Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2_KmdoRjhy9da0WaBtuikJptONM.roa
File: 2_KmdoRjhy9da0WaBtuikJptONM.roa (raw, json)
Hash identifier: ldSDp57HCjl1p31oT/bUtuYl3VoJsiHcRSzhlQBJUo8=
Subject key identifier: DB:F2:A6:76:84:63:87:2F:5D:6B:45:9A:06:DB:A2:90:9A:6D:38:D3
Certificate issuer: /CN=dbe0ca7c1e0e8a1c7ad02d0bb828b41188ae5243
Certificate serial: 01858E4EB8C4267392C00EB4407891A1B5EA
Authority key identifier: DB:E0:CA:7C:1E:0E:8A:1C:7A:D0:2D:0B:B8:28:B4:11:88:AE:52:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2_KmdoRjhy9da0WaBtuikJptONM.roa
Signing time: Sat 07 Jan 2023 22:16:41 +0000
ROA not before: Sat 07 Jan 2023 22:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45014
IP address blocks: 194.150.252.0/23 maxlen: 24
217.172.128.0/20 maxlen: 24
185.18.32.0/24 maxlen: 24
185.184.236.0/22 maxlen: 22
159.253.56.0/21 maxlen: 24
80.93.160.0/20 maxlen: 24
92.60.96.0/20 maxlen: 24
2a00:1a90::/32 maxlen: 48
2a03:f2c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8e:4e:b8:c4:26:73:92:c0:0e:b4:40:78:91:a1:b5:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe0ca7c1e0e8a1c7ad02d0bb828b41188ae5243
Validity
Not Before: Jan 7 22:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbf2a6768463872f5d6b459a06dba2909a6d38d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:42:49:75:7e:4b:29:43:6d:cf:1e:1f:7c:ff:
46:57:4a:0a:67:e2:1d:9a:63:f0:c1:98:94:c3:73:
c8:4d:2d:23:97:48:c2:9a:94:da:24:e4:62:0f:ac:
10:53:23:40:3a:d2:1a:ec:e6:22:14:1c:45:d4:3b:
3b:16:78:65:3b:cc:8a:d2:c0:b3:0d:92:05:86:63:
48:31:87:f0:46:09:3c:01:e1:55:26:ad:21:33:5a:
f3:08:04:40:bd:28:03:bd:42:90:91:01:64:78:55:
8e:ba:da:0c:44:f1:32:1c:02:bc:ac:86:6d:c3:1a:
2b:56:54:ac:f6:96:1c:f9:6d:af:4f:07:c2:12:50:
a2:91:18:29:28:c6:f8:9e:58:a0:e5:74:81:13:15:
f4:77:64:5e:12:47:de:4a:e9:bc:2d:83:7b:98:45:
2d:c0:c0:5c:13:57:5a:49:2f:2d:e2:3a:0e:54:f2:
13:d5:ad:59:31:1b:85:e7:64:c4:64:57:fa:21:bc:
69:84:4f:5b:cb:ac:95:10:f9:59:83:b0:90:10:31:
05:50:ab:40:5c:89:4d:0b:37:b9:9a:65:b4:49:f5:
36:07:db:3e:ca:6c:e9:64:09:9b:a2:50:d0:df:aa:
16:00:ac:b5:8e:d4:54:21:97:61:9b:c1:ca:b7:9b:
31:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F2:A6:76:84:63:87:2F:5D:6B:45:9A:06:DB:A2:90:9A:6D:38:D3
X509v3 Authority Key Identifier:
keyid:DB:E0:CA:7C:1E:0E:8A:1C:7A:D0:2D:0B:B8:28:B4:11:88:AE:52:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2_KmdoRjhy9da0WaBtuikJptONM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.160.0/20
92.60.96.0/20
159.253.56.0/21
185.18.32.0/24
185.184.236.0/22
194.150.252.0/23
217.172.128.0/20
IPv6:
2a00:1a90::/32
2a03:f2c0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:9d:b7:fd:64:98:73:5d:a5:df:a8:a2:db:39:13:f5:f3:ca:
96:cf:f5:e8:0d:a2:ca:ec:ce:a0:e7:7c:06:37:82:80:8e:1d:
71:44:48:34:83:3c:18:d9:7f:db:51:20:2a:ab:63:60:c0:e4:
56:31:e6:64:9c:cb:2e:5e:b8:de:0a:b4:a9:3e:c3:b1:b8:fa:
ec:d7:fc:15:4b:98:dc:03:f5:68:c5:51:89:7e:c1:69:e7:94:
4a:b2:e0:2d:f7:6b:20:e7:62:46:4f:a7:86:0a:0f:ed:c8:b0:
25:da:fd:5a:fa:2e:a9:5e:05:41:9c:fd:7d:a1:8c:d1:6a:f7:
f1:df:06:66:3d:77:e6:cd:9c:7d:77:6a:06:53:0d:17:dd:b8:
b5:70:9c:43:d0:87:70:cf:0d:e4:2c:16:17:7d:d0:7d:d8:fd:
5a:61:42:86:02:4c:3d:db:81:80:49:ea:48:52:e2:78:a7:b0:
9f:36:e3:13:25:a2:53:50:e4:7a:4f:77:f2:38:9c:85:e1:ed:
ef:83:c7:cf:64:bc:1e:23:2e:d2:b2:4f:57:01:a5:94:e6:2c:
91:93:55:36:80:98:f0:80:cb:ce:f0:b0:3c:90:07:3f:ed:67:
2c:2d:72:84:61:c0:0b:3a:ec:f0:f1:b2:97:5a:7a:b6:6c:5a:
0e:f6:70:6a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYWOTrjEJnOSwA60QHiRobXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYTdjMWUwZThhMWM3YWQwMmQwYmI4MjhiNDExODhh
ZTUyNDMwHhcNMjMwMTA3MjIxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmYyYTY3Njg0NjM4NzJmNWQ2YjQ1OWEwNmRiYTI5MDlhNmQzOGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkJJdX5LKUNtzx4ffP9GV0oKZ+Id
mmPwwZiUw3PITS0jl0jCmpTaJORiD6wQUyNAOtIa7OYiFBxF1Ds7FnhlO8yK0sCz
DZIFhmNIMYfwRgk8AeFVJq0hM1rzCARAvSgDvUKQkQFkeFWOutoMRPEyHAK8rIZt
wxorVlSs9pYc+W2vTwfCElCikRgpKMb4nlig5XSBExX0d2ReEkfeSum8LYN7mEUt
wMBcE1daSS8t4joOVPIT1a1ZMRuF52TEZFf6IbxphE9by6yVEPlZg7CQEDEFUKtA
XIlNCze5mmW0SfU2B9s+ymzpZAmbolDQ36oWAKy1jtRUIZdhm8HKt5sxaQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFNvypnaEY4cvXWtFmgbbopCabTjTMB8GA1UdIwQY
MBaAFNvgynweDoocetAtC7gotBGIrlJDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ES2ZCNE9paHg2MEMwTHVDaTBFWWl1VWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mM2M4ZTgtYzViYy00MjExLWE5YWMt
NGY5MTEyZWRlOTY4LzEvMl9LbWRvUmpoeTlkYTBXYUJ0dWlrSnB0T05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mM2M4ZTgtYzViYy00MjExLWE5YWMtNGY5MTEyZWRlOTY4
LzEvMi1ES2ZCNE9paHg2MEMwTHVDaTBFWWl1VWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQEUF2gAwQE
XDxgAwQDn/04AwQAuRIgAwQCubjsAwQBwpb8AwQE2ayAMBQEAgACMA4DBQAqABqQ
AwUAKgPywDANBgkqhkiG9w0BAQsFAAOCAQEAjZ23/WSYc12l36ii2zkT9fPKls/1
6A2iyuzOoOd8BjeCgI4dcURINIM8GNl/21EgKqtjYMDkVjHmZJzLLl643gq0qT7D
sbj67Nf8FUuY3AP1aMVRiX7BaeeUSrLgLfdrIOdiRk+nhgoP7ciwJdr9WvouqV4F
QZz9faGM0Wr38d8GZj135s2cfXdqBlMNF924tXCcQ9CHcM8N5CwWF33Qfdj9WmFC
hgJMPduBgEnqSFLieKewnzbjEyWiU1Dkek938jicheHt74PHz2S8HiMu0rJPVwGl
lOYskZNVNoCY8IDLzvCwPJAHP+1nLC1yhGHACzrs8PGyl1p6tmxaDvZwag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:24 2024 by rpki-client on console-ams.rpki-client.org