Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/2CX7IoLtL3vINLuTh1mIGUcBwAM.roa
File: 2CX7IoLtL3vINLuTh1mIGUcBwAM.roa (raw, json)
Hash identifier: jMjZCxMCpuca4jL1zW9pT6mVI+q8qJJ7JxMNfCp20IY=
Subject key identifier: D8:25:FB:22:82:ED:2F:7B:C8:34:BB:93:87:59:88:19:47:01:C0:03
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 01856F94CF1BF94654A89FEF413DC0D432EB
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/2CX7IoLtL3vINLuTh1mIGUcBwAM.roa
Signing time: Sun 01 Jan 2023 23:05:01 +0000
ROA not before: Sun 01 Jan 2023 23:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
185.10.248.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
185.83.132.0/22 maxlen: 24
176.56.64.0/19 maxlen: 24
185.70.152.0/22 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
89.40.84.0/22 maxlen: 24
185.4.32.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.160.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Jan 2023 13:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:cf:1b:f9:46:54:a8:9f:ef:41:3d:c0:d4:32:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 23:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d825fb2282ed2f7bc834bb93875988194701c003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ed:6d:dc:ca:5c:fc:bf:d5:5d:43:b0:1c:b4:
88:04:39:2d:62:39:f8:02:8e:24:63:87:66:08:c5:
42:ef:3b:d7:a3:04:24:38:3c:4e:a1:42:b5:fe:6a:
b0:2c:73:dc:a3:a9:31:1a:11:67:68:64:9b:3a:f9:
94:aa:66:f0:4b:55:82:6e:0d:18:b2:07:35:8a:e7:
97:ef:16:20:27:da:64:cc:49:c7:63:84:a3:e3:89:
8c:08:48:d5:3c:0b:12:ef:67:72:b4:b1:20:32:c8:
0e:3c:20:28:cc:99:6b:7a:f8:53:a2:38:2d:1f:de:
2e:de:22:5f:44:cc:ac:92:30:a1:63:38:54:18:16:
5d:5f:75:1e:48:f8:18:32:30:f3:ef:56:33:22:3a:
2b:5a:10:15:d2:b1:d3:56:4c:78:ce:83:a1:0a:d3:
22:27:64:41:ae:1c:dd:bf:84:09:7c:a6:41:a2:58:
b7:41:93:50:12:e9:79:0a:98:a0:08:4e:9e:ec:55:
39:8e:bf:7e:07:4d:0c:f9:8b:99:c0:6b:dc:ec:4d:
da:c7:59:5b:a6:35:84:ac:e8:d3:54:b1:a9:93:1c:
6e:b1:ea:90:dc:c1:29:20:e5:74:aa:8f:85:3f:95:
80:59:f7:1d:42:15:76:c5:2f:20:d4:ef:60:d3:18:
68:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:25:FB:22:82:ED:2F:7B:C8:34:BB:93:87:59:88:19:47:01:C0:03
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/2CX7IoLtL3vINLuTh1mIGUcBwAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
92:a4:6a:b1:92:1f:e1:a7:13:09:e3:7f:3d:33:e7:1a:0f:7a:
6f:22:8e:c1:c4:f7:1c:3d:ef:cc:46:2c:e0:21:7e:85:89:50:
43:36:02:4b:cb:fc:bb:13:01:e3:83:84:ed:93:d2:e9:ea:97:
8f:33:c7:b7:bc:02:a7:d8:52:fc:c8:01:87:74:20:5b:19:74:
a0:44:f6:25:0a:6f:19:0b:36:06:94:6b:ba:1a:5d:8b:39:5b:
0e:6a:f1:48:68:3e:ef:a1:a6:78:ee:90:3a:64:d0:9c:08:ed:
21:fa:54:0d:c7:87:8c:7c:4e:8a:e3:db:4c:6e:da:9f:06:3e:
f7:c4:ba:83:bf:89:a5:55:7d:4e:53:94:43:aa:e7:a2:a9:c0:
c8:aa:af:67:6f:8b:f1:eb:47:a1:50:e9:67:0f:18:e8:d3:88:
62:a8:3e:6a:5e:00:54:8c:c3:f2:e9:d7:37:3e:f9:9d:f3:11:
43:b9:ad:55:41:81:e5:a8:13:89:39:c0:30:a0:3b:93:87:7b:
7c:f0:b9:34:f2:bf:6c:94:fc:f9:8c:14:f1:d3:be:c8:3b:71:
a5:14:b4:0d:6d:0f:c1:72:a1:29:da:ef:19:64:66:b2:88:f9:
14:a7:c9:8f:85:ec:7a:d2:8b:05:4f:03:4f:d2:ff:a8:0a:0b:
a4:6b:bd:21
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYVvlM8b+UZUqJ/vQT3A1DLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjMwMTAxMjMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODI1ZmIyMjgyZWQyZjdiYzgzNGJiOTM4NzU5ODgxOTQ3MDFjMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+1t3Mpc/L/VXUOwHLSIBDktYjn4
Ao4kY4dmCMVC7zvXowQkODxOoUK1/mqwLHPco6kxGhFnaGSbOvmUqmbwS1WCbg0Y
sgc1iueX7xYgJ9pkzEnHY4Sj44mMCEjVPAsS72dytLEgMsgOPCAozJlrevhTojgt
H94u3iJfRMyskjChYzhUGBZdX3UeSPgYMjDz71YzIjorWhAV0rHTVkx4zoOhCtMi
J2RBrhzdv4QJfKZBoli3QZNQEul5CpigCE6e7FU5jr9+B00M+YuZwGvc7E3ax1lb
pjWErOjTVLGpkxxuseqQ3MEpIOV0qo+FP5WAWfcdQhV2xS8g1O9g0xhoXQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFNgl+yKC7S97yDS7k4dZiBlHAcADMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvMkNYN0lvTHRMM3ZJTkx1VGgxbUlHVWNCd0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQDHxmwAwQD
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCuQr4AwQC
uUaYAwQCuVOEAwQCubBoAwQCueR8AwQCue+gMAwDBAHB9poDBAHB9pwwDQYJKoZI
hvcNAQELBQADggEBAJKkarGSH+GnEwnjfz0z5xoPem8ijsHE9xw978xGLOAhfoWJ
UEM2AkvL/LsTAeODhO2T0unql48zx7e8AqfYUvzIAYd0IFsZdKBE9iUKbxkLNgaU
a7oaXYs5Ww5q8UhoPu+hpnjukDpk0JwI7SH6VA3Hh4x8Torj20xu2p8GPvfEuoO/
iaVVfU5TlEOq56KpwMiqr2dvi/HrR6FQ6WcPGOjTiGKoPmpeAFSMw/Lp1zc++Z3z
EUO5rVVBgeWoE4k5wDCgO5OHe3zwuTTyv2yU/PmMFPHTvsg7caUUtA1tD8FyoSna
7xlkZrKI+RSnyY+F7HrSiwVPA0/S/6gKC6RrvSE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org