Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/RU5zsDnTs4IYG6k6VpWluxmnTFg.roa
File: RU5zsDnTs4IYG6k6VpWluxmnTFg.roa (raw, json)
Hash identifier: kXTqokNpJTWkSXsHHlj+31fnj4Eq8bzvFdTRRgjaKww=
Subject key identifier: 45:4E:73:B0:39:D3:B3:82:18:1B:A9:3A:56:95:A5:BB:19:A7:4C:58
Certificate issuer: /CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Certificate serial: 018C02B9D2EDEA1C97755D5802F17B298F46
Authority key identifier: 2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/RU5zsDnTs4IYG6k6VpWluxmnTFg.roa
Signing time: Fri 24 Nov 2023 19:06:21 +0000
ROA not before: Fri 24 Nov 2023 19:06:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28787
IP address blocks: 188.253.224.0/21 maxlen: 21
37.61.120.0/22 maxlen: 22
37.61.124.0/22 maxlen: 22
194.135.152.0/23 maxlen: 23
188.253.128.0/19 maxlen: 19
194.135.154.0/23 maxlen: 23
194.135.166.0/23 maxlen: 23
194.135.168.0/23 maxlen: 23
194.135.170.0/24 maxlen: 24
194.135.171.0/24 maxlen: 24
194.135.172.0/24 maxlen: 24
194.135.173.0/24 maxlen: 24
194.135.174.0/24 maxlen: 24
194.135.176.0/24 maxlen: 24
194.135.177.0/24 maxlen: 24
194.135.178.0/24 maxlen: 24
194.135.179.0/24 maxlen: 24
188.253.232.0/21 maxlen: 21
188.253.254.0/24 maxlen: 24
188.253.255.0/24 maxlen: 24
37.61.0.0/17 maxlen: 17
185.30.88.0/23 maxlen: 23
185.30.90.0/23 maxlen: 23
217.64.16.0/20 maxlen: 20
217.64.16.0/24 maxlen: 24
37.61.77.0/24 maxlen: 24
37.61.78.0/24 maxlen: 24
37.61.79.0/24 maxlen: 24
213.154.0.0/19 maxlen: 19
37.61.112.0/22 maxlen: 22
37.61.116.0/22 maxlen: 22
81.17.80.0/20 maxlen: 20
81.17.82.0/24 maxlen: 24
37.61.56.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:b9:d2:ed:ea:1c:97:75:5d:58:02:f1:7b:29:8f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Validity
Not Before: Nov 24 19:06:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=454e73b039d3b382181ba93a5695a5bb19a74c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b0:6d:70:53:64:9f:34:3a:96:48:2b:77:e8:
fc:3f:6e:39:f4:b8:92:ee:96:5b:39:8d:6c:1b:00:
3e:f3:eb:dc:49:08:2d:da:f5:78:eb:32:b6:5e:a0:
88:4b:41:25:8d:d1:d0:83:11:41:29:21:54:5c:22:
3c:75:a5:9a:fa:c0:1a:f8:77:2d:d3:0c:57:60:5f:
8b:9e:1a:78:76:62:e4:cd:56:ec:82:79:f1:31:37:
11:d0:ce:2b:97:b2:a9:5f:21:80:94:83:73:84:d1:
e6:10:21:f2:3e:7f:a8:91:41:c5:d5:a3:6d:d5:5b:
e7:8e:29:9d:17:42:b7:0c:f5:a6:d1:7f:1f:7d:39:
11:48:3c:61:a4:87:6a:33:ef:30:09:d4:ac:51:bf:
53:63:76:ec:6d:fc:bc:8d:c0:70:95:ae:f0:79:3c:
e7:36:74:f2:c3:e7:88:21:06:c6:31:66:af:a3:df:
39:92:65:c7:c2:5d:bc:c0:1b:d3:1c:fe:6e:70:c4:
4a:eb:e0:8f:0b:a5:85:7a:d2:9a:5f:be:8e:a8:74:
18:ae:f3:24:e1:c5:b8:34:95:d4:94:55:6c:6b:5f:
e0:62:85:9c:d8:44:14:04:05:96:ee:ad:49:a8:e8:
f4:9b:c6:8b:bf:cd:85:29:08:56:5d:f6:ec:2c:54:
b7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4E:73:B0:39:D3:B3:82:18:1B:A9:3A:56:95:A5:BB:19:A7:4C:58
X509v3 Authority Key Identifier:
keyid:2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/RU5zsDnTs4IYG6k6VpWluxmnTFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.0.0/17
81.17.80.0/20
185.30.88.0/22
188.253.128.0/19
188.253.224.0/20
188.253.254.0/23
194.135.152.0/22
194.135.166.0-194.135.174.255
194.135.176.0/22
213.154.0.0/19
217.64.16.0/20
Signature Algorithm: sha256WithRSAEncryption
61:a2:6b:b4:bb:6d:f6:e7:c4:80:3c:ab:fd:5e:25:a7:7a:6c:
3b:25:fc:69:84:71:04:b1:ed:f2:dd:29:6a:65:db:f9:11:d6:
78:d7:6d:58:14:cb:9c:e4:20:22:30:3b:01:21:fb:ba:2b:6a:
ea:25:7b:82:d0:ac:b2:44:e3:7f:03:72:1a:e0:f4:59:f2:52:
2e:de:44:4b:9b:8f:fd:34:d9:24:54:36:de:5c:8e:4c:2e:e9:
b1:f5:9e:fa:e5:a5:e1:fc:53:90:92:8d:ff:bf:a7:1f:a2:63:
48:f7:98:ae:05:ed:65:21:05:98:1e:e7:90:21:5a:da:4d:f4:
42:93:26:24:60:f6:a2:b5:fd:78:da:ef:d0:2d:d2:f4:02:8a:
11:d0:74:86:e7:11:02:19:47:e4:a0:fa:e6:da:1c:5c:db:9e:
f6:44:8e:d9:73:17:57:08:c1:86:55:77:ff:18:24:9c:28:1e:
9a:67:0c:90:44:d1:dd:e4:58:b6:ec:91:cb:be:8c:c5:21:8e:
03:78:0c:45:fb:12:14:6a:61:67:01:80:8c:e5:14:c8:b2:5f:
f5:47:ba:fd:c2:68:4a:1f:23:a5:f6:e5:3d:6f:c7:c4:45:84:
68:a6:70:b3:7f:da:f8:ec:c2:c9:56:82:0e:3e:5b:73:23:e6:
3a:e1:fb:58
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYwCudLt6hyXdV1YAvF7KY9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGJlMjI2MjMwZDQwOTljZWVhMGE0YTZjZjRlZDhiOTAy
MDEzNTAwHhcNMjMxMTI0MTkwNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTRlNzNiMDM5ZDNiMzgyMTgxYmE5M2E1Njk1YTViYjE5YTc0YzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrBtcFNknzQ6lkgrd+j8P2459LiS
7pZbOY1sGwA+8+vcSQgt2vV46zK2XqCIS0EljdHQgxFBKSFUXCI8daWa+sAa+Hct
0wxXYF+Lnhp4dmLkzVbsgnnxMTcR0M4rl7KpXyGAlINzhNHmECHyPn+okUHF1aNt
1VvnjimdF0K3DPWm0X8ffTkRSDxhpIdqM+8wCdSsUb9TY3bsbfy8jcBwla7weTzn
NnTyw+eIIQbGMWavo985kmXHwl28wBvTHP5ucMRK6+CPC6WFetKaX76OqHQYrvMk
4cW4NJXUlFVsa1/gYoWc2EQUBAWW7q1JqOj0m8aLv82FKQhWXfbsLFS3jwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFEVOc7A507OCGBupOlaVpbsZp0xYMB8GA1UdIwQY
MBaAFCsL4iYjDUCZzuoKSmz07YuQIBNQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTct
ODFmNTY2MTg1YjA2LzEvUlU1enNEblRzNElZRzZrNlZwV2x1eG1uVEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTctODFmNTY2MTg1YjA2
LzEvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQHJT0AAwQE
URFQAwQCuR5YAwQFvP2AAwQEvP3gAwQBvP3+AwQCwoeYMAwDBAHCh6YDBADCh64D
BALCh7ADBAXVmgADBATZQBAwDQYJKoZIhvcNAQELBQADggEBAGGia7S7bfbnxIA8
q/1eJad6bDsl/GmEcQSx7fLdKWpl2/kR1njXbVgUy5zkICIwOwEh+7orauole4LQ
rLJE438Dchrg9FnyUi7eREubj/002SRUNt5cjkwu6bH1nvrlpeH8U5CSjf+/px+i
Y0j3mK4F7WUhBZge55AhWtpN9EKTJiRg9qK1/Xja79At0vQCihHQdIbnEQIZR+Sg
+ubaHFzbnvZEjtlzF1cIwYZVd/8YJJwoHppnDJBE0d3kWLbskcu+jMUhjgN4DEX7
EhRqYWcBgIzlFMiyX/VHuv3CaEofI6X25T1vx8RFhGimcLN/2vjswslWgg4+W3Mj
5jrh+1g=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:24 2024 by rpki-client on console-ams.rpki-client.org