Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/2iSDn5BJ6mw827NIVUW1PGu5tz0.roa
File: 2iSDn5BJ6mw827NIVUW1PGu5tz0.roa (raw, json)
Hash identifier: HAIxY9MJvcOttgXQtBnvkEGXMTK2HSPGu6CD2pjUyxI=
Subject key identifier: DA:24:83:9F:90:49:EA:6C:3C:DB:B3:48:55:45:B5:3C:6B:B9:B7:3D
Certificate issuer: /CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Certificate serial: 01856F54B1B4014CB120CCCAD046084AC362
Authority key identifier: 41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/2iSDn5BJ6mw827NIVUW1PGu5tz0.roa
Signing time: Sun 01 Jan 2023 21:54:59 +0000
ROA not before: Sun 01 Jan 2023 21:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29014
IP address blocks: 195.177.233.0/24 maxlen: 24
195.177.232.0/23 maxlen: 24
193.41.116.0/23 maxlen: 24
45.139.156.0/22 maxlen: 24
93.92.130.0/23 maxlen: 23
93.92.132.0/24 maxlen: 24
93.92.128.0/23 maxlen: 23
93.92.128.0/21 maxlen: 24
93.92.134.0/23 maxlen: 23
93.92.133.0/24 maxlen: 24
185.8.8.0/24 maxlen: 24
185.8.8.0/22 maxlen: 24
85.158.0.0/22 maxlen: 24
85.158.0.0/24 maxlen: 24
85.158.4.0/23 maxlen: 23
85.158.7.0/24 maxlen: 24
85.158.6.0/24 maxlen: 24
194.126.239.0/24 maxlen: 24
2a00:12e8:200::/40 maxlen: 40
2a00:12e8::/32 maxlen: 40
2a00:12e8:300::/40 maxlen: 40
2a00:12e8:100::/40 maxlen: 40
2a00:12e8:400::/40 maxlen: 40
2a00:12e8:500::/40 maxlen: 40
2a00:12e8::/40 maxlen: 40
2a00:12e8:600::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 14 Jun 2023 09:14:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:b1:b4:01:4c:b1:20:cc:ca:d0:46:08:4a:c3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Validity
Not Before: Jan 1 21:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da24839f9049ea6c3cdbb3485545b53c6bb9b73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9c:fe:68:36:56:64:d7:a8:0f:64:ac:0f:e3:
23:3d:73:36:3e:06:b5:4a:9f:87:72:f1:6c:52:a0:
f7:ce:67:e0:21:69:2e:8b:8d:8e:68:1a:28:28:c1:
08:07:f1:9e:0b:31:e5:fe:21:7d:85:f1:29:b5:44:
22:d8:56:97:11:0d:44:87:ec:49:4e:2e:33:cf:57:
65:13:41:8d:b3:37:fb:0e:99:7f:33:f2:bc:43:f0:
5d:a0:6f:5b:f0:e3:a2:19:73:fe:d3:8b:6c:eb:8e:
cb:16:f9:57:b2:83:27:44:26:bd:81:d4:59:7e:46:
b3:2f:ef:ff:cd:da:2a:b0:ad:2b:c6:ea:88:61:a8:
75:14:d0:e5:79:29:e2:35:d1:61:07:ca:42:f8:53:
11:f4:05:8b:52:21:ed:e0:e2:d7:c2:b1:a2:e3:f1:
c3:37:5a:9c:94:72:36:6d:b8:14:83:ce:dd:69:dd:
2a:fa:3b:02:52:84:6e:e4:18:90:90:73:7c:23:72:
89:6a:14:ab:ac:f8:9a:a8:59:08:97:19:3e:69:95:
26:f3:73:cf:ab:e2:6b:6a:8c:ff:00:52:7d:b1:bc:
0a:26:ce:2a:7c:c1:2f:5f:7e:36:35:2f:cd:a1:22:
35:59:e8:99:f5:61:78:97:a7:c8:06:7d:cb:40:47:
8c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:24:83:9F:90:49:EA:6C:3C:DB:B3:48:55:45:B5:3C:6B:B9:B7:3D
X509v3 Authority Key Identifier:
keyid:41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/2iSDn5BJ6mw827NIVUW1PGu5tz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/QbjC83vY1-BOdphaTO1FWddlHEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.156.0/22
85.158.0.0/21
93.92.128.0/21
185.8.8.0/22
193.41.116.0/23
194.126.239.0/24
195.177.232.0/23
IPv6:
2a00:12e8::/32
Signature Algorithm: sha256WithRSAEncryption
40:12:be:0a:6a:4f:2d:e4:50:b6:cf:d3:89:84:d2:e4:2c:fb:
45:72:00:28:5b:e6:e6:a0:0c:c5:bf:38:48:06:9a:e4:5d:10:
00:13:76:b4:43:34:aa:f2:ac:31:7a:c9:dd:5d:47:8f:d6:49:
f3:97:44:b5:d3:99:3d:9c:f4:19:e2:59:b5:1d:e4:7b:af:e3:
3a:68:cc:86:48:87:6a:62:37:80:34:60:b1:a5:1f:55:98:c0:
a5:2b:b0:97:de:9c:59:36:7b:96:1a:6a:f1:6e:c4:99:28:eb:
c8:e7:8f:2f:da:63:b7:88:fd:e1:38:d4:08:cf:8d:66:4d:06:
ca:c8:d6:5e:4c:00:3e:f3:13:5d:ea:be:9c:c6:f2:9a:12:ea:
30:20:97:5b:1b:4a:4c:9b:d7:0c:56:fb:17:98:d8:7e:54:ac:
dc:fa:56:51:09:7b:ac:a4:91:53:10:90:c3:0e:c3:ee:cd:5c:
08:6a:31:56:d2:dd:29:67:b6:69:23:9a:8e:22:75:79:db:a1:
a5:3b:11:de:e0:a0:3e:25:6b:fd:71:7a:16:6f:20:a1:03:16:
4d:be:81:ac:41:a5:37:8f:02:09:4c:78:25:35:0e:35:a0:29:
27:dc:59:24:aa:33:8c:65:49:22:ad:56:28:22:a9:72:f4:15:
6b:80:68:e6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVvVLG0AUyxIMzK0EYISsNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYjhjMmYzN2JkOGQ3ZTA0ZTc2OTg1YTRjZWQ0NTU5ZDc2
NTFjNDMwHhcNMjMwMTAxMjE1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTI0ODM5ZjkwNDllYTZjM2NkYmIzNDg1NTQ1YjUzYzZiYjliNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipz+aDZWZNeoD2SsD+MjPXM2Pga1
Sp+HcvFsUqD3zmfgIWkui42OaBooKMEIB/GeCzHl/iF9hfEptUQi2FaXEQ1Eh+xJ
Ti4zz1dlE0GNszf7Dpl/M/K8Q/BdoG9b8OOiGXP+04ts647LFvlXsoMnRCa9gdRZ
fkazL+//zdoqsK0rxuqIYah1FNDleSniNdFhB8pC+FMR9AWLUiHt4OLXwrGi4/HD
N1qclHI2bbgUg87dad0q+jsCUoRu5BiQkHN8I3KJahSrrPiaqFkIlxk+aZUm83PP
q+Jraoz/AFJ9sbwKJs4qfMEvX342NS/NoSI1WeiZ9WF4l6fIBn3LQEeMvQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNokg5+QSepsPNuzSFVFtTxrubc9MB8GA1UdIwQY
MBaAFEG4wvN72NfgTnaYWkztRVnXZRxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjIt
MjgxOGY2NTc4ZDFiLzEvMmlTRG41Qko2bXc4MjdOSVZVVzFQR3U1dHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjItMjgxOGY2NTc4ZDFi
LzEvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLYucAwQD
VZ4AAwQDXVyAAwQCuQgIAwQBwSl0AwQAwn7vAwQBw7HoMA0EAgACMAcDBQAqABLo
MA0GCSqGSIb3DQEBCwUAA4IBAQBAEr4Kak8t5FC2z9OJhNLkLPtFcgAoW+bmoAzF
vzhIBprkXRAAE3a0QzSq8qwxesndXUeP1knzl0S105k9nPQZ4lm1HeR7r+M6aMyG
SIdqYjeANGCxpR9VmMClK7CX3pxZNnuWGmrxbsSZKOvI548v2mO3iP3hONQIz41m
TQbKyNZeTAA+8xNd6r6cxvKaEuowIJdbG0pMm9cMVvsXmNh+VKzc+lZRCXuspJFT
EJDDDsPuzVwIajFW0t0pZ7ZpI5qOInV526GlOxHe4KA+JWv9cXoWbyChAxZNvoGs
QaU3jwIJTHglNQ41oCkn3FkkqjOMZUkirVYoIqly9BVrgGjm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:48 2024 by rpki-client on console-ams.rpki-client.org