Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2hKEX4MtP06zb0Xh8hBD8pmmhBI.roa
File: 2hKEX4MtP06zb0Xh8hBD8pmmhBI.roa (raw, json)
Hash identifier: xdbRLbY/L/dWxcwFYTHj5A9h676I2M/UGo7zbCxm+2E=
Subject key identifier: DA:12:84:5F:83:2D:3F:4E:B3:6F:45:E1:F2:10:43:F2:99:A6:84:12
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018BAFA87F95E55ECF5F96007B6F572BBA22
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2hKEX4MtP06zb0Xh8hBD8pmmhBI.roa
Signing time: Wed 08 Nov 2023 15:58:57 +0000
ROA not before: Wed 08 Nov 2023 15:58:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.231.186.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
89.190.152.0/24 maxlen: 24
89.190.152.0/22 maxlen: 22
89.190.154.0/24 maxlen: 24
89.190.153.0/24 maxlen: 24
89.190.155.0/24 maxlen: 24
45.133.63.0/24 maxlen: 24
45.133.62.0/24 maxlen: 24
45.133.61.0/24 maxlen: 24
45.133.60.0/24 maxlen: 24
45.133.60.0/22 maxlen: 22
178.19.40.0/22 maxlen: 22
45.137.12.0/23 maxlen: 23
185.244.231.0/24 maxlen: 24
185.244.230.0/24 maxlen: 24
185.244.229.0/24 maxlen: 24
185.244.228.0/24 maxlen: 24
185.244.228.0/23 maxlen: 23
2.59.192.0/22 maxlen: 22
194.32.112.0/24 maxlen: 24
45.150.84.0/22 maxlen: 22
194.32.112.0/22 maxlen: 22
194.32.115.0/24 maxlen: 24
194.32.114.0/24 maxlen: 24
194.32.113.0/24 maxlen: 24
194.31.104.0/22 maxlen: 22
185.28.51.0/24 maxlen: 24
45.152.140.0/22 maxlen: 22
31.15.4.0/24 maxlen: 24
31.15.0.0/22 maxlen: 22
31.15.7.0/24 maxlen: 24
31.15.6.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
45.155.56.0/22 maxlen: 22
185.225.244.0/22 maxlen: 22
185.225.246.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.244.0/24 maxlen: 24
185.225.247.0/24 maxlen: 24
185.246.12.0/23 maxlen: 23
185.246.15.0/24 maxlen: 24
185.246.14.0/24 maxlen: 24
185.246.13.0/24 maxlen: 24
185.246.12.0/24 maxlen: 24
45.81.124.0/22 maxlen: 22
45.145.132.0/22 maxlen: 22
185.229.216.0/22 maxlen: 22
92.118.180.0/22 maxlen: 22
45.81.104.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:a8:7f:95:e5:5e:cf:5f:96:00:7b:6f:57:2b:ba:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Nov 8 15:58:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da12845f832d3f4eb36f45e1f21043f299a68412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:35:5a:14:cf:da:bf:e5:87:a1:1b:9b:65:cd:
25:d0:e4:cc:08:76:ac:47:43:35:d4:b4:b4:b0:39:
a6:58:25:7a:c3:b2:57:05:69:69:f7:b5:eb:0f:8a:
f7:9e:53:e8:45:15:0c:35:03:14:cc:7c:b4:36:47:
39:db:9d:d2:3e:fc:b4:3b:6d:c3:96:45:03:74:66:
cf:63:b9:70:bf:26:5a:2e:2d:2b:fe:c1:2e:b3:95:
f7:43:84:4d:d2:75:87:98:64:68:d8:38:d5:12:68:
47:10:9c:79:f4:9e:6a:74:55:dd:42:1f:f2:f0:55:
e2:c4:46:c9:aa:b7:0e:b7:1a:81:43:cf:a3:39:9c:
d3:cf:5f:ec:39:ba:27:09:52:a4:c8:ac:5a:eb:a7:
5a:3d:5c:b3:73:7e:6a:e3:51:51:58:ef:80:25:c7:
bb:9a:50:7f:b7:24:01:d0:8d:5a:8c:65:22:f5:f8:
5e:7f:7b:f2:22:bd:76:f3:06:a4:4c:bb:d5:00:62:
f8:6e:af:d4:38:07:f0:72:ae:77:f1:10:85:9e:32:
99:a2:5c:bc:c9:49:d9:02:a8:1b:23:27:14:1b:9c:
68:45:8e:ff:20:5a:8b:4d:0d:82:c8:8e:cc:b5:f9:
f7:ff:b6:d9:5c:be:67:d8:05:86:39:4f:78:2f:89:
2f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:12:84:5F:83:2D:3F:4E:B3:6F:45:E1:F2:10:43:F2:99:A6:84:12
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2hKEX4MtP06zb0Xh8hBD8pmmhBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.192.0/22
31.15.0.0/21
45.81.104.0/22
45.81.124.0/22
45.133.60.0/22
45.137.12.0/23
45.145.132.0/22
45.150.84.0/22
45.152.140.0/22
45.155.56.0/22
89.190.152.0/22
92.118.180.0/22
178.19.40.0/22
185.28.51.0/24
185.225.244.0/22
185.229.216.0/22
185.231.186.0/23
185.244.228.0/22
185.246.12.0/22
194.31.104.0/22
194.32.112.0/22
Signature Algorithm: sha256WithRSAEncryption
45:af:27:31:d7:2d:a2:2e:6f:86:00:87:b1:66:ae:da:e7:67:
f8:16:af:0f:8b:88:07:5c:76:c9:48:a1:aa:7c:4c:49:51:b7:
c4:c2:1d:ba:39:0c:2a:66:6c:81:d0:af:d2:7f:dd:ef:9f:35:
e5:70:09:db:f0:29:13:da:ec:91:f8:b5:c9:23:64:f2:a6:71:
ae:cc:ed:4d:3a:22:1e:7b:a8:bf:95:8e:60:5a:80:6a:62:77:
fd:54:64:28:9a:c6:d7:02:e0:c7:d3:52:d6:92:89:95:a7:13:
40:fe:3f:6c:16:44:e3:d4:99:1d:d0:b1:ef:e3:21:56:f3:74:
52:16:74:d5:10:77:0b:1c:55:fa:88:b9:02:21:6d:82:08:f1:
9a:8f:f1:87:5b:f9:01:30:9e:9c:d7:48:25:6c:cf:2d:35:5c:
8e:ee:1f:6b:07:b8:dc:43:6d:17:32:97:e7:0d:1c:02:cb:fe:
1b:c5:10:99:05:d2:cb:60:70:6d:16:72:77:7f:cc:83:81:3f:
a8:c3:fa:6f:e7:b2:ae:75:18:ff:2a:94:c4:a1:62:86:2a:e9:
e5:cd:36:59:70:18:44:cd:0d:b4:3f:6d:b3:ef:30:88:bc:0e:
8f:59:18:49:e6:45:5a:7b:46:bc:f6:81:3e:a1:c7:f3:69:0e:
cc:0e:3f:e5
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYuvqH+V5V7PX5YAe29XK7oiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMxMTA4MTU1ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTEyODQ1ZjgzMmQzZjRlYjM2ZjQ1ZTFmMjEwNDNmMjk5YTY4NDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzVaFM/av+WHoRubZc0l0OTMCHas
R0M11LS0sDmmWCV6w7JXBWlp97XrD4r3nlPoRRUMNQMUzHy0Nkc5253SPvy0O23D
lkUDdGbPY7lwvyZaLi0r/sEus5X3Q4RN0nWHmGRo2DjVEmhHEJx59J5qdFXdQh/y
8FXixEbJqrcOtxqBQ8+jOZzTz1/sObonCVKkyKxa66daPVyzc35q41FRWO+AJce7
mlB/tyQB0I1ajGUi9fhef3vyIr128wakTLvVAGL4bq/UOAfwcq538RCFnjKZoly8
yUnZAqgbIycUG5xoRY7/IFqLTQ2CyI7Mtfn3/7bZXL5n2AWGOU94L4kvsQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFNoShF+DLT9Os29F4fIQQ/KZpoQSMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvMmhLRVg0TXRQMDZ6YjBYaDhoQkQ4cG1taEJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgI7
wAMEAx8PAAMEAi1RaAMEAi1RfAMEAi2FPAMEAS2JDAMEAi2RhAMEAi2WVAMEAi2Y
jAMEAi2bOAMEAlm+mAMEAlx2tAMEArITKAMEALkcMwMEArnh9AMEArnl2AMEAbnn
ugMEArn05AMEArn2DAMEAsIfaAMEAsIgcDANBgkqhkiG9w0BAQsFAAOCAQEARa8n
Mdctoi5vhgCHsWau2udn+BavD4uIB1x2yUihqnxMSVG3xMIdujkMKmZsgdCv0n/d
75815XAJ2/ApE9rskfi1ySNk8qZxrsztTToiHnuov5WOYFqAamJ3/VRkKJrG1wLg
x9NS1pKJlacTQP4/bBZE49SZHdCx7+MhVvN0UhZ01RB3CxxV+oi5AiFtggjxmo/x
h1v5ATCenNdIJWzPLTVcju4fawe43ENtFzKX5w0cAsv+G8UQmQXSy2BwbRZyd3/M
g4E/qMP6b+eyrnUY/yqUxKFihirp5c02WXAYRM0NtD9ts+8wiLwOj1kYSeZFWntG
vPaBPqHH82kOzA4/5Q==
-----END CERTIFICATE-----
Generated at Wed Nov 8 17:30:52 2023 by rpki-client on console-fra.rpki-client.org