Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/a2gV-eLzjyozXFoe19qYQ6IHWr0.roa
File: a2gV-eLzjyozXFoe19qYQ6IHWr0.roa (raw, json)
Hash identifier: Fzqdx0EYl1hPaxs9N7zlCHS1VPkTjiz7RObZPjATtaQ=
Subject key identifier: 6B:68:15:F9:E2:F3:8F:2A:33:5C:5A:1E:D7:DA:98:43:A2:07:5A:BD
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 01856FD53BB6629A7B0F1FC4E8A93D99E20E
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/a2gV-eLzjyozXFoe19qYQ6IHWr0.roa
Signing time: Mon 02 Jan 2023 00:15:23 +0000
ROA not before: Mon 02 Jan 2023 00:15:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58329
IP address blocks: 185.158.249.0/24 maxlen: 24
194.76.225.0/24 maxlen: 24
31.214.157.0/24 maxlen: 24
193.242.210.0/23 maxlen: 23
79.132.129.0/24 maxlen: 24
79.132.128.0/24 maxlen: 24
2001:67c:2ae8::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Jan 2023 23:37:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:3b:b6:62:9a:7b:0f:1f:c4:e8:a9:3d:99:e2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 00:15:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b6815f9e2f38f2a335c5a1ed7da9843a2075abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a9:8e:e3:e9:ea:f2:4b:85:bc:97:2f:a6:f1:
88:e0:1c:13:77:24:1b:14:bf:7b:38:bf:d9:82:c3:
ca:b2:a0:87:18:e9:ce:6f:20:0f:ec:85:87:7d:9b:
af:77:8b:0d:b9:13:86:a9:64:37:79:e0:c2:cf:4b:
97:de:e3:9c:79:9f:b7:db:ba:21:fb:e6:cb:65:b4:
40:6d:b3:1e:b2:6b:c6:af:49:7f:19:47:40:93:4b:
9e:ae:b4:ea:66:36:b8:0e:5c:7b:64:69:f1:ef:93:
87:5e:38:1b:54:b0:10:82:b2:b3:13:32:44:ac:f1:
a9:55:2d:cc:a5:21:86:31:d9:8a:1d:77:a5:2b:73:
a4:89:88:09:d4:23:62:8f:79:91:69:e5:12:ef:d1:
13:40:96:eb:31:2e:c7:72:cf:f8:2d:28:cf:be:3c:
8c:ca:64:68:c3:30:e5:f9:63:cc:2a:1f:38:3e:80:
a8:d2:bf:df:51:fc:b2:77:09:c1:15:9e:be:40:94:
1c:c1:93:04:86:c8:71:a4:7d:38:c0:01:4a:ce:de:
29:b3:f4:b7:72:2a:ba:c7:74:80:8c:72:68:d7:a9:
80:b3:5f:40:1f:ce:c3:06:8d:e1:82:6b:ae:ee:83:
fe:45:80:ba:ed:ba:ff:29:34:b3:93:81:7a:6d:35:
d2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:68:15:F9:E2:F3:8F:2A:33:5C:5A:1E:D7:DA:98:43:A2:07:5A:BD
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/a2gV-eLzjyozXFoe19qYQ6IHWr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.157.0/24
79.132.128.0/23
185.158.249.0/24
193.242.210.0/23
194.76.225.0/24
IPv6:
2001:67c:2ae8::/48
Signature Algorithm: sha256WithRSAEncryption
66:e1:4a:08:3c:30:26:6b:c1:52:65:51:3f:8c:43:1d:9e:4b:
60:dd:7c:b6:7e:9f:c9:b5:27:5f:e3:db:2c:73:b0:b4:52:7d:
ac:d4:a9:bd:25:af:51:4d:b6:05:b7:9d:b4:9d:ae:7e:08:0d:
a5:48:75:e8:12:e6:0f:a7:a0:e9:a3:a5:c4:40:0b:5a:7f:f9:
c9:54:00:86:10:57:4a:05:ae:0e:99:3a:9f:09:b1:70:12:54:
c6:dd:54:51:6b:3e:c9:f3:e9:e3:8e:d3:7f:85:48:4d:b0:0a:
5c:a4:0b:bc:9a:93:22:f8:70:a4:d9:5b:f5:60:6e:54:18:5c:
09:d3:3b:06:a0:4f:81:0b:37:73:50:e1:91:9a:76:52:ee:50:
2e:34:74:17:82:11:30:12:9b:dc:cb:da:8a:51:22:d3:02:a1:
a3:de:53:25:63:ba:42:92:fa:c4:79:cd:00:29:1b:f5:47:92:
65:15:77:07:6d:fe:92:b3:b6:51:80:e0:ac:d2:60:1e:01:41:
3d:0b:05:9a:28:c7:07:c0:46:cb:de:38:c4:30:8a:d8:c9:96:
dd:fe:4c:f4:10:d3:b3:2a:22:06:fd:10:03:82:48:c5:47:a6:
09:e8:78:6d:44:b5:4c:df:ba:9d:e8:62:95:6a:93:3f:38:a7:
ef:3c:34:ae
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVv1Tu2Ypp7Dx/E6Kk9meIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwMTAyMDAxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjY4MTVmOWUyZjM4ZjJhMzM1YzVhMWVkN2RhOTg0M2EyMDc1YWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqmO4+nq8kuFvJcvpvGI4BwTdyQb
FL97OL/ZgsPKsqCHGOnObyAP7IWHfZuvd4sNuROGqWQ3eeDCz0uX3uOceZ+327oh
++bLZbRAbbMesmvGr0l/GUdAk0uerrTqZja4Dlx7ZGnx75OHXjgbVLAQgrKzEzJE
rPGpVS3MpSGGMdmKHXelK3OkiYgJ1CNij3mRaeUS79ETQJbrMS7Hcs/4LSjPvjyM
ymRowzDl+WPMKh84PoCo0r/fUfyydwnBFZ6+QJQcwZMEhshxpH04wAFKzt4ps/S3
ciq6x3SAjHJo16mAs19AH87DBo3hgmuu7oP+RYC67br/KTSzk4F6bTXSXwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGtoFfni848qM1xaHtfamEOiB1q9MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvYTJnVi1lTHpqeW96WEZvZTE5cVlRNklIV3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAH9adAwQB
T4SAAwQAuZ75AwQBwfLSAwQAwkzhMA8EAgACMAkDBwAgAQZ8KugwDQYJKoZIhvcN
AQELBQADggEBAGbhSgg8MCZrwVJlUT+MQx2eS2DdfLZ+n8m1J1/j2yxzsLRSfazU
qb0lr1FNtgW3nbSdrn4IDaVIdegS5g+noOmjpcRAC1p/+clUAIYQV0oFrg6ZOp8J
sXASVMbdVFFrPsnz6eOO03+FSE2wClykC7yakyL4cKTZW/VgblQYXAnTOwagT4EL
N3NQ4ZGadlLuUC40dBeCETASm9zL2opRItMCoaPeUyVjukKS+sR5zQApG/VHkmUV
dwdt/pKztlGA4KzSYB4BQT0LBZooxwfARsveOMQwitjJlt3+TPQQ07MqIgb9EAOC
SMVHpgnoeG1EtUzfup3oYpVqkz84p+88NK4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org