Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/L2tSJcGUyF29U0o2qpdB1VUPdms.roa
File: L2tSJcGUyF29U0o2qpdB1VUPdms.roa (raw, json)
Hash identifier: DLi2D5yvNBlGoo7EtF6tGxvk2RvOUwYPUq89hPuj1ts=
Subject key identifier: 2F:6B:52:25:C1:94:C8:5D:BD:53:4A:36:AA:97:41:D5:55:0F:76:6B
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018CC8014D1051C736DDFD626493DF4B3371
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/L2tSJcGUyF29U0o2qpdB1VUPdms.roa
Signing time: Tue 02 Jan 2024 02:29:37 +0000
ROA not before: Tue 02 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.146.152.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
2a07:4f80:10::/44 maxlen: 44
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
2a07:4f80:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Jan 2024 10:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:4d:10:51:c7:36:dd:fd:62:64:93:df:4b:33:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jan 2 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f6b5225c194c85dbd534a36aa9741d5550f766b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:86:5d:d8:4f:af:d7:c9:d4:d9:ad:22:dc:3c:
77:a5:b0:53:35:03:7b:c6:6c:27:4f:c7:e6:22:54:
24:76:cc:c5:af:ab:ef:a9:97:84:7d:ee:4a:da:5c:
30:87:8c:48:dc:51:4b:2e:e4:df:6c:e4:4d:22:65:
dc:18:1e:c7:df:9e:4b:0f:43:04:30:21:fa:e7:e3:
9a:0b:6e:56:d9:e6:5c:27:72:3e:c5:8e:68:23:f4:
39:3d:03:a5:04:a5:5e:d4:53:01:9f:fb:52:8b:9b:
21:4f:26:a6:c4:fb:7b:7a:87:f6:f8:6e:25:ef:f7:
d5:b7:bd:15:bf:9e:27:7f:de:28:e9:d9:e3:aa:66:
d8:48:93:87:b8:d1:0e:24:16:61:15:6a:0a:05:a7:
0f:8b:4c:64:ce:ed:04:10:0c:f9:83:3f:62:00:a2:
25:2f:f1:17:95:b5:db:89:83:e3:9b:d8:2d:e4:65:
14:16:ea:22:5d:c6:7c:d6:76:7f:ea:90:d1:f3:c3:
29:e1:fe:4a:0d:bf:eb:e0:c6:38:1c:7c:b7:51:04:
d4:ae:4b:76:2f:69:2c:b4:f6:49:71:f6:58:4e:cc:
b4:51:6a:67:95:6c:99:73:4f:79:0c:30:11:7b:5f:
cb:cb:48:be:6d:84:82:40:bd:d1:6a:dc:6d:c0:59:
9e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6B:52:25:C1:94:C8:5D:BD:53:4A:36:AA:97:41:D5:55:0F:76:6B
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/L2tSJcGUyF29U0o2qpdB1VUPdms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.152.0/24
185.146.154.0/23
IPv6:
2a07:4f80::-2a07:4f80:20:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4d:76:04:c5:e8:f1:4e:0b:3c:8c:44:13:7e:90:70:73:ee:c0:
ee:98:ea:25:95:28:7f:c4:2c:a6:fb:97:d9:8a:21:aa:17:1e:
4d:04:09:98:ef:a6:9e:c3:61:7f:2e:2c:1d:f6:6f:10:78:22:
c8:af:6b:98:cd:df:65:b7:42:7f:2e:d8:81:10:58:50:4c:17:
d5:80:68:a8:a3:d7:f4:aa:b2:40:ba:cb:cd:15:4e:f9:15:63:
3a:86:53:dc:c8:97:c9:62:65:61:5c:b6:f4:41:a7:3f:83:58:
13:69:9a:c9:6c:07:6c:eb:aa:c8:de:76:6d:29:b8:dc:0a:2f:
e6:0d:7d:ec:8a:cd:1b:60:7c:eb:bc:78:5c:a4:18:5e:ba:b7:
8e:b1:10:ac:61:47:a8:60:15:c9:59:12:10:7d:ec:48:f0:20:
33:77:48:08:7d:8b:08:ce:bc:69:fe:c5:68:ae:88:10:ca:04:
ef:02:4e:f9:2a:e9:9f:88:59:58:7f:58:a3:70:a0:4a:c6:15:
b9:26:29:c9:f3:80:44:00:3e:dc:bf:f7:4d:6c:8f:19:e8:0d:
ae:d5:48:c1:dd:61:f8:0a:73:89:b4:a6:0c:d1:80:1f:1f:77:
e6:55:62:b3:f3:1c:d7:dd:69:60:1d:f3:d6:15:a6:ef:ae:60:
b2:a2:03:bb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzIAU0QUcc23f1iZJPfSzNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjQwMTAyMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZiNTIyNWMxOTRjODVkYmQ1MzRhMzZhYTk3NDFkNTU1MGY3NjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIZd2E+v18nU2a0i3Dx3pbBTNQN7
xmwnT8fmIlQkdszFr6vvqZeEfe5K2lwwh4xI3FFLLuTfbORNImXcGB7H355LD0ME
MCH65+OaC25W2eZcJ3I+xY5oI/Q5PQOlBKVe1FMBn/tSi5shTyamxPt7eof2+G4l
7/fVt70Vv54nf94o6dnjqmbYSJOHuNEOJBZhFWoKBacPi0xkzu0EEAz5gz9iAKIl
L/EXlbXbiYPjm9gt5GUUFuoiXcZ81nZ/6pDR88Mp4f5KDb/r4MY4HHy3UQTUrkt2
L2kstPZJcfZYTsy0UWpnlWyZc095DDARe1/Ly0i+bYSCQL3RatxtwFmelQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFC9rUiXBlMhdvVNKNqqXQdVVD3ZrMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvTDJ0U0pjR1V5RjI5VTBvMnFwZEIxVlVQZG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuZKYAwQB
uZKaMBgEAgACMBIwEAMFByoHT4ADBwAqB0+AACAwDQYJKoZIhvcNAQELBQADggEB
AE12BMXo8U4LPIxEE36QcHPuwO6Y6iWVKH/ELKb7l9mKIaoXHk0ECZjvpp7DYX8u
LB32bxB4Isiva5jN32W3Qn8u2IEQWFBMF9WAaKij1/SqskC6y80VTvkVYzqGU9zI
l8liZWFctvRBpz+DWBNpmslsB2zrqsjedm0puNwKL+YNfeyKzRtgfOu8eFykGF66
t46xEKxhR6hgFclZEhB97EjwIDN3SAh9iwjOvGn+xWiuiBDKBO8CTvkq6Z+IWVh/
WKNwoErGFbkmKcnzgEQAPty/901sjxnoDa7VSMHdYfgKc4m0pgzRgB8fd+ZVYrPz
HNfdaWAd89YVpu+uYLKiA7s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org