Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8d1756-225f-4579-b1e6-9d609770a9ea/1/2Ns6Rr-1T5i_yAZJ6jGAB8eciSA.roa
File: 2Ns6Rr-1T5i_yAZJ6jGAB8eciSA.roa (raw, json)
Hash identifier: 9yCsQ2NJHNu5HNV8jJNQ+0S8/SHKowSVafg2Ya11nTU=
Subject key identifier: D8:DB:3A:46:BF:B5:4F:98:BF:C8:06:49:EA:31:80:07:C7:9C:89:20
Certificate issuer: /CN=89d5d1288a3c2ae17f99cbb18917700189bd4720
Certificate serial: 01856C8A5600F056FEA3DED360237D0E39D0
Authority key identifier: 89:D5:D1:28:8A:3C:2A:E1:7F:99:CB:B1:89:17:70:01:89:BD:47:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idXRKIo8KuF_mcuxiRdwAYm9RyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8d1756-225f-4579-b1e6-9d609770a9ea/1/2Ns6Rr-1T5i_yAZJ6jGAB8eciSA.roa
Signing time: Sun 01 Jan 2023 08:54:43 +0000
ROA not before: Sun 01 Jan 2023 08:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 185.155.196.0/24 maxlen: 24
185.155.197.0/24 maxlen: 24
185.155.198.0/24 maxlen: 24
185.155.199.0/24 maxlen: 24
37.99.208.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 11 Apr 2023 13:54:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:56:00:f0:56:fe:a3:de:d3:60:23:7d:0e:39:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89d5d1288a3c2ae17f99cbb18917700189bd4720
Validity
Not Before: Jan 1 08:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8db3a46bfb54f98bfc80649ea318007c79c8920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:52:a3:38:16:5b:fb:03:cc:b5:2d:09:01:5a:
7a:f7:59:e6:ff:20:f4:dd:50:e9:90:59:5b:91:7e:
f3:84:79:37:ee:cc:09:31:13:22:14:74:0f:bd:25:
15:77:f3:05:a4:1a:de:21:65:4c:09:c1:0f:1b:e1:
1f:c9:2e:d7:cd:d5:90:59:be:fe:a0:95:d5:82:a4:
6f:ab:bd:85:51:be:f0:31:2e:b3:67:1a:6a:b2:14:
63:47:55:b8:f1:8d:6d:3b:88:c2:5c:88:f0:6f:8f:
8e:a7:c8:1c:51:5d:f4:73:a7:27:98:ba:c5:d9:e1:
a3:18:28:ac:a5:67:69:87:3d:28:d1:85:0c:1a:50:
c0:24:f2:6d:6a:3b:56:dc:88:41:f4:1c:c8:d4:5f:
03:3d:22:1f:f5:1e:6d:f4:d0:14:3f:5d:3a:d9:5a:
1a:07:aa:b4:8d:7e:31:13:6b:96:93:b8:b9:46:7a:
ad:43:6b:5d:0c:30:ea:c1:00:df:3b:e1:5d:ee:c5:
bd:68:95:e0:99:31:f4:9a:1f:1a:ba:61:ed:5c:4e:
fa:b3:85:4c:56:8d:46:e4:84:5e:3a:6c:cf:eb:60:
75:07:1a:fe:26:34:38:65:72:bd:1c:f3:ea:f8:79:
06:0d:7e:df:dd:10:8b:5e:9e:0a:73:43:e9:e9:81:
4a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DB:3A:46:BF:B5:4F:98:BF:C8:06:49:EA:31:80:07:C7:9C:89:20
X509v3 Authority Key Identifier:
keyid:89:D5:D1:28:8A:3C:2A:E1:7F:99:CB:B1:89:17:70:01:89:BD:47:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idXRKIo8KuF_mcuxiRdwAYm9RyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8d1756-225f-4579-b1e6-9d609770a9ea/1/2Ns6Rr-1T5i_yAZJ6jGAB8eciSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8d1756-225f-4579-b1e6-9d609770a9ea/1/idXRKIo8KuF_mcuxiRdwAYm9RyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.208.0/21
185.155.196.0/22
Signature Algorithm: sha256WithRSAEncryption
40:fa:73:49:34:14:11:a7:30:07:8c:98:5d:77:ab:74:dc:9b:
76:12:44:58:6b:f6:91:a9:64:2b:2c:91:72:5c:78:2e:28:9e:
97:f9:45:9a:2e:82:b2:78:69:69:46:27:6b:50:45:ba:e8:50:
21:e4:50:41:f7:b4:4a:80:92:2d:3d:78:71:58:13:2b:26:0e:
96:56:26:ba:4a:e9:eb:f9:a3:ea:9b:52:44:19:4b:a1:5a:ce:
01:c4:21:67:4e:e9:c1:2e:1c:89:c0:b6:a2:54:67:d6:a4:1a:
5a:b7:47:85:b7:68:f9:42:02:9e:22:cd:ff:3a:33:db:ca:28:
0f:7d:5e:56:c5:dc:cf:f4:87:88:40:47:57:1f:33:cf:3d:4b:
22:af:2c:a6:11:37:60:b9:8b:e0:57:05:ea:0f:9d:11:b6:1e:
ee:d0:f0:69:c3:f4:42:a6:fe:71:b5:cc:78:38:49:1d:7f:e7:
f4:35:47:0f:01:a8:54:d2:8f:6a:26:37:6d:82:1c:8c:63:d0:
eb:16:5c:17:4e:79:84:a2:1c:09:ad:d9:f0:04:71:9f:41:96:
0a:e1:d5:2c:23:f8:13:4b:e8:22:a7:bf:e0:d4:b1:88:50:ff:
23:97:a8:ec:77:40:16:70:06:cc:a9:aa:de:59:c6:e9:b2:ee:
92:0c:46:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsilYA8Fb+o97TYCN9DjnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDVkMTI4OGEzYzJhZTE3Zjk5Y2JiMTg5MTc3MDAxODli
ZDQ3MjAwHhcNMjMwMTAxMDg1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRiM2E0NmJmYjU0Zjk4YmZjODA2NDllYTMxODAwN2M3OWM4OTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FKjOBZb+wPMtS0JAVp691nm/yD0
3VDpkFlbkX7zhHk37swJMRMiFHQPvSUVd/MFpBreIWVMCcEPG+EfyS7XzdWQWb7+
oJXVgqRvq72FUb7wMS6zZxpqshRjR1W48Y1tO4jCXIjwb4+Op8gcUV30c6cnmLrF
2eGjGCispWdphz0o0YUMGlDAJPJtajtW3IhB9BzI1F8DPSIf9R5t9NAUP1062Voa
B6q0jX4xE2uWk7i5RnqtQ2tdDDDqwQDfO+Fd7sW9aJXgmTH0mh8aumHtXE76s4VM
Vo1G5IReOmzP62B1Bxr+JjQ4ZXK9HPPq+HkGDX7f3RCLXp4Kc0Pp6YFKlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNjbOka/tU+Yv8gGSeoxgAfHnIkgMB8GA1UdIwQY
MBaAFInV0SiKPCrhf5nLsYkXcAGJvUcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRYUktJbzhLdUZfbWN1eGlSZHdBWW05UnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZDE3NTYtMjI1Zi00NTc5LWIxZTYt
OWQ2MDk3NzBhOWVhLzEvMk5zNlJyLTFUNWlfeUFaSjZqR0FCOGVjaVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZDE3NTYtMjI1Zi00NTc5LWIxZTYtOWQ2MDk3NzBhOWVh
LzEvaWRYUktJbzhLdUZfbWN1eGlSZHdBWW05UnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJWPQAwQC
uZvEMA0GCSqGSIb3DQEBCwUAA4IBAQBA+nNJNBQRpzAHjJhdd6t03Jt2EkRYa/aR
qWQrLJFyXHguKJ6X+UWaLoKyeGlpRidrUEW66FAh5FBB97RKgJItPXhxWBMrJg6W
Via6Sunr+aPqm1JEGUuhWs4BxCFnTunBLhyJwLaiVGfWpBpat0eFt2j5QgKeIs3/
OjPbyigPfV5WxdzP9IeIQEdXHzPPPUsiryymETdguYvgVwXqD50Rth7u0PBpw/RC
pv5xtcx4OEkdf+f0NUcPAahU0o9qJjdtghyMY9DrFlwXTnmEohwJrdnwBHGfQZYK
4dUsI/gTS+gip7/g1LGIUP8jl6jsd0AWcAbMqareWcbpsu6SDEaZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:56 2024 by rpki-client on console-ams.rpki-client.org