Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DQ2hcn2Uy5T9Sjp3YskGKTOYI8M.roa
File: DQ2hcn2Uy5T9Sjp3YskGKTOYI8M.roa (raw, json)
Hash identifier: dPn1I+NIDwvKulMLq3nBKyHcSqGAYsJAKgyM0hnRH20=
Subject key identifier: 0D:0D:A1:72:7D:94:CB:94:FD:4A:3A:77:62:C9:06:29:33:98:23:C3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01868D76785734C998F1EBF283E726D84C9F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DQ2hcn2Uy5T9Sjp3YskGKTOYI8M.roa
Signing time: Sun 26 Feb 2023 11:23:16 +0000
ROA not before: Sun 26 Feb 2023 11:23:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:b105:120::/44 maxlen: 48
2a0e:97c0:260::/44 maxlen: 44
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:b107:1e40::/44 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b83::/32 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:6f0::/44 maxlen: 44
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a10:cc41:800::/37 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Mar 2023 08:08:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8d:76:78:57:34:c9:98:f1:eb:f2:83:e7:26:d8:4c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 26 11:23:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d0da1727d94cb94fd4a3a7762c90629339823c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:66:48:91:c0:c3:81:7f:67:72:e9:d2:c6:8e:
f0:65:34:31:af:f0:05:b8:95:76:bb:16:ff:71:75:
1e:e2:9a:ad:e6:3e:ea:d7:69:7e:6c:73:9b:70:a6:
3f:77:92:16:9c:4f:bd:95:42:ae:73:4b:58:d3:ef:
1b:d5:b5:c7:da:06:bb:7c:81:3b:bc:26:33:40:be:
1a:58:cd:03:c7:87:87:8e:93:34:e8:45:3b:d6:8c:
ac:95:95:ef:b0:19:54:85:11:cb:15:68:6a:eb:9d:
f5:00:e3:9c:45:c4:0e:74:f7:51:3b:ce:b6:1e:c5:
65:70:14:58:8a:a6:6b:a0:dd:10:ba:28:07:45:b1:
ad:56:ca:4e:8c:5c:d0:b3:5f:46:07:ef:91:5f:79:
68:7b:32:a3:ef:50:d0:26:3b:be:25:50:bb:11:68:
45:9c:18:a1:31:ea:d6:72:67:ee:ec:51:00:f7:aa:
23:3e:6f:35:ce:46:c0:07:1f:b6:4a:94:15:b1:d0:
8d:b4:78:ec:ed:03:f9:dc:bf:2e:b8:0b:41:fd:a2:
55:09:07:05:1a:01:08:7e:bf:93:fa:04:dd:e7:f8:
39:b0:e3:13:1c:98:ba:cb:f2:c6:16:4d:db:b8:bf:
ef:0d:38:ea:60:23:c1:87:ee:34:b3:16:0b:c5:56:
a4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:0D:A1:72:7D:94:CB:94:FD:4A:3A:77:62:C9:06:29:33:98:23:C3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DQ2hcn2Uy5T9Sjp3YskGKTOYI8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c4:100::/44
2a0e:b105:120::/44
2a0e:b107:6f0::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:1e40::/44
2a0f:e404:102::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc41:800::/37
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
46:cc:9e:dd:c3:8e:be:0c:ee:c5:65:38:b3:6f:4c:d2:6f:f9:
5a:4f:da:b9:15:36:e7:05:9d:79:36:2f:bd:f4:90:ac:9f:55:
44:6e:a1:cd:8c:c0:43:ae:97:6a:c2:82:6e:75:e3:2c:8f:1d:
a5:df:ee:15:1b:df:b9:be:6f:d3:42:6e:27:a7:35:38:02:e3:
0a:41:72:23:c6:b0:17:55:34:df:2c:2f:81:38:be:ce:2f:c2:
0b:9a:94:ee:fc:e8:09:47:e3:39:cc:f1:11:d1:54:51:8d:6e:
93:c8:8f:7d:48:b3:b0:c0:7c:40:46:70:60:66:4b:03:eb:da:
03:27:80:41:82:70:07:77:a0:98:5b:e9:75:e0:2a:5a:15:a0:
73:cd:96:31:4d:48:f5:d1:6d:1b:47:23:44:b7:ae:aa:80:93:
3d:2f:73:a9:80:ba:ac:7e:e6:92:df:a1:8f:56:61:6a:60:c5:
bf:f9:1e:d2:d9:aa:e6:d9:eb:49:32:b9:68:a1:8c:5a:9f:9d:
8b:c3:a0:bb:f4:3f:e3:d0:9e:73:61:b5:6a:07:80:d1:4c:93:
a6:43:27:f0:fa:40:1a:4c:d2:f1:3b:00:6e:38:88:4d:3d:44:
30:36:18:10:2b:ee:a4:2b:c7:38:5a:5d:41:24:7b:8a:21:90:
f5:73:f9:9e
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAYaNdnhXNMmY8evyg+cm2EyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjI2MTEyMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDBkYTE3MjdkOTRjYjk0ZmQ0YTNhNzc2MmM5MDYyOTMzOTgyM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGZIkcDDgX9ncunSxo7wZTQxr/AF
uJV2uxb/cXUe4pqt5j7q12l+bHObcKY/d5IWnE+9lUKuc0tY0+8b1bXH2ga7fIE7
vCYzQL4aWM0Dx4eHjpM06EU71oyslZXvsBlUhRHLFWhq6531AOOcRcQOdPdRO862
HsVlcBRYiqZroN0QuigHRbGtVspOjFzQs19GB++RX3loezKj71DQJju+JVC7EWhF
nBihMerWcmfu7FEA96ojPm81zkbABx+2SpQVsdCNtHjs7QP53L8uuAtB/aJVCQcF
GgEIfr+T+gTd5/g5sOMTHJi6y/LGFk3buL/vDTjqYCPBh+40sxYLxVakuwIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFA0NoXJ9lMuU/Uo6d2LJBikzmCPDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRFEyaGNuMlV5NVQ5U2pwM1lza0dLVE9ZSThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwQgQCAAEwPAMEAB8q
twMEAi0MRAMEAi2DuAMEAi2IiAMEAFXKywMEAF6xegMEAoscYAMEALnodQMEAMIy
XAMEAMIyXjCBqwQCAAIwgaQDBwAgAQf4ARkDBQMqCQTAMA4DBQcqDDuAAwUAKgw7
hgMHACoOl8ABcAMHBCoOl8ACYAMGACoOl8ECAwcEKg6XxAEAAwcEKg6xBQEgAwcE
Kg6xBwbwAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcEKg6xBx5AAwcAKg/k
BAECAwcAKhAvAAGPAwcEKhDMQAJQAwYDKhDMQQgDBgQqEMxGEDANBgkqhkiG9w0B
AQsFAAOCAQEARsye3cOOvgzuxWU4s29M0m/5Wk/auRU25wWdeTYvvfSQrJ9VRG6h
zYzAQ66XasKCbnXjLI8dpd/uFRvfub5v00JuJ6c1OALjCkFyI8awF1U03ywvgTi+
zi/CC5qU7vzoCUfjOczxEdFUUY1uk8iPfUizsMB8QEZwYGZLA+vaAyeAQYJwB3eg
mFvpdeAqWhWgc82WMU1I9dFtG0cjRLeuqoCTPS9zqYC6rH7mkt+hj1ZhamDFv/ke
0tmq5tnrSTK5aKGMWp+di8Ogu/Q/49Cec2G1ageA0UyTpkMn8PpAGkzS8TsAbjiI
TT1EMDYYECvupCvHOFpdQSR7iiGQ9XP5ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:57 2024 by rpki-client on console-ams.rpki-client.org