Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/2b2OGLMvKaJwfsajZxBZmBir70Q.roa
File: 2b2OGLMvKaJwfsajZxBZmBir70Q.roa (raw, json)
Hash identifier: hqbLPvSbYl37ZxCnVASjmZzBx/sO5B6Rb8PkuUJSQ8A=
Subject key identifier: D9:BD:8E:18:B3:2F:29:A2:70:7E:C6:A3:67:10:59:98:18:AB:EF:44
Certificate issuer: /CN=ef401a52e3fde699486e99678dbf48875329c33d
Certificate serial: 018CC5DD1BA31418947F6D2FAA2FBBC5C0DF
Authority key identifier: EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/2b2OGLMvKaJwfsajZxBZmBir70Q.roa
Signing time: Mon 01 Jan 2024 16:30:51 +0000
ROA not before: Mon 01 Jan 2024 16:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50923
IP address blocks: 37.60.16.0/22 maxlen: 22
37.60.16.0/23 maxlen: 23
37.60.16.0/21 maxlen: 21
37.60.22.0/23 maxlen: 23
37.60.20.0/22 maxlen: 22
37.60.20.0/23 maxlen: 23
37.60.18.0/23 maxlen: 23
5.53.16.0/21 maxlen: 21
5.53.16.0/20 maxlen: 20
5.53.16.0/22 maxlen: 22
5.53.20.0/22 maxlen: 22
5.53.24.0/21 maxlen: 21
5.53.24.0/22 maxlen: 22
5.53.28.0/22 maxlen: 22
185.3.68.0/23 maxlen: 23
185.3.68.0/22 maxlen: 22
185.3.68.0/24 maxlen: 24
185.3.71.0/24 maxlen: 24
185.3.69.0/24 maxlen: 24
185.3.70.0/24 maxlen: 24
185.3.70.0/23 maxlen: 23
37.143.96.0/21 maxlen: 21
37.143.96.0/20 maxlen: 20
37.143.96.0/22 maxlen: 22
37.143.104.0/22 maxlen: 22
37.143.104.0/21 maxlen: 21
37.143.100.0/22 maxlen: 22
37.143.108.0/22 maxlen: 22
178.208.224.0/19 maxlen: 19
178.208.224.0/20 maxlen: 20
178.208.224.0/21 maxlen: 21
178.208.232.0/21 maxlen: 21
178.208.240.0/21 maxlen: 21
178.208.240.0/20 maxlen: 20
178.208.248.0/21 maxlen: 21
2a00:ae40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 Jan 2024 05:29:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:1b:a3:14:18:94:7f:6d:2f:aa:2f:bb:c5:c0:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef401a52e3fde699486e99678dbf48875329c33d
Validity
Not Before: Jan 1 16:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9bd8e18b32f29a2707ec6a36710599818abef44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:93:65:96:c8:5f:d3:1c:95:3f:56:40:b3:a0:
53:be:ae:bd:b1:08:fc:8c:d5:6a:20:8c:07:bb:4a:
d2:9c:38:92:24:f3:7f:2c:9d:7b:81:39:94:82:33:
fa:2a:fb:c7:4c:a7:50:3e:0d:af:3d:39:ec:8b:a2:
a6:a0:98:5c:61:ff:6c:55:4f:cf:96:7f:f2:1f:a5:
90:62:58:33:d3:a9:e1:47:79:a4:da:44:d4:f6:72:
5d:fb:ee:b0:f8:45:b7:3b:71:d9:67:02:49:03:71:
a4:fe:4c:ec:26:a3:3f:a2:33:86:94:dc:c6:29:91:
2f:42:c3:ab:97:c3:98:3d:d1:fe:33:b0:0b:ec:65:
97:bc:14:62:26:61:61:95:6b:34:13:ee:76:df:07:
7f:b4:de:ac:87:2a:2b:86:2c:9e:26:e0:a6:fe:91:
df:51:5e:dd:0c:77:b0:37:d9:d6:ba:c8:cd:a3:b8:
40:7c:cb:fd:76:5a:53:fe:68:66:c9:ae:6a:eb:04:
7f:5f:39:e1:9d:2d:03:0a:f7:86:28:81:8d:ea:4e:
6a:7e:4f:22:17:bc:c7:4a:e7:6d:1c:58:82:e7:34:
a1:b8:5d:fc:8a:fa:4c:16:e2:e8:01:5f:9f:41:f3:
78:78:3e:a5:94:9f:82:88:bf:48:91:48:a5:a4:98:
27:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BD:8E:18:B3:2F:29:A2:70:7E:C6:A3:67:10:59:98:18:AB:EF:44
X509v3 Authority Key Identifier:
keyid:EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/2b2OGLMvKaJwfsajZxBZmBir70Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.16.0/20
37.60.16.0/21
37.143.96.0/20
178.208.224.0/19
185.3.68.0/22
IPv6:
2a00:ae40::/32
Signature Algorithm: sha256WithRSAEncryption
09:d7:d9:9d:63:4e:51:d0:b6:a0:69:84:54:a4:3a:62:3b:80:
15:2b:d6:90:7b:bf:99:f7:d5:98:ea:2a:a7:97:97:8f:d2:ab:
53:cd:a5:25:b9:0a:ed:88:74:14:2e:81:55:ab:26:fa:0b:d8:
33:b5:cf:5a:a7:46:20:be:5b:f4:e3:cf:23:0d:a6:a5:5f:ae:
ef:5e:f2:c6:88:eb:22:a0:6d:4d:55:a6:68:1d:20:ea:88:18:
17:e8:16:b0:78:7e:61:96:68:f0:0d:77:08:58:14:aa:b6:5f:
25:40:fe:58:09:b6:af:75:66:65:dc:b1:59:3c:d9:03:4e:b9:
d0:4c:43:33:e9:c2:fa:9b:e7:d4:31:8f:75:73:9d:5b:4f:50:
da:2c:f5:f0:8b:49:e1:c6:9e:cf:ed:ab:7e:b2:57:db:20:18:
b1:59:12:bd:20:65:f2:3a:05:7e:ac:7e:17:7e:75:36:56:ba:
d6:81:29:e7:6b:23:6f:c0:f1:25:5b:bc:18:63:f2:b2:26:0d:
97:eb:e2:51:ed:4d:63:75:65:ed:5e:c9:b0:b3:bd:b0:b8:12:
ee:2d:11:b2:07:b7:e7:a1:e9:48:3b:3a:ee:53:16:6d:3f:db:
27:82:aa:58:84:ac:de:01:a3:bb:68:ad:93:73:ba:56:af:84:
bc:ed:64:d6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzF3RujFBiUf20vqi+7xcDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDAxYTUyZTNmZGU2OTk0ODZlOTk2NzhkYmY0ODg3NTMy
OWMzM2QwHhcNMjQwMTAxMTYzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWJkOGUxOGIzMmYyOWEyNzA3ZWM2YTM2NzEwNTk5ODE4YWJlZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05Nllshf0xyVP1ZAs6BTvq69sQj8
jNVqIIwHu0rSnDiSJPN/LJ17gTmUgjP6KvvHTKdQPg2vPTnsi6KmoJhcYf9sVU/P
ln/yH6WQYlgz06nhR3mk2kTU9nJd++6w+EW3O3HZZwJJA3Gk/kzsJqM/ojOGlNzG
KZEvQsOrl8OYPdH+M7AL7GWXvBRiJmFhlWs0E+523wd/tN6shyorhiyeJuCm/pHf
UV7dDHewN9nWusjNo7hAfMv9dlpT/mhmya5q6wR/XznhnS0DCveGKIGN6k5qfk8i
F7zHSudtHFiC5zShuF38ivpMFuLoAV+fQfN4eD6llJ+CiL9IkUilpJgnUwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNm9jhizLymicH7Go2cQWZgYq+9EMB8GA1UdIwQY
MBaAFO9AGlLj/eaZSG6ZZ42/SIdTKcM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQt
OWNhOTQ3YWE2NjVhLzEvMmIyT0dMTXZLYUp3ZnNhalp4QlptQmlyNzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQtOWNhOTQ3YWE2NjVh
LzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEBTUQAwQD
JTwQAwQEJY9gAwQFstDgAwQCuQNEMA0EAgACMAcDBQAqAK5AMA0GCSqGSIb3DQEB
CwUAA4IBAQAJ19mdY05R0LagaYRUpDpiO4AVK9aQe7+Z99WY6iqnl5eP0qtTzaUl
uQrtiHQULoFVqyb6C9gztc9ap0Ygvlv0488jDaalX67vXvLGiOsioG1NVaZoHSDq
iBgX6BaweH5hlmjwDXcIWBSqtl8lQP5YCbavdWZl3LFZPNkDTrnQTEMz6cL6m+fU
MY91c51bT1DaLPXwi0nhxp7P7at+slfbIBixWRK9IGXyOgV+rH4XfnU2VrrWgSnn
ayNvwPElW7wYY/KyJg2X6+JR7U1jdWXtXsmws72wuBLuLRGyB7fnoelIOzruUxZt
P9sngqpYhKzeAaO7aK2Tc7pWr4S87WTW
-----END CERTIFICATE-----
Generated at Tue Jan 23 06:49:12 2024 by rpki-client on console-fra.rpki-client.org