Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2Zkpoq97gvBu-IA2UzcSXkB8b6A.roa
File: 2Zkpoq97gvBu-IA2UzcSXkB8b6A.roa (raw, json)
Hash identifier: dPZfYKkq6zpkKrTu/LWw4tZ8m0oVZKLSGngU5+DKFcM=
Subject key identifier: D9:99:29:A2:AF:7B:82:F0:6E:F8:80:36:53:37:12:5E:40:7C:6F:A0
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A38ED0F6806B320110CA555440CFF
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2Zkpoq97gvBu-IA2UzcSXkB8b6A.roa
Signing time: Mon 02 Jan 2023 12:34:50 +0000
ROA not before: Mon 02 Jan 2023 12:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60808
IP address blocks: 82.97.240.0/20 maxlen: 24
5.34.208.0/20 maxlen: 24
188.253.96.0/19 maxlen: 24
185.215.246.0/24 maxlen: 24
193.36.84.0/23 maxlen: 23
185.36.192.0/22 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 12 Jan 2023 12:28:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:38:ed:0f:68:06:b3:20:11:0c:a5:55:44:0c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d99929a2af7b82f06ef880365337125e407c6fa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:84:55:d2:d1:a0:83:ff:fc:f3:bb:6c:66:65:
62:7b:e7:b3:17:72:ef:18:ad:2d:b4:17:14:fc:99:
4b:9f:52:92:ef:ee:93:e3:ea:2e:27:e8:ff:95:6c:
fc:1e:19:4d:86:52:ae:4e:fb:61:44:1c:de:85:c8:
7b:12:5a:38:78:99:4f:0b:d8:39:da:e3:e1:78:2e:
5e:f8:29:44:30:b8:12:13:2f:0f:25:5a:9a:56:98:
85:a1:94:66:64:5f:af:0e:32:7b:cd:f0:71:96:fd:
f5:3f:a5:4f:89:88:37:cc:5f:72:a9:d0:6f:93:c6:
0a:98:b5:77:19:ff:83:d5:34:7a:fd:40:1b:5c:be:
ba:c6:fe:df:ce:89:20:7a:70:53:37:82:38:a8:45:
96:61:34:e7:79:d2:ff:6d:82:fa:0e:a8:46:86:59:
78:fe:4e:d9:98:0f:50:a8:ab:b8:df:cb:46:9c:a1:
47:bc:0b:8d:12:4f:ae:d3:ab:3e:a1:48:fe:95:cc:
b9:fe:da:69:3a:8b:3f:e8:6c:ab:d1:77:ad:56:ff:
a8:2a:c6:dc:29:87:5f:29:a5:17:fe:23:69:a2:c2:
ad:a2:d8:b2:7b:f5:17:56:01:9f:6b:bf:23:f1:e5:
a2:35:f9:9e:23:86:cd:2a:73:a7:b4:e9:48:5e:33:
2b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:99:29:A2:AF:7B:82:F0:6E:F8:80:36:53:37:12:5E:40:7C:6F:A0
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2Zkpoq97gvBu-IA2UzcSXkB8b6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/20
82.97.240.0/20
185.36.192.0/22
185.215.246.0/24
188.253.96.0/19
193.36.84.0/23
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
15:4c:d9:af:39:e0:5e:aa:29:dc:9a:d9:12:e8:9e:4f:17:c2:
64:1c:55:b9:47:36:7a:0f:31:22:bc:0b:12:3e:db:5d:95:51:
75:d4:a0:f4:2d:fa:10:8d:c4:b9:a8:2a:2f:43:c5:2b:8b:ed:
41:11:74:7b:d2:96:54:64:51:1e:cb:dd:07:35:fd:37:ff:82:
17:34:2a:5f:ef:5f:49:08:8e:40:63:41:35:8a:17:fd:85:6b:
4f:68:39:d2:73:9b:9e:01:10:63:6a:11:6e:97:6c:4d:6d:82:
1e:22:1a:47:38:63:95:d2:0b:e3:ae:59:ac:fa:2b:37:68:c5:
1a:31:09:2a:7f:c8:04:05:dd:13:c1:61:70:53:2f:40:67:6c:
39:29:35:d0:47:06:b4:59:b3:b3:bb:08:bb:ca:65:b3:bf:04:
bf:8e:2d:79:0d:99:80:4e:c5:46:df:70:5c:0d:d3:05:c3:59:
10:2e:c9:58:94:78:4c:25:63:c0:78:5c:b6:a8:08:ea:2f:5c:
2e:f3:a0:86:56:30:80:d7:67:e8:58:54:b2:d3:84:79:66:13:
d5:48:06:d1:76:f8:09:7d:66:b0:49:a3:1f:8e:e0:b5:20:44:
39:9d:3c:de:50:a1:b4:29:79:e7:bc:b6:50:e9:5f:19:61:89:
f8:c5:7f:19
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVyejjtD2gGsyARDKVVRAz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTk5MjlhMmFmN2I4MmYwNmVmODgwMzY1MzM3MTI1ZTQwN2M2ZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIRV0tGgg//887tsZmVie+ezF3Lv
GK0ttBcU/JlLn1KS7+6T4+ouJ+j/lWz8HhlNhlKuTvthRBzehch7Elo4eJlPC9g5
2uPheC5e+ClEMLgSEy8PJVqaVpiFoZRmZF+vDjJ7zfBxlv31P6VPiYg3zF9yqdBv
k8YKmLV3Gf+D1TR6/UAbXL66xv7fzokgenBTN4I4qEWWYTTnedL/bYL6DqhGhll4
/k7ZmA9QqKu438tGnKFHvAuNEk+u06s+oUj+lcy5/tppOos/6Gyr0XetVv+oKsbc
KYdfKaUX/iNposKtotiye/UXVgGfa78j8eWiNfmeI4bNKnOntOlIXjMrgQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNmZKaKve4LwbviANlM3El5AfG+gMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMlprcG9xOTdndkJ1LUlBMlV6Y1NYa0I4YjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEBSLQAwQE
UmHwAwQCuSTAAwQAudf2AwQFvP1gAwQBwSRUMA0EAgACMAcDBQMqBeyAMA0GCSqG
SIb3DQEBCwUAA4IBAQAVTNmvOeBeqincmtkS6J5PF8JkHFW5RzZ6DzEivAsSPttd
lVF11KD0LfoQjcS5qCovQ8Uri+1BEXR70pZUZFEey90HNf03/4IXNCpf719JCI5A
Y0E1ihf9hWtPaDnSc5ueARBjahFul2xNbYIeIhpHOGOV0gvjrlms+is3aMUaMQkq
f8gEBd0TwWFwUy9AZ2w5KTXQRwa0WbOzuwi7ymWzvwS/ji15DZmATsVG33BcDdMF
w1kQLslYlHhMJWPAeFy2qAjqL1wu86CGVjCA12foWFSy04R5ZhPVSAbRdvgJfWaw
SaMfjuC1IEQ5nTzeUKG0KXnnvLZQ6V8ZYYn4xX8Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org