Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/nSybJD_W02jNIxIsfZEAfbcm85Q.roa
File: nSybJD_W02jNIxIsfZEAfbcm85Q.roa (raw, json)
Hash identifier: mSODMJG+pmVImNmSMFwsaliapF7TMhPw4HiSyzLpj6E=
Subject key identifier: 9D:2C:9B:24:3F:D6:D3:68:CD:23:12:2C:7D:91:00:7D:B7:26:F3:94
Certificate issuer: /CN=822b30d89b1bcff699f641f88026942d16a72bcc
Certificate serial: 0185715E8688FEE4C3DE30207C024F0C3BC1
Authority key identifier: 82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/nSybJD_W02jNIxIsfZEAfbcm85Q.roa
Signing time: Mon 02 Jan 2023 07:24:58 +0000
ROA not before: Mon 02 Jan 2023 07:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3243
IP address blocks: 85.240.0.0/13 maxlen: 24
213.13.0.0/16 maxlen: 24
37.189.0.0/16 maxlen: 24
144.64.0.0/16 maxlen: 24
188.80.0.0/14 maxlen: 24
2.80.0.0/14 maxlen: 24
81.193.0.0/16 maxlen: 24
194.65.0.0/16 maxlen: 24
185.2.84.0/22 maxlen: 24
212.55.128.0/19 maxlen: 24
188.250.0.0/15 maxlen: 24
82.154.0.0/15 maxlen: 24
176.78.0.0/15 maxlen: 24
168.182.128.0/17 maxlen: 24
2001:8a0:c000::/34 maxlen: 34
2001:8a0:4000::/34 maxlen: 34
2001:8a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 19 May 2023 15:18:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:86:88:fe:e4:c3:de:30:20:7c:02:4f:0c:3b:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=822b30d89b1bcff699f641f88026942d16a72bcc
Validity
Not Before: Jan 2 07:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d2c9b243fd6d368cd23122c7d91007db726f394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:41:1d:15:d9:35:b5:4b:4c:18:76:a6:93:e5:
4e:37:b8:73:74:a9:44:2a:fa:5b:77:96:9b:a7:22:
c4:3b:1d:2c:c6:4e:7d:9c:13:9b:01:d3:07:f8:71:
4f:bd:61:5f:33:0c:c8:93:d8:89:c6:ba:67:fe:9d:
d8:2c:ef:60:0c:37:68:ee:5b:97:9d:ed:72:99:93:
72:1c:ef:40:d3:9f:6a:dd:cf:0d:bd:61:b6:78:17:
b0:63:40:6e:c0:6c:0d:0a:73:68:84:36:63:58:e1:
d6:bb:3a:58:6f:20:21:0e:fd:3a:a8:b3:ee:9e:ab:
65:8a:48:19:c8:8f:5a:ea:b5:97:14:5f:76:c3:8d:
22:a4:d3:8f:03:6a:2e:ba:d8:85:ea:e0:58:9b:32:
a3:22:21:13:4f:aa:e3:9e:2d:f7:88:91:3e:a5:f4:
e8:27:60:1a:a2:c3:30:ac:18:89:55:30:15:28:c9:
3b:b4:e9:d3:56:c7:25:2e:84:81:5d:f9:b7:cf:62:
9a:be:59:f8:80:69:bc:81:c1:97:70:5e:3c:76:6f:
27:ce:45:95:79:2a:86:4e:e2:10:33:d7:26:d7:5c:
0f:cc:e1:02:e6:70:6d:32:9e:4e:0a:0b:ac:9e:f9:
34:07:a0:ee:16:0d:34:a4:87:3b:0c:a6:6d:42:bb:
fa:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:2C:9B:24:3F:D6:D3:68:CD:23:12:2C:7D:91:00:7D:B7:26:F3:94
X509v3 Authority Key Identifier:
keyid:82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/nSybJD_W02jNIxIsfZEAfbcm85Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.80.0.0/14
37.189.0.0/16
81.193.0.0/16
82.154.0.0/15
85.240.0.0/13
144.64.0.0/16
168.182.128.0/17
176.78.0.0/15
185.2.84.0/22
188.80.0.0/14
188.250.0.0/15
194.65.0.0/16
212.55.128.0/19
213.13.0.0/16
IPv6:
2001:8a0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:0d:f3:88:fc:82:00:ad:d5:5a:71:f1:e2:32:49:b1:d5:c4:
77:bc:f0:da:ee:d9:ea:63:29:7a:de:7a:52:6e:62:dc:0d:2c:
21:67:64:aa:cd:52:24:1e:83:8b:06:ca:de:72:2d:fe:84:b4:
90:47:b6:f2:40:5e:77:7a:b3:29:e3:af:22:98:18:34:5f:84:
6e:c2:03:64:de:18:bf:15:14:2d:ba:70:15:aa:f4:d9:eb:e6:
c1:3a:a6:d9:e4:4e:34:b3:bc:4f:57:b6:44:c2:f8:56:bd:cf:
c0:dd:cb:99:f1:2e:fb:19:c7:53:05:f3:8a:71:ef:d4:5c:8a:
a8:e4:fb:e2:96:6f:3a:c6:d9:57:07:be:6b:26:4b:ae:99:7f:
89:e4:e2:4d:ee:77:b5:25:13:63:22:e2:ee:83:0d:85:47:38:
32:63:57:b5:f8:2a:c5:f0:9b:a2:d6:29:1e:7f:a7:af:22:0c:
d5:da:bb:07:98:2f:a5:13:9b:5f:b6:ef:ca:89:93:1e:f1:ba:
be:53:4d:8d:f1:2b:8f:ee:a9:94:8e:26:ef:f2:c1:7a:2f:8d:
dc:8c:5e:2e:43:30:b9:56:47:b4:25:2e:05:b5:37:75:bb:36:
15:3e:89:0e:e2:19:cd:6c:8c:74:f8:33:2e:3b:d5:a1:1c:6d:
3b:80:e3:2e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVxXoaI/uTD3jAgfAJPDDvBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMmIzMGQ4OWIxYmNmZjY5OWY2NDFmODgwMjY5NDJkMTZh
NzJiY2MwHhcNMjMwMTAyMDcyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDJjOWIyNDNmZDZkMzY4Y2QyMzEyMmM3ZDkxMDA3ZGI3MjZmMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykEdFdk1tUtMGHamk+VON7hzdKlE
Kvpbd5abpyLEOx0sxk59nBObAdMH+HFPvWFfMwzIk9iJxrpn/p3YLO9gDDdo7luX
ne1ymZNyHO9A059q3c8NvWG2eBewY0BuwGwNCnNohDZjWOHWuzpYbyAhDv06qLPu
nqtlikgZyI9a6rWXFF92w40ipNOPA2ouutiF6uBYmzKjIiETT6rjni33iJE+pfTo
J2AaosMwrBiJVTAVKMk7tOnTVsclLoSBXfm3z2Kavln4gGm8gcGXcF48dm8nzkWV
eSqGTuIQM9cm11wPzOEC5nBtMp5OCgusnvk0B6DuFg00pIc7DKZtQrv6QwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFJ0smyQ/1tNozSMSLH2RAH23JvOUMB8GA1UdIwQY
MBaAFIIrMNibG8/2mfZB+IAmlC0WpyvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEt
OTE0ZDVkYzUxOTdmLzEvblN5YkpEX1cwMmpOSXhJc2ZaRUFmYmNtODVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEtOTE0ZDVkYzUxOTdm
LzEvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJAwMCAlADAwAl
vQMDAFHBAwMBUpoDAwNV8AMDAJBAAwQHqLaAAwMBsE4DBAK5AlQDAwK8UAMDAbz6
AwMAwkEDBAXUN4ADAwDVDTANBAIAAjAHAwUAIAEIoDANBgkqhkiG9w0BAQsFAAOC
AQEAfA3ziPyCAK3VWnHx4jJJsdXEd7zw2u7Z6mMpet56Um5i3A0sIWdkqs1SJB6D
iwbK3nIt/oS0kEe28kBed3qzKeOvIpgYNF+EbsIDZN4YvxUULbpwFar02evmwTqm
2eRONLO8T1e2RML4Vr3PwN3LmfEu+xnHUwXzinHv1FyKqOT74pZvOsbZVwe+ayZL
rpl/ieTiTe53tSUTYyLi7oMNhUc4MmNXtfgqxfCbotYpHn+nryIM1dq7B5gvpROb
X7bvyomTHvG6vlNNjfErj+6plI4m7/LBei+N3IxeLkMwuVZHtCUuBbU3dbs2FT6J
DuIZzWyMdPgzLjvVoRxtO4DjLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org