Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2PdN0XVVoAiVnFUJAJeTjBuafFY.roa
File: 2PdN0XVVoAiVnFUJAJeTjBuafFY.roa (raw, json)
Hash identifier: OfEfaTnH265fAAxRz75IHem7l3Q33SG16Hdzy3n0Pe8=
Subject key identifier: D8:F7:4D:D1:75:55:A0:08:95:9C:55:09:00:97:93:8C:1B:9A:7C:56
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018FE72452F13511AC42B712586B17E38400
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2PdN0XVVoAiVnFUJAJeTjBuafFY.roa
Signing time: Wed 05 Jun 2024 06:44:28 +0000
ROA not before: Wed 05 Jun 2024 06:44:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214966
IP address blocks: 45.131.184.0/22 maxlen: 24
85.202.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 11:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:24:52:f1:35:11:ac:42:b7:12:58:6b:17:e3:84:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 5 06:44:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8f74dd17555a008959c55090097938c1b9a7c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:76:d7:ab:34:12:b4:b0:78:3e:d5:8a:3d:6f:
c8:2e:94:68:9c:96:60:de:4b:18:7a:85:74:4a:38:
00:b3:28:42:66:8e:4f:d8:6c:3f:e6:e2:4f:14:f9:
20:86:43:f2:52:f3:a5:26:3f:5e:44:27:dd:20:1c:
f5:b9:69:49:ec:72:62:fd:49:00:c2:72:cc:b5:d2:
f6:76:6d:10:6f:1e:5d:7a:a0:4f:61:5c:23:58:6c:
f3:25:d5:24:44:2d:19:31:50:ca:96:ae:c6:ed:43:
1f:de:b1:f1:83:71:50:a6:f6:c1:ed:f8:7e:01:e3:
1e:9b:ea:28:be:cb:bc:3e:a2:ff:9e:fd:2f:7e:67:
4c:f5:57:7d:45:ca:66:96:b0:c2:19:ec:c2:40:aa:
6c:d2:42:0d:80:8f:1b:ef:63:79:47:f1:c2:9b:4b:
e9:49:bc:fd:c3:db:ff:cf:94:78:67:78:65:e2:77:
1c:4a:57:b2:0a:83:1d:2c:31:f9:92:a9:19:a4:4c:
9d:16:0c:1b:ca:dd:21:38:90:44:40:a6:40:a5:a5:
9f:ba:11:2f:19:a2:66:ee:e4:c4:3b:f4:bb:d3:e4:
46:b8:c5:2a:06:77:6a:61:85:1d:15:53:9f:df:b8:
8d:26:72:d6:02:cf:f8:89:23:ed:fe:60:e8:94:22:
a2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F7:4D:D1:75:55:A0:08:95:9C:55:09:00:97:93:8C:1B:9A:7C:56
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2PdN0XVVoAiVnFUJAJeTjBuafFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.184.0/22
85.202.203.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:e5:e5:8c:f7:c0:91:89:dd:2f:01:8d:1a:74:0a:c1:67:aa:
ea:d7:64:d4:31:a3:fe:dd:66:32:95:a7:ef:94:30:4a:b4:a2:
29:50:a5:a8:04:24:ea:ca:c3:cb:9e:46:38:c9:a0:a6:27:d6:
c5:1d:62:82:2d:d1:9a:ba:3f:c2:d3:e6:af:7e:a7:a3:b0:de:
b4:83:a3:05:78:12:f3:19:41:e4:23:1c:9f:d6:12:a3:fc:91:
e9:55:9c:a3:13:5a:19:8f:ec:d6:3c:0a:0a:a3:c1:8b:1e:84:
53:48:db:1e:cf:b8:b6:0f:b6:40:da:f2:0b:ab:03:e5:81:59:
89:13:68:40:b4:34:5e:67:13:db:29:15:f9:b2:79:1c:a1:52:
3c:de:43:c3:34:d6:e9:59:6b:63:a5:a8:94:1e:79:7e:07:42:
3c:15:b7:ad:67:7e:8e:64:52:7b:62:d8:b5:42:7a:f7:9d:2c:
19:91:bc:51:3e:f9:b5:53:8f:ed:a9:bb:d8:1c:f8:1a:eb:27:
cf:6f:91:15:82:1e:af:9e:56:c6:30:af:a4:28:e9:ab:7c:97:
37:91:9e:49:3a:c2:a1:e5:22:1f:25:ec:3f:fa:ea:99:e5:6a:
76:42:98:11:47:b6:a4:8e:37:d1:be:b4:a2:0a:67:b9:15:5f:
53:8e:b4:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/nJFLxNRGsQrcSWGsX44QAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjA1MDY0NDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGY3NGRkMTc1NTVhMDA4OTU5YzU1MDkwMDk3OTM4YzFiOWE3YzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3bXqzQStLB4PtWKPW/ILpRonJZg
3ksYeoV0SjgAsyhCZo5P2Gw/5uJPFPkghkPyUvOlJj9eRCfdIBz1uWlJ7HJi/UkA
wnLMtdL2dm0Qbx5deqBPYVwjWGzzJdUkRC0ZMVDKlq7G7UMf3rHxg3FQpvbB7fh+
AeMem+oovsu8PqL/nv0vfmdM9Vd9RcpmlrDCGezCQKps0kINgI8b72N5R/HCm0vp
Sbz9w9v/z5R4Z3hl4nccSleyCoMdLDH5kqkZpEydFgwbyt0hOJBEQKZApaWfuhEv
GaJm7uTEO/S70+RGuMUqBndqYYUdFVOf37iNJnLWAs/4iSPt/mDolCKiwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNj3TdF1VaAIlZxVCQCXk4wbmnxWMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMlBkTjBYVlZvQWlWbkZVSkFKZVRqQnVhZkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYO4AwQA
VcrLMA0GCSqGSIb3DQEBCwUAA4IBAQDC5eWM98CRid0vAY0adArBZ6rq12TUMaP+
3WYylafvlDBKtKIpUKWoBCTqysPLnkY4yaCmJ9bFHWKCLdGauj/C0+avfqejsN60
g6MFeBLzGUHkIxyf1hKj/JHpVZyjE1oZj+zWPAoKo8GLHoRTSNsez7i2D7ZA2vIL
qwPlgVmJE2hAtDReZxPbKRX5snkcoVI83kPDNNbpWWtjpaiUHnl+B0I8FbetZ36O
ZFJ7Yti1Qnr3nSwZkbxRPvm1U4/tqbvYHPga6yfPb5EVgh6vnlbGMK+kKOmrfJc3
kZ5JOsKh5SIfJew/+uqZ5Wp2QpgRR7akjjfRvrSiCme5FV9TjrT+
-----END CERTIFICATE-----
Generated at Thu Jun 27 17:22:27 2024 by rpki-client on console-fra.rpki-client.org