Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/2sQWhOHV7xh-3kPSCIm-KI_HMcU.roa
File: 2sQWhOHV7xh-3kPSCIm-KI_HMcU.roa (raw, json)
Hash identifier: iRmYfkde+r0E2NG69w8bu1692wX3OAslAj+/L4b5HQM=
Subject key identifier: DA:C4:16:84:E1:D5:EF:18:7E:DE:43:D2:08:89:BE:28:8F:C7:31:C5
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 018CC8DF766E64C700E0CD731372ADC95AB9
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/2sQWhOHV7xh-3kPSCIm-KI_HMcU.roa
Signing time: Tue 02 Jan 2024 06:32:17 +0000
ROA not before: Tue 02 Jan 2024 06:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6700
IP address blocks: 85.222.160.0/22 maxlen: 24
91.148.64.0/18 maxlen: 24
217.26.64.0/20 maxlen: 24
62.193.128.0/19 maxlen: 24
213.244.224.0/20 maxlen: 24
185.47.208.0/22 maxlen: 24
195.252.64.0/18 maxlen: 24
194.106.160.0/19 maxlen: 24
62.108.96.0/19 maxlen: 24
178.20.205.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:76:6e:64:c7:00:e0:cd:73:13:72:ad:c9:5a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Jan 2 06:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dac41684e1d5ef187ede43d20889be288fc731c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:33:77:1b:65:b6:4b:27:0a:02:67:f7:16:06:
ef:4c:60:f1:91:fb:d8:6b:03:78:9f:66:10:94:13:
b1:80:2c:db:32:65:b0:79:5e:4e:b4:00:1f:9f:64:
74:55:99:5b:57:91:4a:35:c8:a5:87:88:01:37:5f:
91:c1:5a:45:b8:12:fd:e6:a3:97:69:73:2b:2b:db:
a8:48:4d:1a:69:cf:e6:24:c6:04:61:37:8f:69:51:
7c:c1:36:06:33:4b:7e:77:3a:f6:a3:cf:03:97:e7:
b0:90:1f:19:c8:2d:8f:d1:45:e9:b9:64:25:c1:84:
42:04:13:82:62:7f:36:85:a7:3d:c5:76:e7:b7:24:
06:5c:03:49:eb:44:3e:a6:bb:5e:f4:5e:2f:4d:0c:
28:91:9b:63:a4:1e:a3:7e:ee:c4:11:d9:d8:a4:58:
4d:6e:d1:2a:b2:bb:83:1a:be:70:77:ac:1c:0e:4e:
11:9b:79:75:5a:d1:2b:31:f0:06:41:37:56:61:3d:
e9:18:50:6f:9d:f9:c4:e4:3e:b0:31:99:69:4b:22:
0c:0f:1b:ae:c5:07:93:bf:a0:29:74:fa:70:a2:49:
e3:4a:ad:83:7f:63:68:1f:d0:6e:b4:a5:15:42:88:
60:c1:97:ec:19:0f:47:63:29:3b:eb:06:9d:de:69:
da:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C4:16:84:E1:D5:EF:18:7E:DE:43:D2:08:89:BE:28:8F:C7:31:C5
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/2sQWhOHV7xh-3kPSCIm-KI_HMcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/22
91.148.64.0/18
178.20.205.0/24
178.20.207.0/24
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
85:2b:ea:19:3d:1d:d6:c1:57:08:ca:3d:40:0c:bd:d6:cf:09:
2b:4e:7d:95:83:41:71:ba:9c:67:c2:ca:67:f2:d9:81:e1:70:
2b:67:ec:de:c9:19:1e:46:f8:7e:24:ce:37:64:4d:ac:fe:27:
90:ea:fa:a9:5b:17:63:62:f6:4d:79:11:ce:a8:85:1a:fc:9f:
f1:68:5c:73:f3:55:03:c6:f9:db:a6:38:96:8b:44:a1:b9:31:
d9:33:6e:09:e5:06:81:45:c6:ff:ce:ce:44:0a:5d:67:9a:b5:
58:eb:70:e5:cd:e4:ec:d6:4a:0b:a1:50:41:b8:82:97:e5:f5:
e7:34:82:aa:dc:0d:ad:63:07:f8:20:76:90:5c:16:8d:3c:95:
96:ce:53:90:32:87:65:02:89:b0:b3:22:4b:a6:1f:25:ed:bd:
50:d5:31:be:8a:66:bc:10:2a:e4:11:aa:92:e0:e6:57:53:0c:
ea:18:76:b7:1e:39:f9:fc:ee:94:11:d0:8b:17:ac:a9:59:40:
20:0f:ae:3e:08:d4:96:6f:8a:97:b0:7d:16:94:d1:a1:0a:74:
f4:60:34:1e:17:55:a4:ce:fd:cc:4e:76:23:5e:8a:f2:fe:e3:
a0:1b:20:a6:0f:34:24:b7:bc:e3:71:be:c7:f5:eb:13:82:72:
db:27:6d:0a
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzI33ZuZMcA4M1zE3KtyVq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjQwMTAyMDYzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWM0MTY4NGUxZDVlZjE4N2VkZTQzZDIwODg5YmUyODhmYzczMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszN3G2W2SycKAmf3FgbvTGDxkfvY
awN4n2YQlBOxgCzbMmWweV5OtAAfn2R0VZlbV5FKNcilh4gBN1+RwVpFuBL95qOX
aXMrK9uoSE0aac/mJMYEYTePaVF8wTYGM0t+dzr2o88Dl+ewkB8ZyC2P0UXpuWQl
wYRCBBOCYn82hac9xXbntyQGXANJ60Q+prte9F4vTQwokZtjpB6jfu7EEdnYpFhN
btEqsruDGr5wd6wcDk4Rm3l1WtErMfAGQTdWYT3pGFBvnfnE5D6wMZlpSyIMDxuu
xQeTv6ApdPpwoknjSq2Df2NoH9ButKUVQohgwZfsGQ9HYyk76wad3mnahwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFNrEFoTh1e8Yft5D0giJviiPxzHFMB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvMnNRV2hPSFY3eGgtM2tQU0NJbS1LSV9ITWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQFPmxgAwQF
PsGAAwQCVd6gAwQGW5RAAwQAshTNAwQAshTPAwQCuS/QAwQFwmqgAwQGw/xAAwQE
1fTgAwQE2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOC
AQEAhSvqGT0d1sFXCMo9QAy91s8JK059lYNBcbqcZ8LKZ/LZgeFwK2fs3skZHkb4
fiTON2RNrP4nkOr6qVsXY2L2TXkRzqiFGvyf8Whcc/NVA8b526Y4lotEobkx2TNu
CeUGgUXG/87ORApdZ5q1WOtw5c3k7NZKC6FQQbiCl+X15zSCqtwNrWMH+CB2kFwW
jTyVls5TkDKHZQKJsLMiS6YfJe29UNUxvopmvBAq5BGqkuDmV1MM6hh2tx45+fzu
lBHQixesqVlAIA+uPgjUlm+Kl7B9FpTRoQp09GA0HhdVpM79zE52I16K8v7joBsg
pg80JLe843G+x/XrE4Jy2ydtCg==
-----END CERTIFICATE-----
Generated at Thu Jan 4 18:44:05 2024 by rpki-client on console-fra.rpki-client.org