Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/2xQ2OCCOxel2yT6IHP8Xr0qGcRc.roa
File: 2xQ2OCCOxel2yT6IHP8Xr0qGcRc.roa (raw, json)
Hash identifier: zP9I+VFB1dbHFPNVKglKCEXoihgTrWOXJTLML4d5zn4=
Subject key identifier: DB:14:36:38:20:8E:C5:E9:76:C9:3E:88:1C:FF:17:AF:4A:86:71:17
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 01866F56145ABB76E30F84782229C4D3A730
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/2xQ2OCCOxel2yT6IHP8Xr0qGcRc.roa
Signing time: Mon 20 Feb 2023 14:59:17 +0000
ROA not before: Mon 20 Feb 2023 14:59:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208006
IP address blocks: 130.185.123.0/24 maxlen: 24
130.185.122.0/24 maxlen: 24
185.215.232.0/22 maxlen: 24
185.215.235.0/24 maxlen: 24
185.215.234.0/24 maxlen: 24
185.204.168.0/22 maxlen: 24
2a0d:4ac0::/48 maxlen: 48
2a0d:4ac0:3::/48 maxlen: 48
2a0d:4ac0:1::/48 maxlen: 48
2a0d:4ac0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6f:56:14:5a:bb:76:e3:0f:84:78:22:29:c4:d3:a7:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Feb 20 14:59:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db143638208ec5e976c93e881cff17af4a867117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f6:6d:b4:ff:ea:6a:3d:0e:96:4d:e4:46:81:
6a:bf:5e:db:2b:69:70:80:85:75:b2:01:59:89:95:
da:f3:cc:0b:e2:41:fb:23:8c:d0:de:43:45:b6:9d:
de:c0:c2:62:56:f8:cb:2b:7d:5d:f9:bc:72:2e:02:
fe:2b:0a:7c:de:61:88:f3:93:a5:bd:77:ed:c0:2f:
c9:f2:15:9c:a9:2c:c3:89:0c:10:2d:84:d9:14:cf:
9b:ac:a3:cd:72:74:49:8c:1d:ab:31:b8:9f:3f:9d:
a5:e1:3e:f2:0a:0a:24:9c:c3:14:08:56:af:58:29:
a4:08:18:bc:c2:82:3e:fd:14:05:6e:f6:1d:68:62:
02:7f:85:37:83:6f:7c:0f:6f:c6:98:d3:5b:41:df:
27:1e:77:e9:df:63:22:28:45:31:57:68:0b:0f:34:
a8:63:5a:ca:d2:3a:f5:24:c4:14:ec:d3:1b:e8:3c:
83:ea:00:84:9b:b7:f0:65:a1:88:83:ac:57:b0:16:
85:85:1d:31:3a:3d:c0:f9:f9:43:b0:d9:92:5e:0f:
d8:14:98:60:ee:a6:0b:fd:3b:5e:1f:b7:50:46:5b:
e4:d9:d2:f9:d7:2e:74:58:97:15:36:c4:07:e9:ec:
d4:0f:4b:97:db:e1:c7:9a:7d:8c:cb:50:42:53:04:
35:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:14:36:38:20:8E:C5:E9:76:C9:3E:88:1C:FF:17:AF:4A:86:71:17
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/2xQ2OCCOxel2yT6IHP8Xr0qGcRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.122.0/23
185.204.168.0/22
185.215.232.0/22
IPv6:
2a0d:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
4f:12:9b:98:86:38:e0:9e:68:bf:0e:68:b3:b3:c6:7a:c2:87:
d8:40:90:12:b3:16:c6:33:d3:f2:ae:35:91:4c:d7:ca:0f:b4:
22:e1:14:58:e7:6b:df:9f:e8:11:ec:d6:7a:6c:2d:6d:20:ce:
54:bd:79:03:3a:74:d9:1a:d4:aa:11:71:2d:34:be:14:1c:fd:
78:48:76:df:40:20:35:26:af:66:22:b1:d3:ec:bf:63:38:f5:
48:58:50:fe:7e:69:47:51:9e:72:39:1b:1c:cf:9b:01:9f:a3:
70:ea:28:81:17:55:8a:c0:46:45:c8:40:c3:ae:3d:76:76:1a:
16:b4:60:7b:41:e0:c6:da:22:14:7f:a4:eb:04:bf:09:1a:c8:
31:d4:0f:79:97:67:36:63:01:6d:92:7c:bc:ce:c4:f6:82:35:
2e:f3:6a:a7:42:0d:24:5b:9b:5a:c2:03:1d:ff:43:a9:98:15:
90:2b:62:3d:fb:e8:57:b4:84:9f:c3:b2:c8:86:c1:ac:a7:45:
3b:48:45:5a:b4:aa:7d:4a:eb:21:3d:3c:54:a8:ee:0d:9f:dc:
b8:6c:85:ee:9a:d7:72:66:42:4e:82:05:2f:38:2b:7c:7e:91:
a5:13:2a:5b:c3:c0:ee:a8:11:62:2f:1f:03:04:c5:b3:24:fe:
bc:fc:73:07
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYZvVhRau3bjD4R4IinE06cwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjMwMjIwMTQ1OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjE0MzYzODIwOGVjNWU5NzZjOTNlODgxY2ZmMTdhZjRhODY3MTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfZttP/qaj0Olk3kRoFqv17bK2lw
gIV1sgFZiZXa88wL4kH7I4zQ3kNFtp3ewMJiVvjLK31d+bxyLgL+Kwp83mGI85Ol
vXftwC/J8hWcqSzDiQwQLYTZFM+brKPNcnRJjB2rMbifP52l4T7yCgoknMMUCFav
WCmkCBi8woI+/RQFbvYdaGICf4U3g298D2/GmNNbQd8nHnfp32MiKEUxV2gLDzSo
Y1rK0jr1JMQU7NMb6DyD6gCEm7fwZaGIg6xXsBaFhR0xOj3A+flDsNmSXg/YFJhg
7qYL/TteH7dQRlvk2dL51y50WJcVNsQH6ezUD0uX2+HHmn2My1BCUwQ1EwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNsUNjggjsXpdsk+iBz/F69KhnEXMB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvMnhRMk9DQ094ZWwyeVQ2SUhQOFhyMHFHY1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBgrl6AwQC
ucyoAwQCudfoMA8EAgACMAkDBwIqDUrAAAAwDQYJKoZIhvcNAQELBQADggEBAE8S
m5iGOOCeaL8OaLOzxnrCh9hAkBKzFsYz0/KuNZFM18oPtCLhFFjna9+f6BHs1nps
LW0gzlS9eQM6dNka1KoRcS00vhQc/XhIdt9AIDUmr2YisdPsv2M49UhYUP5+aUdR
nnI5GxzPmwGfo3DqKIEXVYrARkXIQMOuPXZ2Gha0YHtB4MbaIhR/pOsEvwkayDHU
D3mXZzZjAW2SfLzOxPaCNS7zaqdCDSRbm1rCAx3/Q6mYFZArYj376Fe0hJ/DssiG
waynRTtIRVq0qn1K6yE9PFSo7g2f3Lhshe6a13JmQk6CBS84K3x+kaUTKlvDwO6o
EWIvHwMExbMk/rz8cwc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:11 2024 by rpki-client on console-ams.rpki-client.org