Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/v0K_2MVeqfNQpY7WtL-o_XW7Al8.roa
File: v0K_2MVeqfNQpY7WtL-o_XW7Al8.roa (raw, json)
Hash identifier: Eqy5dBw0yohJ7eOWJBSsPNF5aQ0CW/2YyooSszn7gFo=
Subject key identifier: BF:42:BF:D8:C5:5E:A9:F3:50:A5:8E:D6:B4:BF:A8:FD:75:BB:02:5F
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018C211B39B89D39ADDE878C52B2617EFABE
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/v0K_2MVeqfNQpY7WtL-o_XW7Al8.roa
Signing time: Thu 30 Nov 2023 16:41:21 +0000
ROA not before: Thu 30 Nov 2023 16:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49223
IP address blocks: 185.145.232.0/24 maxlen: 24
188.244.118.0/24 maxlen: 24
193.104.183.0/24 maxlen: 24
37.140.240.0/24 maxlen: 24
146.19.186.0/24 maxlen: 24
62.204.33.0/24 maxlen: 24
95.130.228.0/24 maxlen: 24
194.32.105.0/24 maxlen: 24
83.138.49.0/24 maxlen: 24
193.163.124.0/24 maxlen: 24
213.109.158.0/24 maxlen: 24
91.247.186.0/24 maxlen: 24
5.181.54.0/24 maxlen: 24
176.126.126.0/24 maxlen: 24
146.19.41.0/24 maxlen: 24
89.248.64.0/24 maxlen: 24
212.52.8.0/24 maxlen: 24
193.228.228.0/24 maxlen: 24
185.201.253.0/24 maxlen: 24
46.18.106.0/24 maxlen: 24
194.156.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:21:1b:39:b8:9d:39:ad:de:87:8c:52:b2:61:7e:fa:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Nov 30 16:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf42bfd8c55ea9f350a58ed6b4bfa8fd75bb025f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e8:3a:0a:04:4b:e2:fd:ba:aa:0d:be:a9:f8:
ab:4d:b8:ec:fb:ba:86:c9:d2:a1:db:85:39:41:76:
48:b4:f2:8f:d2:39:1f:44:2d:8e:3b:0c:6c:73:2a:
37:8e:2b:2b:d3:d4:97:c2:1f:67:3b:21:92:d0:11:
40:e8:8d:8a:b0:f6:e8:14:ea:88:af:5e:81:58:90:
33:fb:66:fe:b7:b3:a6:5f:8d:92:19:d6:d7:8c:1b:
87:89:0c:ca:58:4b:b9:93:67:ac:a7:71:b5:23:14:
5e:23:37:54:28:9d:2d:65:79:f8:50:6a:3c:d4:08:
ee:dd:13:22:f2:91:2d:33:fa:d9:f5:65:2d:c3:a3:
58:f3:63:9e:96:12:33:8c:16:b2:d4:04:52:f6:39:
0d:7b:a1:76:0b:6c:e8:b8:0a:c9:c2:14:e1:dc:34:
1a:07:62:e5:9a:88:f5:9e:4a:50:08:2e:37:ab:fa:
8c:e3:af:48:2d:a0:3b:98:43:9f:45:d4:b7:6d:4f:
74:94:2b:db:40:bb:ce:8a:1b:1a:77:e4:b5:a5:cb:
47:96:38:04:b3:1e:ae:1d:cc:4c:e1:bc:ad:c8:70:
1e:4b:80:c3:ce:55:ed:79:5a:60:12:d0:30:b4:34:
da:fb:ed:c8:d6:ab:d8:f7:3d:46:6e:9e:fa:3e:2b:
20:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:42:BF:D8:C5:5E:A9:F3:50:A5:8E:D6:B4:BF:A8:FD:75:BB:02:5F
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/v0K_2MVeqfNQpY7WtL-o_XW7Al8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.54.0/24
37.140.240.0/24
46.18.106.0/24
62.204.33.0/24
83.138.49.0/24
89.248.64.0/24
91.247.186.0/24
95.130.228.0/24
146.19.41.0/24
146.19.186.0/24
176.126.126.0/24
185.145.232.0/24
185.201.253.0/24
188.244.118.0/24
193.104.183.0/24
193.163.124.0/24
193.228.228.0/24
194.32.105.0/24
194.156.78.0/24
212.52.8.0/24
213.109.158.0/24
Signature Algorithm: sha256WithRSAEncryption
31:ae:1b:aa:54:e3:bf:d0:67:72:87:9b:06:8b:0a:71:1a:e1:
08:52:57:10:bc:81:c8:05:73:63:8c:fa:17:de:23:c9:16:2a:
c3:9a:97:ed:3b:74:81:4e:97:24:35:b3:fb:ea:48:bc:bb:10:
53:5d:8d:40:eb:fd:c7:f1:9d:42:cc:16:cd:d0:1e:6b:65:95:
87:57:1a:4e:69:74:0d:76:65:05:88:72:ce:27:ac:91:59:53:
a0:69:19:6e:19:1e:36:4a:d2:e9:c9:07:91:a5:a9:56:bb:59:
53:6c:4f:e8:71:ff:21:ea:bc:ba:e8:0f:6c:6f:be:7a:dd:4f:
b9:49:9c:da:8f:3f:28:89:c4:8a:97:c6:5f:d3:72:3b:22:62:
96:cf:bb:6e:a3:5c:ba:e6:76:9c:a2:61:3e:3b:3e:14:db:0e:
fe:2e:ac:eb:f2:b7:94:34:0d:1a:e1:5c:c9:39:38:68:83:fe:
d5:fb:ac:e8:15:0b:c6:2d:1e:64:b8:0a:d2:a1:31:0e:17:51:
55:db:34:67:7e:27:6f:1b:b0:03:e5:3b:4e:d1:15:b5:d1:d0:
b4:38:b0:ed:02:0c:e5:96:20:ff:82:52:c8:15:5f:57:c4:fd:
d3:a4:9f:2f:2b:14:e6:15:b2:f0:4e:31:93:03:b4:6f:e8:c1:
6f:14:a7:8f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYwhGzm4nTmt3oeMUrJhfvq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMTMwMTY0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQyYmZkOGM1NWVhOWYzNTBhNThlZDZiNGJmYThmZDc1YmIwMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweg6CgRL4v26qg2+qfirTbjs+7qG
ydKh24U5QXZItPKP0jkfRC2OOwxscyo3jisr09SXwh9nOyGS0BFA6I2KsPboFOqI
r16BWJAz+2b+t7OmX42SGdbXjBuHiQzKWEu5k2esp3G1IxReIzdUKJ0tZXn4UGo8
1Aju3RMi8pEtM/rZ9WUtw6NY82OelhIzjBay1ARS9jkNe6F2C2zouArJwhTh3DQa
B2Llmoj1nkpQCC43q/qM469ILaA7mEOfRdS3bU90lCvbQLvOihsad+S1pctHljgE
sx6uHcxM4bytyHAeS4DDzlXteVpgEtAwtDTa++3I1qvY9z1Gbp76PisglwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFL9Cv9jFXqnzUKWO1rS/qP11uwJfMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvdjBLXzJNVmVxZk5RcFk3V3RMLW9fWFc3QWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAAW1
NgMEACWM8AMEAC4SagMEAD7MIQMEAFOKMQMEAFn4QAMEAFv3ugMEAF+C5AMEAJIT
KQMEAJITugMEALB+fgMEALmR6AMEALnJ/QMEALz0dgMEAMFotwMEAMGjfAMEAMHk
5AMEAMIgaQMEAMKcTgMEANQ0CAMEANVtnjANBgkqhkiG9w0BAQsFAAOCAQEAMa4b
qlTjv9BncoebBosKcRrhCFJXELyByAVzY4z6F94jyRYqw5qX7Tt0gU6XJDWz++pI
vLsQU12NQOv9x/GdQswWzdAea2WVh1caTml0DXZlBYhyzieskVlToGkZbhkeNkrS
6ckHkaWpVrtZU2xP6HH/Ieq8uugPbG++et1PuUmc2o8/KInEipfGX9NyOyJils+7
bqNcuuZ2nKJhPjs+FNsO/i6s6/K3lDQNGuFcyTk4aIP+1fus6BULxi0eZLgK0qEx
DhdRVds0Z34nbxuwA+U7TtEVtdHQtDiw7QIM5ZYg/4JSyBVfV8T906SfLysU5hWy
8E4xkwO0b+jBbxSnjw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:19 2024 by rpki-client on console-ams.rpki-client.org