Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/2eSkJBWjzXlWzto_oVIjAtwx26k.roa
File: 2eSkJBWjzXlWzto_oVIjAtwx26k.roa (raw, json)
Hash identifier: HGuWnisWgk1SMYW4JZ+WMZKrqzLMAej1WwhczL4QNT4=
Subject key identifier: D9:E4:A4:24:15:A3:CD:79:56:CE:DA:3F:A1:52:23:02:DC:31:DB:A9
Certificate issuer: /CN=23e45164c572edde5df253917cc12a2dfd398b97
Certificate serial: 018B296216A092258767B7E28227F9C4977F
Authority key identifier: 23:E4:51:64:C5:72:ED:DE:5D:F2:53:91:7C:C1:2A:2D:FD:39:8B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-RRZMVy7d5d8lORfMEqLf05i5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/2eSkJBWjzXlWzto_oVIjAtwx26k.roa
Signing time: Fri 13 Oct 2023 14:12:56 +0000
ROA not before: Fri 13 Oct 2023 14:12:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35826
IP address blocks: 80.248.176.0/20 maxlen: 21
94.229.128.0/20 maxlen: 21
185.113.204.0/22 maxlen: 22
37.1.96.0/21 maxlen: 22
185.229.48.0/22 maxlen: 22
2a02:700::/32 maxlen: 32
2a0d:c600::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:62:16:a0:92:25:87:67:b7:e2:82:27:f9:c4:97:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e45164c572edde5df253917cc12a2dfd398b97
Validity
Not Before: Oct 13 14:12:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9e4a42415a3cd7956ceda3fa1522302dc31dba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7c:b8:3b:e2:89:f2:2a:6b:e9:ac:c0:34:62:
23:75:94:2a:7c:3c:e7:47:97:47:29:7b:fb:04:71:
ea:c6:55:cb:5c:8d:eb:91:1c:2d:70:6c:a2:01:8a:
a8:66:92:33:3d:af:50:89:95:70:d9:dc:40:c6:2c:
83:b4:9b:65:86:30:98:0c:aa:1a:ac:3e:f3:56:37:
0b:85:ef:a9:71:e5:2d:7a:35:c1:40:9f:fe:ef:8c:
42:08:25:37:81:a1:c4:73:cf:4f:e0:32:2a:26:02:
65:00:36:ad:99:57:aa:d6:0f:f6:42:ee:7b:5d:13:
0f:d5:40:e6:bb:46:87:47:f5:08:5c:bd:7e:91:a6:
04:3e:7c:95:4c:dd:81:0e:98:e6:50:c5:76:32:64:
eb:8e:c8:25:f7:da:31:bf:f6:5a:b9:ab:08:cf:c9:
69:aa:44:b6:8c:f9:65:82:1b:6d:9f:b5:6c:c3:ca:
3b:a8:d3:9f:53:cc:a7:45:b3:4e:db:89:2c:3f:36:
42:1e:97:1d:d7:28:a6:2b:92:a1:c6:8a:9b:0c:68:
49:82:f4:e7:a7:c7:77:bb:e8:bc:a0:a3:65:e8:2a:
3f:5c:fa:ed:4f:37:51:89:df:ea:ed:d8:d1:51:85:
f5:3e:b6:d5:2f:38:78:fa:87:78:16:c5:b6:87:28:
0a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E4:A4:24:15:A3:CD:79:56:CE:DA:3F:A1:52:23:02:DC:31:DB:A9
X509v3 Authority Key Identifier:
keyid:23:E4:51:64:C5:72:ED:DE:5D:F2:53:91:7C:C1:2A:2D:FD:39:8B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-RRZMVy7d5d8lORfMEqLf05i5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/2eSkJBWjzXlWzto_oVIjAtwx26k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/I-RRZMVy7d5d8lORfMEqLf05i5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.96.0/21
80.248.176.0/20
94.229.128.0/20
185.113.204.0/22
185.229.48.0/22
IPv6:
2a02:700::/32
2a0d:c600::/29
Signature Algorithm: sha256WithRSAEncryption
84:94:05:96:ed:7e:84:38:72:65:2b:7f:52:0e:88:a3:aa:f4:
b2:56:5f:07:e4:6c:ba:96:c8:56:ec:8b:31:1e:32:e8:87:54:
86:ca:55:6e:7a:34:51:f2:7c:1f:b4:33:8e:f4:4d:8d:f9:d0:
af:3b:95:0b:cb:3d:af:30:e6:00:66:a2:91:bb:12:55:a0:f8:
94:52:13:57:6b:d6:ba:12:ce:76:0b:07:72:1a:0e:6b:a4:86:
b5:b7:96:62:25:ab:28:c4:71:e0:77:b1:99:59:cd:86:18:6b:
02:77:e8:66:88:bc:ea:61:ce:82:5a:16:5e:8e:40:b4:01:1f:
ed:02:8a:fc:b4:94:4e:e4:ca:03:b2:f3:df:49:90:c1:f3:38:
dd:a9:2d:10:98:7f:97:d4:58:be:03:e5:63:34:7c:bd:29:db:
71:1b:fe:01:3b:74:f5:fb:b5:b6:90:13:5d:f1:9e:0f:6f:35:
8d:6f:fd:04:85:6f:c5:23:86:9e:c2:4a:f7:3a:ec:db:8e:06:
8d:8b:26:f7:18:0c:d0:49:2f:58:b6:d3:b1:8f:d8:bf:a0:45:
34:ad:c9:ab:bb:c1:5b:cb:cd:c8:72:c6:b5:9e:00:19:8b:57:
b9:12:d9:1e:d9:9b:83:ec:24:93:9f:a2:76:93:ef:09:06:3f:
1a:e2:54:4a
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYspYhagkiWHZ7figif5xJd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTQ1MTY0YzU3MmVkZGU1ZGYyNTM5MTdjYzEyYTJkZmQz
OThiOTcwHhcNMjMxMDEzMTQxMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWU0YTQyNDE1YTNjZDc5NTZjZWRhM2ZhMTUyMjMwMmRjMzFkYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3y4O+KJ8ipr6azANGIjdZQqfDzn
R5dHKXv7BHHqxlXLXI3rkRwtcGyiAYqoZpIzPa9QiZVw2dxAxiyDtJtlhjCYDKoa
rD7zVjcLhe+pceUtejXBQJ/+74xCCCU3gaHEc89P4DIqJgJlADatmVeq1g/2Qu57
XRMP1UDmu0aHR/UIXL1+kaYEPnyVTN2BDpjmUMV2MmTrjsgl99oxv/ZauasIz8lp
qkS2jPllghttn7Vsw8o7qNOfU8ynRbNO24ksPzZCHpcd1yimK5KhxoqbDGhJgvTn
p8d3u+i8oKNl6Co/XPrtTzdRid/q7djRUYX1PrbVLzh4+od4FsW2hygKeQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNnkpCQVo815Vs7aP6FSIwLcMdupMB8GA1UdIwQY
MBaAFCPkUWTFcu3eXfJTkXzBKi39OYuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1SUlpNVnk3ZDVkOGxPUmZNRXFMZjA1aTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi82OGE0YjItNTg5NC00N2M1LWJlMDEt
NjZhYTJhMjMyMzllLzEvMmVTa0pCV2p6WGxXenRvX29WSWpBdHd4MjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi82OGE0YjItNTg5NC00N2M1LWJlMDEtNjZhYTJhMjMyMzll
LzEvSS1SUlpNVnk3ZDVkOGxPUmZNRXFMZjA1aTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDJQFgAwQE
UPiwAwQEXuWAAwQCuXHMAwQCueUwMBQEAgACMA4DBQAqAgcAAwUDKg3GADANBgkq
hkiG9w0BAQsFAAOCAQEAhJQFlu1+hDhyZSt/Ug6Io6r0slZfB+RsupbIVuyLMR4y
6IdUhspVbno0UfJ8H7QzjvRNjfnQrzuVC8s9rzDmAGaikbsSVaD4lFITV2vWuhLO
dgsHchoOa6SGtbeWYiWrKMRx4HexmVnNhhhrAnfoZoi86mHOgloWXo5AtAEf7QKK
/LSUTuTKA7Lz30mQwfM43aktEJh/l9RYvgPlYzR8vSnbcRv+ATt09fu1tpATXfGe
D281jW/9BIVvxSOGnsJK9zrs244GjYsm9xgM0EkvWLbTsY/Yv6BFNK3Jq7vBW8vN
yHLGtZ4AGYtXuRLZHtmbg+wkk5+idpPvCQY/GuJUSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:41 2024 by rpki-client on console-fra.rpki-client.org