Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/2nmTj3Neoq8fseU2XIwQRSBW1bY.roa
File: 2nmTj3Neoq8fseU2XIwQRSBW1bY.roa (raw, json)
Hash identifier: 8iQK5Oq7r8RiuR43YzNFNtSbGefrhQ/Tq7RakT08Pro=
Subject key identifier: DA:79:93:8F:73:5E:A2:AF:1F:B1:E5:36:5C:8C:10:45:20:56:D5:B6
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018705E06F6A364081DFACA0592FFC6C61DE
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/2nmTj3Neoq8fseU2XIwQRSBW1bY.roa
Signing time: Tue 21 Mar 2023 20:33:27 +0000
ROA not before: Tue 21 Mar 2023 20:33:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 5.104.75.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:05:e0:6f:6a:36:40:81:df:ac:a0:59:2f:fc:6c:61:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 21 20:33:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da79938f735ea2af1fb1e5365c8c10452056d5b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:99:e4:cf:62:44:6b:7c:09:9a:3a:6c:ae:91:
1a:97:cd:11:90:4c:06:b2:48:cf:f2:80:de:1b:71:
b7:e7:6a:ca:fe:60:dc:d0:a7:82:24:8a:2c:98:f3:
92:c6:9e:c5:06:e4:03:a4:4f:d7:b5:26:3b:2a:72:
02:e0:2f:15:44:89:20:ca:73:49:e2:7d:2d:08:3f:
e6:78:c3:17:d6:05:04:ef:a9:87:a2:c2:bd:c8:0b:
bb:fc:01:d3:40:7c:53:9e:5b:1e:1e:5f:2f:fd:ad:
59:77:35:49:95:37:90:b8:eb:e1:c8:cc:57:21:16:
71:ed:9c:66:80:af:d1:9c:f8:c4:9b:c9:70:c6:fc:
4d:c1:f5:45:8d:3a:23:96:20:77:e9:5d:57:4f:be:
e2:22:2e:e2:f5:1e:a8:b9:ba:bf:7b:8f:f4:1d:69:
da:ae:6f:eb:1b:aa:3d:b2:0e:a4:62:f9:5d:cf:f3:
d5:26:f8:73:62:48:32:8d:c7:c2:26:a1:29:bc:90:
58:48:84:28:38:d6:4f:15:55:5a:b8:fe:d5:7b:b3:
86:78:c2:fb:d5:b1:77:3f:b1:c6:45:14:e5:45:1b:
c5:d3:1f:37:8e:71:7e:e0:73:7b:f4:11:94:d7:a0:
c6:12:11:90:00:e3:60:1b:41:4c:b1:81:c4:1d:02:
6b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:79:93:8F:73:5E:A2:AF:1F:B1:E5:36:5C:8C:10:45:20:56:D5:B6
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/2nmTj3Neoq8fseU2XIwQRSBW1bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.75.0/24
91.245.239.0/24
95.214.92.0/23
95.214.95.0/24
Signature Algorithm: sha256WithRSAEncryption
18:d2:57:6b:74:0a:2f:7c:d4:4c:bf:12:d5:e6:e2:c0:83:92:
68:44:c1:1e:d2:30:c1:17:f2:9d:26:22:8a:89:d1:8c:2d:d1:
c5:0e:a3:10:e0:95:f4:44:46:b2:5e:95:2b:8a:b1:d8:70:bb:
1d:64:76:98:e2:48:3e:4d:f0:47:05:09:51:fb:e1:4e:f9:27:
c1:9d:67:a8:3f:06:08:16:0f:6f:f9:f4:49:bf:23:bd:a1:94:
3d:d5:e4:c2:d4:d1:db:fc:eb:ab:63:1f:cf:05:ff:ce:cc:90:
ef:cd:8d:c1:c6:97:ad:46:22:be:c1:12:84:0f:0b:da:a6:32:
7f:40:c8:c1:89:92:d0:a4:66:a9:6a:af:bb:b8:ad:6b:e4:a6:
2b:a0:ef:3b:e1:ed:fc:f1:6d:e7:2d:59:6c:c7:a2:15:19:62:
0d:d5:00:8a:b2:95:9c:60:19:c8:03:4c:b7:31:40:fe:9f:06:
bb:72:d1:52:2c:97:a3:1c:de:58:20:e6:e2:d3:8f:3d:f8:a9:
1f:06:b9:7a:5a:37:d9:f0:b8:db:d5:d3:47:7f:c9:6b:7b:8a:
b9:28:6d:01:ba:c5:fa:f3:ed:ca:cf:5e:45:8a:a4:92:23:80:
95:59:dd:13:70:af:dc:ed:a1:91:91:c8:64:07:8f:ce:8e:32:
c4:79:e6:41
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYcF4G9qNkCB36ygWS/8bGHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIxMjAzMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTc5OTM4ZjczNWVhMmFmMWZiMWU1MzY1YzhjMTA0NTIwNTZkNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Jnkz2JEa3wJmjpsrpEal80RkEwG
skjP8oDeG3G352rK/mDc0KeCJIosmPOSxp7FBuQDpE/XtSY7KnIC4C8VRIkgynNJ
4n0tCD/meMMX1gUE76mHosK9yAu7/AHTQHxTnlseHl8v/a1ZdzVJlTeQuOvhyMxX
IRZx7ZxmgK/RnPjEm8lwxvxNwfVFjTojliB36V1XT77iIi7i9R6oubq/e4/0HWna
rm/rG6o9sg6kYvldz/PVJvhzYkgyjcfCJqEpvJBYSIQoONZPFVVauP7Ve7OGeML7
1bF3P7HGRRTlRRvF0x83jnF+4HN79BGU16DGEhGQAONgG0FMsYHEHQJrTQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNp5k49zXqKvH7HlNlyMEEUgVtW2MB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvMm5tVGozTmVvcThmc2VVMlhJd1FSU0JXMWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABWhIAwQA
BWhLAwQAW/XvAwQBX9ZcAwQAX9ZfMA0GCSqGSIb3DQEBCwUAA4IBAQAY0ldrdAov
fNRMvxLV5uLAg5JoRMEe0jDBF/KdJiKKidGMLdHFDqMQ4JX0REayXpUrirHYcLsd
ZHaY4kg+TfBHBQlR++FO+SfBnWeoPwYIFg9v+fRJvyO9oZQ91eTC1NHb/OurYx/P
Bf/OzJDvzY3BxpetRiK+wRKEDwvapjJ/QMjBiZLQpGapaq+7uK1r5KYroO874e38
8W3nLVlsx6IVGWIN1QCKspWcYBnIA0y3MUD+nwa7ctFSLJejHN5YIObi0489+Kkf
Brl6WjfZ8Ljb1dNHf8lre4q5KG0BusX68+3Kz15FiqSSI4CVWd0TcK/c7aGRkchk
B4/OjjLEeeZB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:40 2023 by rpki-client on console-fra.rpki-client.org