Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/2KVsSiRNUppRMn3TEYq6IPUqSqQ.roa
File: 2KVsSiRNUppRMn3TEYq6IPUqSqQ.roa (raw, json)
Hash identifier: sltunihI9fyAVfcJFQhKGVFVFsial/YCkfWmpjlwWbM=
Subject key identifier: D8:A5:6C:4A:24:4D:52:9A:51:32:7D:D3:11:8A:BA:20:F5:2A:4A:A4
Certificate issuer: /CN=cd6b9d593ac54aa6cbb83889277ba24f54067889
Certificate serial: 0185724C83D228C84AA71780843A797B9C5C
Authority key identifier: CD:6B:9D:59:3A:C5:4A:A6:CB:B8:38:89:27:7B:A2:4F:54:06:78:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWudWTrFSqbLuDiJJ3uiT1QGeIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/2KVsSiRNUppRMn3TEYq6IPUqSqQ.roa
Signing time: Mon 02 Jan 2023 11:44:55 +0000
ROA not before: Mon 02 Jan 2023 11:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12796
IP address blocks: 94.190.136.0/21 maxlen: 21
94.190.160.0/19 maxlen: 19
192.109.10.0/23 maxlen: 24
94.190.192.0/23 maxlen: 23
94.190.194.0/24 maxlen: 24
192.109.40.0/23 maxlen: 24
94.190.128.0/22 maxlen: 22
94.190.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:83:d2:28:c8:4a:a7:17:80:84:3a:79:7b:9c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd6b9d593ac54aa6cbb83889277ba24f54067889
Validity
Not Before: Jan 2 11:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8a56c4a244d529a51327dd3118aba20f52a4aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ba:66:cd:14:37:df:fa:f4:45:ee:87:de:d6:
ff:a2:27:7f:1a:d4:63:58:2d:7c:f4:fc:c4:a3:19:
8c:e9:87:b1:1c:18:ea:e1:bb:2e:16:39:c8:2e:67:
d0:95:d6:2a:b2:52:9f:c7:af:66:fe:02:6b:72:6a:
ee:dc:09:94:2a:37:9a:25:ea:ac:9c:50:d3:33:d1:
02:a0:b4:55:e1:74:66:87:66:21:ec:c5:7a:aa:d0:
ac:95:00:fe:90:00:93:de:c4:2f:45:2a:92:27:5f:
0f:da:95:73:43:d6:67:f8:08:8c:8c:f1:c1:55:df:
81:b1:a8:dc:34:a0:9a:83:58:3b:ff:fe:05:c1:77:
5d:71:a3:0e:f1:60:83:8d:90:4f:f5:b1:50:81:64:
ee:61:93:a2:6f:3a:27:68:45:b8:b7:e9:a6:a7:df:
1f:16:27:8a:b2:86:50:c8:b9:c0:1f:cb:9c:60:7c:
9f:cf:76:02:58:eb:4c:f1:bb:24:49:be:b0:6e:77:
7b:68:e0:c9:1a:53:94:4e:b1:5a:6c:7c:47:94:a8:
bd:d2:c0:51:c1:29:8f:b6:f9:99:15:f7:97:f9:08:
b4:a5:cd:77:11:48:7a:a1:c1:fd:36:68:92:24:b7:
fe:17:2c:19:66:12:93:ff:ff:f5:d4:b1:ba:3c:29:
26:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A5:6C:4A:24:4D:52:9A:51:32:7D:D3:11:8A:BA:20:F5:2A:4A:A4
X509v3 Authority Key Identifier:
keyid:CD:6B:9D:59:3A:C5:4A:A6:CB:B8:38:89:27:7B:A2:4F:54:06:78:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWudWTrFSqbLuDiJJ3uiT1QGeIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/2KVsSiRNUppRMn3TEYq6IPUqSqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/zWudWTrFSqbLuDiJJ3uiT1QGeIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.190.128.0/20
94.190.160.0-94.190.194.255
192.109.10.0/23
192.109.40.0/23
Signature Algorithm: sha256WithRSAEncryption
74:72:09:94:f7:ea:b1:02:9b:0a:b1:66:b6:0a:ad:ba:f4:a9:
af:81:0a:e9:9c:9f:48:4f:d2:e0:52:92:17:d4:ef:29:34:3b:
bc:c9:f1:ac:2a:5a:e4:55:1a:b6:a9:03:6d:e4:ea:41:20:60:
9d:7d:e1:0e:d4:28:eb:a6:67:70:a0:58:ac:6a:6e:24:e1:24:
89:ec:da:2a:df:fa:90:59:eb:93:13:7d:aa:e9:1a:36:97:93:
c9:03:05:3a:07:a8:2f:b9:7a:40:e1:9e:c9:02:97:85:fa:e5:
c6:31:f0:73:99:3f:06:5f:00:10:83:97:ad:c0:c7:a4:35:3f:
e7:ee:27:e7:d1:02:8d:a1:a7:50:80:bd:e2:48:84:6a:a8:b1:
06:1c:ec:d5:3b:4f:81:28:ff:b3:b2:5d:c4:48:ca:6a:3c:28:
50:72:48:99:82:6a:20:56:3f:b1:7d:26:2b:ca:15:18:d6:28:
39:56:9f:ff:fc:fd:ba:9f:fc:66:3c:ae:6a:37:57:fd:72:9c:
ec:2f:f5:f9:1e:6f:b9:2f:33:8b:8c:1e:e6:7b:4f:5c:91:f8:
84:43:2a:27:58:a4:5d:56:5c:6d:80:a1:f6:78:06:d5:a5:09:
b1:3e:d6:6e:8a:9e:e8:a6:db:a6:27:82:90:3c:a6:93:86:47:
35:8c:14:6e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVyTIPSKMhKpxeAhDp5e5xcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNmI5ZDU5M2FjNTRhYTZjYmI4Mzg4OTI3N2JhMjRmNTQw
Njc4ODkwHhcNMjMwMTAyMTE0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE1NmM0YTI0NGQ1MjlhNTEzMjdkZDMxMThhYmEyMGY1MmE0YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLpmzRQ33/r0Re6H3tb/oid/GtRj
WC189PzEoxmM6YexHBjq4bsuFjnILmfQldYqslKfx69m/gJrcmru3AmUKjeaJeqs
nFDTM9ECoLRV4XRmh2Yh7MV6qtCslQD+kACT3sQvRSqSJ18P2pVzQ9Zn+AiMjPHB
Vd+BsajcNKCag1g7//4FwXddcaMO8WCDjZBP9bFQgWTuYZOibzonaEW4t+mmp98f
FieKsoZQyLnAH8ucYHyfz3YCWOtM8bskSb6wbnd7aODJGlOUTrFabHxHlKi90sBR
wSmPtvmZFfeX+Qi0pc13EUh6ocH9NmiSJLf+FywZZhKT///11LG6PCkm6wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNilbEokTVKaUTJ90xGKuiD1KkqkMB8GA1UdIwQY
MBaAFM1rnVk6xUqmy7g4iSd7ok9UBniJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveld1ZFdUckZTcWJMdURpSkozdWlUMVFHZUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lNjhlMWItMzU2Yy00ODY4LTkwOWYt
NDI2MDZmNWFhNWI5LzEvMktWc1NpUk5VcHBSTW4zVEVZcTZJUFVxU3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9lNjhlMWItMzU2Yy00ODY4LTkwOWYtNDI2MDZmNWFhNWI5
LzEveld1ZFdUckZTcWJMdURpSkozdWlUMVFHZUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEXr6AMAwD
BAVevqADBABevsIDBAHAbQoDBAHAbSgwDQYJKoZIhvcNAQELBQADggEBAHRyCZT3
6rECmwqxZrYKrbr0qa+BCumcn0hP0uBSkhfU7yk0O7zJ8awqWuRVGrapA23k6kEg
YJ194Q7UKOumZ3CgWKxqbiThJIns2irf+pBZ65MTfarpGjaXk8kDBToHqC+5ekDh
nskCl4X65cYx8HOZPwZfABCDl63Ax6Q1P+fuJ+fRAo2hp1CAveJIhGqosQYc7NU7
T4Eo/7OyXcRIymo8KFBySJmCaiBWP7F9JivKFRjWKDlWn//8/bqf/GY8rmo3V/1y
nOwv9fkeb7kvM4uMHuZ7T1yR+IRDKidYpF1WXG2AofZ4BtWlCbE+1m6Knuim26Yn
gpA8ppOGRzWMFG4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:54 2024 by rpki-client on console-ams.rpki-client.org