Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/2cez-MWpqwlhN8wo4Ouyprvpkwk.roa
File: 2cez-MWpqwlhN8wo4Ouyprvpkwk.roa (raw, json)
Hash identifier: sr7tCAKNLPX3+gjs5b/eAghcYFbSMG2JK0Q+4kUrsHg=
Subject key identifier: D9:C7:B3:F8:C5:A9:AB:09:61:37:CC:28:E0:EB:B2:A6:BB:E9:93:09
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018D5F8F8D3AA4CEFE41B19B08DDEC4DEDA0
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/2cez-MWpqwlhN8wo4Ouyprvpkwk.roa
Signing time: Wed 31 Jan 2024 12:47:39 +0000
ROA not before: Wed 31 Jan 2024 12:47:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49870
IP address blocks: 2.56.167.0/24 maxlen: 24
45.81.21.0/24 maxlen: 24
45.81.22.0/23 maxlen: 23
45.140.222.0/23 maxlen: 23
77.83.240.0/24 maxlen: 24
89.190.156.0/24 maxlen: 24
89.190.159.0/24 maxlen: 24
194.50.16.0/23 maxlen: 24
212.107.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:8f:8d:3a:a4:ce:fe:41:b1:9b:08:dd:ec:4d:ed:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 31 12:47:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9c7b3f8c5a9ab096137cc28e0ebb2a6bbe99309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:93:8c:50:a0:de:b2:ae:10:59:a3:78:74:bc:
ef:21:c8:fc:15:31:4e:13:e4:54:f7:cd:81:74:4b:
01:28:c3:60:f1:0d:10:0e:39:cb:a4:e2:44:be:5b:
bf:05:c5:cb:72:bb:6a:ce:57:ae:b2:6a:75:5a:34:
11:0b:97:54:88:fa:02:82:f4:19:9b:57:33:bc:86:
2d:76:66:5f:6a:6f:25:f0:1a:95:70:eb:aa:d7:f9:
7d:6f:27:2d:ca:16:57:0b:3b:64:f4:af:f9:fa:f4:
84:15:c5:51:ba:73:67:8e:75:1b:b6:32:4b:e1:ec:
b4:0c:66:15:a7:86:ec:bf:87:3a:dd:a6:ae:4a:ed:
ce:f1:42:0b:f5:5a:ae:73:13:dc:80:35:c3:2d:4d:
4f:ed:1a:35:79:be:b5:1c:b8:fb:63:4f:2b:32:04:
66:c0:aa:d2:e8:de:04:7c:eb:71:52:ff:b6:6f:14:
e9:7f:3d:06:07:e1:9b:11:ca:14:fd:e7:09:14:f7:
d5:89:de:69:5e:4f:54:af:b0:6d:d5:03:c5:52:5b:
78:ce:86:1f:ca:37:e1:6c:56:dd:0e:ba:a1:34:4e:
b6:a9:e9:29:69:47:9c:c1:5a:7e:5b:6b:e0:32:b7:
35:0c:b1:27:64:a0:f1:b3:2b:c3:85:55:74:3e:d7:
15:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C7:B3:F8:C5:A9:AB:09:61:37:CC:28:E0:EB:B2:A6:BB:E9:93:09
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/2cez-MWpqwlhN8wo4Ouyprvpkwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.167.0/24
45.81.21.0-45.81.23.255
45.140.222.0/23
77.83.240.0/24
89.190.156.0/24
89.190.159.0/24
194.50.16.0/23
212.107.12.0/24
Signature Algorithm: sha256WithRSAEncryption
00:bf:d3:5f:99:eb:02:bc:c7:64:db:30:40:af:98:47:44:ac:
87:15:91:3e:c6:31:b7:66:f6:90:cd:9f:1a:fb:02:d4:7a:eb:
6c:d5:ec:d1:5e:56:e8:68:1a:4a:1b:48:55:76:b2:7f:76:b6:
38:98:27:6f:ee:68:66:c7:ab:89:7e:04:6b:8d:b4:5d:36:25:
68:f3:99:87:ba:fc:ad:18:ce:a0:9d:bf:8a:c3:c9:02:08:d4:
6f:41:d9:ba:6f:c5:89:d0:ae:d4:5d:6d:59:93:35:73:df:10:
f7:dd:60:a4:3f:9a:2e:08:8b:b2:43:d3:e5:b8:32:f2:dc:ec:
c7:f9:b3:ea:f1:bd:05:5d:e5:72:a4:6d:42:fd:be:9c:1d:7e:
ba:90:75:28:e8:27:22:3d:7c:f2:bf:b0:d5:98:87:ab:a2:09:
b7:54:60:4d:ab:a1:50:87:b2:f0:01:1c:c5:3d:2c:c9:d2:78:
99:c3:32:09:cc:a7:da:b8:92:51:8b:9e:6b:06:34:ff:0a:cf:
72:17:ca:c8:3c:25:df:a2:05:31:38:c4:7c:72:d6:ea:cf:ff:
3c:08:8f:fe:13:62:1c:8a:9e:60:b9:c6:bb:f1:e6:a3:b2:29:
ba:c1:2f:c1:3c:9d:fc:a3:79:f5:96:eb:a7:b8:bc:5c:d4:86:
e1:a9:e0:7e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY1fj406pM7+QbGbCN3sTe2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTMxMTI0NzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWM3YjNmOGM1YTlhYjA5NjEzN2NjMjhlMGViYjJhNmJiZTk5MzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15OMUKDesq4QWaN4dLzvIcj8FTFO
E+RU982BdEsBKMNg8Q0QDjnLpOJEvlu/BcXLcrtqzleusmp1WjQRC5dUiPoCgvQZ
m1czvIYtdmZfam8l8BqVcOuq1/l9byctyhZXCztk9K/5+vSEFcVRunNnjnUbtjJL
4ey0DGYVp4bsv4c63aauSu3O8UIL9VqucxPcgDXDLU1P7Ro1eb61HLj7Y08rMgRm
wKrS6N4EfOtxUv+2bxTpfz0GB+GbEcoU/ecJFPfVid5pXk9Ur7Bt1QPFUlt4zoYf
yjfhbFbdDrqhNE62qekpaUecwVp+W2vgMrc1DLEnZKDxsyvDhVV0PtcVAwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNnHs/jFqasJYTfMKODrsqa76ZMJMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvMmNlei1NV3Bxd2xoTjh3bzRPdXlwcnZwa3drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAAjinMAwD
BAAtURUDBAMtURADBAEtjN4DBABNU/ADBABZvpwDBABZvp8DBAHCMhADBADUawww
DQYJKoZIhvcNAQELBQADggEBAAC/01+Z6wK8x2TbMECvmEdErIcVkT7GMbdm9pDN
nxr7AtR662zV7NFeVuhoGkobSFV2sn92tjiYJ2/uaGbHq4l+BGuNtF02JWjzmYe6
/K0YzqCdv4rDyQII1G9B2bpvxYnQrtRdbVmTNXPfEPfdYKQ/mi4Ii7JD0+W4MvLc
7Mf5s+rxvQVd5XKkbUL9vpwdfrqQdSjoJyI9fPK/sNWYh6uiCbdUYE2roVCHsvAB
HMU9LMnSeJnDMgnMp9q4klGLnmsGNP8Kz3IXysg8Jd+iBTE4xHxy1urP/zwIj/4T
YhyKnmC5xrvx5qOyKbrBL8E8nfyjefWW66e4vFzUhuGp4H4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:23:59 2025 by rpki-client