Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/2Xq5nMeDx6w9DS2IKq_YUq0irbE.roa
File: 2Xq5nMeDx6w9DS2IKq_YUq0irbE.roa (raw, json)
Hash identifier: 1xW+V9NNiKKNcoJJxv9P6gHUttEMwm1NHVnDADhXC/c=
Subject key identifier: D9:7A:B9:9C:C7:83:C7:AC:3D:0D:2D:88:2A:AF:D8:52:AD:22:AD:B1
Certificate issuer: /CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Certificate serial: 0190064B92C136D55BF122B8A5048C45797F
Authority key identifier: 84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/2Xq5nMeDx6w9DS2IKq_YUq0irbE.roa
Signing time: Tue 11 Jun 2024 07:55:34 +0000
ROA not before: Tue 11 Jun 2024 07:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 46.235.88.0/21 maxlen: 24
62.204.48.0/24 maxlen: 24
77.75.224.0/24 maxlen: 24
88.85.224.0/19 maxlen: 24
146.19.71.0/24 maxlen: 24
176.98.32.0/22 maxlen: 24
176.241.184.0/21 maxlen: 24
178.20.144.0/21 maxlen: 24
185.10.112.0/22 maxlen: 24
193.105.25.0/24 maxlen: 24
193.242.127.0/24 maxlen: 24
194.104.226.0/24 maxlen: 24
212.12.160.0/19 maxlen: 24
212.12.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 06:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:4b:92:c1:36:d5:5b:f1:22:b8:a5:04:8c:45:79:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Validity
Not Before: Jun 11 07:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d97ab99cc783c7ac3d0d2d882aafd852ad22adb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ae:cf:36:06:65:ba:f6:22:67:00:b9:c5:6c:
62:a9:92:72:eb:1b:4f:af:9c:3c:f5:1c:2b:c2:96:
07:40:1e:8c:6f:87:3e:64:b5:78:c2:dd:2e:28:85:
73:b5:93:6d:03:d2:f1:c0:e7:8b:5f:b5:00:67:85:
6f:85:34:34:d7:28:3e:6a:36:52:d5:d7:36:f8:a1:
3a:a8:33:44:19:6d:a8:64:25:32:b1:f1:1f:e6:72:
79:85:e7:3f:b4:c7:a9:63:03:7e:ee:28:5b:b0:2c:
f3:63:b9:07:06:f1:0c:05:d6:8f:81:82:93:b1:75:
ce:14:35:07:f0:7a:83:f6:9d:9b:92:ba:82:4b:6a:
30:27:62:c8:7b:98:c4:f5:89:ac:4a:af:12:2c:f7:
04:ce:0d:51:0b:da:03:cd:24:cb:3b:bf:7e:03:e1:
c3:51:77:ef:de:06:2e:3c:d9:d6:d4:6b:88:d9:b4:
7c:a4:26:a5:8e:31:32:90:ba:3f:98:5c:7a:f0:47:
07:99:18:19:19:84:f4:f2:dd:7e:ce:47:18:aa:1c:
08:d9:34:dc:a7:3c:6e:74:25:f7:90:37:34:09:a8:
2a:99:dc:95:8d:28:5f:dc:9d:c6:2f:b7:0a:2f:9d:
52:cd:64:a7:d2:82:21:67:bd:94:1c:49:a3:b9:49:
d7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:7A:B9:9C:C7:83:C7:AC:3D:0D:2D:88:2A:AF:D8:52:AD:22:AD:B1
X509v3 Authority Key Identifier:
keyid:84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/2Xq5nMeDx6w9DS2IKq_YUq0irbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.88.0/21
62.204.48.0/24
77.75.224.0/24
88.85.224.0/19
146.19.71.0/24
176.98.32.0/22
176.241.184.0/21
178.20.144.0/21
185.10.112.0/22
193.105.25.0/24
193.242.127.0/24
194.104.226.0/24
212.12.160.0/19
Signature Algorithm: sha256WithRSAEncryption
68:c1:b9:b1:5b:c2:b7:a3:59:88:ef:7a:9c:28:90:03:e2:3f:
5f:ad:79:4d:e9:2a:85:3b:dd:fe:a2:81:5e:58:46:bc:ca:31:
c5:38:a5:8d:5d:0d:ce:2c:ed:91:c8:07:76:a3:d6:f2:fc:ae:
65:49:27:ab:73:82:74:1e:40:21:4d:95:ea:de:f5:9b:a7:3f:
7d:e1:3b:e6:79:51:da:df:4a:97:d5:db:c9:4a:b4:32:6b:39:
91:e6:ed:aa:bb:04:3b:7c:ca:95:83:77:2a:e9:dc:f5:85:1e:
95:ba:af:b1:79:1d:a4:6c:ec:03:51:77:96:c7:6e:7d:16:85:
cb:06:33:f0:1c:1b:ed:dd:a7:55:d5:f6:73:40:82:7c:92:43:
a3:9c:9f:76:cb:96:b5:22:32:74:0a:5f:69:87:2f:6e:eb:ca:
bf:1c:d2:23:37:8c:71:f2:1e:5d:15:50:9e:49:24:c0:eb:fe:
ce:9c:8d:29:07:2c:20:5e:ee:b5:83:ea:b0:79:e7:7d:0d:45:
5f:22:31:7f:25:c5:1c:06:0b:1c:75:42:5c:34:4e:cd:cb:ad:
d0:97:04:11:d8:d4:bb:85:aa:55:05:26:dc:1f:37:5b:70:4e:
f2:b5:ed:d1:c3:af:03:c3:2c:e7:57:f0:16:97:4e:48:63:3f:
21:67:85:e7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZAGS5LBNtVb8SK4pQSMRXl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDQ5MmRiOWNiYjBhMGViNmJmNjljMjVjODY5NjFmNDkx
ODNjOWIwHhcNMjQwNjExMDc1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTdhYjk5Y2M3ODNjN2FjM2QwZDJkODgyYWFmZDg1MmFkMjJhZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxq7PNgZluvYiZwC5xWxiqZJy6xtP
r5w89RwrwpYHQB6Mb4c+ZLV4wt0uKIVztZNtA9LxwOeLX7UAZ4VvhTQ01yg+ajZS
1dc2+KE6qDNEGW2oZCUysfEf5nJ5hec/tMepYwN+7ihbsCzzY7kHBvEMBdaPgYKT
sXXOFDUH8HqD9p2bkrqCS2owJ2LIe5jE9YmsSq8SLPcEzg1RC9oDzSTLO79+A+HD
UXfv3gYuPNnW1GuI2bR8pCaljjEykLo/mFx68EcHmRgZGYT08t1+zkcYqhwI2TTc
pzxudCX3kDc0CagqmdyVjShf3J3GL7cKL51SzWSn0oIhZ72UHEmjuUnX5QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNl6uZzHg8esPQ0tiCqv2FKtIq2xMB8GA1UdIwQY
MBaAFIREktucuwoOtr9pwlyGlh9JGDybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTct
YTFlMGRiMWExN2RmLzEvMlhxNW5NZUR4Nnc5RFMySUtxX1lVcTBpcmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTctYTFlMGRiMWExN2Rm
LzEvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQDLutYAwQA
PswwAwQATUvgAwQFWFXgAwQAkhNHAwQCsGIgAwQDsPG4AwQDshSQAwQCuQpwAwQA
wWkZAwQAwfJ/AwQAwmjiAwQF1AygMA0GCSqGSIb3DQEBCwUAA4IBAQBowbmxW8K3
o1mI73qcKJAD4j9frXlN6SqFO93+ooFeWEa8yjHFOKWNXQ3OLO2RyAd2o9by/K5l
SSerc4J0HkAhTZXq3vWbpz994TvmeVHa30qX1dvJSrQyazmR5u2quwQ7fMqVg3cq
6dz1hR6Vuq+xeR2kbOwDUXeWx259FoXLBjPwHBvt3adV1fZzQIJ8kkOjnJ92y5a1
IjJ0Cl9phy9u68q/HNIjN4xx8h5dFVCeSSTA6/7OnI0pBywgXu61g+qweed9DUVf
IjF/JcUcBgscdUJcNE7Ny63QlwQR2NS7hapVBSbcHzdbcE7yte3Rw68DwyznV/AW
l05IYz8hZ4Xn
-----END CERTIFICATE-----
Generated at Tue Aug 27 08:25:30 2024 by rpki-client on console-ams.rpki-client.org