Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/u2a7LfCA7S7UXo61MOkIQUKv7xE.roa
File: u2a7LfCA7S7UXo61MOkIQUKv7xE.roa (raw, json)
Hash identifier: FYQpgrAD/10NZaAM73ragjTddEhTpxlpspC3E5iAAq0=
Subject key identifier: BB:66:BB:2D:F0:80:ED:2E:D4:5E:8E:B5:30:E9:08:41:42:AF:EF:11
Certificate issuer: /CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Certificate serial: 018CC8DF805F852A220FC387E89378478F13
Authority key identifier: C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/u2a7LfCA7S7UXo61MOkIQUKv7xE.roa
Signing time: Tue 02 Jan 2024 06:32:19 +0000
ROA not before: Tue 02 Jan 2024 06:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50926
IP address blocks: 188.95.112.0/21 maxlen: 24
185.176.9.0/24 maxlen: 24
185.176.8.0/24 maxlen: 24
185.176.11.0/24 maxlen: 24
185.176.10.0/24 maxlen: 24
212.34.156.0/22 maxlen: 24
84.246.208.0/21 maxlen: 24
109.68.80.0/21 maxlen: 24
91.213.46.0/24 maxlen: 24
31.24.152.0/21 maxlen: 24
185.70.92.0/22 maxlen: 24
91.142.208.0/20 maxlen: 24
188.164.192.0/21 maxlen: 24
185.23.68.0/22 maxlen: 24
94.127.184.0/21 maxlen: 24
185.222.156.0/22 maxlen: 24
185.129.248.0/22 maxlen: 24
149.62.168.0/21 maxlen: 24
194.116.147.0/24 maxlen: 24
195.5.116.0/23 maxlen: 24
5.175.40.0/21 maxlen: 24
91.200.140.0/22 maxlen: 24
185.101.224.0/22 maxlen: 24
31.24.40.0/21 maxlen: 24
2a01:4b80::/32 maxlen: 32
2a00:5ac0:100::/48 maxlen: 48
2a00:5ac0::/44 maxlen: 44
2a00:5ac0:147::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 31 Mar 2024 21:22:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:80:5f:85:2a:22:0f:c3:87:e8:93:78:47:8f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Validity
Not Before: Jan 2 06:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb66bb2df080ed2ed45e8eb530e9084142afef11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f9:dc:9c:5b:51:90:45:e3:13:d6:23:fd:42:
d6:ec:dc:4d:a7:f5:c0:ba:64:1e:f6:b4:74:90:49:
a7:c7:dc:12:04:51:44:ea:ac:c6:56:ad:3d:a5:ad:
df:f4:3f:d3:0a:52:56:ed:2a:da:47:94:78:6c:9b:
e4:f7:b2:02:a4:86:6b:03:f6:e1:5c:23:e2:7d:20:
23:01:2c:66:ae:44:13:ca:22:98:05:fc:04:78:1b:
a8:c4:5b:bb:11:4b:30:a7:c0:ac:0c:d6:bf:28:31:
f3:81:9b:ca:d1:0c:d7:07:5f:b3:58:a0:63:35:3d:
4d:b5:03:28:0f:3b:2a:b3:00:12:0a:72:21:f4:3b:
05:8d:93:b6:97:ee:98:49:18:b7:9d:7a:bf:a9:a8:
01:a2:64:75:b1:2c:90:a9:20:25:5e:bd:33:92:b1:
95:8d:20:18:2c:81:03:18:0f:97:b2:ef:9d:6c:c5:
06:be:df:d6:a6:7f:10:ce:72:b8:fa:d3:e6:09:24:
65:89:ad:67:b5:05:42:a5:2d:5a:a3:8a:9a:3d:22:
ec:b3:87:fe:48:7a:3e:79:02:83:eb:55:d4:41:a4:
4b:77:bd:d8:e5:0b:9e:8c:86:a0:b1:3c:58:e6:3b:
ca:76:d2:91:19:84:3a:20:c1:3d:35:2a:0c:ca:98:
13:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:66:BB:2D:F0:80:ED:2E:D4:5E:8E:B5:30:E9:08:41:42:AF:EF:11
X509v3 Authority Key Identifier:
keyid:C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/u2a7LfCA7S7UXo61MOkIQUKv7xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wtKiNOIkv4eZby8N9Vnq2IL55lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.40.0/21
31.24.40.0/21
31.24.152.0/21
84.246.208.0/21
91.142.208.0/20
91.200.140.0/22
91.213.46.0/24
94.127.184.0/21
109.68.80.0/21
149.62.168.0/21
185.23.68.0/22
185.70.92.0/22
185.101.224.0/22
185.129.248.0/22
185.176.8.0/22
185.222.156.0/22
188.95.112.0/21
188.164.192.0/21
194.116.147.0/24
195.5.116.0/23
212.34.156.0/22
IPv6:
2a00:5ac0::/44
2a00:5ac0:100::/48
2a00:5ac0:147::/48
2a01:4b80::/32
Signature Algorithm: sha256WithRSAEncryption
77:ef:b6:3a:70:15:4f:94:c3:29:ea:84:f4:8a:3b:1d:3f:dd:
df:01:37:c7:8c:57:e3:4c:74:7b:01:8f:e9:bd:3d:b3:7b:f2:
96:31:c4:81:08:16:2d:84:1d:03:78:d4:fe:90:c2:23:24:9c:
fc:41:13:33:78:08:1b:d9:67:f8:45:f1:21:8d:ec:8e:42:fb:
b7:5d:42:c8:aa:55:1a:df:77:4c:e8:e4:3e:2e:46:a8:36:b1:
9f:ba:34:38:8b:48:84:80:a0:58:a7:5e:a6:f9:63:74:bb:6f:
0e:78:97:4b:c1:5e:8f:55:fc:1a:53:fc:f2:d8:01:3f:d4:76:
4a:59:24:11:d6:81:8b:3b:e5:03:6d:8f:3d:b8:17:2a:f1:07:
23:44:5c:7e:03:29:48:40:3c:3b:46:a8:db:67:8b:f6:01:fd:
0d:96:83:31:42:4b:9f:6e:85:2e:ef:9b:96:bd:63:26:81:3f:
94:dc:66:a2:de:84:7b:5d:f9:9a:9b:f2:02:fe:8f:22:93:30:
03:7e:a8:fd:23:84:1a:ec:1c:06:c6:7f:d7:4f:3e:1f:ec:c4:
e7:34:01:32:86:1a:1e:f8:3a:2b:85:8f:c4:65:ce:87:27:95:
db:69:c9:89:e2:fa:39:f7:5b:03:cb:6c:b2:de:7d:8b:ca:44:
01:87:86:eb
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzI34BfhSoiD8OH6JN4R48TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhMjM0ZTIyNGJmODc5OTZmMmYwZGY1NTllYWQ4ODJm
OWU2NTEwHhcNMjQwMTAyMDYzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY2YmIyZGYwODBlZDJlZDQ1ZThlYjUzMGU5MDg0MTQyYWZlZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fncnFtRkEXjE9Yj/ULW7NxNp/XA
umQe9rR0kEmnx9wSBFFE6qzGVq09pa3f9D/TClJW7SraR5R4bJvk97ICpIZrA/bh
XCPifSAjASxmrkQTyiKYBfwEeBuoxFu7EUswp8CsDNa/KDHzgZvK0QzXB1+zWKBj
NT1NtQMoDzsqswASCnIh9DsFjZO2l+6YSRi3nXq/qagBomR1sSyQqSAlXr0zkrGV
jSAYLIEDGA+Xsu+dbMUGvt/Wpn8QznK4+tPmCSRlia1ntQVCpS1ao4qaPSLss4f+
SHo+eQKD61XUQaRLd73Y5QuejIagsTxY5jvKdtKRGYQ6IME9NSoMypgTbQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFLtmuy3wgO0u1F6OtTDpCEFCr+8RMB8GA1UdIwQY
MBaAFMLSojTiJL+HmW8vDfVZ6tiC+eZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYt
NGIyNDhkYTZjOTZjLzEvdTJhN0xmQ0E3UzdVWG82MU1Pa0lRVUt2N3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYtNGIyNDhkYTZjOTZj
LzEvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBhAQCAAEwfgMEAwWv
KAMEAx8YKAMEAx8YmAMEA1T20AMEBFuO0AMEAlvIjAMEAFvVLgMEA15/uAMEA21E
UAMEA5U+qAMEArkXRAMEArlGXAMEArll4AMEArmB+AMEArmwCAMEArnenAMEA7xf
cAMEA7ykwAMEAMJ0kwMEAcMFdAMEAtQinDAoBAIAAjAiAwcEKgBawAAAAwcAKgBa
wAEAAwcAKgBawAFHAwUAKgFLgDANBgkqhkiG9w0BAQsFAAOCAQEAd++2OnAVT5TD
KeqE9Io7HT/d3wE3x4xX40x0ewGP6b09s3vyljHEgQgWLYQdA3jU/pDCIySc/EET
M3gIG9ln+EXxIY3sjkL7t11CyKpVGt93TOjkPi5GqDaxn7o0OItIhICgWKdepvlj
dLtvDniXS8Fej1X8GlP88tgBP9R2SlkkEdaBizvlA22PPbgXKvEHI0RcfgMpSEA8
O0ao22eL9gH9DZaDMUJLn26FLu+blr1jJoE/lNxmot6Ee135mpvyAv6PIpMwA36o
/SOEGuwcBsZ/108+H+zE5zQBMoYaHvg6K4WPxGXOhyeV22nJieL6OfdbA8tsst59
i8pEAYeG6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:04 2024 by rpki-client on console-fra.rpki-client.org