Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/2rMOxNsppb1G2tq9g35xKKmIDy0.roa
File: 2rMOxNsppb1G2tq9g35xKKmIDy0.roa (raw, json)
Hash identifier: SxGwTKBklg0gQN69znDeY80KAiL5kNXQS2oTjzKxRxM=
Subject key identifier: DA:B3:0E:C4:DB:29:A5:BD:46:DA:DA:BD:83:7E:71:28:A9:88:0F:2D
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 018BD95F93CEA91BB88AC4E44476A88F8219
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/2rMOxNsppb1G2tq9g35xKKmIDy0.roa
Signing time: Thu 16 Nov 2023 18:23:21 +0000
ROA not before: Thu 16 Nov 2023 18:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 5.182.244.0/24 maxlen: 24
93.157.191.0/24 maxlen: 24
185.233.245.0/24 maxlen: 24
89.200.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Nov 2023 20:26:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d9:5f:93:ce:a9:1b:b8:8a:c4:e4:44:76:a8:8f:82:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Nov 16 18:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dab30ec4db29a5bd46dadabd837e7128a9880f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9f:c8:c5:85:7d:79:17:7e:88:83:b6:11:d6:
55:7f:d1:be:11:11:89:c3:e9:b7:18:cb:ff:8b:5b:
26:c3:e5:e0:42:95:ec:29:32:f0:d3:96:e6:4b:a8:
82:93:ca:86:2f:f9:55:a4:6c:8c:a2:c0:47:cb:0e:
b7:69:a7:1c:51:26:2d:cf:51:83:67:26:21:3f:5b:
5b:6b:54:90:1e:e4:b2:f2:99:3e:0c:19:86:9b:9e:
94:42:e3:32:09:30:5a:e7:91:c6:43:6d:d7:28:5b:
4d:d9:b5:a8:e5:d3:14:ff:b9:bb:ad:ac:b7:cf:b6:
f1:b4:40:5f:f3:21:5f:6a:3f:14:ef:b4:63:10:62:
ef:50:21:15:c2:7a:c1:9d:b5:d9:10:4f:7e:36:e0:
4d:10:f4:29:84:23:4d:74:01:66:7f:26:18:e3:af:
c0:8f:70:dc:1f:19:db:16:3c:41:db:2e:65:99:4b:
5e:67:63:9e:05:60:f5:d8:3c:2e:e1:14:7a:c8:8a:
e7:ed:d2:78:93:67:b0:8d:64:b7:a2:7f:84:8d:77:
e7:1f:52:14:98:55:37:6d:9d:8d:37:c9:50:46:29:
47:24:c8:fc:94:38:7e:34:8f:a9:bc:4e:cd:5f:a2:
90:14:79:29:34:87:2b:91:f2:c0:8c:ed:be:1a:9b:
ee:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B3:0E:C4:DB:29:A5:BD:46:DA:DA:BD:83:7E:71:28:A9:88:0F:2D
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/2rMOxNsppb1G2tq9g35xKKmIDy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.244.0/24
89.200.219.0/24
93.157.191.0/24
185.233.245.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c5:15:60:2b:77:61:0c:ce:6e:d0:66:c9:75:46:da:6c:24:
f4:30:f5:5c:96:3f:af:1e:dd:c7:24:0b:f7:86:0b:87:b3:60:
3b:dd:aa:4f:46:02:30:74:46:ac:5a:e8:93:9a:7d:2b:00:9b:
34:74:cd:0f:fa:07:d1:df:d3:12:c6:f0:d8:b2:1e:27:1a:b0:
50:0a:ae:86:4d:08:15:2a:96:eb:7a:99:2f:eb:1b:45:bf:40:
1f:a5:7b:23:21:f3:80:87:ca:54:a6:3a:40:33:fe:3f:4a:29:
ad:7d:13:4d:c1:89:20:6c:6c:15:58:1d:d2:42:6c:4e:b5:ff:
c7:c5:7d:e8:08:02:6e:37:8c:e0:1e:f9:a9:0a:ce:81:0c:23:
c9:94:b5:09:67:9d:a0:ca:46:b4:f0:08:e1:38:37:93:25:70:
60:93:09:75:53:b0:0e:0d:13:8c:32:0e:78:aa:6b:c2:3e:5c:
1a:68:14:64:93:f2:c2:b4:a4:c7:c2:ca:68:07:17:ac:85:92:
ef:30:b5:04:46:df:97:b3:ad:75:e8:ca:df:45:f1:c9:26:c1:
1d:a9:cc:d7:7f:21:60:8e:f1:52:f0:68:ea:a2:ab:15:36:5a:
84:59:9a:d0:2b:b7:d9:08:e1:3b:9f:84:0b:2d:16:5d:b6:1e:
10:f0:c4:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvZX5POqRu4isTkRHaoj4IZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjMxMTE2MTgyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWIzMGVjNGRiMjlhNWJkNDZkYWRhYmQ4MzdlNzEyOGE5ODgwZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp/IxYV9eRd+iIO2EdZVf9G+ERGJ
w+m3GMv/i1smw+XgQpXsKTLw05bmS6iCk8qGL/lVpGyMosBHyw63aaccUSYtz1GD
ZyYhP1tba1SQHuSy8pk+DBmGm56UQuMyCTBa55HGQ23XKFtN2bWo5dMU/7m7ray3
z7bxtEBf8yFfaj8U77RjEGLvUCEVwnrBnbXZEE9+NuBNEPQphCNNdAFmfyYY46/A
j3DcHxnbFjxB2y5lmUteZ2OeBWD12Dwu4RR6yIrn7dJ4k2ewjWS3on+EjXfnH1IU
mFU3bZ2NN8lQRilHJMj8lDh+NI+pvE7NX6KQFHkpNIcrkfLAjO2+GpvuiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNqzDsTbKaW9RtravYN+cSipiA8tMB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEvMnJNT3hOc3BwYjFHMnRxOWczNXhLS21JRHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbb0AwQA
WcjbAwQAXZ2/AwQAuen1MA0GCSqGSIb3DQEBCwUAA4IBAQCaxRVgK3dhDM5u0GbJ
dUbabCT0MPVclj+vHt3HJAv3hguHs2A73apPRgIwdEasWuiTmn0rAJs0dM0P+gfR
39MSxvDYsh4nGrBQCq6GTQgVKpbrepkv6xtFv0AfpXsjIfOAh8pUpjpAM/4/Simt
fRNNwYkgbGwVWB3SQmxOtf/HxX3oCAJuN4zgHvmpCs6BDCPJlLUJZ52gyka08Ajh
ODeTJXBgkwl1U7AODROMMg54qmvCPlwaaBRkk/LCtKTHwspoBxeshZLvMLUERt+X
s6116MrfRfHJJsEdqczXfyFgjvFS8GjqoqsVNlqEWZrQK7fZCOE7n4QLLRZdth4Q
8MSq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:51 2024 by rpki-client on console-fra.rpki-client.org