Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/2KKyV3bb2NW2tWEd928tLKdKscs.roa
File: 2KKyV3bb2NW2tWEd928tLKdKscs.roa (raw, json)
Hash identifier: CEtmQcFLbVTEFVKbiVkPkj61e+PNHzJOiswlCvNf9NE=
Subject key identifier: D8:A2:B2:57:76:DB:D8:D5:B6:B5:61:1D:F7:6F:2D:2C:A7:4A:B1:CB
Certificate issuer: /CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Certificate serial: 018B1657D10E8CB58DD767142AB31EED24F6
Authority key identifier: 62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/2KKyV3bb2NW2tWEd928tLKdKscs.roa
Signing time: Mon 09 Oct 2023 21:28:55 +0000
ROA not before: Mon 09 Oct 2023 21:28:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61333
IP address blocks: 94.228.108.0/24 maxlen: 24
94.228.107.0/24 maxlen: 24
94.228.110.0/24 maxlen: 24
94.228.96.0/24 maxlen: 24
94.228.96.0/20 maxlen: 24
94.228.98.0/24 maxlen: 24
94.228.100.0/24 maxlen: 24
94.228.104.0/24 maxlen: 24
94.228.105.0/24 maxlen: 24
149.126.64.0/24 maxlen: 24
149.126.64.0/21 maxlen: 24
149.126.65.0/24 maxlen: 24
149.126.67.0/24 maxlen: 24
149.126.66.0/24 maxlen: 24
149.126.70.0/24 maxlen: 24
194.169.198.0/24 maxlen: 24
185.251.52.0/24 maxlen: 24
185.251.54.0/24 maxlen: 24
185.251.53.0/24 maxlen: 24
193.200.249.0/24 maxlen: 24
2a00:e30:64::/64 maxlen: 64
2a00:e30:80::/41 maxlen: 64
2a00:e30:a00::/40 maxlen: 48
2a00:e30:ed00::/41 maxlen: 48
2a00:e30:6900::/41 maxlen: 41
2a00:e30:3000::/41 maxlen: 41
2a00:e30:2100::/41 maxlen: 41
2a00:e30:280::/41 maxlen: 41
2a00:e30::/41 maxlen: 41
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:16:57:d1:0e:8c:b5:8d:d7:67:14:2a:b3:1e:ed:24:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Validity
Not Before: Oct 9 21:28:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8a2b25776dbd8d5b6b5611df76f2d2ca74ab1cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:63:b4:5d:70:f9:8d:bb:00:db:d3:18:a9:7f:
2e:3d:63:85:1d:21:51:fc:14:ed:c7:d3:f3:6c:e2:
7e:4c:8d:dc:57:a9:f2:5f:4b:ec:c5:ac:b6:d8:c5:
a4:cc:97:21:57:9f:30:2b:ce:61:0a:87:57:d3:0d:
f4:6b:3b:67:54:97:18:5c:84:e7:e1:94:77:4c:c6:
02:92:34:d6:6d:97:7f:60:63:7f:60:ce:a2:28:c5:
a2:70:85:04:78:ae:9a:0b:79:12:9b:b9:67:bb:52:
0a:6a:c4:88:62:2c:c6:d5:92:d6:da:22:99:62:26:
1c:53:55:ee:1a:59:98:d4:a4:37:84:be:67:08:a6:
c3:a1:d0:05:ac:da:10:6b:b3:bd:cc:09:f6:fd:c9:
6f:a7:39:0d:93:64:58:d5:93:00:92:8c:04:84:18:
91:55:5b:ed:71:3c:00:45:0e:09:df:ed:dc:9b:04:
59:10:3f:17:c6:62:4c:d6:e8:d8:6a:c6:87:9e:c5:
0d:f4:48:27:b1:a7:a7:43:f0:f8:6e:fe:82:00:5c:
f8:2b:dc:8c:10:2c:02:62:7e:42:e8:f2:df:04:2f:
08:be:9d:a0:73:29:cd:eb:57:ae:8c:97:4f:84:0c:
a0:3b:e6:c1:8c:37:3f:ef:f2:13:24:19:41:01:eb:
12:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A2:B2:57:76:DB:D8:D5:B6:B5:61:1D:F7:6F:2D:2C:A7:4A:B1:CB
X509v3 Authority Key Identifier:
keyid:62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/2KKyV3bb2NW2tWEd928tLKdKscs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.96.0/20
149.126.64.0/21
185.251.52.0-185.251.54.255
193.200.249.0/24
194.169.198.0/24
IPv6:
2a00:e30::/40
2a00:e30:280::/41
2a00:e30:a00::/40
2a00:e30:2100::/41
2a00:e30:3000::/41
2a00:e30:6900::/41
2a00:e30:ed00::/41
Signature Algorithm: sha256WithRSAEncryption
07:d9:b3:f5:92:b4:c5:0a:9c:2e:24:c4:9c:3a:d7:d6:b0:9f:
d6:bb:9f:44:59:f2:45:e2:9a:c1:7b:21:6c:44:90:26:5a:b9:
bb:bf:d3:b2:a2:30:e4:54:a2:c0:07:ad:c5:2b:dd:a9:9c:a0:
2a:25:6f:25:bb:fe:14:69:27:ad:2a:89:fd:cc:b2:7a:aa:b3:
a8:9d:dc:6d:d7:ff:d4:4d:c2:22:01:f2:13:f0:5c:20:72:69:
cf:38:71:ae:af:7f:0c:63:62:e1:9a:29:ff:5b:98:ad:61:ff:
5d:f5:5e:bd:8d:b1:27:4d:cd:3b:e2:08:eb:61:18:09:17:ec:
7e:de:80:8c:68:8b:2d:e7:96:75:5b:d7:21:66:e5:32:49:0e:
29:76:b2:f1:7c:b6:22:6f:b6:7b:7c:94:27:76:0b:73:c4:79:
0c:db:a2:33:d0:54:fc:14:dd:7f:56:a0:b0:66:c5:c9:c4:7e:
52:c7:13:fc:d6:5e:bd:34:61:d0:95:ed:c3:14:bf:70:ae:30:
fb:54:06:7e:7f:ac:6d:c2:44:a0:19:e9:16:54:e6:8c:ca:03:
b3:4e:fe:87:6c:74:f4:2b:9e:ed:ab:3b:ac:5c:3c:c8:d3:c1:
d2:99:2d:af:a9:a6:70:1d:7a:4e:ea:7f:9f:5f:c7:29:7e:ed:
06:78:be:c1
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYsWV9EOjLWN12cUKrMe7ST2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMzUyNmFkOWZiZWM1NzRmYTRlYzNkOWJhZGI1NDMzZmRh
YWNhN2IwHhcNMjMxMDA5MjEyODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGEyYjI1Nzc2ZGJkOGQ1YjZiNTYxMWRmNzZmMmQyY2E3NGFiMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42O0XXD5jbsA29MYqX8uPWOFHSFR
/BTtx9PzbOJ+TI3cV6nyX0vsxay22MWkzJchV58wK85hCodX0w30aztnVJcYXITn
4ZR3TMYCkjTWbZd/YGN/YM6iKMWicIUEeK6aC3kSm7lnu1IKasSIYizG1ZLW2iKZ
YiYcU1XuGlmY1KQ3hL5nCKbDodAFrNoQa7O9zAn2/clvpzkNk2RY1ZMAkowEhBiR
VVvtcTwARQ4J3+3cmwRZED8XxmJM1ujYasaHnsUN9EgnsaenQ/D4bv6CAFz4K9yM
ECwCYn5C6PLfBC8Ivp2gcynN61eujJdPhAygO+bBjDc/7/ITJBlBAesSBwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFNiisld229jVtrVhHfdvLSynSrHLMB8GA1UdIwQY
MBaAFGI1Jq2fvsV0+k7D2brbVDP9qsp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2Yt
ODFjOGNlNzUwMTI0LzEvMktLeVYzYmIyTlcydFdFZDkyOHRMS2RLc2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2YtODFjOGNlNzUwMTI0
LzEvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwLAQCAAEwJgMEBF7kYAME
A5V+QDAMAwQCufs0AwQAufs2AwQAwcj5AwQAwqnGMEMEAgACMD0DBgAqAA4wAAMH
ByoADjACgAMGACoADjAKAwcHKgAOMCEAAwcHKgAOMDAAAwcHKgAOMGkAAwcHKgAO
MO0AMA0GCSqGSIb3DQEBCwUAA4IBAQAH2bP1krTFCpwuJMScOtfWsJ/Wu59EWfJF
4prBeyFsRJAmWrm7v9OyojDkVKLAB63FK92pnKAqJW8lu/4UaSetKon9zLJ6qrOo
ndxt1//UTcIiAfIT8FwgcmnPOHGur38MY2Lhmin/W5itYf9d9V69jbEnTc074gjr
YRgJF+x+3oCMaIst55Z1W9chZuUySQ4pdrLxfLYib7Z7fJQndgtzxHkM26Iz0FT8
FN1/VqCwZsXJxH5SxxP81l69NGHQle3DFL9wrjD7VAZ+f6xtwkSgGekWVOaMygOz
Tv6HbHT0K57tqzusXDzI08HSmS2vqaZwHXpO6n+fX8cpfu0GeL7B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:01 2024 by rpki-client on console-ams.rpki-client.org