Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/2uAwDyit1jFb2CEWrxmiQyfCVvM.roa
File: 2uAwDyit1jFb2CEWrxmiQyfCVvM.roa (raw, json)
Hash identifier: Fo9Phj8vV61v3VM/E4AoGQIZ2Lg/y4dC14YgIfh5ZIg=
Subject key identifier: DA:E0:30:0F:28:AD:D6:31:5B:D8:21:16:AF:19:A2:43:27:C2:56:F3
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 01857094E801B24B121BE14AB7E34994BC1C
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/2uAwDyit1jFb2CEWrxmiQyfCVvM.roa
Signing time: Mon 02 Jan 2023 03:44:44 +0000
ROA not before: Mon 02 Jan 2023 03:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8437
IP address blocks: 62.218.100.0/24 maxlen: 24
178.114.0.0/16 maxlen: 16
81.189.213.0/24 maxlen: 24
81.189.212.0/22 maxlen: 22
81.189.212.0/24 maxlen: 24
81.189.215.0/24 maxlen: 24
81.189.214.0/24 maxlen: 24
91.186.128.0/19 maxlen: 19
77.119.32.0/19 maxlen: 19
178.115.96.0/19 maxlen: 19
188.118.192.0/18 maxlen: 18
212.152.128.0/17 maxlen: 17
62.218.52.0/24 maxlen: 24
78.142.128.0/18 maxlen: 18
62.116.0.0/19 maxlen: 19
62.116.5.0/24 maxlen: 24
213.235.196.0/24 maxlen: 24
213.235.192.0/18 maxlen: 18
62.218.164.0/24 maxlen: 24
62.218.165.0/24 maxlen: 24
77.119.64.0/18 maxlen: 18
62.218.169.0/24 maxlen: 24
62.218.168.0/24 maxlen: 24
62.218.174.0/24 maxlen: 24
62.218.175.0/24 maxlen: 24
46.57.0.0/17 maxlen: 17
62.116.121.0/24 maxlen: 24
212.27.64.0/18 maxlen: 18
81.189.0.0/16 maxlen: 16
195.96.0.0/19 maxlen: 19
46.57.72.0/22 maxlen: 22
86.59.0.0/17 maxlen: 17
62.116.64.0/18 maxlen: 18
62.116.83.0/24 maxlen: 24
62.116.84.0/24 maxlen: 24
195.70.224.0/19 maxlen: 19
77.118.0.0/16 maxlen: 16
213.235.234.0/24 maxlen: 24
213.129.224.0/19 maxlen: 19
213.90.0.0/17 maxlen: 17
62.218.4.0/24 maxlen: 24
62.218.0.0/16 maxlen: 16
195.248.32.0/19 maxlen: 19
2001:858::/32 maxlen: 32
2001:938::/32 maxlen: 48
2001:858:40::/45 maxlen: 45
Validation: Failed, certificate revoked on Tue 03 Oct 2023 07:35:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:e8:01:b2:4b:12:1b:e1:4a:b7:e3:49:94:bc:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Jan 2 03:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dae0300f28add6315bd82116af19a24327c256f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:07:66:4b:56:f7:6f:35:35:01:47:89:cc:c6:
4a:76:bd:85:c6:ba:c4:17:78:81:6c:a7:70:fe:a0:
bc:41:fc:87:9f:a1:f7:0a:63:7a:c4:42:85:f3:95:
93:80:aa:0e:05:45:14:74:25:fc:10:78:65:a0:11:
b4:0e:29:15:0b:b1:f2:cc:28:75:50:d0:4f:c5:03:
8a:f8:83:b2:25:8b:45:f8:6d:22:41:80:3f:8e:9e:
2c:7e:b5:90:36:d3:03:a6:79:d1:a3:3e:57:3e:c4:
52:da:83:9c:f6:6b:94:e0:bf:bf:ee:4f:55:b3:29:
7a:1a:7b:f6:5b:03:e4:21:79:e5:93:7c:c0:8f:a7:
45:c9:0f:54:00:97:87:85:0d:03:31:a0:41:20:ba:
ed:0b:c6:8f:c9:9a:a5:a0:41:5f:c5:fc:a9:a8:e0:
cc:b3:47:80:dd:4a:b8:e3:51:5e:f7:a1:e3:83:13:
ee:3a:dd:f9:64:18:3a:97:4e:a8:f8:2a:4c:6d:01:
de:07:9a:82:d8:9a:36:11:ef:de:93:9b:2d:24:33:
a5:37:cd:f4:91:ec:2b:a5:1a:4a:bb:ca:50:01:93:
2e:3e:b2:be:b3:33:45:1f:49:0b:53:90:f2:54:af:
48:29:4a:c1:03:3b:c9:1c:2d:00:56:ac:53:4b:a6:
17:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E0:30:0F:28:AD:D6:31:5B:D8:21:16:AF:19:A2:43:27:C2:56:F3
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/2uAwDyit1jFb2CEWrxmiQyfCVvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.57.0.0/17
62.116.0.0/19
62.116.64.0/18
62.218.0.0/16
77.118.0.0/16
77.119.32.0-77.119.127.255
78.142.128.0/18
81.189.0.0/16
86.59.0.0/17
91.186.128.0/19
178.114.0.0/16
178.115.96.0/19
188.118.192.0/18
195.70.224.0/19
195.96.0.0/19
195.248.32.0/19
212.27.64.0/18
212.152.128.0/17
213.90.0.0/17
213.129.224.0/19
213.235.192.0/18
IPv6:
2001:858::/32
2001:938::/32
Signature Algorithm: sha256WithRSAEncryption
60:3b:7e:22:99:51:c9:bd:2c:83:ce:aa:7e:fe:61:fc:36:a9:
e5:1a:1a:61:09:6c:10:fb:70:f6:49:ec:01:d5:9c:e5:4b:56:
6f:9c:69:e1:a2:ca:bf:3c:92:82:e6:72:d8:1f:e4:78:82:42:
3a:62:28:af:f1:d8:1e:30:93:75:50:e0:fd:8c:7d:d5:31:d9:
5c:eb:07:bd:29:cd:40:d9:ba:a9:4b:a7:c5:f1:23:06:a2:36:
bf:58:f4:9a:86:ef:c2:01:ba:8d:02:62:cf:34:7e:97:98:70:
45:0c:1a:8c:34:90:44:cf:d8:ca:21:9e:c8:91:c1:ec:46:4c:
d3:b5:33:c9:00:69:d1:bd:78:ce:01:17:2c:e5:e0:be:90:a5:
e3:1a:11:37:ef:e7:09:b3:55:4f:b9:17:59:47:cb:de:44:e5:
ce:f2:a5:d6:01:b4:6e:f2:cd:4a:2b:62:01:5c:55:3b:a8:66:
5f:26:6a:2f:27:d1:1a:3d:54:6c:d8:c3:ea:1a:e1:ad:ca:e3:
85:88:9f:c3:30:70:95:02:a0:09:f9:d4:fb:30:aa:2d:45:c4:
ab:d6:ec:c4:23:4f:20:ea:50:50:c2:43:72:1a:97:97:7f:31:
4d:ed:5c:8a:7e:4a:ba:74:ab:7d:af:2d:2c:dc:13:ec:7a:95:
59:6a:c4:a3
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYVwlOgBsksSG+FKt+NJlLwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMwMTAyMDM0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWUwMzAwZjI4YWRkNjMxNWJkODIxMTZhZjE5YTI0MzI3YzI1NmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAdmS1b3bzU1AUeJzMZKdr2FxrrE
F3iBbKdw/qC8QfyHn6H3CmN6xEKF85WTgKoOBUUUdCX8EHhloBG0DikVC7HyzCh1
UNBPxQOK+IOyJYtF+G0iQYA/jp4sfrWQNtMDpnnRoz5XPsRS2oOc9muU4L+/7k9V
syl6Gnv2WwPkIXnlk3zAj6dFyQ9UAJeHhQ0DMaBBILrtC8aPyZqloEFfxfypqODM
s0eA3Uq441Fe96HjgxPuOt35ZBg6l06o+CpMbQHeB5qC2Jo2Ee/ek5stJDOlN830
kewrpRpKu8pQAZMuPrK+szNFH0kLU5DyVK9IKUrBAzvJHC0AVqxTS6YXcQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFNrgMA8ordYxW9ghFq8ZokMnwlbzMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvMnVBd0R5aXQxakZiMkNFV3J4bWlReWZDVnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBiQQCAAEwgYIDBAcu
OQADBAU+dAADBAY+dEADAwA+2gMDAE12MAwDBAVNdyADBAdNdwADBAZOjoADAwBR
vQMEB1Y7AAMEBVu6gAMDALJyAwQFsnNgAwQGvHbAAwQFw0bgAwQFw2AAAwQFw/gg
AwQG1BtAAwQH1JiAAwQH1VoAAwQF1YHgAwQG1evAMBQEAgACMA4DBQAgAQhYAwUA
IAEJODANBgkqhkiG9w0BAQsFAAOCAQEAYDt+IplRyb0sg86qfv5h/Dap5RoaYQls
EPtw9knsAdWc5UtWb5xp4aLKvzySguZy2B/keIJCOmIor/HYHjCTdVDg/Yx91THZ
XOsHvSnNQNm6qUunxfEjBqI2v1j0mobvwgG6jQJizzR+l5hwRQwajDSQRM/YyiGe
yJHB7EZM07UzyQBp0b14zgEXLOXgvpCl4xoRN+/nCbNVT7kXWUfL3kTlzvKl1gG0
bvLNSitiAVxVO6hmXyZqLyfRGj1UbNjD6hrhrcrjhYifwzBwlQKgCfnU+zCqLUXE
q9bsxCNPIOpQUMJDchqXl38xTe1cin5KunSrfa8tLNwT7HqVWWrEow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:17 2024 by rpki-client on console-fra.rpki-client.org