Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/c2c03e-56e1-403a-93de-e23ad799b1d1/1/2UlRGgjwHe-6mmsBHuYSt8FGQ2I.roa
File: 2UlRGgjwHe-6mmsBHuYSt8FGQ2I.roa (raw, json)
Hash identifier: zGV2VrrZsUyur7IAAkRStNLS0HYCatdGh03tHAbfWF8=
Subject key identifier: D9:49:51:1A:08:F0:1D:EF:BA:9A:6B:01:1E:E6:12:B7:C1:46:43:62
Certificate issuer: /CN=81c11512eee8fed91c422f33b658d68bc34eb780
Certificate serial: 018CC42530D55CD59A0E641704C1EAF73E9A
Authority key identifier: 81:C1:15:12:EE:E8:FE:D9:1C:42:2F:33:B6:58:D6:8B:C3:4E:B7:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcEVEu7o_tkcQi8ztljWi8NOt4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/c2c03e-56e1-403a-93de-e23ad799b1d1/1/2UlRGgjwHe-6mmsBHuYSt8FGQ2I.roa
Signing time: Mon 01 Jan 2024 08:30:20 +0000
ROA not before: Mon 01 Jan 2024 08:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50625
IP address blocks: 178.212.160.0/21 maxlen: 21
94.232.216.0/21 maxlen: 21
192.162.172.0/24 maxlen: 24
192.162.173.0/24 maxlen: 24
192.162.174.0/24 maxlen: 24
192.162.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:30:d5:5c:d5:9a:0e:64:17:04:c1:ea:f7:3e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c11512eee8fed91c422f33b658d68bc34eb780
Validity
Not Before: Jan 1 08:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d949511a08f01defba9a6b011ee612b7c1464362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:62:77:cc:34:95:fd:35:23:08:d8:40:12:38:
14:73:f2:9b:42:46:f0:5e:81:10:7c:07:f8:d4:4f:
d3:02:23:e6:b4:95:97:e3:ad:a7:dc:18:50:c0:02:
51:78:f4:4f:21:44:79:35:a4:b4:f8:1c:a6:6d:c1:
f7:28:3c:fd:62:13:4a:af:0b:62:6d:a9:86:6a:2b:
20:d1:7b:da:28:27:17:b1:45:e7:d8:b7:08:41:f1:
a1:14:22:30:24:49:9c:e6:c4:c8:b0:b1:2e:23:eb:
59:03:2f:07:0b:8a:5f:50:3b:4f:08:39:0f:1f:e7:
d1:6f:55:e4:2b:79:79:db:fb:21:31:bd:e2:ef:ee:
91:ad:fc:b8:4f:ca:75:c8:5c:92:29:7e:22:c1:70:
21:a6:ee:52:67:de:29:47:fe:8f:3c:27:49:3a:0d:
44:b2:23:2e:4d:b5:6e:3e:c6:e6:1f:59:49:32:21:
8c:f1:ef:de:ad:4a:0c:9d:45:95:7b:e4:ea:7f:86:
33:d0:5d:bf:c5:ad:ed:ed:c5:f5:da:d1:b0:a5:aa:
0f:84:7d:0a:26:db:ec:02:fc:c8:fd:62:2b:40:db:
96:55:7d:22:e3:d0:ba:2f:53:7d:e1:c4:84:81:36:
82:66:d9:0a:1f:96:51:50:7a:f6:d5:98:09:83:2f:
f5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:49:51:1A:08:F0:1D:EF:BA:9A:6B:01:1E:E6:12:B7:C1:46:43:62
X509v3 Authority Key Identifier:
keyid:81:C1:15:12:EE:E8:FE:D9:1C:42:2F:33:B6:58:D6:8B:C3:4E:B7:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcEVEu7o_tkcQi8ztljWi8NOt4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/c2c03e-56e1-403a-93de-e23ad799b1d1/1/2UlRGgjwHe-6mmsBHuYSt8FGQ2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/c2c03e-56e1-403a-93de-e23ad799b1d1/1/gcEVEu7o_tkcQi8ztljWi8NOt4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.216.0/21
178.212.160.0/21
192.162.172.0/22
Signature Algorithm: sha256WithRSAEncryption
86:e0:c7:30:31:d9:79:3a:fe:09:fe:c5:98:1c:fe:4d:6a:a5:
1c:14:d0:f0:39:a6:f0:3a:fa:22:0a:46:ef:fa:e4:2b:83:37:
4f:63:7d:ea:9d:d9:08:d1:d3:36:49:d7:ab:8c:0e:84:56:58:
18:54:18:ca:df:5b:d0:ab:e8:5c:0d:33:27:36:2c:b7:4c:88:
45:ee:cc:e7:cb:74:12:22:11:87:3e:2d:7f:3a:5a:c5:fe:e2:
48:f7:87:41:98:7c:7c:48:fb:7a:d1:6f:8c:20:bd:8c:5a:c1:
ea:37:42:b5:b3:ee:a7:f6:82:38:c3:81:50:c7:6c:13:21:10:
fe:4e:05:f3:c5:76:51:75:59:1e:eb:29:09:6b:5b:26:59:3a:
58:f9:49:db:a5:bd:c3:1f:9b:5a:d3:cd:8c:76:f3:07:5b:c3:
13:41:ea:1a:17:f8:66:77:e9:fa:15:da:c5:66:3a:8e:36:54:
45:7a:70:2d:6c:66:77:48:fe:bb:0f:81:13:82:12:f7:15:60:
a3:5b:b1:4f:9e:dd:fe:af:1b:38:72:6c:9e:87:10:19:1b:93:
35:1a:92:d7:59:53:41:dc:a1:54:7d:a2:11:8e:ee:bf:09:ac:
57:05:c5:4c:76:12:67:f7:f1:a3:84:0c:76:43:59:76:e8:4c:
dc:e2:89:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJTDVXNWaDmQXBMHq9z6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzExNTEyZWVlOGZlZDkxYzQyMmYzM2I2NThkNjhiYzM0
ZWI3ODAwHhcNMjQwMTAxMDgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ5NTExYTA4ZjAxZGVmYmE5YTZiMDExZWU2MTJiN2MxNDY0MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmJ3zDSV/TUjCNhAEjgUc/KbQkbw
XoEQfAf41E/TAiPmtJWX462n3BhQwAJRePRPIUR5NaS0+BymbcH3KDz9YhNKrwti
bamGaisg0XvaKCcXsUXn2LcIQfGhFCIwJEmc5sTIsLEuI+tZAy8HC4pfUDtPCDkP
H+fRb1XkK3l52/shMb3i7+6Rrfy4T8p1yFySKX4iwXAhpu5SZ94pR/6PPCdJOg1E
siMuTbVuPsbmH1lJMiGM8e/erUoMnUWVe+Tqf4Yz0F2/xa3t7cX12tGwpaoPhH0K
JtvsAvzI/WIrQNuWVX0i49C6L1N94cSEgTaCZtkKH5ZRUHr21ZgJgy/1fwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNlJURoI8B3vupprAR7mErfBRkNiMB8GA1UdIwQY
MBaAFIHBFRLu6P7ZHEIvM7ZY1ovDTreAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NFVkV1N29fdGtjUWk4enRsaldpOE5PdDRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9jMmMwM2UtNTZlMS00MDNhLTkzZGUt
ZTIzYWQ3OTliMWQxLzEvMlVsUkdnandIZS02bW1zQkh1WVN0OEZHUTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9jMmMwM2UtNTZlMS00MDNhLTkzZGUtZTIzYWQ3OTliMWQx
LzEvZ2NFVkV1N29fdGtjUWk4enRsaldpOE5PdDRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXujYAwQD
stSgAwQCwKKsMA0GCSqGSIb3DQEBCwUAA4IBAQCG4McwMdl5Ov4J/sWYHP5NaqUc
FNDwOabwOvoiCkbv+uQrgzdPY33qndkI0dM2SderjA6EVlgYVBjK31vQq+hcDTMn
Niy3TIhF7szny3QSIhGHPi1/OlrF/uJI94dBmHx8SPt60W+MIL2MWsHqN0K1s+6n
9oI4w4FQx2wTIRD+TgXzxXZRdVke6ykJa1smWTpY+Unbpb3DH5ta082MdvMHW8MT
QeoaF/hmd+n6FdrFZjqONlRFenAtbGZ3SP67D4ETghL3FWCjW7FPnt3+rxs4cmye
hxAZG5M1GpLXWVNB3KFUfaIRju6/CaxXBcVMdhJn9/GjhAx2Q1l26Ezc4olt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:34 2025 by rpki-client