Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8p2ai1C2RkOj-8Azqrpdl808I1w.roa
File: 8p2ai1C2RkOj-8Azqrpdl808I1w.roa (raw, json)
Hash identifier: UQNvRB71qbIdVcblAa5sXGCUek3hSYiNPGJP31VJirY=
Subject key identifier: F2:9D:9A:8B:50:B6:46:43:A3:FB:C0:33:AA:BA:5D:97:CD:3C:23:5C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F2E8B77D096345CC68D85480AD6C6C6C4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8p2ai1C2RkOj-8Azqrpdl808I1w.roa
Signing time: Tue 30 Apr 2024 10:27:22 +0000
ROA not before: Tue 30 Apr 2024 10:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 09:10:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:8b:77:d0:96:34:5c:c6:8d:85:48:0a:d6:c6:c6:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 30 10:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f29d9a8b50b64643a3fbc033aaba5d97cd3c235c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f9:92:ea:9f:76:f0:9c:42:5c:c5:4a:53:c8:
63:dc:2b:65:92:03:a9:d8:19:5d:9d:48:79:d9:84:
8b:17:e3:a4:f9:eb:44:a2:54:9f:76:db:d1:37:fe:
bb:ce:e6:88:a3:c9:0e:33:74:21:88:96:c9:2d:ee:
c5:a0:93:b9:07:76:2a:8c:c9:ac:dd:45:bc:22:16:
3d:b1:6c:48:c0:07:ad:c6:11:d0:4d:fb:57:81:96:
23:c8:2e:5d:6c:e6:86:32:69:3c:51:1b:bb:5b:ac:
49:5f:29:9e:60:6f:76:b4:6b:e5:81:9d:a6:8b:98:
5c:ca:31:e9:63:dd:be:e0:6d:30:28:23:b7:4f:21:
fb:1f:fd:2b:42:8b:d7:61:b3:b7:9d:4e:55:bc:c3:
6d:be:3a:e7:ce:91:48:8c:29:a6:6b:b5:12:e6:31:
0d:11:8a:d6:4d:8b:d0:5f:4f:ad:b8:58:e3:8b:2a:
a1:21:41:a2:74:0f:2a:11:21:18:d9:0c:08:19:ed:
44:29:c4:2e:b8:f5:e9:68:a2:3e:d0:b0:1b:60:9b:
ca:fa:f8:5e:12:85:f7:db:b1:b8:c2:4f:ac:d3:68:
d4:58:bc:27:bc:78:ac:ea:83:2a:8f:3a:1a:37:9d:
3a:f9:1d:25:22:e9:f0:4f:15:97:15:2c:d1:72:bf:
b9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9D:9A:8B:50:B6:46:43:A3:FB:C0:33:AA:BA:5D:97:CD:3C:23:5C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8p2ai1C2RkOj-8Azqrpdl808I1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.88.64.0/24
79.110.51.0/24
87.120.166.0/24
92.119.198.0/24
94.154.162.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
185.222.161.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
194.55.225.0/24
Signature Algorithm: sha256WithRSAEncryption
07:8d:5d:43:fa:85:c6:5e:15:10:cb:15:37:a4:04:be:ed:1c:
1b:28:5f:a6:da:d7:d8:ed:a9:e7:3c:9d:26:d3:4b:e5:2c:bd:
13:cd:fb:67:09:f3:32:bc:ed:2e:71:58:a4:46:bb:f2:7f:90:
62:86:46:df:66:87:5e:4f:e4:2a:e3:77:1f:b1:c1:d2:a2:fc:
d5:31:12:a2:a2:ee:c1:7a:a0:d6:ea:c5:f9:25:24:3a:11:05:
1d:74:e4:81:38:24:b2:ef:e4:19:3b:98:4b:f6:f1:95:5b:03:
6b:ae:c7:ce:85:24:6d:80:9c:9a:96:3c:6a:cc:1e:e3:78:3f:
fc:63:1e:84:c6:e5:fb:70:2c:fa:df:e5:fd:66:00:ee:41:98:
6b:21:99:29:75:8a:03:9c:c8:cd:ba:4b:43:a8:8b:4c:e4:f7:
13:ed:a3:4a:83:0f:d1:c9:e4:fd:f7:6c:b5:6c:cd:78:b6:e3:
cf:de:9e:be:fe:e3:72:cf:33:71:6d:48:24:0c:e2:3a:01:ff:
e5:a1:ea:50:fe:d5:5d:1b:fd:81:88:1b:4e:1b:6f:91:53:4f:
a9:d7:1e:9d:86:4a:9b:02:7c:d7:26:4b:45:f0:e1:92:56:74:
3b:2d:25:da:e6:86:ac:2c:9d:da:df:65:dd:11:fc:ef:13:80:
b3:8e:0d:0b
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAY8ui3fQljRcxo2FSArWxsbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDMwMTAyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjlkOWE4YjUwYjY0NjQzYTNmYmMwMzNhYWJhNWQ5N2NkM2MyMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPmS6p928JxCXMVKU8hj3CtlkgOp
2BldnUh52YSLF+Ok+etEolSfdtvRN/67zuaIo8kOM3QhiJbJLe7FoJO5B3YqjMms
3UW8IhY9sWxIwAetxhHQTftXgZYjyC5dbOaGMmk8URu7W6xJXymeYG92tGvlgZ2m
i5hcyjHpY92+4G0wKCO3TyH7H/0rQovXYbO3nU5VvMNtvjrnzpFIjCmma7US5jEN
EYrWTYvQX0+tuFjjiyqhIUGidA8qESEY2QwIGe1EKcQuuPXpaKI+0LAbYJvK+vhe
EoX327G4wk+s02jUWLwnvHis6oMqjzoaN506+R0lIunwTxWXFSzRcr+56wIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFPKdmotQtkZDo/vAM6q6XZfNPCNcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOHAyYWkxQzJSa09qLThBenFycGRsODA4STF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAAI7/QME
AC1YQAMEAE9uMwMEAFd4pgMEAFx3xgMEAF6aogMEAG3O7wMEALLX4QMEALLX4zAM
AwQAud6hAwQAud6iAwQAufbfAwQAwRnZAwQAwSUoAwQAwSUqAwQAwSUsAwQAwd5h
AwQAwjfhMA0GCSqGSIb3DQEBCwUAA4IBAQAHjV1D+oXGXhUQyxU3pAS+7RwbKF+m
2tfY7annPJ0m00vlLL0TzftnCfMyvO0ucVikRrvyf5BihkbfZodeT+Qq43cfscHS
ovzVMRKiou7BeqDW6sX5JSQ6EQUddOSBOCSy7+QZO5hL9vGVWwNrrsfOhSRtgJya
ljxqzB7jeD/8Yx6ExuX7cCz63+X9ZgDuQZhrIZkpdYoDnMjNuktDqItM5PcT7aNK
gw/RyeT992y1bM14tuPP3p6+/uNyzzNxbUgkDOI6Af/loepQ/tVdG/2BiBtOG2+R
U0+p1x6dhkqbAnzXJktF8OGSVnQ7LSXa5oasLJ3a32XdEfzvE4Czjg0L
-----END CERTIFICATE-----
Generated at Thu May 9 12:21:33 2024 by rpki-client on console-fra.rpki-client.org