Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/2kFM3fwxsFKBR7l-0fpKp7MgQ2I.roa
File: 2kFM3fwxsFKBR7l-0fpKp7MgQ2I.roa (raw, json)
Hash identifier: jehEVTYumSNJoE9sXqsia71O6A86yWbNZfbGpZhBn2g=
Subject key identifier: DA:41:4C:DD:FC:31:B0:52:81:47:B9:7E:D1:FA:4A:A7:B3:20:43:62
Certificate issuer: /CN=bc464ba9d26385f54df6254ac248926d370445b0
Certificate serial: 018C6813A1B9CAB952F15E622DAA454F9BEA
Authority key identifier: BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/2kFM3fwxsFKBR7l-0fpKp7MgQ2I.roa
Signing time: Thu 14 Dec 2023 11:26:06 +0000
ROA not before: Thu 14 Dec 2023 11:26:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8540
IP address blocks: 146.19.52.0/24 maxlen: 24
185.151.20.0/22 maxlen: 24
45.155.184.0/22 maxlen: 24
185.227.88.0/23 maxlen: 23
185.227.91.0/24 maxlen: 24
185.236.166.0/24 maxlen: 24
185.236.164.0/23 maxlen: 24
185.209.204.0/22 maxlen: 22
195.128.151.0/24 maxlen: 24
2a0b:4c40::/29 maxlen: 29
2a07:7540::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 14 Dec 2023 12:27:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:13:a1:b9:ca:b9:52:f1:5e:62:2d:aa:45:4f:9b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc464ba9d26385f54df6254ac248926d370445b0
Validity
Not Before: Dec 14 11:26:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da414cddfc31b0528147b97ed1fa4aa7b3204362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:55:2a:15:28:8b:97:ac:fa:69:7c:77:de:cc:
4d:67:3d:71:92:bd:a0:34:24:76:64:86:7a:3f:a9:
a1:d9:f1:46:10:a0:aa:ae:e6:99:98:fe:7c:cc:19:
ff:0b:7b:73:79:a9:97:76:58:bb:14:80:23:53:54:
54:07:0f:ac:a6:3d:7e:68:02:f7:f1:7a:0d:3a:c6:
d6:33:b8:73:b2:de:9b:98:ab:34:57:8d:0a:b9:2e:
ed:16:b0:d7:00:6c:e5:bb:31:b2:30:3f:a8:6c:14:
21:93:ff:80:b0:1f:ff:83:06:93:5c:db:23:f0:9c:
ba:71:3f:7f:ae:7b:a8:70:69:ae:c5:54:fb:d6:79:
d1:9d:62:89:46:35:df:73:57:12:75:dc:98:af:8d:
c3:6f:18:25:80:d2:44:96:50:1d:77:a1:2d:d9:3b:
22:d4:2e:06:c9:cf:2d:93:4b:48:ba:f1:c8:dc:9e:
8d:0f:da:d0:2d:95:e7:81:9f:a8:91:64:29:fb:05:
41:35:07:85:0a:83:8f:a2:cb:c2:31:6a:67:83:af:
19:68:e2:df:b0:81:17:f9:d9:17:c9:49:41:26:7a:
cc:d4:ff:61:28:c2:3d:1e:e8:a7:25:04:ad:9e:b7:
9c:f1:53:50:55:1e:5b:e1:34:e1:ed:9f:53:d1:62:
b8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:41:4C:DD:FC:31:B0:52:81:47:B9:7E:D1:FA:4A:A7:B3:20:43:62
X509v3 Authority Key Identifier:
keyid:BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/2kFM3fwxsFKBR7l-0fpKp7MgQ2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.184.0/22
146.19.52.0/24
185.151.20.0/22
185.209.204.0/22
185.227.88.0/23
185.227.91.0/24
185.236.164.0-185.236.166.255
195.128.151.0/24
IPv6:
2a07:7540::/29
2a0b:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
62:57:b9:3e:4a:99:6b:f4:da:87:bd:8f:75:89:47:9b:99:20:
7d:b5:aa:90:7e:e1:70:07:78:53:6b:57:c9:46:5b:0f:dc:9e:
9d:fd:92:09:ec:fb:96:a1:a1:79:c6:77:80:0c:d7:ff:80:41:
d2:e6:d2:de:83:19:0f:80:8c:91:c8:21:f6:e8:6f:93:2e:36:
60:e9:76:c2:22:40:d7:97:99:b6:56:10:4f:3c:f8:10:ae:aa:
96:25:69:36:ac:fb:60:33:0f:30:9e:e6:40:a6:ff:fa:ef:9c:
5d:6c:d1:1e:d6:56:4f:1e:e5:a8:0f:02:b2:b7:ad:5c:43:2f:
43:e9:38:b9:f2:f9:e7:25:77:87:f8:3b:6a:5c:60:e5:ee:54:
6d:d5:3c:47:31:84:45:49:e3:3a:6e:9f:93:14:a8:97:06:12:
23:e9:b7:65:e0:20:ee:7e:0a:89:d6:6e:99:12:3a:f2:3d:cf:
97:57:bb:f5:99:ba:b7:d6:bb:e0:2f:72:a7:b0:93:63:33:56:
f2:3e:05:1c:d5:5a:53:da:11:dc:2e:42:1f:b3:71:ce:4b:90:
90:cf:25:8d:cf:9a:a7:3a:a4:f4:51:4c:b4:a6:d2:4b:2d:01:
65:fb:bf:ff:36:ad:c3:e1:65:92:4a:89:fa:58:b2:c0:c3:23:
00:11:ad:d3
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYxoE6G5yrlS8V5iLapFT5vqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDY0YmE5ZDI2Mzg1ZjU0ZGY2MjU0YWMyNDg5MjZkMzcw
NDQ1YjAwHhcNMjMxMjE0MTEyNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQxNGNkZGZjMzFiMDUyODE0N2I5N2VkMWZhNGFhN2IzMjA0MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FUqFSiLl6z6aXx33sxNZz1xkr2g
NCR2ZIZ6P6mh2fFGEKCqruaZmP58zBn/C3tzeamXdli7FIAjU1RUBw+spj1+aAL3
8XoNOsbWM7hzst6bmKs0V40KuS7tFrDXAGzluzGyMD+obBQhk/+AsB//gwaTXNsj
8Jy6cT9/rnuocGmuxVT71nnRnWKJRjXfc1cSddyYr43DbxglgNJEllAdd6Et2Tsi
1C4Gyc8tk0tIuvHI3J6ND9rQLZXngZ+okWQp+wVBNQeFCoOPosvCMWpng68ZaOLf
sIEX+dkXyUlBJnrM1P9hKMI9HuinJQStnrec8VNQVR5b4TTh7Z9T0WK4bQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNpBTN38MbBSgUe5ftH6SqezIENiMB8GA1UdIwQY
MBaAFLxGS6nSY4X1TfYlSsJIkm03BEWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQt
ZDczZGM0YjQxY2UxLzEvMmtGTTNmd3hzRktCUjdsLTBmcEtwN01nUTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQtZDczZGM0YjQxY2Ux
LzEvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQCLZu4AwQA
khM0AwQCuZcUAwQCudHMAwQBueNYAwQAueNbMAwDBAK57KQDBAC57KYDBADDgJcw
FAQCAAIwDgMFAyoHdUADBQMqC0xAMA0GCSqGSIb3DQEBCwUAA4IBAQBiV7k+Splr
9NqHvY91iUebmSB9taqQfuFwB3hTa1fJRlsP3J6d/ZIJ7PuWoaF5xneADNf/gEHS
5tLegxkPgIyRyCH26G+TLjZg6XbCIkDXl5m2VhBPPPgQrqqWJWk2rPtgMw8wnuZA
pv/675xdbNEe1lZPHuWoDwKyt61cQy9D6Ti58vnnJXeH+DtqXGDl7lRt1TxHMYRF
SeM6bp+TFKiXBhIj6bdl4CDufgqJ1m6ZEjryPc+XV7v1mbq31rvgL3KnsJNjM1by
PgUc1VpT2hHcLkIfs3HOS5CQzyWNz5qnOqT0UUy0ptJLLQFl+7//Nq3D4WWSSon6
WLLAwyMAEa3T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:58 2024 by rpki-client on console-fra.rpki-client.org