Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Tw2xSHlWmM-tFPDP3UePH9KNtQs.roa
File: Tw2xSHlWmM-tFPDP3UePH9KNtQs.roa (raw, json)
Hash identifier: U5g++xqVbFNN4ua/cllXVhAuU2VLOYt0JDUgOWYFLJQ=
Subject key identifier: 4F:0D:B1:48:79:56:98:CF:AD:14:F0:CF:DD:47:8F:1F:D2:8D:B5:0B
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 018C251AC9423B80BAE779E8C548E2CBF5C9
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Tw2xSHlWmM-tFPDP3UePH9KNtQs.roa
Signing time: Fri 01 Dec 2023 11:19:21 +0000
ROA not before: Fri 01 Dec 2023 11:19:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34465
IP address blocks: 185.188.28.0/24 maxlen: 24
2a12:8fc6:cd02::/48 maxlen: 48
2a12:8fc6:ace2::/48 maxlen: 48
2a12:8fc6:bdee::/48 maxlen: 48
2a12:8fc6:efdf::/48 maxlen: 48
2a12:8fc6:c31a::/48 maxlen: 48
2a12:8fc6:ae44::/48 maxlen: 48
2a12:8fc6:cd04::/48 maxlen: 48
2a12:8fc6:bab0::/48 maxlen: 48
2a12:8fc6:be01::/48 maxlen: 48
2a12:8fc6:ee01::/48 maxlen: 48
2a12:8fc6:ace1::/48 maxlen: 48
2a12:8fc6:cd01::/48 maxlen: 48
2a12:8fc6:cae1::/48 maxlen: 48
2a12:8fc6:ace3::/48 maxlen: 48
2a12:8fc6:dbaa::/48 maxlen: 48
2a12:8fc6:eaca::/48 maxlen: 48
2a12:8fc6::/32 maxlen: 32
2a12:8fc6:dae0::/48 maxlen: 48
2a12:8fc6:db00::/48 maxlen: 48
2a12:8fc6:fae0::/48 maxlen: 48
2a12:8fc6:caa0::/48 maxlen: 48
2a12:8fc6:ae00::/48 maxlen: 48
2a12:8fc6:ca00::/48 maxlen: 48
2a12:8fc6:cd00::/48 maxlen: 48
2a12:8fc6:cc00::/48 maxlen: 48
2a12:8fc6:ce00::/48 maxlen: 48
2a12:8fc6:daa0::/48 maxlen: 48
2a12:8fc6:aa00::/48 maxlen: 48
2a12:8fc6:faa0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:1a:c9:42:3b:80:ba:e7:79:e8:c5:48:e2:cb:f5:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Dec 1 11:19:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f0db148795698cfad14f0cfdd478f1fd28db50b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:23:c9:99:06:ee:5e:78:a6:f5:86:e7:d8:dc:
c1:db:5a:1c:2d:b9:e6:4f:62:fe:b2:09:39:ee:1c:
83:c0:c8:17:43:fe:4e:4a:55:32:14:5a:63:af:14:
af:0b:59:56:6b:70:37:79:bc:7c:8b:08:42:30:9e:
22:52:d5:bc:bf:7c:58:1e:11:04:21:09:7c:14:4f:
f7:02:04:e2:31:56:f7:57:27:50:51:2f:0d:b5:d8:
73:af:44:0a:d3:bc:5b:a9:d5:09:67:82:8b:2e:6d:
c2:b3:ab:34:c5:71:6f:0f:21:ff:4c:36:65:06:87:
7e:30:b3:8a:d4:32:73:c8:2c:88:b9:d5:06:56:3c:
a5:7e:48:3c:b4:e8:48:5e:1c:e5:f4:3f:af:8e:64:
43:f3:42:55:58:b7:49:67:a0:38:00:9e:64:08:a1:
1e:11:1c:b8:43:24:95:ee:5a:2d:9a:67:e8:8c:50:
8d:58:af:5f:f1:59:dd:de:82:25:34:8f:df:5a:73:
78:54:aa:3d:4b:d4:1d:e5:46:c1:97:2b:14:3a:a1:
54:c0:d4:35:af:2c:df:fc:34:16:d6:b0:d2:77:ad:
00:0a:72:7b:03:f9:72:96:0e:c8:b3:ff:03:8b:d9:
a4:21:97:aa:0b:5c:44:68:a5:b4:bb:61:b7:d3:ca:
9b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:0D:B1:48:79:56:98:CF:AD:14:F0:CF:DD:47:8F:1F:D2:8D:B5:0B
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Tw2xSHlWmM-tFPDP3UePH9KNtQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.28.0/24
IPv6:
2a12:8fc6::/32
Signature Algorithm: sha256WithRSAEncryption
9c:8e:b7:be:a0:d3:d9:5d:4f:1f:09:83:cd:1a:21:5a:6d:ab:
51:31:48:0d:01:62:de:a6:e1:85:98:e1:0c:d4:83:5e:62:d0:
4a:b7:9a:07:08:47:d9:ca:59:25:7e:a8:26:e2:c6:2d:2d:28:
b8:46:b2:dd:dc:2a:a8:16:d5:a2:b5:83:d7:a3:2d:2b:6b:52:
31:26:99:17:6e:be:31:cb:3d:3c:88:b3:71:9e:26:99:81:e8:
dc:87:df:a4:22:ba:2b:cc:92:9f:9b:07:c5:27:b2:94:84:dd:
f5:68:d0:ff:e8:0d:c0:c9:04:d3:fe:68:7f:08:f0:17:95:90:
9b:92:e7:22:de:95:97:0c:50:b5:54:36:be:47:ae:33:70:9f:
17:38:4b:94:7c:00:14:d3:75:b1:fe:24:04:c8:e2:ec:f8:89:
dd:91:41:4e:2a:fa:ed:c4:97:ac:bc:99:f8:57:06:af:44:2a:
4a:2e:a4:ce:49:d8:6e:ec:9e:d9:5d:f6:ee:c0:06:3d:79:a1:
dd:6b:04:66:74:6a:d9:f2:93:89:18:e4:e8:c4:a0:19:14:74:
f3:e6:de:ea:1f:44:f9:b8:28:d2:67:9a:07:e0:72:b6:2d:91:
4c:7b:30:ca:c2:f4:5c:14:fe:79:57:86:80:2d:36:56:c9:23:
bd:f1:dd:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwlGslCO4C653noxUjiy/XJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMxMjAxMTExOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjBkYjE0ODc5NTY5OGNmYWQxNGYwY2ZkZDQ3OGYxZmQyOGRiNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiPJmQbuXnim9Ybn2NzB21ocLbnm
T2L+sgk57hyDwMgXQ/5OSlUyFFpjrxSvC1lWa3A3ebx8iwhCMJ4iUtW8v3xYHhEE
IQl8FE/3AgTiMVb3VydQUS8Ntdhzr0QK07xbqdUJZ4KLLm3Cs6s0xXFvDyH/TDZl
Bod+MLOK1DJzyCyIudUGVjylfkg8tOhIXhzl9D+vjmRD80JVWLdJZ6A4AJ5kCKEe
ERy4QySV7lotmmfojFCNWK9f8Vnd3oIlNI/fWnN4VKo9S9Qd5UbBlysUOqFUwNQ1
ryzf/DQW1rDSd60ACnJ7A/lylg7Is/8Di9mkIZeqC1xEaKW0u2G308qbIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE8NsUh5VpjPrRTwz91Hjx/SjbULMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvVHcyeFNIbFdtTS10RlBEUDNVZVBIOUtOdFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubwcMA0E
AgACMAcDBQAqEo/GMA0GCSqGSIb3DQEBCwUAA4IBAQCcjre+oNPZXU8fCYPNGiFa
batRMUgNAWLepuGFmOEM1INeYtBKt5oHCEfZylklfqgm4sYtLSi4RrLd3CqoFtWi
tYPXoy0ra1IxJpkXbr4xyz08iLNxniaZgejch9+kIrorzJKfmwfFJ7KUhN31aND/
6A3AyQTT/mh/CPAXlZCbkuci3pWXDFC1VDa+R64zcJ8XOEuUfAAU03Wx/iQEyOLs
+IndkUFOKvrtxJesvJn4VwavRCpKLqTOSdhu7J7ZXfbuwAY9eaHdawRmdGrZ8pOJ
GOToxKAZFHTz5t7qH0T5uCjSZ5oH4HK2LZFMezDKwvRcFP55V4aALTZWySO98d2J
-----END CERTIFICATE-----
Generated at Fri Dec 1 17:15:23 2023 by rpki-client on console-ams.rpki-client.org