Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/2j1ZzXUvMzu-vrKiyVnKuQ3Dm58.roa
File: 2j1ZzXUvMzu-vrKiyVnKuQ3Dm58.roa (raw, json)
Hash identifier: C/o2ZoFOaentKjW5QR6B/fYEWiSawC+cEkMFMzJAaL8=
Subject key identifier: DA:3D:59:CD:75:2F:33:3B:BE:BE:B2:A2:C9:59:CA:B9:0D:C3:9B:9F
Certificate issuer: /CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Certificate serial: 01857255B60393A53F0A5E34692B7816C9D7
Authority key identifier: 18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/2j1ZzXUvMzu-vrKiyVnKuQ3Dm58.roa
Signing time: Mon 02 Jan 2023 11:54:57 +0000
ROA not before: Mon 02 Jan 2023 11:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14061
IP address blocks: 167.172.0.0/16 maxlen: 22
146.185.128.0/19 maxlen: 22
5.101.96.0/20 maxlen: 24
146.185.160.0/19 maxlen: 22
185.14.184.0/22 maxlen: 22
178.128.0.0/17 maxlen: 22
37.139.0.0/19 maxlen: 22
188.166.0.0/16 maxlen: 22
82.196.0.0/20 maxlen: 22
95.85.0.0/18 maxlen: 22
46.101.0.0/16 maxlen: 22
188.226.128.0/17 maxlen: 22
178.128.128.0/17 maxlen: 22
80.240.128.0/20 maxlen: 22
178.62.0.0/16 maxlen: 22
2a03:b0c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:b6:03:93:a5:3f:0a:5e:34:69:2b:78:16:c9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Validity
Not Before: Jan 2 11:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da3d59cd752f333bbebeb2a2c959cab90dc39b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0c:0b:b2:08:82:0a:23:33:ce:90:c3:c0:39:
45:ef:86:c1:f3:4b:05:98:0c:a1:2b:26:cf:39:19:
7a:f7:4a:1d:8e:9e:3a:ce:ae:72:d8:db:15:de:fe:
26:91:24:58:7e:dc:cc:77:42:0b:46:52:50:19:50:
4f:33:ff:65:9c:e3:8e:6b:4d:f4:71:20:0e:d8:dc:
0e:fa:e6:5c:40:32:f8:83:1e:eb:74:c2:7c:d5:d0:
80:ce:af:17:37:db:01:63:65:f4:9d:e4:a7:68:4b:
c0:cd:06:ca:cd:90:0b:74:51:1b:1e:dd:b2:22:40:
0e:4a:97:aa:5a:70:b5:b9:e5:ac:cf:f4:01:46:c9:
1a:3c:72:27:04:1f:f7:5e:3e:36:2d:5a:24:db:71:
94:e3:2b:33:76:aa:51:84:95:3f:20:94:89:83:aa:
0d:2e:d8:92:91:e7:65:44:bc:ea:1e:53:f3:84:71:
00:fc:69:4f:91:a9:9e:0c:d7:30:8d:6c:57:3e:aa:
06:81:88:b4:f3:7e:cc:d3:48:65:80:4b:ed:90:80:
c1:28:43:13:b9:ff:0d:dd:a3:e0:5c:68:5f:c8:d9:
6f:90:8f:16:f7:60:32:49:d4:af:9f:8c:43:85:81:
56:ab:e7:23:a0:f6:15:9d:80:a9:50:af:50:7b:14:
4f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3D:59:CD:75:2F:33:3B:BE:BE:B2:A2:C9:59:CA:B9:0D:C3:9B:9F
X509v3 Authority Key Identifier:
keyid:18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/2j1ZzXUvMzu-vrKiyVnKuQ3Dm58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.96.0/20
37.139.0.0/19
46.101.0.0/16
80.240.128.0/20
82.196.0.0/20
95.85.0.0/18
146.185.128.0/18
167.172.0.0/16
178.62.0.0/16
178.128.0.0/16
185.14.184.0/22
188.166.0.0/16
188.226.128.0/17
IPv6:
2a03:b0c0::/32
Signature Algorithm: sha256WithRSAEncryption
32:34:f7:a6:39:1e:39:8e:4c:9a:28:70:36:dd:52:dc:b5:ad:
2d:8e:3b:ec:70:78:d1:3e:ad:6a:d5:4f:6b:55:99:6b:17:02:
bb:52:cb:23:9f:88:af:45:d5:8a:7d:34:ee:88:99:a8:2a:fb:
20:5a:5b:06:b1:4a:2a:3c:58:4f:2d:3b:7c:36:d8:50:ff:25:
81:c8:2e:fc:bd:64:9d:12:ea:c9:22:bc:81:7c:08:bf:b5:2e:
3b:54:1e:9d:e8:7f:4d:70:27:21:d3:99:cb:65:9e:ff:41:76:
3c:31:1a:2e:21:2b:8e:ee:a5:1c:15:37:cd:f0:f1:cf:26:4c:
ee:dd:16:6c:13:e1:98:18:dd:06:5a:be:d5:9b:ac:a9:72:a3:
a6:aa:bf:98:df:3e:6c:cd:67:8f:7b:37:87:37:62:20:a9:89:
b5:98:13:76:d8:ec:5b:1a:56:29:17:cc:d1:3a:23:a5:50:bb:
2e:7f:4e:dc:d5:26:96:f8:ab:f0:b1:6a:b8:ec:66:54:10:66:
57:3d:7d:a4:be:73:d1:f0:f3:e3:14:c0:9f:f3:d3:21:52:1d:
eb:69:39:fc:0e:0a:11:11:5d:f9:17:78:ab:70:26:dd:27:97:
06:38:92:74:f2:3e:cf:f9:bf:8c:44:e5:2b:82:50:e9:9b:d5:
be:cd:e5:0e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVyVbYDk6U/Cl40aSt4FsnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDhiZjdmZTQ4YjA1N2Y5ZjJmM2Q1ZDFhNjMxMGZkOWUx
NGM1NzEwHhcNMjMwMTAyMTE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTNkNTljZDc1MmYzMzNiYmViZWIyYTJjOTU5Y2FiOTBkYzM5YjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwwLsgiCCiMzzpDDwDlF74bB80sF
mAyhKybPORl690odjp46zq5y2NsV3v4mkSRYftzMd0ILRlJQGVBPM/9lnOOOa030
cSAO2NwO+uZcQDL4gx7rdMJ81dCAzq8XN9sBY2X0neSnaEvAzQbKzZALdFEbHt2y
IkAOSpeqWnC1ueWsz/QBRskaPHInBB/3Xj42LVok23GU4yszdqpRhJU/IJSJg6oN
LtiSkedlRLzqHlPzhHEA/GlPkameDNcwjWxXPqoGgYi0837M00hlgEvtkIDBKEMT
uf8N3aPgXGhfyNlvkI8W92AySdSvn4xDhYFWq+cjoPYVnYCpUK9QexRPgQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFNo9Wc11LzM7vr6yoslZyrkNw5ufMB8GA1UdIwQY
MBaAFBgIv3/kiwV/ny89XRpjEP2eFMVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMt
OWQzOTJlZWUwZjY2LzEvMmoxWnpYVXZNenUtdnJLaXlWbkt1UTNEbTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMtOWQzOTJlZWUwZjY2
LzEvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJAwQEBWVgAwQF
JYsAAwMALmUDBARQ8IADBARSxAADBAZfVQADBAaSuYADAwCnrAMDALI+AwMAsoAD
BAK5DrgDAwC8pgMEB7zigDANBAIAAjAHAwUAKgOwwDANBgkqhkiG9w0BAQsFAAOC
AQEAMjT3pjkeOY5MmihwNt1S3LWtLY477HB40T6tatVPa1WZaxcCu1LLI5+Ir0XV
in007oiZqCr7IFpbBrFKKjxYTy07fDbYUP8lgcgu/L1knRLqySK8gXwIv7UuO1Qe
neh/TXAnIdOZy2We/0F2PDEaLiErju6lHBU3zfDxzyZM7t0WbBPhmBjdBlq+1Zus
qXKjpqq/mN8+bM1nj3s3hzdiIKmJtZgTdtjsWxpWKRfM0TojpVC7Ln9O3NUmlvir
8LFquOxmVBBmVz19pL5z0fDz4xTAn/PTIVId62k5/A4KERFd+Rd4q3Am3SeXBjiS
dPI+z/m/jETlK4JQ6ZvVvs3lDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:06 2024 by rpki-client on console-fra.rpki-client.org