Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2-ViXmfgBKrmzdg32dkOKzfEMLQ.roa
File: 2-ViXmfgBKrmzdg32dkOKzfEMLQ.roa (raw, json)
Hash identifier: JB6yCdBcGu6XpnvQ55O5d8XJ1+PXs5uadj5cByctLSM=
Subject key identifier: DB:E5:62:5E:67:E0:04:AA:E6:CD:D8:37:D9:D9:0E:2B:37:C4:30:B4
Certificate issuer: /CN=d9d649188aaa439d8511f70ebe82ba5e766c85d2
Certificate serial: 01856E2FAA55039F83CC4DA33FF69AED7B33
Authority key identifier: D9:D6:49:18:8A:AA:43:9D:85:11:F7:0E:BE:82:BA:5E:76:6C:85:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dZJGIqqQ52FEfcOvoK6XnZshdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2-ViXmfgBKrmzdg32dkOKzfEMLQ.roa
Signing time: Sun 01 Jan 2023 16:34:55 +0000
ROA not before: Sun 01 Jan 2023 16:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16197
IP address blocks: 185.85.89.0/24 maxlen: 24
185.85.88.0/22 maxlen: 22
185.85.88.0/24 maxlen: 24
185.85.91.0/24 maxlen: 24
185.85.90.0/24 maxlen: 24
80.68.152.0/24 maxlen: 24
2a12:cb80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:aa:55:03:9f:83:cc:4d:a3:3f:f6:9a:ed:7b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d649188aaa439d8511f70ebe82ba5e766c85d2
Validity
Not Before: Jan 1 16:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbe5625e67e004aae6cdd837d9d90e2b37c430b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a4:10:51:63:74:4c:0b:da:2e:3a:9f:08:91:
54:59:e2:1e:bb:0b:72:60:7b:35:82:b0:47:6d:e0:
b1:d8:48:c3:6f:cd:d6:e6:7f:d8:58:a1:be:5c:35:
61:a5:24:51:e5:97:6f:76:76:a1:2e:63:99:93:e7:
c6:62:fc:c9:0b:a5:36:75:9e:08:00:09:d6:fc:c5:
6c:39:fc:84:e2:c3:19:96:15:73:34:47:2f:03:a5:
2c:e6:34:61:f4:54:f3:3d:a3:6b:85:05:55:7e:70:
12:de:2b:55:62:b5:2f:f7:7c:6d:68:05:32:99:35:
f7:c5:35:7a:d4:e4:56:a2:cf:9c:27:b0:22:2c:3e:
06:03:b8:28:bf:94:06:11:68:b1:ee:99:b4:49:a4:
e5:0e:63:ca:7e:d7:28:71:16:20:2c:ea:ac:0c:6e:
80:dd:45:25:f3:9a:d7:c8:53:54:b3:fe:64:23:f7:
57:1e:1f:a4:19:96:0e:51:1a:ac:88:32:6f:82:72:
64:95:c2:1c:ea:05:4a:f5:19:d2:46:80:cb:ec:c5:
9f:bd:ae:7a:35:f0:51:e0:3e:cb:33:14:cd:c7:28:
18:83:e6:dd:71:31:bd:0b:b9:9e:62:8d:9d:67:7c:
da:b3:3d:e3:25:53:aa:e0:09:0e:23:6a:f5:0e:87:
46:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E5:62:5E:67:E0:04:AA:E6:CD:D8:37:D9:D9:0E:2B:37:C4:30:B4
X509v3 Authority Key Identifier:
keyid:D9:D6:49:18:8A:AA:43:9D:85:11:F7:0E:BE:82:BA:5E:76:6C:85:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dZJGIqqQ52FEfcOvoK6XnZshdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2-ViXmfgBKrmzdg32dkOKzfEMLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2dZJGIqqQ52FEfcOvoK6XnZshdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.152.0/24
185.85.88.0/22
IPv6:
2a12:cb80::/29
Signature Algorithm: sha256WithRSAEncryption
43:ff:77:8c:86:ef:e7:9b:cf:1c:82:5d:6f:cd:9d:79:46:45:
98:3b:2f:92:3b:c5:0b:84:71:34:ed:b3:52:14:12:fb:c2:6a:
d2:54:d3:48:e3:37:aa:c1:ed:97:9e:f8:9c:8b:a8:3e:e3:f3:
a2:14:86:0a:84:8f:b6:fd:58:c5:f0:fc:54:36:0d:67:6b:e2:
79:80:cc:5c:e4:ce:c1:c1:69:8a:4d:b6:88:04:d1:d3:12:50:
e3:36:2a:ff:f1:a8:4e:56:67:cb:c9:f2:42:ab:db:bf:de:e3:
77:63:29:ad:64:2a:95:b9:3d:00:56:41:0c:49:d1:08:65:dd:
40:9b:a9:7f:35:b7:bc:95:46:60:d3:84:7d:42:29:61:6c:9f:
9d:cc:03:fa:dc:f9:12:9f:78:80:63:cb:3b:71:a3:88:5e:99:
d8:b0:c1:5b:15:49:6d:a3:12:c3:ab:0b:0b:23:c0:c0:c3:36:
98:10:3b:4d:4a:89:65:5a:d3:25:56:df:57:a9:6c:6b:25:68:
9e:cf:7d:f3:e2:82:c8:1f:44:f0:ca:41:3c:d5:22:89:c5:45:
a2:7f:4e:47:b6:92:82:47:59:14:1f:7a:cd:28:0a:4f:d3:f3:
8d:7f:36:d7:1b:b8:be:8f:1d:fd:96:ae:b0:1f:3e:8e:44:9c:
08:a1:2a:11
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuL6pVA5+DzE2jP/aa7XszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDY0OTE4OGFhYTQzOWQ4NTExZjcwZWJlODJiYTVlNzY2
Yzg1ZDIwHhcNMjMwMTAxMTYzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmU1NjI1ZTY3ZTAwNGFhZTZjZGQ4MzdkOWQ5MGUyYjM3YzQzMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaQQUWN0TAvaLjqfCJFUWeIeuwty
YHs1grBHbeCx2EjDb83W5n/YWKG+XDVhpSRR5ZdvdnahLmOZk+fGYvzJC6U2dZ4I
AAnW/MVsOfyE4sMZlhVzNEcvA6Us5jRh9FTzPaNrhQVVfnAS3itVYrUv93xtaAUy
mTX3xTV61ORWos+cJ7AiLD4GA7gov5QGEWix7pm0SaTlDmPKftcocRYgLOqsDG6A
3UUl85rXyFNUs/5kI/dXHh+kGZYOURqsiDJvgnJklcIc6gVK9RnSRoDL7MWfva56
NfBR4D7LMxTNxygYg+bdcTG9C7meYo2dZ3zasz3jJVOq4AkOI2r1DodG+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNvlYl5n4ASq5s3YN9nZDis3xDC0MB8GA1UdIwQY
MBaAFNnWSRiKqkOdhRH3Dr6Cul52bIXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRaSkdJcXFRNTJGRWZjT3ZvSzZYblpzaGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85NzQ4ODEtNGM0ZS00ZDQ4LThmZDMt
MWNjNmEzMWIxNGJmLzEvMi1WaVhtZmdCS3JtemRnMzJka09LemZFTUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85NzQ4ODEtNGM0ZS00ZDQ4LThmZDMtMWNjNmEzMWIxNGJm
LzEvMmRaSkdJcXFRNTJGRWZjT3ZvSzZYblpzaGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUESYAwQC
uVVYMA0EAgACMAcDBQMqEsuAMA0GCSqGSIb3DQEBCwUAA4IBAQBD/3eMhu/nm88c
gl1vzZ15RkWYOy+SO8ULhHE07bNSFBL7wmrSVNNI4zeqwe2Xnvici6g+4/OiFIYK
hI+2/VjF8PxUNg1na+J5gMxc5M7BwWmKTbaIBNHTElDjNir/8ahOVmfLyfJCq9u/
3uN3YymtZCqVuT0AVkEMSdEIZd1Am6l/Nbe8lUZg04R9QilhbJ+dzAP63PkSn3iA
Y8s7caOIXpnYsMFbFUltoxLDqwsLI8DAwzaYEDtNSollWtMlVt9XqWxrJWiez33z
4oLIH0TwykE81SKJxUWif05HtpKCR1kUH3rNKApP0/ONfzbXG7i+jx39lq6wHz6O
RJwIoSoR
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:59 2024 by rpki-client on console-fra.rpki-client.org