Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/2X86zD8tGDDDXvirebqPFJefzA4.roa
File: 2X86zD8tGDDDXvirebqPFJefzA4.roa (raw, json)
Hash identifier: cvYaPFNg7FocA9bFEpAnNITEKC9RAMDVXz6GSzaJZy4=
Subject key identifier: D9:7F:3A:CC:3F:2D:18:30:C3:5E:F8:AB:79:BA:8F:14:97:9F:CC:0E
Certificate issuer: /CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Certificate serial: 01856BEEEAC16617268CEF925E75CBB61E54
Authority key identifier: 5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/2X86zD8tGDDDXvirebqPFJefzA4.roa
Signing time: Sun 01 Jan 2023 06:04:57 +0000
ROA not before: Sun 01 Jan 2023 06:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34373
IP address blocks: 185.97.228.0/22 maxlen: 22
185.165.68.0/22 maxlen: 22
45.128.64.0/22 maxlen: 24
86.48.68.0/22 maxlen: 22
91.219.76.0/22 maxlen: 22
185.63.56.0/22 maxlen: 24
185.96.44.0/22 maxlen: 24
193.105.233.0/24 maxlen: 24
185.56.52.0/22 maxlen: 22
185.69.204.0/22 maxlen: 22
45.132.40.0/22 maxlen: 22
185.116.40.0/22 maxlen: 23
185.210.128.0/22 maxlen: 24
217.61.253.0/24 maxlen: 24
2a0b:ec00::/29 maxlen: 29
2a00:4140::/29 maxlen: 48
2a06:7bc0::/29 maxlen: 29
2a0b:57c0::/29 maxlen: 36
2a06:900::/29 maxlen: 36
Validation: Failed, certificate revoked on Wed 28 Jun 2023 17:09:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:ea:c1:66:17:26:8c:ef:92:5e:75:cb:b6:1e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Validity
Not Before: Jan 1 06:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d97f3acc3f2d1830c35ef8ab79ba8f14979fcc0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:04:6d:00:25:ab:a5:cf:d9:1d:d8:da:0a:94:
a5:4b:cb:a5:40:5e:68:99:a9:ca:0f:e8:de:42:5c:
77:65:37:70:89:7e:04:53:75:eb:b2:9c:6f:1c:99:
27:4a:ff:24:95:d0:63:05:44:37:25:2a:ae:95:65:
c6:b4:8b:40:10:6b:84:5c:10:dc:02:6a:e1:96:af:
30:24:4a:5b:e8:92:dc:12:85:ae:86:40:52:b1:e1:
c5:71:67:39:2b:0a:88:02:ab:1d:ca:db:cd:41:a0:
68:b8:c7:56:ab:1b:e4:2e:a9:26:95:66:b9:b0:13:
7c:c9:ba:0a:9f:b6:7e:50:b7:de:32:82:90:95:68:
2f:e7:97:7e:eb:8a:81:e0:2c:aa:1d:ad:53:2f:73:
dc:06:85:51:2b:65:47:5c:4d:01:de:28:d1:5a:6d:
ac:c1:85:32:50:21:2c:02:9a:93:de:5e:af:14:79:
ee:58:3a:2d:91:dd:97:04:06:3c:f2:cb:eb:8d:c5:
ea:2a:d9:73:d7:4d:39:23:71:0f:cf:e2:be:98:01:
c7:a1:76:93:61:4c:a4:71:c0:48:0c:bf:7a:29:ed:
e8:3f:65:02:62:66:21:5a:18:62:b7:ae:ee:da:ed:
cb:46:27:36:3b:e9:e7:15:a9:ad:60:ba:aa:63:67:
69:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:7F:3A:CC:3F:2D:18:30:C3:5E:F8:AB:79:BA:8F:14:97:9F:CC:0E
X509v3 Authority Key Identifier:
keyid:5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/2X86zD8tGDDDXvirebqPFJefzA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.64.0/22
45.132.40.0/22
86.48.68.0/22
91.219.76.0/22
185.56.52.0/22
185.63.56.0/22
185.69.204.0/22
185.96.44.0/22
185.97.228.0/22
185.116.40.0/22
185.165.68.0/22
185.210.128.0/22
193.105.233.0/24
217.61.253.0/24
IPv6:
2a00:4140::/29
2a06:900::/29
2a06:7bc0::/29
2a0b:57c0::/29
2a0b:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
49:9e:89:4f:17:84:a2:f9:f9:5f:82:e4:05:9e:2e:de:fa:31:
53:3b:32:f9:b6:fc:2e:6d:5c:e0:59:4b:33:2f:6a:7e:d7:26:
d9:45:c5:fb:dd:76:d3:d0:b2:a1:14:be:45:ce:27:da:15:8b:
32:0f:5e:73:3e:ce:d0:96:fd:b0:25:81:f8:9c:8e:71:1e:4d:
78:4d:0c:be:58:34:49:4f:a2:d4:65:ca:3d:4e:5a:52:36:63:
58:42:b6:ba:b3:60:2b:ca:6c:e8:6e:73:a0:28:e7:29:bc:55:
34:48:7c:c7:ac:e9:8a:85:3b:d4:1e:62:1a:cb:84:85:7b:cc:
d9:16:ce:87:82:fe:0d:b0:1e:69:23:5b:62:69:37:45:60:00:
4a:59:db:93:e4:01:fa:bd:4d:f7:87:9d:3a:82:72:92:a8:2e:
7c:f6:fb:dd:69:fe:ec:38:69:14:7a:fa:7c:4d:7b:c7:34:f6:
f0:9c:0c:49:25:5b:be:c4:06:25:8f:34:15:99:d1:6b:91:7f:
97:e4:6a:34:86:68:4e:34:f1:34:cf:ee:c2:18:cb:6d:c1:4b:
87:18:53:cf:bc:b9:ce:e2:be:3d:24:33:14:32:ad:a8:26:47:
a4:2a:06:e8:fc:eb:fe:14:73:80:1f:06:75:ab:1a:28:e9:9d:
56:35:f0:eb
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYVr7urBZhcmjO+SXnXLth5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWE4MWFhOWIyMTk3ZDkxMjdiNDQyNTI1MTAwZmZhYTM2
ZTBkNTIwHhcNMjMwMTAxMDYwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTdmM2FjYzNmMmQxODMwYzM1ZWY4YWI3OWJhOGYxNDk3OWZjYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigRtACWrpc/ZHdjaCpSlS8ulQF5o
manKD+jeQlx3ZTdwiX4EU3XrspxvHJknSv8kldBjBUQ3JSqulWXGtItAEGuEXBDc
Amrhlq8wJEpb6JLcEoWuhkBSseHFcWc5KwqIAqsdytvNQaBouMdWqxvkLqkmlWa5
sBN8yboKn7Z+ULfeMoKQlWgv55d+64qB4CyqHa1TL3PcBoVRK2VHXE0B3ijRWm2s
wYUyUCEsApqT3l6vFHnuWDotkd2XBAY88svrjcXqKtlz1005I3EPz+K+mAHHoXaT
YUykccBIDL96Ke3oP2UCYmYhWhhit67u2u3LRic2O+nnFamtYLqqY2dp7wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFNl/Osw/LRgww174q3m6jxSXn8wOMB8GA1UdIwQY
MBaAFFvqgaqbIZfZEntEJSUQD/qjbg1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQt
ZmMwZGQ5MjUyYzlhLzEvMlg4NnpEOHRHREREWHZpcmVicVBGSmVmekE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQtZmMwZGQ5MjUyYzlh
LzEvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzBaBAIAATBUAwQCLYBA
AwQCLYQoAwQCVjBEAwQCW9tMAwQCuTg0AwQCuT84AwQCuUXMAwQCuWAsAwQCuWHk
AwQCuXQoAwQCuaVEAwQCudKAAwQAwWnpAwQA2T39MCkEAgACMCMDBQMqAEFAAwUD
KgYJAAMFAyoGe8ADBQMqC1fAAwUDKgvsADANBgkqhkiG9w0BAQsFAAOCAQEASZ6J
TxeEovn5X4LkBZ4u3voxUzsy+bb8Lm1c4FlLMy9qftcm2UXF+91209CyoRS+Rc4n
2hWLMg9ecz7O0Jb9sCWB+JyOcR5NeE0Mvlg0SU+i1GXKPU5aUjZjWEK2urNgK8ps
6G5zoCjnKbxVNEh8x6zpioU71B5iGsuEhXvM2RbOh4L+DbAeaSNbYmk3RWAASlnb
k+QB+r1N94edOoJykqgufPb73Wn+7DhpFHr6fE17xzT28JwMSSVbvsQGJY80FZnR
a5F/l+RqNIZoTjTxNM/uwhjLbcFLhxhTz7y5zuK+PSQzFDKtqCZHpCoG6Pzr/hRz
gB8GdasaKOmdVjXw6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:26 2024 by rpki-client on console-fra.rpki-client.org