Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/2CeMy55b3qvEP_1XqQrVmbkrgb0.roa
File: 2CeMy55b3qvEP_1XqQrVmbkrgb0.roa (raw, json)
Hash identifier: ujes0GqLkeZ1Z/Uh0VdIj5GAh+vfOro7n+o/4DhuL34=
Subject key identifier: D8:27:8C:CB:9E:5B:DE:AB:C4:3F:FD:57:A9:0A:D5:99:B9:2B:81:BD
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018F52D31747F0B44D591EA5DBEACD444CFC
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/2CeMy55b3qvEP_1XqQrVmbkrgb0.roa
Signing time: Tue 07 May 2024 11:31:56 +0000
ROA not before: Tue 07 May 2024 11:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13285
IP address blocks: 2.96.0.0/13 maxlen: 24
62.3.192.0/18 maxlen: 24
62.24.128.0/17 maxlen: 24
62.241.160.0/19 maxlen: 24
78.144.0.0/13 maxlen: 24
81.6.192.0/18 maxlen: 24
82.133.0.0/17 maxlen: 24
84.12.0.0/16 maxlen: 24
89.240.0.0/14 maxlen: 24
91.146.112.0/21 maxlen: 24
92.0.0.0/11 maxlen: 24
92.5.0.0/16 maxlen: 24
92.6.0.0/15 maxlen: 24
92.8.0.0/13 maxlen: 24
92.16.0.0/12 maxlen: 24
185.112.212.0/22 maxlen: 24
185.173.116.0/22 maxlen: 24
185.173.120.0/22 maxlen: 24
185.175.144.0/22 maxlen: 24
193.218.99.0/24 maxlen: 24
195.112.0.0/18 maxlen: 24
195.149.0.0/18 maxlen: 24
212.139.24.0/24 maxlen: 24
212.139.133.0/24 maxlen: 24
212.139.148.0/22 maxlen: 22
213.208.64.0/18 maxlen: 24
217.8.0.0/19 maxlen: 24
217.68.128.0/20 maxlen: 24
2001:7e0::/32 maxlen: 32
2001:4a00::/27 maxlen: 27
2a00:4340::/32 maxlen: 32
2a0b:db00::/29 maxlen: 29
2a0b:e900::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 May 2024 11:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:52:d3:17:47:f0:b4:4d:59:1e:a5:db:ea:cd:44:4c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: May 7 11:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8278ccb9e5bdeabc43ffd57a90ad599b92b81bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5e:5a:a5:15:3c:69:c3:4a:ed:99:1c:79:75:
b0:bf:b7:c5:53:25:0b:d3:0f:83:cf:ef:11:8d:3a:
f8:32:fd:d2:64:cd:ca:d1:27:d5:66:7e:a0:a8:24:
1d:3a:48:b0:ec:65:2c:fb:4c:c3:77:3b:8d:70:74:
80:10:14:8a:50:e2:0b:23:1d:6a:02:fc:e4:99:f2:
b0:c1:cb:94:a9:6a:1c:2e:b0:cf:cb:61:3d:97:f9:
8a:33:9b:58:9e:76:ce:ab:56:35:b0:f4:96:52:5d:
f5:30:a2:ca:63:ce:d6:f9:e7:4e:5c:78:f6:32:9d:
b7:78:79:77:d8:75:36:54:a5:e8:e7:ad:d2:f4:05:
51:80:f2:e3:38:91:bb:f7:9d:ae:1c:6c:59:51:cd:
5f:ea:68:b6:e2:b8:9e:0b:f5:fa:fa:d7:ea:40:83:
12:ff:b8:36:06:4b:8e:23:b6:c9:73:92:a6:78:e1:
8d:fd:86:93:14:b7:55:d2:7a:83:64:a3:3a:9e:e0:
63:5c:3d:47:b3:ba:44:9a:68:40:fb:90:12:1c:8d:
66:47:62:f7:7a:2e:79:d1:a4:45:94:6e:cd:67:30:
c1:5d:3e:ed:0f:0a:ca:79:6d:48:8a:02:1d:51:82:
ed:9f:83:03:90:b2:e7:09:07:47:b8:1c:a1:76:44:
a6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:27:8C:CB:9E:5B:DE:AB:C4:3F:FD:57:A9:0A:D5:99:B9:2B:81:BD
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/2CeMy55b3qvEP_1XqQrVmbkrgb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.3.192.0/18
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
81.6.192.0/18
82.133.0.0/17
84.12.0.0/16
89.240.0.0/14
91.146.112.0/21
92.0.0.0/11
185.112.212.0/22
185.173.116.0-185.173.123.255
185.175.144.0/22
193.218.99.0/24
195.112.0.0/18
195.149.0.0/18
212.139.24.0/24
212.139.133.0/24
212.139.148.0/22
213.208.64.0/18
217.8.0.0/19
217.68.128.0/20
IPv6:
2001:7e0::/32
2001:4a00::/27
2a00:4340::/32
2a0b:db00::/29
2a0b:e900::/29
Signature Algorithm: sha256WithRSAEncryption
40:c8:ca:6c:a5:f8:0e:63:7b:e7:07:0d:8f:01:dc:5f:e7:9a:
25:ed:13:f7:f0:07:02:0a:ff:e0:2d:01:31:91:7c:9c:5b:5c:
8c:90:b7:ba:f9:ae:23:3d:a2:5e:ee:ef:38:40:f3:a9:c0:99:
95:f3:d8:60:14:d8:88:13:84:ec:a0:01:9c:eb:93:16:0e:48:
0e:15:b0:ad:a4:45:05:ef:02:91:8f:1c:62:7c:64:81:a1:85:
f0:4e:f0:ac:06:82:ac:bc:e9:84:81:70:b8:29:e7:94:63:a8:
e4:65:f1:23:59:98:cf:b3:f7:9f:06:55:d1:d2:6e:63:4f:e7:
66:d6:e0:8d:31:6e:5b:55:43:15:ae:2e:b3:33:4d:9e:62:1d:
cd:c3:13:a4:15:c6:bf:7f:42:82:93:21:c7:96:5c:79:b6:c4:
6f:a6:35:dd:7f:48:5e:75:03:38:d5:15:28:7e:8b:a0:28:cf:
36:df:bd:4a:4d:7e:79:eb:e6:63:fc:b4:7b:8b:b4:c9:b9:4e:
ad:89:03:12:b1:03:a5:39:6c:a7:14:76:74:06:85:b9:6b:95:
b2:23:e1:2e:9b:26:53:c5:5d:0d:90:29:35:01:c2:9c:d5:45:
c7:c2:6d:3c:bf:5f:8c:26:95:70:62:68:39:65:9d:64:64:a3:
b5:62:ef:8a
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAY9S0xdH8LRNWR6l2+rNREz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjQwNTA3MTEzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODI3OGNjYjllNWJkZWFiYzQzZmZkNTdhOTBhZDU5OWI5MmI4MWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV5apRU8acNK7ZkceXWwv7fFUyUL
0w+Dz+8RjTr4Mv3SZM3K0SfVZn6gqCQdOkiw7GUs+0zDdzuNcHSAEBSKUOILIx1q
AvzkmfKwwcuUqWocLrDPy2E9l/mKM5tYnnbOq1Y1sPSWUl31MKLKY87W+edOXHj2
Mp23eHl32HU2VKXo563S9AVRgPLjOJG7952uHGxZUc1f6mi24rieC/X6+tfqQIMS
/7g2BkuOI7bJc5KmeOGN/YaTFLdV0nqDZKM6nuBjXD1Hs7pEmmhA+5ASHI1mR2L3
ei550aRFlG7NZzDBXT7tDwrKeW1IigIdUYLtn4MDkLLnCQdHuByhdkSmWwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFNgnjMueW96rxD/9V6kK1Zm5K4G9MB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvMkNlTXk1NWIzcXZFUF8xWHFRclZtYmtyZ2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBlAQCAAEwgY0DAwMC
YAMEBj4DwAMEBz4YgAMEBT7xoAMDA06QAwQGUQbAAwQHUoUAAwMAVAwDAwJZ8AME
A1uScAMDBVwAAwQCuXDUMAwDBAK5rXQDBAK5rXgDBAK5r5ADBADB2mMDBAbDcAAD
BAbDlQADBADUixgDBADUi4UDBALUi5QDBAbV0EADBAXZCAADBATZRIAwKQQCAAIw
IwMFACABB+ADBQUgAUoAAwUAKgBDQAMFAyoL2wADBQMqC+kAMA0GCSqGSIb3DQEB
CwUAA4IBAQBAyMpspfgOY3vnBw2PAdxf55ol7RP38AcCCv/gLQExkXycW1yMkLe6
+a4jPaJe7u84QPOpwJmV89hgFNiIE4TsoAGc65MWDkgOFbCtpEUF7wKRjxxifGSB
oYXwTvCsBoKsvOmEgXC4KeeUY6jkZfEjWZjPs/efBlXR0m5jT+dm1uCNMW5bVUMV
ri6zM02eYh3NwxOkFca/f0KCkyHHllx5tsRvpjXdf0hedQM41RUofougKM82371K
TX556+Zj/LR7i7TJuU6tiQMSsQOlOWynFHZ0BoW5a5WyI+EumyZTxV0NkCk1AcKc
1UXHwm08v1+MJpVwYmg5ZZ1kZKO1Yu+K
-----END CERTIFICATE-----
Generated at Wed May 8 14:04:58 2024 by rpki-client on console-ams.rpki-client.org