Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/2BfraX45-B3YnX4Y_nUP4OFEobY.roa
File: 2BfraX45-B3YnX4Y_nUP4OFEobY.roa (raw, json)
Hash identifier: xIATUq+DXkZLbwzSJRRz6m9w/TNswrVmRq1S2zMhQvI=
Subject key identifier: D8:17:EB:69:7E:39:F8:1D:D8:9D:7E:18:FE:75:0F:E0:E1:44:A1:B6
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 018D9CF6C97A511DEEAC32B9B258EED2E259
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/2BfraX45-B3YnX4Y_nUP4OFEobY.roa
Signing time: Mon 12 Feb 2024 10:57:15 +0000
ROA not before: Mon 12 Feb 2024 10:57:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 91.212.26.0/24 maxlen: 24
185.177.44.0/24 maxlen: 24
2a0a:2f81::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 May 2024 16:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9c:f6:c9:7a:51:1d:ee:ac:32:b9:b2:58:ee:d2:e2:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: Feb 12 10:57:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d817eb697e39f81dd89d7e18fe750fe0e144a1b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c7:6f:d8:ce:2e:24:7e:7c:fa:4f:dc:ce:50:
89:f7:25:41:88:78:f6:e2:02:bb:4a:dd:be:25:dd:
5c:f1:e9:9e:64:1f:84:b6:98:81:07:09:18:bf:b6:
4a:ba:67:32:cc:8e:48:02:45:ae:52:de:58:8e:1f:
93:66:01:7b:c4:10:2a:76:1d:a0:2d:a1:36:6c:e2:
bc:76:9d:43:ea:3a:12:94:81:32:07:61:27:7d:5c:
88:61:88:44:74:e3:ed:9c:9e:01:27:40:05:43:95:
27:08:e9:55:0f:e7:29:3a:83:60:db:96:10:37:63:
e0:b0:61:04:08:86:9f:7e:6c:ac:4d:e8:64:f7:5d:
82:75:ca:e2:ae:8a:c0:6b:81:f3:96:1c:d8:ba:c7:
f6:68:28:b3:ea:5f:ec:bc:9b:b0:98:8b:41:2e:15:
22:2b:e1:8d:94:59:a3:d8:01:ba:74:ac:b8:fd:af:
43:f9:50:5e:73:24:3f:b9:dc:29:79:44:c8:89:d3:
16:85:53:11:56:8f:7b:f5:b0:dd:c6:7e:52:e1:8e:
fd:1a:52:36:17:c3:a3:b8:f3:79:63:65:84:da:93:
c1:49:a0:e2:6f:4d:2e:70:e2:58:0c:83:e4:06:48:
c0:a5:96:f2:93:2c:c0:75:11:bd:9e:64:46:b6:9c:
55:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:17:EB:69:7E:39:F8:1D:D8:9D:7E:18:FE:75:0F:E0:E1:44:A1:B6
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/2BfraX45-B3YnX4Y_nUP4OFEobY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.26.0/24
185.177.44.0/24
IPv6:
2a0a:2f81::/32
Signature Algorithm: sha256WithRSAEncryption
00:6c:bd:d1:17:41:2b:af:5d:10:7d:8d:e6:a3:9c:e5:93:3f:
7f:11:e6:b5:36:3b:52:31:31:87:20:f7:a5:4f:ac:51:ed:90:
1c:b0:ed:c7:6d:11:2f:0f:bf:2d:38:c4:12:25:8e:4b:03:ec:
8a:42:c2:ab:35:77:98:17:68:10:20:28:06:5d:5f:65:f5:81:
38:17:6b:17:54:24:c3:44:f2:b9:5f:50:ae:5a:a3:73:e0:65:
5c:41:b8:2b:46:d8:bd:9b:b2:aa:e5:9d:4f:dd:db:87:c3:d1:
d1:23:42:51:11:8d:f6:94:96:40:e2:43:fe:03:ac:12:61:f3:
e9:1c:fa:73:2b:35:cd:13:fe:ce:a9:fe:42:43:07:15:90:7c:
73:ef:5d:a8:9e:d7:e1:23:40:14:32:4d:95:60:60:85:91:55:
01:c4:71:61:ff:73:8e:43:e0:36:49:c6:2d:2a:6f:67:8d:a3:
b3:fc:4d:76:a5:8f:1f:ae:bb:3e:ce:c7:91:a1:7e:fe:fd:c5:
b5:ba:86:69:57:db:62:f9:a4:f5:b8:c7:ed:65:b2:06:a6:68:
db:2a:f8:d2:08:4d:85:a5:0e:77:a1:1a:fb:7d:a8:05:51:70:
f2:5c:23:80:a2:a0:58:2c:37:47:b0:49:a9:8d:0f:35:0b:c8:
fc:a0:62:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2c9sl6UR3urDK5slju0uJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjQwMjEyMTA1NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODE3ZWI2OTdlMzlmODFkZDg5ZDdlMThmZTc1MGZlMGUxNDRhMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMdv2M4uJH58+k/czlCJ9yVBiHj2
4gK7St2+Jd1c8emeZB+EtpiBBwkYv7ZKumcyzI5IAkWuUt5Yjh+TZgF7xBAqdh2g
LaE2bOK8dp1D6joSlIEyB2EnfVyIYYhEdOPtnJ4BJ0AFQ5UnCOlVD+cpOoNg25YQ
N2PgsGEECIaffmysTehk912CdcrirorAa4HzlhzYusf2aCiz6l/svJuwmItBLhUi
K+GNlFmj2AG6dKy4/a9D+VBecyQ/udwpeUTIidMWhVMRVo979bDdxn5S4Y79GlI2
F8OjuPN5Y2WE2pPBSaDib00ucOJYDIPkBkjApZbykyzAdRG9nmRGtpxVHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNgX62l+Ofgd2J1+GP51D+DhRKG2MB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvMkJmcmFYNDUtQjNZblg0WV9uVVA0T0ZFb2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9QaAwQA
ubEsMA0EAgACMAcDBQAqCi+BMA0GCSqGSIb3DQEBCwUAA4IBAQAAbL3RF0Err10Q
fY3mo5zlkz9/Eea1NjtSMTGHIPelT6xR7ZAcsO3HbREvD78tOMQSJY5LA+yKQsKr
NXeYF2gQICgGXV9l9YE4F2sXVCTDRPK5X1CuWqNz4GVcQbgrRti9m7Kq5Z1P3duH
w9HRI0JREY32lJZA4kP+A6wSYfPpHPpzKzXNE/7Oqf5CQwcVkHxz712ontfhI0AU
Mk2VYGCFkVUBxHFh/3OOQ+A2ScYtKm9njaOz/E12pY8frrs+zseRoX7+/cW1uoZp
V9ti+aT1uMftZbIGpmjbKvjSCE2FpQ53oRr7fagFUXDyXCOAoqBYLDdHsEmpjQ81
C8j8oGJU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:37 2024 by rpki-client on console-fra.rpki-client.org