Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Rm2I2cj-z1GlFbYXajjRR6peTcQ.roa
File: Rm2I2cj-z1GlFbYXajjRR6peTcQ.roa (raw, json)
Hash identifier: 9NpJb5prDzGUGOR3jlrQh9jxDDhkVqlKUDpHV+uD9WA=
Subject key identifier: 46:6D:88:D9:C8:FE:CF:51:A5:15:B6:17:6A:38:D1:47:AA:5E:4D:C4
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018AB399D3675506C5F5D2D17AAD16BE8792
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Rm2I2cj-z1GlFbYXajjRR6peTcQ.roa
Signing time: Wed 20 Sep 2023 17:18:37 +0000
ROA not before: Wed 20 Sep 2023 17:18:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 2.57.240.0/24 maxlen: 24
2.57.241.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
176.126.174.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
93.90.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 09:44:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:99:d3:67:55:06:c5:f5:d2:d1:7a:ad:16:be:87:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 20 17:18:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=466d88d9c8fecf51a515b6176a38d147aa5e4dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:34:47:56:b0:35:28:a4:9c:eb:23:96:19:95:
5a:6c:a5:01:16:72:5d:eb:6f:89:60:f1:10:47:9f:
1b:93:19:6e:ae:93:23:10:29:70:c8:56:e7:b8:6a:
3f:50:54:6a:16:95:8f:83:7f:7d:e9:56:09:09:86:
b1:e9:ad:99:a1:7f:6b:51:26:0c:a2:57:4c:18:22:
c4:9e:8b:bd:9a:bd:b0:2e:a0:46:c6:9c:07:e9:ef:
d1:24:97:18:dd:de:10:a9:99:d5:6a:d0:6f:70:be:
a9:b8:e3:c7:dd:d9:ec:11:93:e3:f5:43:ed:fa:ee:
e3:a0:f9:77:9b:0a:f7:b9:f8:6c:9d:d1:11:34:97:
48:5a:cc:ee:90:73:1e:bd:da:b0:c3:ad:37:9a:0c:
e0:6c:1a:05:ad:6e:fb:98:7f:89:5c:22:1f:f7:b5:
eb:56:cb:5f:ab:70:d6:94:b6:85:94:99:1d:dc:2f:
44:9a:99:09:df:31:92:64:c2:c5:ad:56:6b:31:bc:
d6:a6:13:0a:eb:6c:14:7b:79:65:fe:7e:b4:8d:2e:
9a:eb:f5:b8:03:2e:41:e8:9a:63:02:0d:c2:70:96:
5a:a2:9a:c3:b2:c7:9f:98:38:05:2a:03:d1:64:3c:
df:2b:4d:47:69:a9:4f:ec:a2:33:b6:ec:b5:d1:58:
f2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:6D:88:D9:C8:FE:CF:51:A5:15:B6:17:6A:38:D1:47:AA:5E:4D:C4
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Rm2I2cj-z1GlFbYXajjRR6peTcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.240.0/23
62.192.152.0/24
89.34.106.0/24
89.37.192.0/24
89.47.55.0/24
93.90.75.0/24
94.177.51.0/24
176.126.174.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ca:05:78:35:27:04:dd:49:4e:34:9a:c2:d2:e1:9a:19:cc:
20:ab:d9:1e:a1:26:16:57:14:ab:30:69:70:ea:18:6b:b9:4d:
0f:f2:63:1c:0e:a7:5a:97:20:40:4e:8f:15:06:5e:e0:9e:d2:
03:ba:4c:62:97:42:71:78:18:5f:22:50:8c:e2:38:2b:c2:7c:
67:48:ec:7a:8c:cd:15:04:f4:4d:f9:69:90:38:ad:71:fb:c7:
0e:25:98:c7:55:e9:ea:a8:bc:10:87:ba:01:df:96:9e:21:93:
5d:73:a8:96:ab:95:2c:e5:2d:32:00:44:de:bf:8f:17:e6:7d:
d3:9a:a1:c9:b1:3f:a1:a2:82:cf:93:48:6a:0e:60:bd:10:27:
ca:c9:f4:64:a9:34:7a:80:af:28:79:ca:74:94:ca:84:6f:79:
ca:53:2c:d7:8d:d3:5a:31:53:45:aa:40:01:b2:e7:25:9d:05:
26:bb:97:7c:50:67:26:8a:32:b8:3c:4c:88:78:3f:fc:12:7a:
82:9d:fb:0b:74:1c:6e:ea:29:49:70:d4:a5:8f:13:28:93:2f:
11:4f:a8:93:58:aa:26:b7:42:ac:49:60:8c:2b:6a:15:4f:37:
9c:81:c6:48:97:ca:67:a3:5c:24:23:c2:1c:45:ea:be:c6:7f:
eb:8e:b0:30
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYqzmdNnVQbF9dLReq0WvoeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTIwMTcxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjZkODhkOWM4ZmVjZjUxYTUxNWI2MTc2YTM4ZDE0N2FhNWU0ZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTRHVrA1KKSc6yOWGZVabKUBFnJd
62+JYPEQR58bkxlurpMjEClwyFbnuGo/UFRqFpWPg3996VYJCYax6a2ZoX9rUSYM
oldMGCLEnou9mr2wLqBGxpwH6e/RJJcY3d4QqZnVatBvcL6puOPH3dnsEZPj9UPt
+u7joPl3mwr3ufhsndERNJdIWszukHMevdqww603mgzgbBoFrW77mH+JXCIf97Xr
Vstfq3DWlLaFlJkd3C9EmpkJ3zGSZMLFrVZrMbzWphMK62wUe3ll/n60jS6a6/W4
Ay5B6JpjAg3CcJZaoprDssefmDgFKgPRZDzfK01HaalP7KIztuy10VjykwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEZtiNnI/s9RpRW2F2o40UeqXk3EMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUm0ySTJjai16MUdsRmJZWGFqalJSNnBlVGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBAjnwAwQA
PsCYAwQAWSJqAwQAWSXAAwQAWS83AwQAXVpLAwQAXrEzAwQAsH6uMA0GCSqGSIb3
DQEBCwUAA4IBAQAOygV4NScE3UlONJrC0uGaGcwgq9keoSYWVxSrMGlw6hhruU0P
8mMcDqdalyBATo8VBl7gntIDukxil0JxeBhfIlCM4jgrwnxnSOx6jM0VBPRN+WmQ
OK1x+8cOJZjHVenqqLwQh7oB35aeIZNdc6iWq5Us5S0yAETev48X5n3TmqHJsT+h
ooLPk0hqDmC9ECfKyfRkqTR6gK8oecp0lMqEb3nKUyzXjdNaMVNFqkABsuclnQUm
u5d8UGcmijK4PEyIeD/8EnqCnfsLdBxu6ilJcNSljxMoky8RT6iTWKomt0KsSWCM
K2oVTzecgcZIl8pno1wkI8IcReq+xn/rjrAw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org