Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/2Uhk3nMD64XyyaumefEY6uochtc.roa
File: 2Uhk3nMD64XyyaumefEY6uochtc.roa (raw, json)
Hash identifier: LB2yy2uYjVcq9fxphriWjwgqvvn/bYMiDHjsq8RKVLE=
Subject key identifier: D9:48:64:DE:73:03:EB:85:F2:C9:AB:A6:79:F1:18:EA:EA:1C:86:D7
Certificate issuer: /CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Certificate serial: 018725C8ED53749D87EFE3D89E1D97BDD2A9
Authority key identifier: 95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/2Uhk3nMD64XyyaumefEY6uochtc.roa
Signing time: Tue 28 Mar 2023 01:15:37 +0000
ROA not before: Tue 28 Mar 2023 01:15:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212889
IP address blocks: 185.164.24.0/24 maxlen: 24
185.164.29.0/24 maxlen: 24
185.164.30.0/24 maxlen: 24
185.164.27.0/24 maxlen: 24
185.164.28.0/24 maxlen: 24
185.164.25.0/24 maxlen: 24
185.164.26.0/24 maxlen: 24
185.164.31.0/24 maxlen: 24
185.203.108.0/24 maxlen: 24
185.203.111.0/24 maxlen: 24
185.203.109.0/24 maxlen: 24
185.203.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:25:c8:ed:53:74:9d:87:ef:e3:d8:9e:1d:97:bd:d2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Validity
Not Before: Mar 28 01:15:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d94864de7303eb85f2c9aba679f118eaea1c86d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4c:ad:69:97:5c:9e:38:b2:7e:b4:3d:14:22:
36:57:c9:6c:9d:43:10:19:e0:2f:1a:b9:79:29:ba:
7b:81:b4:2f:8f:49:33:d5:58:ce:df:06:12:f0:42:
19:48:10:0c:d6:ae:03:4f:49:5d:73:8d:0a:96:10:
15:32:03:f5:27:f3:c4:8e:70:80:19:08:90:a7:c9:
7a:f2:67:6b:06:c9:b9:b0:b8:f8:89:54:18:f5:49:
63:94:db:74:79:4a:48:f0:d8:ce:b5:da:87:8c:c3:
30:7e:1f:68:a8:1d:99:81:75:0c:56:b6:6b:ae:c8:
21:f1:e0:d4:9f:8d:e1:c7:6c:fe:a0:30:94:e7:6a:
cf:06:38:16:d2:f2:41:75:92:ee:59:6d:4f:21:74:
1d:b9:71:ba:cb:93:1b:49:4c:73:ba:08:01:73:5b:
fd:31:86:6c:f2:7a:0a:5f:12:4f:52:84:2a:37:c0:
71:af:38:40:69:f8:28:c2:5b:c1:44:7e:5b:01:9a:
8f:d1:c8:47:96:bc:5d:98:a5:e5:c2:6d:9f:40:e1:
3f:d4:ef:23:ed:76:22:d2:f8:9c:9e:bf:31:1f:5f:
b2:61:09:9e:0e:3e:78:ec:00:ba:1e:7d:02:42:d4:
30:0e:8d:dd:2f:77:dd:1d:89:27:59:3d:59:19:27:
96:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:48:64:DE:73:03:EB:85:F2:C9:AB:A6:79:F1:18:EA:EA:1C:86:D7
X509v3 Authority Key Identifier:
keyid:95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/2Uhk3nMD64XyyaumefEY6uochtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.24.0/21
185.203.108.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:f1:bf:e1:9a:b0:6e:f8:b1:9f:24:a5:86:f2:a2:00:e2:0e:
36:12:cf:76:6c:f3:ac:2b:94:e3:95:f2:f8:6e:96:bf:c2:40:
be:5d:d2:15:d3:6c:c9:11:94:a6:75:36:29:00:ed:ae:32:23:
4d:ed:bf:77:ab:8c:33:d4:09:34:3a:a3:2b:ad:96:aa:98:e0:
03:2f:71:df:a8:4c:04:07:18:4f:73:91:75:4a:39:83:c2:d6:
56:1d:a0:9c:c8:d6:a2:ef:0c:cc:83:06:38:13:bb:45:20:3c:
cc:fd:2f:b2:46:80:86:68:df:c5:82:e0:b4:c8:8a:5a:2c:75:
98:03:03:b5:b3:ae:0a:70:d7:cc:44:4c:5e:93:ac:2b:b1:c3:
4b:21:61:74:43:64:46:ae:1e:ff:75:e5:ba:fc:c1:4d:64:20:
7c:5f:51:f0:20:8f:bb:d2:ba:30:4c:3d:e7:4e:ea:68:06:5d:
0b:da:37:1e:00:c1:d1:5e:1c:d7:0a:33:aa:df:92:96:28:b0:
be:09:7f:7c:21:79:6a:b1:11:b9:4e:11:7e:8f:52:2f:33:27:
d2:72:9e:f8:2e:44:f8:b2:94:dc:6b:9f:60:18:f9:21:10:61:
df:bc:34:15:bd:5e:dc:8d:f5:88:83:0f:35:30:98:f2:4a:fb:
40:6a:b8:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYclyO1TdJ2H7+PYnh2XvdKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OWVmZTZlZjk3NzI4YTQyODJhZTJjN2IwNWEyNDA1MDY1
NzFmMWMwHhcNMjMwMzI4MDExNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ4NjRkZTczMDNlYjg1ZjJjOWFiYTY3OWYxMThlYWVhMWM4NmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEytaZdcnjiyfrQ9FCI2V8lsnUMQ
GeAvGrl5Kbp7gbQvj0kz1VjO3wYS8EIZSBAM1q4DT0ldc40KlhAVMgP1J/PEjnCA
GQiQp8l68mdrBsm5sLj4iVQY9UljlNt0eUpI8NjOtdqHjMMwfh9oqB2ZgXUMVrZr
rsgh8eDUn43hx2z+oDCU52rPBjgW0vJBdZLuWW1PIXQduXG6y5MbSUxzuggBc1v9
MYZs8noKXxJPUoQqN8BxrzhAafgowlvBRH5bAZqP0chHlrxdmKXlwm2fQOE/1O8j
7XYi0vicnr8xH1+yYQmeDj547AC6Hn0CQtQwDo3dL3fdHYknWT1ZGSeWtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNlIZN5zA+uF8smrpnnxGOrqHIbXMB8GA1UdIwQY
MBaAFJWe/m75dyikKCrix7BaJAUGVx8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUt
YTA5MjY2YmI0ZDhjLzEvMlVoazNuTUQ2NFh5eWF1bWVmRVk2dW9jaHRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUtYTA5MjY2YmI0ZDhj
LzEvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDuaQYAwQC
uctsMA0GCSqGSIb3DQEBCwUAA4IBAQAr8b/hmrBu+LGfJKWG8qIA4g42Es92bPOs
K5TjlfL4bpa/wkC+XdIV02zJEZSmdTYpAO2uMiNN7b93q4wz1Ak0OqMrrZaqmOAD
L3HfqEwEBxhPc5F1SjmDwtZWHaCcyNai7wzMgwY4E7tFIDzM/S+yRoCGaN/FguC0
yIpaLHWYAwO1s64KcNfMRExek6wrscNLIWF0Q2RGrh7/deW6/MFNZCB8X1HwII+7
0rowTD3nTupoBl0L2jceAMHRXhzXCjOq35KWKLC+CX98IXlqsRG5ThF+j1IvMyfS
cp74LkT4spTca59gGPkhEGHfvDQVvV7cjfWIgw81MJjySvtAarj7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:26 2024 by rpki-client on console-fra.rpki-client.org