b2:ab:3a:a6:28:00:73:eb:77:11:64:98:
05:14:fd:c2:3d:80:53:d0:d4:55:6d:1e:4e:6e:b3:
04:d6:95:05:b8:53:a1:c3:ef:3f:3b:99:0c:a7:39:
2c:1a:07:08:dd:8e:43:7a:2b:33:e2:d9:10:a5:03:
42:e1:0e:72:65:06:59:46:fe:e7:3b:69:1c:bb:b7:
19:b1:51:47:00:8e:54:88:07:51:20:46:07:27:e2:
cb:05:2a:2a:27:23:dd:e1:af:9f:9b:81:06:bb:0d:
0d:12:f4:88:1c:96:3d:c5:a1:a7:17:c7:c2:f7:c9:
6a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9A:D9:DC:C4:54:D0:8F:B6:D6:85:E5:AB:D8:63:E2:75:BC:58:DB
X509v3 Authority Key Identifier:
keyid:9A:80:53:BC:D2:C4:D8:A7:A2:A3:25:E2:B7:46:41:66:A5:E4:8D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/2prZ3MRU0I-21oXlq9hj4nW8WNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.92.0/22
193.34.140.0/23
194.50.254.0/24
IPv6:
2a0e:69c0::/48
Signature Algorithm: sha256WithRSAEncryption
d5:45:40:4a:3a:8b:36:3d:d1:d3:fb:33:aa:0e:e9:c6:08:dd:
15:d4:1d:80:6e:f6:12:76:67:62:3e:4b:70:c3:32:a3:01:26:
b3:33:03:2c:46:ce:4b:0e:2e:86:91:fc:35:e4:75:31:b6:24:
d9:60:2c:7f:95:5a:9f:a0:a7:9d:1f:03:33:37:ac:85:e0:b7:
2e:6c:7c:d8:af:1e:36:53:24:cd:71:16:56:a2:99:0e:2f:40:
8f:0b:20:1d:4e:7e:40:01:6c:9d:72:78:54:ec:79:aa:31:16:
2d:3d:02:38:e8:c4:68:ac:26:64:05:f4:11:5f:9a:84:b6:98:
14:60:93:9f:87:dd:7a:b2:52:db:a7:53:d2:4c:5b:ce:83:d0:
8b:14:9f:2f:43:0d:93:1c:84:28:39:b4:fd:33:ca:d4:2f:1d:
be:f0:70:ab:02:e4:dd:e6:dc:e4:1f:87:12:cf:d9:7f:0e:b8:
df:2c:b4:e0:43:99:4e:84:7b:18:e2:ce:61:b9:c3:03:f3:b7:
01:43:b8:ce:62:e8:ee:85:2e:cb:a5:54:b0:9f:cd:f2:d7:3b:
6c:8b:75:ff:f2:3e:4e:d7:ff:fb:f8:a4:cd:b8:1d:42:fd:33:
17:4e:5c:d8:b7:f7:50:4e:2c:e7:43:1d:98:d2:a0:a8:a2:40:
24:03:6f:87
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVvCzN0z7oWJP1M6nvGu0D7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhODA1M2JjZDJjNGQ4YTdhMmEzMjVlMmI3NDY0MTY2YTVl
NDhkZGQwHhcNMjMwMTAxMjAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTlhZDlkY2M0NTRkMDhmYjZkNjg1ZTVhYmQ4NjNlMjc1YmM1OGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1q4N1nuEivkdi5ns3bb7fKRlHfo
B6PoaknLDjiQ82yzdPeGVOGrhjYzY8hs0AIBDRBumHFs6IS604MSGOetkWwSFbhK
VVNJ2uH5GKGQj9PbA9Ckwj9AiB0MRrLiSuoVDeNktLSV112DTb/HowrLAg3SYqfT
qXJSQeYlnOU9TsunjnbSt+XRdj2yqzqmKABz63cRZJgFFP3CPYBT0NRVbR5ObrME
1pUFuFOhw+8/O5kMpzksGgcI3Y5Deisz4tkQpQNC4Q5yZQZZRv7nO2kcu7cZsVFH
AI5UiAdRIEYHJ+LLBSoqJyPd4a+fm4EGuw0NEvSIHJY9xaGnF8fC98lq1wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNqa2dzEVNCPttaF5avYY+J1vFjbMB8GA1UdIwQY
MBaAFJqAU7zSxNinoqMl4rdGQWal5I3dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW9CVHZOTEUyS2Vpb3lYaXQwWkJacVhramQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kOTYxODktZWVlMS00ZTlmLTlkNjAt
OTVlOGQ4MjkzMDk4LzEvMnByWjNNUlUwSS0yMW9YbHE5aGo0blc4V05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kOTYxODktZWVlMS00ZTlmLTlkNjAtOTVlOGQ4MjkzMDk4
LzEvbW9CVHZOTEUyS2Vpb3lYaXQwWkJacVhramQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCLYRcAwQB
wSKMAwQAwjL+MA8EAgACMAkDBwAqDmnAAAAwDQYJKoZIhvcNAQELBQADggEBANVF
QEo6izY90dP7M6oO6cYI3RXUHYBu9hJ2Z2I+S3DDMqMBJrMzAyxGzksOLoaR/DXk
dTG2JNlgLH+VWp+gp50fAzM3rIXgty5sfNivHjZTJM1xFlaimQ4vQI8LIB1OfkAB
bJ1yeFTseaoxFi09AjjoxGisJmQF9BFfmoS2mBRgk5+H3XqyUtunU9JMW86D0IsU
ny9DDZMchCg5tP0zytQvHb7wcKsC5N3m3OQfhxLP2X8OuN8stOBDmU6EexjizmG5
wwPztwFDuM5i6O6FLsulVLCfzfLXO2yLdf/yPk7X//v4pM24HUL9MxdOXNi391BO
LOdDHZjSoKiiQCQDb4c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:04 2024 by rpki-client on console-ams.rpki-client.org