Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/37b34d-1212-4eca-a236-8f62d7dc1699/1/2-dqSzIiDIx6Kwd3pS6hil6kLv0.roa
File: 2-dqSzIiDIx6Kwd3pS6hil6kLv0.roa (raw, json)
Hash identifier: 3XnexdrnEHRiJuLeeB6xbM5lrXx4K+aNAwzzBV9i+SE=
Subject key identifier: DB:E7:6A:4B:32:22:0C:8C:7A:2B:07:77:A5:2E:A1:8A:5E:A4:2E:FD
Certificate issuer: /CN=c415e9274e9d1fe46203c1e06b1b0dc85e612453
Certificate serial: 0185703036CC5B559BAA927DFB1836DF24C8
Authority key identifier: C4:15:E9:27:4E:9D:1F:E4:62:03:C1:E0:6B:1B:0D:C8:5E:61:24:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBXpJ06dH-RiA8HgaxsNyF5hJFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/37b34d-1212-4eca-a236-8f62d7dc1699/1/2-dqSzIiDIx6Kwd3pS6hil6kLv0.roa
Signing time: Mon 02 Jan 2023 01:54:46 +0000
ROA not before: Mon 02 Jan 2023 01:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49821
IP address blocks: 91.202.196.0/22 maxlen: 22
176.126.48.0/24 maxlen: 24
176.126.48.0/21 maxlen: 21
176.126.49.0/24 maxlen: 24
91.235.186.0/24 maxlen: 24
91.235.184.0/22 maxlen: 22
91.235.185.0/24 maxlen: 24
176.108.144.0/21 maxlen: 21
91.235.184.0/24 maxlen: 24
91.235.187.0/24 maxlen: 24
185.244.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:36:cc:5b:55:9b:aa:92:7d:fb:18:36:df:24:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c415e9274e9d1fe46203c1e06b1b0dc85e612453
Validity
Not Before: Jan 2 01:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbe76a4b32220c8c7a2b0777a52ea18a5ea42efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2f:92:41:8c:57:de:f3:16:f1:dd:4f:ed:07:
a3:c6:57:a9:1d:76:e3:aa:82:6b:43:e7:95:d6:c4:
37:66:e4:51:ee:6b:9c:e6:4a:13:e8:09:ad:55:5e:
61:e6:5c:d4:78:65:6d:1a:c4:5a:ac:12:66:72:51:
0a:18:77:a5:a7:d1:7c:23:54:7d:f3:d5:92:e3:36:
49:f0:0c:c2:5c:62:8d:00:11:d7:bb:5d:d0:d0:19:
ad:37:a4:5b:98:30:bd:95:54:37:61:8f:8e:8e:d5:
b4:5e:41:99:eb:5b:46:1e:94:12:9d:64:a4:63:4a:
55:56:d2:3f:04:94:23:53:98:63:f3:ca:b4:8a:2d:
44:69:30:4d:8c:b7:35:d9:13:b6:e5:b4:1f:58:a7:
8f:a7:fa:90:ad:74:46:5c:75:3c:40:81:12:83:f6:
cb:ea:31:c4:8f:70:a0:78:e3:05:1f:72:d5:a9:a5:
f5:01:8c:b6:9d:88:8e:5f:9e:1d:d6:6c:53:21:ae:
f4:5b:aa:73:81:1b:64:61:81:83:39:c1:0b:e3:dc:
8c:7a:97:d7:3a:7a:2a:7f:04:06:de:45:8f:82:f5:
53:24:04:87:bb:2d:ed:e2:33:06:df:4b:3a:60:ce:
b2:0b:2c:82:3d:b2:a9:2d:0d:5c:01:01:a2:b5:fd:
08:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E7:6A:4B:32:22:0C:8C:7A:2B:07:77:A5:2E:A1:8A:5E:A4:2E:FD
X509v3 Authority Key Identifier:
keyid:C4:15:E9:27:4E:9D:1F:E4:62:03:C1:E0:6B:1B:0D:C8:5E:61:24:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBXpJ06dH-RiA8HgaxsNyF5hJFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/37b34d-1212-4eca-a236-8f62d7dc1699/1/2-dqSzIiDIx6Kwd3pS6hil6kLv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/37b34d-1212-4eca-a236-8f62d7dc1699/1/xBXpJ06dH-RiA8HgaxsNyF5hJFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.196.0/22
91.235.184.0/22
176.108.144.0/21
176.126.48.0/21
185.244.76.0/22
Signature Algorithm: sha256WithRSAEncryption
96:b7:03:a6:7c:92:90:19:93:3b:a6:27:0b:2d:34:b4:3e:61:
9f:40:3b:ef:38:49:32:ff:11:09:f4:43:b9:2c:9d:df:f6:e8:
22:f3:6f:9a:b5:76:4c:95:da:5e:8d:bf:b3:57:92:7b:6d:1d:
b5:0e:24:4e:73:f6:8e:bf:a6:29:6a:1f:09:54:18:a3:38:98:
4c:66:97:93:a1:de:69:d1:25:5d:58:35:cb:17:ba:bc:ba:f9:
6c:ad:5b:0b:a3:9f:f6:ed:42:30:69:71:56:b9:d1:e0:50:12:
f0:70:2e:cf:64:20:13:22:25:d4:9d:31:80:8f:6d:ee:7e:aa:
d5:84:a4:83:a0:dd:b2:7b:4c:00:77:c1:65:49:40:25:8f:0c:
7e:10:c1:3a:e2:fd:55:0f:f2:18:ec:24:96:82:b0:7c:e3:d4:
1d:e2:8e:2f:6c:24:af:ae:ba:57:a0:86:cf:ee:89:0c:bc:ba:
74:43:75:c9:c4:7d:21:c0:20:27:26:5e:6a:5a:b5:3a:8a:d8:
28:af:d6:98:44:d8:23:7d:02:48:7e:d5:88:84:76:52:b5:bb:
bc:2c:8d:c6:0d:7d:b6:61:a1:ba:95:db:9b:05:02:29:13:3d:
fa:d4:cd:4e:e2:f6:2b:1b:2c:52:56:41:fa:00:06:a0:5f:6d:
b6:72:50:0c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwMDbMW1WbqpJ9+xg23yTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTVlOTI3NGU5ZDFmZTQ2MjAzYzFlMDZiMWIwZGM4NWU2
MTI0NTMwHhcNMjMwMTAyMDE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmU3NmE0YjMyMjIwYzhjN2EyYjA3NzdhNTJlYTE4YTVlYTQyZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy+SQYxX3vMW8d1P7QejxlepHXbj
qoJrQ+eV1sQ3ZuRR7muc5koT6AmtVV5h5lzUeGVtGsRarBJmclEKGHelp9F8I1R9
89WS4zZJ8AzCXGKNABHXu13Q0BmtN6RbmDC9lVQ3YY+OjtW0XkGZ61tGHpQSnWSk
Y0pVVtI/BJQjU5hj88q0ii1EaTBNjLc12RO25bQfWKePp/qQrXRGXHU8QIESg/bL
6jHEj3CgeOMFH3LVqaX1AYy2nYiOX54d1mxTIa70W6pzgRtkYYGDOcEL49yMepfX
OnoqfwQG3kWPgvVTJASHuy3t4jMG30s6YM6yCyyCPbKpLQ1cAQGitf0IJQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNvnaksyIgyMeisHd6UuoYpepC79MB8GA1UdIwQY
MBaAFMQV6SdOnR/kYgPB4GsbDcheYSRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJYcEowNmRILVJpQThIZ2F4c055RjVoSkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8zN2IzNGQtMTIxMi00ZWNhLWEyMzYt
OGY2MmQ3ZGMxNjk5LzEvMi1kcVN6SWlESXg2S3dkM3BTNmhpbDZrTHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8zN2IzNGQtMTIxMi00ZWNhLWEyMzYtOGY2MmQ3ZGMxNjk5
LzEveEJYcEowNmRILVJpQThIZ2F4c055RjVoSkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8rEAwQC
W+u4AwQDsGyQAwQDsH4wAwQCufRMMA0GCSqGSIb3DQEBCwUAA4IBAQCWtwOmfJKQ
GZM7picLLTS0PmGfQDvvOEky/xEJ9EO5LJ3f9ugi82+atXZMldpejb+zV5J7bR21
DiROc/aOv6Ypah8JVBijOJhMZpeTod5p0SVdWDXLF7q8uvlsrVsLo5/27UIwaXFW
udHgUBLwcC7PZCATIiXUnTGAj23ufqrVhKSDoN2ye0wAd8FlSUAljwx+EME64v1V
D/IY7CSWgrB849Qd4o4vbCSvrrpXoIbP7okMvLp0Q3XJxH0hwCAnJl5qWrU6itgo
r9aYRNgjfQJIftWIhHZStbu8LI3GDX22YaG6ldubBQIpEz361M1O4vYrGyxSVkH6
AAagX222clAM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:17 2024 by rpki-client on console-ams.rpki-client.org