Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2xD-PVoPcSxoW1_3fXxUyRS_aFQ.roa
File: 2xD-PVoPcSxoW1_3fXxUyRS_aFQ.roa (raw, json)
Hash identifier: zUEItHjQ2gt6J4PSQRdyO5vXXWaQiUaaEpmjBAWs9ec=
Subject key identifier: DB:10:FE:3D:5A:0F:71:2C:68:5B:5F:F7:7D:7C:54:C9:14:BF:68:54
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018DD0486389593191052B5FB8AA4E3D41F2
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2xD-PVoPcSxoW1_3fXxUyRS_aFQ.roa
Signing time: Thu 22 Feb 2024 10:07:01 +0000
ROA not before: Thu 22 Feb 2024 10:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216271
IP address blocks: 185.168.28.0/22 maxlen: 22
185.201.136.0/22 maxlen: 22
2a06:b3c0::/29 maxlen: 29
2a06:b440::/29 maxlen: 29
2a06:cac0::/29 maxlen: 29
2a11:2f40::/29 maxlen: 29
2a11:3b40::/29 maxlen: 29
2a11:9600::/29 maxlen: 29
2a12:440::/29 maxlen: 29
2a12:6640::/29 maxlen: 29
2a12:6740::/29 maxlen: 29
2a12:6f40::/29 maxlen: 29
2a12:7740::/29 maxlen: 29
2a12:d3c0::/29 maxlen: 29
2a12:e240::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:140::/29 maxlen: 29
2a14:1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 26 Feb 2024 21:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:48:63:89:59:31:91:05:2b:5f:b8:aa:4e:3d:41:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Feb 22 10:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db10fe3d5a0f712c685b5ff77d7c54c914bf6854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4a:96:f5:cc:a2:5d:ee:a9:75:d5:96:c3:5c:
41:0d:d3:17:e3:ff:a6:22:24:c7:b7:fb:7d:0d:2c:
3e:04:1c:aa:d3:22:dc:9b:15:ae:1a:5d:ba:6c:cb:
ed:5d:fc:4e:51:d5:dd:47:ca:9c:b2:ef:64:15:47:
08:da:a9:b0:58:a7:0f:f8:11:dd:c2:1d:51:1b:77:
7a:cb:39:31:01:71:ed:f2:53:30:8b:a7:5b:67:72:
ad:31:80:9b:05:87:8f:72:d4:2b:31:c9:b9:1b:5c:
51:e8:73:65:21:d3:75:a6:d3:df:9b:ec:df:f7:b0:
ad:10:76:96:9a:23:c6:c0:49:68:3e:5c:c3:3f:c8:
7b:af:4a:ba:51:78:13:83:19:a9:95:9e:41:4e:35:
3a:eb:48:95:57:88:65:e0:0e:b9:5a:16:01:66:3d:
1f:84:09:40:9c:97:66:89:57:1b:c6:a3:a5:51:a5:
e1:3c:b8:41:7b:2a:ee:a1:0a:61:35:ed:b5:ff:8b:
9a:3b:c1:46:18:62:4f:62:f6:f4:08:72:71:18:8b:
ab:bf:30:07:06:77:b4:f4:c0:a5:d0:f4:19:a7:42:
9e:b3:8c:48:7e:83:43:92:98:67:12:7c:00:59:0e:
99:c8:f6:f4:26:57:61:ff:3c:b6:36:ce:45:28:b2:
3f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:10:FE:3D:5A:0F:71:2C:68:5B:5F:F7:7D:7C:54:C9:14:BF:68:54
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2xD-PVoPcSxoW1_3fXxUyRS_aFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.28.0/22
185.201.136.0/22
IPv6:
2a06:b3c0::/29
2a06:b440::/29
2a06:cac0::/29
2a11:2f40::/29
2a11:3b40::/29
2a11:9600::/29
2a12:440::/29
2a12:6640::/29
2a12:6740::/29
2a12:6f40::/29
2a12:7740::/29
2a12:d3c0::/29
2a12:e240::/29
2a14:c0::/29
2a14:140::/29
2a14:1c0::/29
Signature Algorithm: sha256WithRSAEncryption
18:6f:d8:2a:1f:71:54:51:68:18:1b:79:97:00:a9:e4:9d:a3:
dd:e6:df:cf:86:40:74:a0:09:3a:9c:6e:cf:ee:e7:59:b6:a5:
91:42:19:16:8d:12:00:c3:ee:4e:03:c6:c0:f5:b8:6c:7c:a0:
e9:79:4c:f7:b8:c3:4e:3c:6a:5f:90:c7:b7:4a:0a:23:39:c5:
45:6f:1a:94:14:c7:68:3c:d3:d0:40:89:cf:cc:a6:f1:1a:a5:
c9:78:65:a6:0b:19:12:0e:b5:1f:75:3c:a7:c3:25:bf:04:68:
ff:a3:69:9f:d3:6b:a9:09:45:f7:ff:33:cb:32:4e:1a:e3:ba:
1d:aa:5c:d4:d8:c0:3f:d3:e0:48:f9:7e:e1:1a:83:9d:d7:c5:
9f:d6:ec:1f:46:02:d0:47:c2:e8:a7:f3:e6:46:7f:36:14:cf:
d0:67:78:4f:00:1f:e4:bc:08:eb:f1:38:45:99:8a:e4:5e:6e:
5f:fe:c4:20:7a:01:e2:39:57:47:3c:c0:63:46:85:84:79:5c:
48:b6:ac:e3:74:ae:36:c5:6a:93:a2:ed:e3:49:69:ed:a8:7a:
38:f3:c2:27:aa:08:b0:f7:e9:2f:fe:5c:75:b8:06:1d:62:f4:
8d:2f:4b:d5:8c:c1:ff:fb:73:ad:bd:0e:5a:d8:97:0c:b1:5d:
e9:d5:1e:9d
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAY3QSGOJWTGRBStfuKpOPUHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMjIyMTAwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjEwZmUzZDVhMGY3MTJjNjg1YjVmZjc3ZDdjNTRjOTE0YmY2ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUqW9cyiXe6pddWWw1xBDdMX4/+m
IiTHt/t9DSw+BByq0yLcmxWuGl26bMvtXfxOUdXdR8qcsu9kFUcI2qmwWKcP+BHd
wh1RG3d6yzkxAXHt8lMwi6dbZ3KtMYCbBYePctQrMcm5G1xR6HNlIdN1ptPfm+zf
97CtEHaWmiPGwEloPlzDP8h7r0q6UXgTgxmplZ5BTjU660iVV4hl4A65WhYBZj0f
hAlAnJdmiVcbxqOlUaXhPLhBeyruoQphNe21/4uaO8FGGGJPYvb0CHJxGIurvzAH
Bne09MCl0PQZp0Kes4xIfoNDkphnEnwAWQ6ZyPb0Jldh/zy2Ns5FKLI/7wIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFNsQ/j1aD3EsaFtf9318VMkUv2hUMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvMnhELVBWb1BjU3hvVzFfM2ZYeFV5UlNfYUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDASBAIAATAMAwQCuagc
AwQCucmIMHYEAgACMHADBQMqBrPAAwUDKga0QAMFAyoGysADBQMqES9AAwUDKhE7
QAMFAyoRlgADBQMqEgRAAwUDKhJmQAMFAyoSZ0ADBQMqEm9AAwUDKhJ3QAMFAyoS
08ADBQMqEuJAAwUDKhQAwAMFAyoUAUADBQMqFAHAMA0GCSqGSIb3DQEBCwUAA4IB
AQAYb9gqH3FUUWgYG3mXAKnknaPd5t/PhkB0oAk6nG7P7udZtqWRQhkWjRIAw+5O
A8bA9bhsfKDpeUz3uMNOPGpfkMe3SgojOcVFbxqUFMdoPNPQQInPzKbxGqXJeGWm
CxkSDrUfdTynwyW/BGj/o2mf02upCUX3/zPLMk4a47odqlzU2MA/0+BI+X7hGoOd
18Wf1uwfRgLQR8Lop/PmRn82FM/QZ3hPAB/kvAjr8ThFmYrkXm5f/sQgegHiOVdH
PMBjRoWEeVxItqzjdK42xWqTou3jSWntqHo488Inqgiw9+kv/lx1uAYdYvSNL0vV
jMH/+3OtvQ5a2JcMsV3p1R6d
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org