Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/2_jN3p028Q_r-wmEKlXOZ2vje1U.roa
File: 2_jN3p028Q_r-wmEKlXOZ2vje1U.roa (raw, json)
Hash identifier: a+X+AiOLkls8T+1hRkCH+a9kbD5QmcC+ArtCFjS9LR8=
Subject key identifier: DB:F8:CD:DE:9D:36:F1:0F:EB:FB:09:84:2A:55:CE:67:6B:E3:7B:55
Certificate issuer: /CN=ea9d376d5441f48b3dd508515b16fe95c5a11782
Certificate serial: 018CC94DBA12217DB4F504E6E2BE0917BED8
Authority key identifier: EA:9D:37:6D:54:41:F4:8B:3D:D5:08:51:5B:16:FE:95:C5:A1:17:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6p03bVRB9Is91QhRWxb-lcWhF4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/2_jN3p028Q_r-wmEKlXOZ2vje1U.roa
Signing time: Tue 02 Jan 2024 08:32:43 +0000
ROA not before: Tue 02 Jan 2024 08:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30925
IP address blocks: 193.84.143.0/24 maxlen: 24
185.223.36.0/22 maxlen: 22
194.124.196.0/22 maxlen: 22
185.220.212.0/22 maxlen: 22
185.226.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ba:12:21:7d:b4:f5:04:e6:e2:be:09:17:be:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea9d376d5441f48b3dd508515b16fe95c5a11782
Validity
Not Before: Jan 2 08:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbf8cdde9d36f10febfb09842a55ce676be37b55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:90:11:9e:55:86:30:ec:2c:f8:da:c8:03:31:
98:1d:78:b7:b2:20:b9:58:42:17:d5:e0:ce:a2:74:
11:99:4b:7b:25:99:11:31:79:33:22:0b:d0:02:10:
23:d1:51:bd:59:d4:e0:57:38:11:e6:89:d0:bc:5c:
eb:5b:97:d1:c3:08:7e:8a:83:cf:16:b8:fe:81:49:
28:ec:7f:b5:fa:ab:3e:c3:7d:0c:68:85:27:7f:29:
84:e7:55:73:12:88:ff:5f:d9:51:2e:4a:df:86:3f:
e1:09:9e:fe:9b:fa:53:61:c1:0c:88:62:d1:97:81:
10:88:ee:ca:1c:bf:58:1d:3b:d4:7f:2e:9d:cc:ac:
be:42:02:08:3f:4e:b7:f1:b4:55:80:7b:8e:5d:b5:
02:be:3a:80:e8:d9:c6:66:70:47:e3:6d:b8:92:7a:
9a:5d:ec:fa:6c:a5:0a:71:c8:08:ec:14:85:82:c1:
7d:2a:ff:56:65:36:73:1a:d9:8c:4d:42:49:a1:c5:
be:a5:77:7f:b6:16:95:91:16:6b:26:1d:96:58:56:
96:98:95:bb:0e:b0:ac:a5:b1:d9:77:f3:99:21:33:
e9:5a:38:87:aa:65:f6:5f:1d:d1:5f:5a:aa:47:77:
78:2a:3e:71:4d:05:88:fb:b3:10:24:db:c2:1f:68:
c7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F8:CD:DE:9D:36:F1:0F:EB:FB:09:84:2A:55:CE:67:6B:E3:7B:55
X509v3 Authority Key Identifier:
keyid:EA:9D:37:6D:54:41:F4:8B:3D:D5:08:51:5B:16:FE:95:C5:A1:17:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6p03bVRB9Is91QhRWxb-lcWhF4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/2_jN3p028Q_r-wmEKlXOZ2vje1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/6p03bVRB9Is91QhRWxb-lcWhF4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.212.0/22
185.223.36.0/22
185.226.76.0/22
193.84.143.0/24
194.124.196.0/22
Signature Algorithm: sha256WithRSAEncryption
db:14:c6:0d:28:b1:24:2e:8b:f3:74:cc:1f:20:af:fe:a5:c7:
7e:b5:ca:eb:14:79:74:f1:ca:32:46:e0:d6:ae:5d:2f:ea:b4:
6a:ad:31:cb:bb:75:82:97:a8:bf:0f:8c:6b:59:6e:92:0d:17:
15:fe:5d:13:31:62:dd:13:27:90:1f:d2:e5:24:b8:52:d8:c0:
d1:c4:c0:46:4f:f3:3c:0c:59:4e:82:95:16:34:4f:b7:99:43:
b1:67:2c:68:c5:35:7f:31:8b:06:12:47:d8:9f:70:3d:39:fa:
5c:cc:45:9f:d2:83:2d:5c:ed:e4:ac:d5:82:ca:ca:21:49:76:
59:50:68:78:37:67:f8:e2:55:37:22:bf:11:4a:f3:88:5f:b7:
9c:04:f8:76:f4:99:20:00:47:6a:0c:65:a4:18:ec:69:96:04:
a0:12:0f:8e:42:d4:03:7d:e9:34:4e:1f:0c:1e:33:a0:a3:6e:
6b:ac:4a:34:e0:8c:5f:6c:f5:cb:99:15:b2:3c:f1:31:99:c4:
39:84:ff:96:4b:7e:d6:a4:9a:f2:94:1a:c6:67:6c:8b:18:52:
47:0e:7e:36:e4:6d:64:a5:f3:33:23:60:dc:d0:12:bd:86:34:
53:e6:bd:43:37:a0:20:66:33:f6:9f:21:41:6f:c8:52:2b:3b:
b6:eb:f2:89
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTboSIX209QTm4r4JF77YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhOWQzNzZkNTQ0MWY0OGIzZGQ1MDg1MTViMTZmZTk1YzVh
MTE3ODIwHhcNMjQwMTAyMDgzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmY4Y2RkZTlkMzZmMTBmZWJmYjA5ODQyYTU1Y2U2NzZiZTM3YjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpARnlWGMOws+NrIAzGYHXi3siC5
WEIX1eDOonQRmUt7JZkRMXkzIgvQAhAj0VG9WdTgVzgR5onQvFzrW5fRwwh+ioPP
Frj+gUko7H+1+qs+w30MaIUnfymE51VzEoj/X9lRLkrfhj/hCZ7+m/pTYcEMiGLR
l4EQiO7KHL9YHTvUfy6dzKy+QgIIP0638bRVgHuOXbUCvjqA6NnGZnBH4224knqa
Xez6bKUKccgI7BSFgsF9Kv9WZTZzGtmMTUJJocW+pXd/thaVkRZrJh2WWFaWmJW7
DrCspbHZd/OZITPpWjiHqmX2Xx3RX1qqR3d4Kj5xTQWI+7MQJNvCH2jHGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNv4zd6dNvEP6/sJhCpVzmdr43tVMB8GA1UdIwQY
MBaAFOqdN21UQfSLPdUIUVsW/pXFoReCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnAwM2JWUkI5SXM5MVFoUld4Yi1sY1doRjRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS85MmM4YTQtNGE5NS00ODZkLTk5OTMt
M2Y3YWE0NDZmN2E4LzEvMl9qTjNwMDI4UV9yLXdtRUtsWE9aMnZqZTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS85MmM4YTQtNGE5NS00ODZkLTk5OTMtM2Y3YWE0NDZmN2E4
LzEvNnAwM2JWUkI5SXM5MVFoUld4Yi1sY1doRjRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCudzUAwQC
ud8kAwQCueJMAwQAwVSPAwQCwnzEMA0GCSqGSIb3DQEBCwUAA4IBAQDbFMYNKLEk
LovzdMwfIK/+pcd+tcrrFHl08coyRuDWrl0v6rRqrTHLu3WCl6i/D4xrWW6SDRcV
/l0TMWLdEyeQH9LlJLhS2MDRxMBGT/M8DFlOgpUWNE+3mUOxZyxoxTV/MYsGEkfY
n3A9OfpczEWf0oMtXO3krNWCysohSXZZUGh4N2f44lU3Ir8RSvOIX7ecBPh29Jkg
AEdqDGWkGOxplgSgEg+OQtQDfek0Th8MHjOgo25rrEo04IxfbPXLmRWyPPExmcQ5
hP+WS37WpJrylBrGZ2yLGFJHDn425G1kpfMzI2Dc0BK9hjRT5r1DN6AgZjP2nyFB
b8hSKzu26/KJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:48 2025 by rpki-client