Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/2iDel6WUgMqjCNlGtkfroKVsBwc.roa
File: 2iDel6WUgMqjCNlGtkfroKVsBwc.roa (raw, json)
Hash identifier: q/Sbm3dKCfoJUxfdrpa++4Ac5MaIQJyWIWz2BFfNSV4=
Subject key identifier: DA:20:DE:97:A5:94:80:CA:A3:08:D9:46:B6:47:EB:A0:A5:6C:07:07
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018CC8DF96EB244D82CE10D65200A2FA9EB4
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/2iDel6WUgMqjCNlGtkfroKVsBwc.roa
Signing time: Tue 02 Jan 2024 06:32:25 +0000
ROA not before: Tue 02 Jan 2024 06:32:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212228
IP address blocks: 185.158.250.0/24 maxlen: 24
91.242.217.0/24 maxlen: 24
91.240.202.0/24 maxlen: 24
37.10.71.0/24 maxlen: 24
2a0b:7140:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 08:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:96:eb:24:4d:82:ce:10:d6:52:00:a2:fa:9e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 06:32:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da20de97a59480caa308d946b647eba0a56c0707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e2:81:4d:d9:a4:1a:64:9f:cf:7a:14:c6:9d:
e8:2b:25:cd:ef:29:4e:55:4c:1c:c3:39:8e:1b:df:
5e:63:ae:c4:b2:7e:b3:57:b8:9a:04:14:f2:a1:09:
de:4f:c1:70:95:2f:df:11:dd:de:a8:32:0c:c7:45:
c6:5c:fa:9d:01:ac:82:05:76:f0:1b:84:e9:cd:44:
3d:5d:87:cd:23:94:7f:66:d9:5c:83:af:e7:ef:e3:
af:6b:12:2e:cc:ec:2f:d7:fe:68:64:7c:97:3f:e9:
34:e1:90:c3:2b:1c:1c:63:ea:c4:ce:12:d4:5e:a9:
a7:dc:8d:ed:0a:99:eb:90:f7:e3:0b:53:7c:78:9a:
65:b8:55:5e:e1:26:0a:aa:c5:71:9a:53:3f:b4:33:
d1:58:2b:96:2e:56:6e:3f:db:cc:6b:cd:fd:44:06:
20:7b:83:f3:ae:1a:cc:c6:5e:bd:5a:c2:6d:1b:a2:
76:55:2b:d5:c0:b1:b5:e5:14:41:9e:46:86:73:1c:
15:00:32:2f:9a:be:6c:be:9a:32:c8:fa:f1:c1:9b:
12:69:47:b8:65:56:4f:f9:d8:d7:b1:d7:a9:ad:f2:
09:7a:ab:54:2d:94:0d:ac:04:a2:56:f0:fe:bb:98:
da:2a:1c:f4:d6:1b:8d:55:3d:58:7b:12:e6:a3:91:
38:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:20:DE:97:A5:94:80:CA:A3:08:D9:46:B6:47:EB:A0:A5:6C:07:07
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/2iDel6WUgMqjCNlGtkfroKVsBwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.10.71.0/24
91.240.202.0/24
91.242.217.0/24
185.158.250.0/24
IPv6:
2a0b:7140:2::/48
Signature Algorithm: sha256WithRSAEncryption
74:1f:5d:93:82:79:bc:af:fd:37:d6:b9:be:6d:84:96:9b:f8:
18:65:59:cb:ea:17:b6:6a:7d:df:90:3d:3f:44:47:a9:61:32:
a8:89:6c:4c:1d:f4:5a:51:f8:4f:32:b1:91:53:86:54:07:b5:
ed:e2:c1:30:11:e3:65:2a:5e:a6:9d:95:4c:5c:ac:19:f0:aa:
0f:ea:d1:52:d0:ba:4f:f8:94:ab:02:f5:89:a8:d9:12:50:59:
a6:1c:64:6d:70:9f:ac:ce:2a:96:e2:98:75:ce:38:59:32:60:
af:ab:c3:54:b0:5f:fb:e2:e2:6c:4f:08:bb:79:1c:b4:dc:b4:
81:24:50:0e:55:89:00:5b:9c:d9:d4:db:c4:66:63:11:83:fb:
f3:63:9f:67:49:9a:8b:c6:c9:c6:6c:3e:cf:b2:28:9a:1f:9e:
da:bc:2b:89:8f:98:2e:f0:17:97:53:f3:7c:e6:b5:00:96:40:
4a:b2:d3:a8:f2:b1:c4:56:53:76:cd:b7:9e:60:39:06:40:45:
c7:8e:ff:f4:c1:9d:59:2b:7b:95:74:a2:1b:0e:de:d3:85:30:
93:46:70:4d:13:a8:17:96:32:e8:0d:c2:b1:50:8c:88:de:e7:
6b:fe:09:7a:a3:2b:bb:f6:2e:c8:6e:ef:55:ad:2c:ea:4b:fd:
30:69:f4:cd
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzI35brJE2CzhDWUgCi+p60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjQwMTAyMDYzMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTIwZGU5N2E1OTQ4MGNhYTMwOGQ5NDZiNjQ3ZWJhMGE1NmMwNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+KBTdmkGmSfz3oUxp3oKyXN7ylO
VUwcwzmOG99eY67Esn6zV7iaBBTyoQneT8FwlS/fEd3eqDIMx0XGXPqdAayCBXbw
G4TpzUQ9XYfNI5R/Ztlcg6/n7+OvaxIuzOwv1/5oZHyXP+k04ZDDKxwcY+rEzhLU
Xqmn3I3tCpnrkPfjC1N8eJpluFVe4SYKqsVxmlM/tDPRWCuWLlZuP9vMa839RAYg
e4PzrhrMxl69WsJtG6J2VSvVwLG15RRBnkaGcxwVADIvmr5svpoyyPrxwZsSaUe4
ZVZP+djXsdeprfIJeqtULZQNrASiVvD+u5jaKhz01huNVT1YexLmo5E4BwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNog3pellIDKowjZRrZH66ClbAcHMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvMmlEZWw2V1VnTXFqQ05sR3RrZnJvS1ZzQndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAJQpHAwQA
W/DKAwQAW/LZAwQAuZ76MA8EAgACMAkDBwAqC3FAAAIwDQYJKoZIhvcNAQELBQAD
ggEBAHQfXZOCebyv/TfWub5thJab+BhlWcvqF7Zqfd+QPT9ER6lhMqiJbEwd9FpR
+E8ysZFThlQHte3iwTAR42UqXqadlUxcrBnwqg/q0VLQuk/4lKsC9Ymo2RJQWaYc
ZG1wn6zOKpbimHXOOFkyYK+rw1SwX/vi4mxPCLt5HLTctIEkUA5ViQBbnNnU28Rm
YxGD+/Njn2dJmovGycZsPs+yKJofntq8K4mPmC7wF5dT83zmtQCWQEqy06jyscRW
U3bNt55gOQZARceO//TBnVkre5V0ohsO3tOFMJNGcE0TqBeWMugNwrFQjIje52v+
CXqjK7v2Lshu71WtLOpL/TBp9M0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org