Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/2IQY9KHeINFfHftQYeYpbpkJZ20.roa
File: 2IQY9KHeINFfHftQYeYpbpkJZ20.roa (raw, json)
Hash identifier: WpPdWS4Ilb2g0NAsodFcbiulWXTHWow2Y4eAnznO78w=
Subject key identifier: D8:84:18:F4:A1:DE:20:D1:5F:1D:FB:50:61:E6:29:6E:99:09:67:6D
Certificate issuer: /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial: 018BD7B984F599940A5C09BFF23D6EC6F866
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/2IQY9KHeINFfHftQYeYpbpkJZ20.roa
Signing time: Thu 16 Nov 2023 10:42:21 +0000
ROA not before: Thu 16 Nov 2023 10:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58075
IP address blocks: 37.235.80.0/21 maxlen: 24
45.154.44.0/22 maxlen: 24
185.43.20.0/22 maxlen: 24
185.21.52.0/22 maxlen: 24
195.96.158.0/24 maxlen: 24
2a04:9380::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:b9:84:f5:99:94:0a:5c:09:bf:f2:3d:6e:c6:f8:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
Validity
Not Before: Nov 16 10:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d88418f4a1de20d15f1dfb5061e6296e9909676d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:97:ca:ad:a3:17:14:84:a0:2d:a6:d2:28:46:
41:2a:2b:53:ab:db:ec:d7:ab:f1:d1:ff:42:56:f9:
9a:fc:98:58:b2:2c:ee:4a:00:47:f8:e9:51:bc:08:
1e:41:c4:80:0a:9a:45:c1:e3:ad:a3:03:cd:dc:50:
6b:f5:f7:3d:95:7c:cb:8a:66:32:cc:7a:7a:80:4d:
77:d8:5e:d0:a2:05:75:ba:c2:f2:10:6b:32:b7:83:
2e:ce:0f:a9:d3:aa:4d:3b:9b:39:fd:9f:da:11:52:
93:e3:eb:aa:1f:0b:60:c7:16:0d:ce:4c:91:b5:53:
0b:36:52:27:75:af:9c:01:e1:d0:ba:3f:07:fd:57:
85:08:3b:f6:2d:d3:a1:4b:b8:a8:ad:b4:a4:a1:50:
2e:22:f5:13:92:ce:19:d6:6d:09:8b:f2:c0:11:68:
7a:14:95:f9:90:8a:87:f1:fd:5d:28:47:7c:88:20:
aa:b1:85:77:bd:e1:33:e2:02:08:a8:e8:8c:3a:c1:
9d:31:8a:09:2d:34:1a:31:74:a4:a2:68:ab:77:a6:
42:a5:68:4e:0b:af:72:46:4b:17:e9:26:21:d0:27:
30:a8:a0:f1:0f:c8:61:12:7a:bf:06:ba:82:66:86:
1b:80:5a:44:70:19:3b:49:6e:93:8f:17:54:18:6e:
7a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:84:18:F4:A1:DE:20:D1:5F:1D:FB:50:61:E6:29:6E:99:09:67:6D
X509v3 Authority Key Identifier:
keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/2IQY9KHeINFfHftQYeYpbpkJZ20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.80.0/21
45.154.44.0/22
185.21.52.0/22
185.43.20.0/22
195.96.158.0/24
IPv6:
2a04:9380::/29
Signature Algorithm: sha256WithRSAEncryption
96:9d:10:29:7c:61:75:68:62:58:b4:d3:0b:b3:90:ab:c6:68:
aa:7c:a9:65:1b:7f:2e:06:ba:f2:70:ef:00:d3:0b:bd:0e:bc:
a6:f2:71:04:46:c1:60:58:98:38:3c:cd:f7:53:96:b7:12:ea:
0c:ea:cd:4c:47:b0:ce:2d:22:ca:b2:58:b5:92:cd:99:0f:df:
87:fd:e5:fd:e6:1c:54:96:f8:9f:5f:68:a6:76:8b:b7:38:f8:
8a:17:b7:0b:1d:2b:36:42:3e:37:dc:48:cb:8a:08:47:2a:0c:
5b:91:12:4c:77:88:79:2c:00:c3:e1:d7:39:49:53:59:6e:81:
7c:d0:c4:6c:9a:d8:28:d7:80:cb:78:6e:82:1f:33:26:90:45:
b5:41:13:27:3c:50:7d:46:2f:0c:9e:f3:02:79:1f:9b:ef:d2:
50:40:11:52:ba:7b:d3:c6:ba:ba:dd:4b:16:61:9e:ef:13:09:
7d:c1:06:24:38:6d:68:84:b3:23:fa:e9:90:55:d8:98:54:7e:
68:c0:a3:17:d4:c7:7e:df:6f:01:95:83:b5:9e:96:88:90:c2:
02:4f:82:ab:73:a2:33:29:f4:07:cc:73:4c:f2:34:12:4e:c9:
f7:3f:4e:af:8e:51:33:28:f4:56:7e:a0:9f:e7:f0:41:6c:07:
56:c9:32:e8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYvXuYT1mZQKXAm/8j1uxvhmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjMxMTE2MTA0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODg0MThmNGExZGUyMGQxNWYxZGZiNTA2MWU2Mjk2ZTk5MDk2NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJfKraMXFISgLabSKEZBKitTq9vs
16vx0f9CVvma/JhYsizuSgBH+OlRvAgeQcSACppFweOtowPN3FBr9fc9lXzLimYy
zHp6gE132F7QogV1usLyEGsyt4Muzg+p06pNO5s5/Z/aEVKT4+uqHwtgxxYNzkyR
tVMLNlInda+cAeHQuj8H/VeFCDv2LdOhS7iorbSkoVAuIvUTks4Z1m0Ji/LAEWh6
FJX5kIqH8f1dKEd8iCCqsYV3veEz4gIIqOiMOsGdMYoJLTQaMXSkomird6ZCpWhO
C69yRksX6SYh0CcwqKDxD8hhEnq/BrqCZoYbgFpEcBk7SW6TjxdUGG56MQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNiEGPSh3iDRXx37UGHmKW6ZCWdtMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvMklRWTlLSGVJTkZmSGZ0UVllWXBicGtKWjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJetQAwQC
LZosAwQCuRU0AwQCuSsUAwQAw2CeMA0EAgACMAcDBQMqBJOAMA0GCSqGSIb3DQEB
CwUAA4IBAQCWnRApfGF1aGJYtNMLs5CrxmiqfKllG38uBrrycO8A0wu9Drym8nEE
RsFgWJg4PM33U5a3EuoM6s1MR7DOLSLKsli1ks2ZD9+H/eX95hxUlvifX2imdou3
OPiKF7cLHSs2Qj433EjLighHKgxbkRJMd4h5LADD4dc5SVNZboF80MRsmtgo14DL
eG6CHzMmkEW1QRMnPFB9Ri8MnvMCeR+b79JQQBFSunvTxrq63UsWYZ7vEwl9wQYk
OG1ohLMj+umQVdiYVH5owKMX1Md+328BlYO1npaIkMICT4Krc6IzKfQHzHNM8jQS
Tsn3P06vjlEzKPRWfqCf5/BBbAdWyTLo
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:40 2024 by rpki-client on console-fra.rpki-client.org