Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/2sBjjQRS2beNG3aI2p4CKOPw7rs.roa
File: 2sBjjQRS2beNG3aI2p4CKOPw7rs.roa (raw, json)
Hash identifier: mQg+YL8CZVOFtNGc2ZxK24NSHR9Gy96zJbY389VnV4Y=
Subject key identifier: DA:C0:63:8D:04:52:D9:B7:8D:1B:76:88:DA:9E:02:28:E3:F0:EE:BB
Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494
Certificate serial: 018CC7953CD93EB95127D675A634555D5CB9
Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/2sBjjQRS2beNG3aI2p4CKOPw7rs.roa
Signing time: Tue 02 Jan 2024 00:31:35 +0000
ROA not before: Tue 02 Jan 2024 00:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55293
IP address blocks: 185.62.136.0/22 maxlen: 24
185.141.188.0/22 maxlen: 24
185.160.66.0/23 maxlen: 24
185.160.65.0/24 maxlen: 24
185.148.128.0/22 maxlen: 24
185.149.112.0/22 maxlen: 24
185.52.148.0/22 maxlen: 24
185.146.20.0/22 maxlen: 24
185.143.44.0/22 maxlen: 24
185.168.108.0/22 maxlen: 24
185.133.20.0/22 maxlen: 24
185.132.4.0/22 maxlen: 24
185.166.145.0/24 maxlen: 24
185.166.146.0/23 maxlen: 24
185.148.44.0/22 maxlen: 24
185.146.28.0/22 maxlen: 24
185.151.48.0/22 maxlen: 24
85.187.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 14:50:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3c:d9:3e:b9:51:27:d6:75:a6:34:55:5d:5c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494
Validity
Not Before: Jan 2 00:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dac0638d0452d9b78d1b7688da9e0228e3f0eebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a8:c6:8b:c8:41:f2:00:f9:40:0d:29:dd:76:
c2:c8:4b:7a:b2:d6:0d:61:7b:13:f7:c1:75:d8:98:
42:4b:37:89:b0:89:d9:80:ed:58:6f:4d:f5:8a:69:
6c:d1:b8:25:33:d9:54:e7:94:bd:e2:61:c3:6a:42:
45:9e:2d:6d:f1:2f:38:bd:22:21:af:63:f3:6f:9d:
b4:40:ba:01:c0:99:18:30:56:ab:0d:ce:bf:bd:b4:
dc:4d:3e:a7:1d:ec:92:b2:46:d5:bb:30:1e:96:5b:
89:cb:39:78:58:5a:39:c9:37:a8:db:db:14:4b:82:
06:e1:b4:b6:a4:54:e7:68:bb:c4:f5:86:b7:4f:34:
c3:77:80:81:ed:9f:88:82:de:10:61:34:da:e2:0c:
ce:96:fc:28:6a:e6:b5:6f:ce:d5:8d:67:53:bf:34:
8a:ec:ae:26:a8:0c:78:a5:94:b8:7d:79:99:7d:33:
05:35:f2:aa:c9:41:07:36:86:4c:f0:36:ff:12:42:
92:50:cb:55:d9:9b:41:a1:7c:f5:44:ea:04:d8:20:
92:41:f2:f4:91:c2:3d:b5:e9:1f:9a:7e:0d:c7:bb:
2d:fa:44:d9:c3:15:73:91:c3:4b:d5:f7:e5:38:34:
fb:59:6d:2a:11:4c:af:9c:af:0b:72:ef:e9:c3:0c:
66:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C0:63:8D:04:52:D9:B7:8D:1B:76:88:DA:9E:02:28:E3:F0:EE:BB
X509v3 Authority Key Identifier:
keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/2sBjjQRS2beNG3aI2p4CKOPw7rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.128.0/19
185.52.148.0/22
185.62.136.0/22
185.132.4.0/22
185.133.20.0/22
185.141.188.0/22
185.143.44.0/22
185.146.20.0/22
185.146.28.0/22
185.148.44.0/22
185.148.128.0/22
185.149.112.0/22
185.151.48.0/22
185.160.65.0-185.160.67.255
185.166.145.0-185.166.147.255
185.168.108.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:fa:fb:c7:21:e7:83:8f:9f:e7:a3:cd:f7:05:93:76:c8:2b:
a4:2b:2c:c4:95:35:2c:72:83:3f:13:3e:be:5e:20:1f:c7:ce:
7d:17:fe:e7:bb:b6:d6:ca:e6:c9:61:7c:c2:ae:fd:ea:f0:97:
50:b8:39:3b:52:18:e1:0b:dd:11:fa:bb:12:d8:9e:04:92:58:
a1:45:97:95:6f:0d:b4:9f:80:28:39:5d:72:cf:1c:42:df:91:
70:e3:4c:10:ae:f6:6e:72:75:a7:eb:11:75:fb:f8:d2:99:03:
cb:ec:b5:80:fa:4d:dd:fc:62:e0:6e:43:24:93:99:c9:47:00:
ea:41:31:5e:c5:c4:e6:5d:ba:61:92:49:be:e2:b8:bf:83:8c:
6d:42:db:9f:78:f8:0e:b6:a4:1e:b6:1e:95:48:10:3e:9f:d3:
36:6c:17:d4:f0:6a:d2:5a:87:08:69:13:2d:3c:56:f1:e8:8a:
d7:db:10:e2:cb:82:c1:66:7c:67:a7:9c:1c:3f:0c:dd:b7:4a:
73:4d:fd:4f:e4:e1:30:7d:59:29:80:d6:ac:2b:97:05:df:03:
08:12:f0:8b:93:b2:64:be:e5:79:b7:c3:f6:e2:b6:69:0c:fa:
11:7a:83:28:7a:52:50:83:0b:59:7d:45:5d:d0:08:4d:2b:26:
47:7a:d5:af
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYzHlTzZPrlRJ9Z1pjRVXVy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMTIxY2Q2ZTExZGEwOTVmODU2ZDc5ZGVlYzQ2OWQwYzYz
NTg0OTQwHhcNMjQwMTAyMDAzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWMwNjM4ZDA0NTJkOWI3OGQxYjc2ODhkYTllMDIyOGUzZjBlZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ajGi8hB8gD5QA0p3XbCyEt6stYN
YXsT98F12JhCSzeJsInZgO1Yb031imls0bglM9lU55S94mHDakJFni1t8S84vSIh
r2Pzb520QLoBwJkYMFarDc6/vbTcTT6nHeySskbVuzAelluJyzl4WFo5yTeo29sU
S4IG4bS2pFTnaLvE9Ya3TzTDd4CB7Z+Igt4QYTTa4gzOlvwoaua1b87VjWdTvzSK
7K4mqAx4pZS4fXmZfTMFNfKqyUEHNoZM8Db/EkKSUMtV2ZtBoXz1ROoE2CCSQfL0
kcI9tekfmn4Nx7st+kTZwxVzkcNL1fflODT7WW0qEUyvnK8Lcu/pwwxm8wIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFNrAY40EUtm3jRt2iNqeAijj8O67MB8GA1UdIwQY
MBaAFK8SHNbhHaCV+FbXne7EadDGNYSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEt
YWYzZjc5NGFlNjA3LzEvMnNCampRUlMyYmVORzNhSTJwNENLT1B3N3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEtYWYzZjc5NGFlNjA3
LzEvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEBVW7gAME
Ark0lAMEArk+iAMEArmEBAMEArmFFAMEArmNvAMEArmPLAMEArmSFAMEArmSHAME
ArmULAMEArmUgAMEArmVcAMEArmXMDAMAwQAuaBBAwQCuaBAMAwDBAC5ppEDBAK5
ppADBAK5qGwwDQYJKoZIhvcNAQELBQADggEBAIv6+8ch54OPn+ejzfcFk3bIK6Qr
LMSVNSxygz8TPr5eIB/Hzn0X/ue7ttbK5slhfMKu/erwl1C4OTtSGOEL3RH6uxLY
ngSSWKFFl5VvDbSfgCg5XXLPHELfkXDjTBCu9m5ydafrEXX7+NKZA8vstYD6Td38
YuBuQySTmclHAOpBMV7FxOZdumGSSb7iuL+DjG1C2594+A62pB62HpVIED6f0zZs
F9TwatJahwhpEy08VvHoitfbEOLLgsFmfGennBw/DN23SnNN/U/k4TB9WSmA1qwr
lwXfAwgS8IuTsmS+5Xm3w/bitmkM+hF6gyh6UlCDC1l9RV3QCE0rJkd61a8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:31 2024 by rpki-client on console-ams.rpki-client.org