Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/Z2xVVWxQVmAnMDGHagOIpHYqNKI.roa
File: Z2xVVWxQVmAnMDGHagOIpHYqNKI.roa (raw, json)
Hash identifier: uRe5QGM0JFunzJvMiHa+dt1jHWgQ6k4fOOSklVzMXqI=
Subject key identifier: 67:6C:55:55:6C:50:56:60:27:30:31:87:6A:03:88:A4:76:2A:34:A2
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 01857271351F54BE037CD08E119B2AE4B88B
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/Z2xVVWxQVmAnMDGHagOIpHYqNKI.roa
Signing time: Mon 02 Jan 2023 12:24:59 +0000
ROA not before: Mon 02 Jan 2023 12:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48011
IP address blocks: 45.89.236.0/22 maxlen: 24
185.217.143.0/24 maxlen: 24
213.232.203.0/24 maxlen: 24
185.227.136.0/24 maxlen: 24
185.227.139.0/24 maxlen: 24
185.227.137.0/24 maxlen: 24
185.227.138.0/24 maxlen: 24
2a0c:6600:3::/48 maxlen: 48
2a0c:6600:1::/48 maxlen: 48
2a0c:6600:2::/48 maxlen: 48
2a0c:6600::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jan 2023 19:11:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:35:1f:54:be:03:7c:d0:8e:11:9b:2a:e4:b8:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Jan 2 12:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=676c55556c505660273031876a0388a4762a34a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:34:ed:c2:64:8f:75:e9:04:77:d1:6b:05:0a:
34:2b:eb:84:f4:15:05:aa:14:8a:9c:bc:95:1b:db:
13:a4:99:d7:dc:88:14:78:37:e2:f6:c0:55:83:f0:
8b:13:5b:a8:07:b9:5c:0a:2f:32:95:0c:ae:ad:1e:
12:f5:79:51:b2:25:71:32:21:4b:a1:75:fc:d3:ee:
eb:87:f3:45:5a:48:85:00:23:18:14:1d:af:97:b4:
35:1d:a4:ac:f1:dc:15:3d:86:f9:71:15:57:64:29:
16:fd:8b:85:f6:2c:2c:1b:27:25:19:bf:18:71:da:
2c:35:9e:d1:b1:76:06:bf:e9:5c:5b:fa:30:5a:f9:
88:a1:9e:ea:aa:8a:b1:a9:9f:0b:f6:d0:18:06:82:
ff:ad:0b:e5:c2:02:de:15:2b:e4:af:a2:47:3b:75:
5d:35:4e:7b:99:95:3d:bb:df:3e:3e:7e:8c:4d:fb:
10:97:e9:8a:30:ca:4f:97:43:1b:7a:f2:29:31:22:
6e:d5:2d:df:d1:b1:0e:57:8c:1a:32:3b:9f:6d:d2:
cb:9b:36:82:38:2a:6a:27:e5:55:35:b6:ce:73:20:
2d:18:b5:73:dc:f2:90:65:dd:49:9e:ec:61:66:23:
c7:48:7e:42:bf:c6:7b:fb:74:55:ae:67:64:96:0c:
94:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6C:55:55:6C:50:56:60:27:30:31:87:6A:03:88:A4:76:2A:34:A2
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/Z2xVVWxQVmAnMDGHagOIpHYqNKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.236.0/22
185.217.143.0/24
185.227.136.0/22
213.232.203.0/24
IPv6:
2a0c:6600::/46
Signature Algorithm: sha256WithRSAEncryption
1b:98:a9:9d:ac:dc:bf:0d:f0:18:03:9d:63:91:ff:a2:b2:cc:
d6:21:c2:9a:78:09:9a:cf:4f:e3:10:d0:0c:d1:5e:2f:08:cb:
88:3d:9d:cc:97:14:a5:65:36:91:1f:20:4d:1c:f5:35:81:da:
b7:8b:74:27:2e:c6:49:cf:59:3c:f2:a0:bc:2c:71:e1:5d:fb:
c1:a8:41:a0:3a:82:ea:fd:f6:fe:8e:65:f4:45:f5:e7:f3:c3:
57:56:b5:34:85:ce:c0:32:1f:eb:78:f0:6a:71:43:66:63:39:
50:2a:1a:53:3f:20:12:66:43:8d:77:7b:ba:5f:bb:9e:26:51:
eb:b8:20:70:eb:49:a8:a2:4b:c3:19:20:53:b4:53:11:5f:3f:
07:94:df:31:5a:9d:3c:9e:ef:88:3c:32:8b:3c:ce:91:7d:f3:
16:43:af:34:f7:0f:19:db:5d:89:50:2d:23:34:b5:72:29:a9:
e7:33:00:8f:7e:e5:c0:f0:19:a9:e2:f8:29:b4:d1:38:02:5b:
3a:4f:1e:4e:01:56:23:0f:31:b6:fb:db:d7:eb:34:2a:78:40:
c1:b3:be:c0:91:d6:67:ea:4e:af:67:3d:85:87:c6:c5:bd:11:
3f:e8:00:b0:25:68:94:c7:cc:8b:e6:20:5c:06:6d:3c:12:81:
95:e8:37:b6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVycTUfVL4DfNCOEZsq5LiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjMwMTAyMTIyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzZjNTU1NTZjNTA1NjYwMjczMDMxODc2YTAzODhhNDc2MmEzNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjTtwmSPdekEd9FrBQo0K+uE9BUF
qhSKnLyVG9sTpJnX3IgUeDfi9sBVg/CLE1uoB7lcCi8ylQyurR4S9XlRsiVxMiFL
oXX80+7rh/NFWkiFACMYFB2vl7Q1HaSs8dwVPYb5cRVXZCkW/YuF9iwsGyclGb8Y
cdosNZ7RsXYGv+lcW/owWvmIoZ7qqoqxqZ8L9tAYBoL/rQvlwgLeFSvkr6JHO3Vd
NU57mZU9u98+Pn6MTfsQl+mKMMpPl0MbevIpMSJu1S3f0bEOV4waMjufbdLLmzaC
OCpqJ+VVNbbOcyAtGLVz3PKQZd1JnuxhZiPHSH5Cv8Z7+3RVrmdklgyUNQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGdsVVVsUFZgJzAxh2oDiKR2KjSiMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvWjJ4VlZXeFFWbUFuTURHSGFnT0lwSFlxTktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCLVnsAwQA
udmPAwQCueOIAwQA1ejLMA8EAgACMAkDBwIqDGYAAAAwDQYJKoZIhvcNAQELBQAD
ggEBABuYqZ2s3L8N8BgDnWOR/6KyzNYhwpp4CZrPT+MQ0AzRXi8Iy4g9ncyXFKVl
NpEfIE0c9TWB2reLdCcuxknPWTzyoLwsceFd+8GoQaA6gur99v6OZfRF9efzw1dW
tTSFzsAyH+t48GpxQ2ZjOVAqGlM/IBJmQ413e7pfu54mUeu4IHDrSaiiS8MZIFO0
UxFfPweU3zFanTye74g8Mos8zpF98xZDrzT3DxnbXYlQLSM0tXIpqeczAI9+5cDw
Gani+Cm00TgCWzpPHk4BViMPMbb729frNCp4QMGzvsCR1mfqTq9nPYWHxsW9ET/o
ALAlaJTHzIvmIFwGbTwSgZXoN7Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:13 2024 by rpki-client on console-ams.rpki-client.org