Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d1c937-e767-4ab1-8c5c-0952589b8b59/1/2rwpV4QIoRY96l_pwC5qv9s1uPU.roa
File: 2rwpV4QIoRY96l_pwC5qv9s1uPU.roa (raw, json)
Hash identifier: aUbD2jIyLOSvqdLtx8/53/qxmcRjyQtU2aBUlqL7sGc=
Subject key identifier: DA:BC:29:57:84:08:A1:16:3D:EA:5F:E9:C0:2E:6A:BF:DB:35:B8:F5
Certificate issuer: /CN=3054bb6e9f78011b8cc5d3f23b70b66cf6979aa7
Certificate serial: 01856E2F900BBEF1E12688F5C7C1169F6049
Authority key identifier: 30:54:BB:6E:9F:78:01:1B:8C:C5:D3:F2:3B:70:B6:6C:F6:97:9A:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MFS7bp94ARuMxdPyO3C2bPaXmqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/d1c937-e767-4ab1-8c5c-0952589b8b59/1/2rwpV4QIoRY96l_pwC5qv9s1uPU.roa
Signing time: Sun 01 Jan 2023 16:34:48 +0000
ROA not before: Sun 01 Jan 2023 16:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34814
IP address blocks: 193.151.104.0/22 maxlen: 24
46.149.80.0/20 maxlen: 24
195.60.174.0/23 maxlen: 24
91.203.12.0/22 maxlen: 24
193.37.156.0/24 maxlen: 24
193.16.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:90:0b:be:f1:e1:26:88:f5:c7:c1:16:9f:60:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3054bb6e9f78011b8cc5d3f23b70b66cf6979aa7
Validity
Not Before: Jan 1 16:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dabc29578408a1163dea5fe9c02e6abfdb35b8f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:59:2d:cc:d4:7f:4a:db:03:7f:b6:52:c2:05:
78:1c:40:b5:6f:cd:01:96:6f:35:0c:cd:c3:12:31:
69:c0:66:31:4e:15:fe:00:b1:14:77:30:10:92:f5:
ad:81:04:fa:ee:ba:f3:01:4d:c3:27:17:de:8c:5c:
87:59:94:09:d7:2d:f9:32:cc:25:de:7b:fb:23:09:
15:17:12:21:10:aa:1b:e3:47:f1:8b:23:f8:9b:42:
33:6c:46:18:62:41:00:50:56:6a:f0:88:86:fe:c9:
f6:e9:bb:ca:7a:72:7c:ab:0f:a8:a1:9b:73:a2:98:
ab:5e:25:44:d2:e1:43:81:bd:ff:03:00:10:b6:ac:
bd:c0:ae:cd:a1:48:d8:ae:59:c2:b3:2a:d4:9a:52:
85:c6:76:b4:4c:53:d4:ef:3c:e4:ec:92:b2:b3:15:
05:cd:84:a0:73:9f:3f:52:59:44:c0:75:4d:23:27:
54:43:0f:7d:c5:b9:56:3d:fd:ce:11:63:d9:73:1c:
32:d2:29:fc:27:c0:5b:62:17:49:8c:5e:07:77:be:
6e:db:8d:7a:42:e5:9f:9f:0b:0a:1a:a1:8e:3d:3d:
9d:36:20:6a:5d:9c:25:f2:fc:8e:d7:a6:fb:89:aa:
2e:f4:0e:31:83:7c:8c:c0:30:b2:c0:27:da:ff:ec:
86:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BC:29:57:84:08:A1:16:3D:EA:5F:E9:C0:2E:6A:BF:DB:35:B8:F5
X509v3 Authority Key Identifier:
keyid:30:54:BB:6E:9F:78:01:1B:8C:C5:D3:F2:3B:70:B6:6C:F6:97:9A:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MFS7bp94ARuMxdPyO3C2bPaXmqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1c937-e767-4ab1-8c5c-0952589b8b59/1/2rwpV4QIoRY96l_pwC5qv9s1uPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1c937-e767-4ab1-8c5c-0952589b8b59/1/MFS7bp94ARuMxdPyO3C2bPaXmqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.80.0/20
91.203.12.0/22
193.16.45.0/24
193.37.156.0/24
193.151.104.0/22
195.60.174.0/23
Signature Algorithm: sha256WithRSAEncryption
95:e7:4a:3f:43:ac:9d:01:a7:20:47:70:ea:5a:19:26:68:ba:
66:04:e4:8c:14:2c:0c:ec:a0:9e:f0:82:b1:1d:15:d7:f1:25:
c3:5b:98:d9:28:da:e9:98:12:ca:fb:2b:15:2c:88:f7:b9:a5:
e7:83:13:fb:8c:63:28:38:39:ad:d2:c8:4f:e3:b9:04:b0:f0:
b9:c0:2f:42:58:ba:4e:16:cf:57:e2:f5:55:de:86:03:f8:6f:
94:43:58:c3:41:1f:93:75:63:88:bc:b8:02:33:76:14:a2:1f:
eb:d7:6d:56:65:8e:8e:a1:a0:d2:58:19:d9:2e:07:87:28:72:
e3:35:39:ee:92:fe:0c:8f:ca:e8:d1:1c:e6:5a:81:17:f6:00:
a4:86:cd:e7:e2:ea:63:ee:a5:0f:66:28:85:69:96:dc:f9:a2:
21:28:f7:50:b0:2e:9c:11:09:43:3e:ca:4f:1d:b9:23:e0:d6:
3f:87:53:55:54:ae:42:55:0d:a0:7e:27:7f:64:b3:bf:34:79:
2c:58:56:8d:49:49:4c:7d:63:57:2e:64:75:cf:94:eb:17:82:
b8:41:dd:d4:46:e0:92:07:ea:d0:5f:58:a9:06:c0:61:48:bf:
01:14:92:df:1b:7f:e3:3a:fc:09:f7:97:ad:2f:4b:c1:91:f8:
5f:02:63:3a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVuL5ALvvHhJoj1x8EWn2BJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNTRiYjZlOWY3ODAxMWI4Y2M1ZDNmMjNiNzBiNjZjZjY5
NzlhYTcwHhcNMjMwMTAxMTYzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJjMjk1Nzg0MDhhMTE2M2RlYTVmZTljMDJlNmFiZmRiMzViOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlktzNR/StsDf7ZSwgV4HEC1b80B
lm81DM3DEjFpwGYxThX+ALEUdzAQkvWtgQT67rrzAU3DJxfejFyHWZQJ1y35Mswl
3nv7IwkVFxIhEKob40fxiyP4m0IzbEYYYkEAUFZq8IiG/sn26bvKenJ8qw+ooZtz
opirXiVE0uFDgb3/AwAQtqy9wK7NoUjYrlnCsyrUmlKFxna0TFPU7zzk7JKysxUF
zYSgc58/UllEwHVNIydUQw99xblWPf3OEWPZcxwy0in8J8BbYhdJjF4Hd75u2416
QuWfnwsKGqGOPT2dNiBqXZwl8vyO16b7iaou9A4xg3yMwDCywCfa/+yGOwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNq8KVeECKEWPepf6cAuar/bNbj1MB8GA1UdIwQY
MBaAFDBUu26feAEbjMXT8jtwtmz2l5qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUZTN2JwOTRBUnVNeGRQeU8zQzJiUGFYbXFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kMWM5MzctZTc2Ny00YWIxLThjNWMt
MDk1MjU4OWI4YjU5LzEvMnJ3cFY0UUlvUlk5NmxfcHdDNXF2OXMxdVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9kMWM5MzctZTc2Ny00YWIxLThjNWMtMDk1MjU4OWI4YjU5
LzEvTUZTN2JwOTRBUnVNeGRQeU8zQzJiUGFYbXFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQELpVQAwQC
W8sMAwQAwRAtAwQAwSWcAwQCwZdoAwQBwzyuMA0GCSqGSIb3DQEBCwUAA4IBAQCV
50o/Q6ydAacgR3DqWhkmaLpmBOSMFCwM7KCe8IKxHRXX8SXDW5jZKNrpmBLK+ysV
LIj3uaXngxP7jGMoODmt0shP47kEsPC5wC9CWLpOFs9X4vVV3oYD+G+UQ1jDQR+T
dWOIvLgCM3YUoh/r121WZY6OoaDSWBnZLgeHKHLjNTnukv4Mj8ro0RzmWoEX9gCk
hs3n4upj7qUPZiiFaZbc+aIhKPdQsC6cEQlDPspPHbkj4NY/h1NVVK5CVQ2gfid/
ZLO/NHksWFaNSUlMfWNXLmR1z5TrF4K4Qd3URuCSB+rQX1ipBsBhSL8BFJLfG3/j
OvwJ95etL0vBkfhfAmM6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:17 2024 by rpki-client on console-ams.rpki-client.org