Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/iQ2bgHvCivp5P3mOJ0l5kE6j2qU.roa
File: iQ2bgHvCivp5P3mOJ0l5kE6j2qU.roa (raw, json)
Hash identifier: DB8TKEYTMaiKa3IeopivOdCPLUD4s+MdZq9KWGLwHrQ=
Subject key identifier: 89:0D:9B:80:7B:C2:8A:FA:79:3F:79:8E:27:49:79:90:4E:A3:DA:A5
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 0190EF80A806331447506863C1EFA381D5C8
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/iQ2bgHvCivp5P3mOJ0l5kE6j2qU.roa
Signing time: Fri 26 Jul 2024 14:45:04 +0000
ROA not before: Fri 26 Jul 2024 14:45:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49074
IP address blocks: 85.255.112.0/22 maxlen: 22
91.228.140.0/22 maxlen: 22
91.234.56.0/22 maxlen: 22
151.248.95.0/24 maxlen: 24
176.113.104.0/22 maxlen: 22
178.212.207.0/24 maxlen: 24
194.40.204.0/22 maxlen: 22
2a04:2041::/32 maxlen: 32
2a04:2043::/32 maxlen: 32
2a04:2045::/32 maxlen: 32
2a04:2047::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 31 Oct 2024 17:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ef:80:a8:06:33:14:47:50:68:63:c1:ef:a3:81:d5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jul 26 14:45:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=890d9b807bc28afa793f798e274979904ea3daa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:df:ec:3c:1f:67:20:6b:9c:4d:22:4a:9d:47:
83:ea:0a:02:dc:8a:43:8a:23:c8:f7:2a:c6:f2:44:
5d:07:f5:ab:ae:da:df:c7:7d:2b:fe:8a:f8:8a:46:
20:27:93:68:c7:45:7f:fd:e3:29:1d:56:8b:98:b8:
f4:60:8b:89:e5:b0:4a:5e:74:99:f7:0e:cb:f1:56:
e4:86:0a:f8:6c:54:3e:81:76:0a:05:21:0d:48:7e:
0e:6b:fc:0e:06:2a:aa:af:a0:ec:22:b0:d2:d0:f9:
5b:b5:6d:bc:ef:1f:f5:1d:f5:7e:83:db:3e:1f:dd:
01:1a:47:40:be:52:aa:10:63:26:fb:e0:6e:94:59:
97:0b:8a:a2:88:27:15:64:ad:34:07:de:75:27:70:
04:4e:1a:63:e0:88:03:35:69:e7:55:e4:e9:d0:d6:
33:ae:22:1b:ee:56:6e:97:03:e5:4a:8e:d5:42:3b:
d1:6a:bb:c7:db:88:71:68:5b:de:aa:60:9a:0b:3f:
b0:e5:9e:24:61:99:b0:4d:5c:de:78:87:6c:a0:98:
2c:88:e9:9e:e9:3a:8b:17:0a:21:6d:f4:8e:b6:ed:
28:0d:0d:49:ff:bf:8a:10:0d:be:c4:52:13:70:65:
7e:ab:d7:19:66:ea:ac:77:c6:76:78:1a:38:3a:4e:
fe:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0D:9B:80:7B:C2:8A:FA:79:3F:79:8E:27:49:79:90:4E:A3:DA:A5
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/iQ2bgHvCivp5P3mOJ0l5kE6j2qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.112.0/22
91.228.140.0/22
91.234.56.0/22
151.248.95.0/24
176.113.104.0/22
178.212.207.0/24
194.40.204.0/22
IPv6:
2a04:2041::/32
2a04:2043::/32
2a04:2045::/32
2a04:2047::/32
Signature Algorithm: sha256WithRSAEncryption
1b:3c:07:0f:5b:cd:e3:ae:c6:f5:13:c3:4c:06:fd:bf:9b:2b:
f5:19:d2:ee:1b:37:35:93:c3:9e:64:52:2b:ad:e0:b4:63:ec:
b4:c7:17:c0:b2:b2:18:f5:b4:10:44:4d:cd:01:ed:53:6c:b5:
9b:26:5a:00:ce:b5:ab:42:c7:11:79:19:ee:10:78:58:8a:a0:
40:d9:3e:38:f7:4b:bb:3d:20:5c:bb:1d:30:b7:23:a3:55:65:
e5:ac:df:8c:ee:51:1b:dc:7b:fe:af:11:f2:cd:ca:8f:d9:7c:
79:d9:a4:11:b5:d7:a1:4c:c5:83:a6:f3:5d:95:1d:db:74:f0:
20:70:ce:bf:08:b5:1e:f9:bf:79:e7:85:86:a3:a8:c2:3e:ca:
89:39:b6:3a:43:f5:43:2b:cb:42:86:63:03:f6:b5:cc:19:b8:
46:58:70:68:75:84:f0:b4:ca:84:ff:fe:64:cb:4f:a9:d8:ba:
5d:55:af:be:a1:a0:84:b2:ab:54:69:e5:da:43:de:96:49:52:
e6:16:ca:8b:53:79:a1:07:fd:cd:b8:d3:6e:fe:a5:38:b6:39:
51:1a:ce:11:8a:5b:2c:aa:39:31:5b:7c:d2:52:16:6b:95:17:
de:b8:4d:80:05:9a:1e:4f:b1:d8:cb:ee:f5:93:8f:f9:a7:ef:
87:ec:86:9c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZDvgKgGMxRHUGhjwe+jgdXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwNzI2MTQ0NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBkOWI4MDdiYzI4YWZhNzkzZjc5OGUyNzQ5Nzk5MDRlYTNkYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9/sPB9nIGucTSJKnUeD6goC3IpD
iiPI9yrG8kRdB/Wrrtrfx30r/or4ikYgJ5Nox0V//eMpHVaLmLj0YIuJ5bBKXnSZ
9w7L8Vbkhgr4bFQ+gXYKBSENSH4Oa/wOBiqqr6DsIrDS0PlbtW287x/1HfV+g9s+
H90BGkdAvlKqEGMm++BulFmXC4qiiCcVZK00B951J3AEThpj4IgDNWnnVeTp0NYz
riIb7lZulwPlSo7VQjvRarvH24hxaFveqmCaCz+w5Z4kYZmwTVzeeIdsoJgsiOme
6TqLFwohbfSOtu0oDQ1J/7+KEA2+xFITcGV+q9cZZuqsd8Z2eBo4Ok7+gQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIkNm4B7wor6eT95jidJeZBOo9qlMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvaVEyYmdIdkNpdnA1UDNtT0owbDVrRTZqMnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAwBAIAATAqAwQCVf9wAwQC
W+SMAwQCW+o4AwQAl/hfAwQCsHFoAwQAstTPAwQCwijMMCIEAgACMBwDBQAqBCBB
AwUAKgQgQwMFACoEIEUDBQAqBCBHMA0GCSqGSIb3DQEBCwUAA4IBAQAbPAcPW83j
rsb1E8NMBv2/myv1GdLuGzc1k8OeZFIrreC0Y+y0xxfAsrIY9bQQRE3NAe1TbLWb
JloAzrWrQscReRnuEHhYiqBA2T4490u7PSBcux0wtyOjVWXlrN+M7lEb3Hv+rxHy
zcqP2Xx52aQRtdehTMWDpvNdlR3bdPAgcM6/CLUe+b9554WGo6jCPsqJObY6Q/VD
K8tChmMD9rXMGbhGWHBodYTwtMqE//5ky0+p2LpdVa++oaCEsqtUaeXaQ96WSVLm
FsqLU3mhB/3NuNNu/qU4tjlRGs4RilssqjkxW3zSUhZrlRfeuE2ABZoeT7HYy+71
k4/5p++H7Iac
-----END CERTIFICATE-----
Generated at Thu Oct 31 19:24:58 2024 by rpki-client on console-fra.rpki-client.org