Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/2GFlxDWRE54xuVyqessOdKd041U.roa
File: 2GFlxDWRE54xuVyqessOdKd041U.roa (raw, json)
Hash identifier: bYc/3Oun9BUNecAcHM27pxi6ukBGFReBe7jBOQQMT+E=
Subject key identifier: D8:61:65:C4:35:91:13:9E:31:B9:5C:AA:7A:CB:0E:74:A7:74:E3:55
Certificate issuer: /CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Certificate serial: 01856D8AFEC2D6F1F0C7789271EAB75B2AA3
Authority key identifier: 7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/2GFlxDWRE54xuVyqessOdKd041U.roa
Signing time: Sun 01 Jan 2023 13:35:03 +0000
ROA not before: Sun 01 Jan 2023 13:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43541
IP address blocks: 46.243.48.0/21 maxlen: 21
185.14.252.0/22 maxlen: 22
217.16.176.0/20 maxlen: 20
178.251.184.0/21 maxlen: 21
185.64.216.0/22 maxlen: 22
185.59.208.0/22 maxlen: 22
78.24.8.0/21 maxlen: 21
185.115.2.0/24 maxlen: 24
185.115.1.0/24 maxlen: 24
93.185.96.0/20 maxlen: 20
2a02:5420:627::/48 maxlen: 48
2a00:1ed0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 25 Jun 2023 18:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:fe:c2:d6:f1:f0:c7:78:92:71:ea:b7:5b:2a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Validity
Not Before: Jan 1 13:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d86165c43591139e31b95caa7acb0e74a774e355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d2:d0:01:9a:ca:56:49:5b:9f:12:d5:67:35:
4f:f1:a0:5a:9e:62:1f:74:7d:8d:fd:94:0a:3f:aa:
7c:76:9c:33:0e:1e:6c:53:d5:d0:b8:5b:05:d1:6b:
d2:fc:97:50:a1:d3:df:2f:b0:59:e9:17:c0:b4:45:
e8:c8:41:62:95:24:ac:ba:f8:98:25:88:a2:6e:24:
34:07:9b:8a:6a:60:0a:17:3d:37:ea:01:14:1a:7d:
7f:20:01:4e:2e:f3:02:c2:78:b9:49:c0:a3:34:ef:
f5:16:8b:b1:51:05:a8:3a:1d:b3:5d:8c:0c:20:e7:
e3:fe:bc:21:7b:57:94:c6:51:cf:78:37:03:f4:d8:
f9:3d:69:c8:a5:bb:1a:58:4f:6c:c6:33:e1:93:db:
0d:28:98:f7:0c:9c:a9:91:03:c3:e1:1f:d5:b7:f8:
63:25:a5:db:3d:7d:dc:5f:4d:18:c8:d4:7a:69:0f:
46:a9:f2:67:59:6e:59:99:b8:f3:63:2d:93:9c:4a:
15:e3:b4:c2:fb:85:2d:f2:4b:10:26:e0:81:39:04:
d4:cc:2f:a8:6b:8c:e3:26:f3:65:5d:2f:72:7d:93:
47:37:49:0c:dc:64:15:8e:80:d7:d5:47:51:89:6a:
0c:4e:3c:ea:40:77:b2:09:60:4c:a0:07:90:bb:fa:
af:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:61:65:C4:35:91:13:9E:31:B9:5C:AA:7A:CB:0E:74:A7:74:E3:55
X509v3 Authority Key Identifier:
keyid:7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/2GFlxDWRE54xuVyqessOdKd041U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.48.0/21
78.24.8.0/21
93.185.96.0/20
178.251.184.0/21
185.14.252.0/22
185.59.208.0/22
185.64.216.0/22
185.115.1.0-185.115.2.255
217.16.176.0/20
IPv6:
2a00:1ed0::/32
2a02:5420:627::/48
Signature Algorithm: sha256WithRSAEncryption
36:dd:64:7b:7a:45:61:cb:c4:4a:43:f6:6d:c9:5f:69:e6:ae:
e7:22:12:16:5d:cb:0a:da:ba:d8:87:07:cc:9c:59:43:0e:b0:
e1:9b:a8:cc:74:8b:73:71:4f:28:65:88:f1:17:41:a9:3e:fd:
c3:fd:0b:38:77:5c:ae:ca:39:ec:9f:fc:78:13:a7:94:02:80:
4f:a0:ed:d0:b7:44:24:ed:cd:62:83:39:01:72:a4:f4:a8:32:
60:9e:ae:fa:ca:27:79:53:dd:b9:ee:a0:59:54:84:5b:98:30:
20:cb:7c:7f:dc:a2:ed:42:14:bd:21:4d:83:a6:70:a9:ef:91:
7a:3d:b3:b9:95:9f:4d:f8:be:2c:33:e2:2b:8e:5f:40:73:1f:
fb:ac:fb:14:dc:e4:da:7d:b0:62:1b:23:8f:55:a3:e9:e6:1d:
ed:43:54:4a:d6:28:81:86:fc:3e:9e:08:27:72:60:c2:ce:c3:
0e:6e:b1:73:af:21:86:2c:9f:57:ed:8f:d1:8a:d0:16:02:89:
a2:81:43:75:b5:0a:66:98:92:5f:c2:dc:86:bc:26:53:c3:50:
dc:75:c0:f6:2d:2d:32:b5:bc:0f:1e:c2:02:28:4f:59:ff:15:
b6:f5:07:78:64:b1:d8:9c:55:0f:ea:3b:36:34:0c:c8:56:58:
00:78:34:91
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYVtiv7C1vHwx3iSceq3WyqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNjVkYWIyMzk0MGNiMzk0ZjlhYWE2NjRmZWE0ZDZmOGY0
MmUzMTgwHhcNMjMwMTAxMTMzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYxNjVjNDM1OTExMzllMzFiOTVjYWE3YWNiMGU3NGE3NzRlMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtLQAZrKVklbnxLVZzVP8aBanmIf
dH2N/ZQKP6p8dpwzDh5sU9XQuFsF0WvS/JdQodPfL7BZ6RfAtEXoyEFilSSsuviY
JYiibiQ0B5uKamAKFz036gEUGn1/IAFOLvMCwni5ScCjNO/1FouxUQWoOh2zXYwM
IOfj/rwhe1eUxlHPeDcD9Nj5PWnIpbsaWE9sxjPhk9sNKJj3DJypkQPD4R/Vt/hj
JaXbPX3cX00YyNR6aQ9GqfJnWW5ZmbjzYy2TnEoV47TC+4Ut8ksQJuCBOQTUzC+o
a4zjJvNlXS9yfZNHN0kM3GQVjoDX1UdRiWoMTjzqQHeyCWBMoAeQu/qvywIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFNhhZcQ1kROeMblcqnrLDnSndONVMB8GA1UdIwQY
MBaAFH5l2rI5QMs5T5qqZk/qTW+PQuMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYt
ODQ5Y2ZjYWJiNjU3LzEvMkdGbHhEV1JFNTR4dVZ5cWVzc09kS2QwNDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYtODQ5Y2ZjYWJiNjU3
LzEvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBEBAIAATA+AwQDLvMwAwQD
ThgIAwQEXblgAwQDsvu4AwQCuQ78AwQCuTvQAwQCuUDYMAwDBAC5cwEDBAC5cwID
BATZELAwFgQCAAIwEAMFACoAHtADBwAqAlQgBicwDQYJKoZIhvcNAQELBQADggEB
ADbdZHt6RWHLxEpD9m3JX2nmruciEhZdywrautiHB8ycWUMOsOGbqMx0i3NxTyhl
iPEXQak+/cP9Czh3XK7KOeyf/HgTp5QCgE+g7dC3RCTtzWKDOQFypPSoMmCervrK
J3lT3bnuoFlUhFuYMCDLfH/cou1CFL0hTYOmcKnvkXo9s7mVn034viwz4iuOX0Bz
H/us+xTc5Np9sGIbI49Vo+nmHe1DVErWKIGG/D6eCCdyYMLOww5usXOvIYYsn1ft
j9GK0BYCiaKBQ3W1CmaYkl/C3Ia8JlPDUNx1wPYtLTK1vA8ewgIoT1n/Fbb1B3hk
sdicVQ/qOzY0DMhWWAB4NJE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org