Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/2bIWS6-8B96dGqcr48xDSkqzocs.roa
File: 2bIWS6-8B96dGqcr48xDSkqzocs.roa (raw, json)
Hash identifier: QtbsVCnHoJAHAjnnW9DEbnqOZW4yyzsU20eQk/5Y6Bw=
Subject key identifier: D9:B2:16:4B:AF:BC:07:DE:9D:1A:A7:2B:E3:CC:43:4A:4A:B3:A1:CB
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 01856FF93A108E83A8017B3DEFB7B19FA025
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/2bIWS6-8B96dGqcr48xDSkqzocs.roa
Signing time: Mon 02 Jan 2023 00:54:42 +0000
ROA not before: Mon 02 Jan 2023 00:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 46.245.176.0/21 maxlen: 24
89.38.36.0/23 maxlen: 24
185.187.64.0/22 maxlen: 24
91.230.172.0/22 maxlen: 24
91.90.144.0/20 maxlen: 24
195.93.242.0/23 maxlen: 24
109.70.216.0/21 maxlen: 24
86.105.222.0/23 maxlen: 24
2a00:14e0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:3a:10:8e:83:a8:01:7b:3d:ef:b7:b1:9f:a0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 00:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9b2164bafbc07de9d1aa72be3cc434a4ab3a1cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e2:6f:0a:60:18:95:48:92:1a:c5:7f:54:c0:
8e:53:c7:65:9a:00:79:b9:62:f8:b0:f8:db:1b:c5:
99:8e:d2:79:8b:f1:e5:db:bb:ad:a1:3c:3b:ce:4c:
65:e9:7a:31:27:2f:eb:e2:55:c2:6e:66:03:e3:cb:
d9:74:0e:19:7a:e3:59:58:a8:dd:6d:36:d8:0b:59:
e3:29:89:5f:0d:27:46:21:90:9e:b7:bf:3d:55:9c:
79:4a:3d:f9:2f:4e:84:45:c5:a0:1c:58:be:e9:66:
da:c4:88:9e:9d:22:3d:b9:33:57:3b:51:53:3f:f2:
18:58:5c:f9:99:4b:27:4d:cc:f9:c6:e0:d3:ef:57:
ab:28:07:0c:ae:f5:31:08:b4:cd:0f:3c:4d:11:e2:
f5:f8:db:0c:66:be:65:fe:67:dd:32:c9:7a:60:f5:
e2:5f:54:8c:91:67:bc:9c:2f:88:7b:03:51:50:b0:
e0:a9:28:4c:f5:0e:23:32:44:98:07:c3:0d:ec:39:
e3:65:e4:c1:d8:83:f0:4f:cc:63:a1:72:d3:4a:e9:
0c:25:ca:f4:1d:f9:74:4c:20:56:1b:e8:84:b0:43:
99:3d:63:8a:b3:93:c4:76:fd:93:be:b9:2a:92:c9:
e0:69:db:0f:00:8e:2c:75:99:68:57:ac:19:6f:49:
ec:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B2:16:4B:AF:BC:07:DE:9D:1A:A7:2B:E3:CC:43:4A:4A:B3:A1:CB
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/2bIWS6-8B96dGqcr48xDSkqzocs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.176.0/21
86.105.222.0/23
89.38.36.0/23
91.90.144.0/20
91.230.172.0/22
109.70.216.0/21
185.187.64.0/22
195.93.242.0/23
IPv6:
2a00:14e0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:2a:9f:ec:11:ad:63:73:1f:81:d0:fe:1b:c8:e1:d9:8d:27:
0d:cf:1f:95:8f:b4:04:88:13:22:74:0a:be:fa:12:b7:70:dc:
c5:85:ed:b7:f8:75:7c:e9:8c:54:1d:a9:e0:3d:02:4c:e7:0b:
7c:c4:55:03:dc:94:0b:c1:93:d0:58:c8:e3:63:12:dc:08:73:
c2:44:c8:8a:07:cc:26:a8:93:a2:c8:9a:ec:f4:e3:13:47:2b:
e0:8d:73:0b:08:e8:e6:10:9e:84:8d:ac:40:8d:ee:8d:ed:f1:
f3:a2:86:84:b1:f4:13:19:4d:7b:81:56:66:e0:70:5c:98:63:
8f:ef:62:ea:7b:89:33:86:45:9a:30:ca:03:28:d0:a8:28:c8:
c0:fb:4e:64:dd:b2:7b:0a:e3:34:16:b2:26:7b:07:7c:5c:f4:
77:68:4e:9d:e1:12:23:7c:8f:22:0f:9c:21:2e:f4:e8:b7:fc:
f1:5c:be:70:20:39:83:0e:01:b2:34:c4:72:b9:68:34:9a:cd:
ad:17:c0:75:db:fa:0b:49:1b:10:3a:e9:2a:12:af:f1:9d:c4:
f3:d8:b8:64:ed:b2:b3:a9:08:04:c4:fd:f9:78:f8:36:36:d1:
04:dc:2a:98:29:b3:ab:1b:9d:6b:13:23:4b:f4:c1:5f:2a:02:
56:42:02:7c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVv+ToQjoOoAXs977exn6AlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjMwMTAyMDA1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWIyMTY0YmFmYmMwN2RlOWQxYWE3MmJlM2NjNDM0YTRhYjNhMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheJvCmAYlUiSGsV/VMCOU8dlmgB5
uWL4sPjbG8WZjtJ5i/Hl27utoTw7zkxl6XoxJy/r4lXCbmYD48vZdA4ZeuNZWKjd
bTbYC1njKYlfDSdGIZCet789VZx5Sj35L06ERcWgHFi+6WbaxIienSI9uTNXO1FT
P/IYWFz5mUsnTcz5xuDT71erKAcMrvUxCLTNDzxNEeL1+NsMZr5l/mfdMsl6YPXi
X1SMkWe8nC+IewNRULDgqShM9Q4jMkSYB8MN7DnjZeTB2IPwT8xjoXLTSukMJcr0
Hfl0TCBWG+iEsEOZPWOKs5PEdv2TvrkqksngadsPAI4sdZloV6wZb0nsgQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNmyFkuvvAfenRqnK+PMQ0pKs6HLMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvMmJJV1M2LThCOTZkR3FjcjQ4eERTa3F6b2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDLvWwAwQB
VmneAwQBWSYkAwQEW1qQAwQCW+asAwQDbUbYAwQCubtAAwQBw13yMA0EAgACMAcD
BQMqABTgMA0GCSqGSIb3DQEBCwUAA4IBAQCaKp/sEa1jcx+B0P4byOHZjScNzx+V
j7QEiBMidAq++hK3cNzFhe23+HV86YxUHangPQJM5wt8xFUD3JQLwZPQWMjjYxLc
CHPCRMiKB8wmqJOiyJrs9OMTRyvgjXMLCOjmEJ6EjaxAje6N7fHzooaEsfQTGU17
gVZm4HBcmGOP72Lqe4kzhkWaMMoDKNCoKMjA+05k3bJ7CuM0FrImewd8XPR3aE6d
4RIjfI8iD5whLvTot/zxXL5wIDmDDgGyNMRyuWg0ms2tF8B12/oLSRsQOukqEq/x
ncTz2Lhk7bKzqQgExP35ePg2NtEE3CqYKbOrG51rEyNL9MFfKgJWQgJ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:25 2024 by rpki-client on console-fra.rpki-client.org