Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/2DgVyQodNCJsVnTzLYEJKf1pYeE.roa
File: 2DgVyQodNCJsVnTzLYEJKf1pYeE.roa (raw, json)
Hash identifier: J4PhU7ReqCG1lu4kNpGAH3JbFJ1BPkE04R/4zF0XwtQ=
Subject key identifier: D8:38:15:C9:0A:1D:34:22:6C:56:74:F3:2D:81:09:29:FD:69:61:E1
Certificate issuer: /CN=e9fdfcdc3261b57afadfed730fb2dedb28649fcf
Certificate serial: 01856ED49D3BE42102B35FF083BEB9106258
Authority key identifier: E9:FD:FC:DC:32:61:B5:7A:FA:DF:ED:73:0F:B2:DE:DB:28:64:9F:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6f383DJhtXr63-1zD7Le2yhkn88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/2DgVyQodNCJsVnTzLYEJKf1pYeE.roa
Signing time: Sun 01 Jan 2023 19:35:05 +0000
ROA not before: Sun 01 Jan 2023 19:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202596
IP address blocks: 45.12.240.0/22 maxlen: 22
185.225.44.0/22 maxlen: 22
193.39.240.0/22 maxlen: 22
160.19.180.0/22 maxlen: 22
185.14.88.0/22 maxlen: 22
185.236.184.0/22 maxlen: 22
45.139.12.0/22 maxlen: 22
185.159.76.0/22 maxlen: 22
80.249.16.0/20 maxlen: 20
185.176.160.0/22 maxlen: 22
185.250.188.0/22 maxlen: 22
45.92.120.0/22 maxlen: 22
45.149.188.0/22 maxlen: 22
176.97.152.0/22 maxlen: 22
185.239.32.0/22 maxlen: 22
185.240.108.0/22 maxlen: 22
95.141.16.0/20 maxlen: 20
45.95.156.0/22 maxlen: 22
45.152.232.0/22 maxlen: 22
185.254.136.0/22 maxlen: 22
194.6.251.0/24 maxlen: 24
194.6.252.0/24 maxlen: 24
194.6.254.0/24 maxlen: 24
45.145.48.0/22 maxlen: 22
185.222.80.0/22 maxlen: 22
45.141.132.0/22 maxlen: 22
185.247.172.0/22 maxlen: 22
45.80.244.0/22 maxlen: 22
185.111.72.0/22 maxlen: 22
45.134.228.0/22 maxlen: 22
185.106.72.0/22 maxlen: 22
185.248.104.0/22 maxlen: 22
45.133.120.0/21 maxlen: 21
45.133.128.0/22 maxlen: 22
185.226.36.0/22 maxlen: 22
193.29.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 03 Feb 2023 15:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:9d:3b:e4:21:02:b3:5f:f0:83:be:b9:10:62:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9fdfcdc3261b57afadfed730fb2dedb28649fcf
Validity
Not Before: Jan 1 19:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d83815c90a1d34226c5674f32d810929fd6961e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ad:62:99:92:cd:ca:67:15:3f:68:87:7f:68:
23:d2:63:05:93:58:bb:c1:b4:07:6d:ca:c4:08:e1:
c2:4f:a7:36:e3:46:da:06:71:2c:34:c3:43:5e:e5:
3b:d3:6b:45:0d:31:3e:dc:d9:9e:08:58:e8:64:3e:
30:a9:cf:33:a8:6f:17:b4:60:cd:b6:61:3c:82:06:
55:16:0c:cd:67:b6:0b:33:bd:bb:88:50:fd:b6:88:
8d:95:41:7e:25:11:18:32:4e:a2:7b:cb:b1:cf:57:
0e:cd:b2:7a:58:80:ca:2d:45:0e:d6:48:9c:a0:f4:
77:94:54:e8:c0:ba:d3:fa:69:49:4b:15:df:d4:2c:
bf:d9:dc:7f:66:e2:1a:0d:e5:23:22:3f:56:ed:5a:
e4:36:a8:6a:7c:66:70:83:a0:4c:ed:d0:ed:dd:a0:
6f:81:bd:ed:94:f1:92:96:a4:7a:9c:97:95:b0:f3:
ab:49:63:39:61:f6:6e:a5:58:63:a0:25:0c:15:77:
f2:3a:7a:4e:8d:c1:75:33:51:54:95:e3:93:31:96:
29:36:92:58:e5:23:f0:90:b5:81:e9:7c:45:a4:0f:
7f:48:c1:cd:ea:89:2b:4f:1b:23:bc:f5:39:ce:4e:
01:5e:03:2e:39:9e:f4:85:a4:dd:32:f6:3c:47:00:
0a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:38:15:C9:0A:1D:34:22:6C:56:74:F3:2D:81:09:29:FD:69:61:E1
X509v3 Authority Key Identifier:
keyid:E9:FD:FC:DC:32:61:B5:7A:FA:DF:ED:73:0F:B2:DE:DB:28:64:9F:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f383DJhtXr63-1zD7Le2yhkn88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/2DgVyQodNCJsVnTzLYEJKf1pYeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/6f383DJhtXr63-1zD7Le2yhkn88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.240.0/22
45.80.244.0/22
45.92.120.0/22
45.95.156.0/22
45.133.120.0-45.133.131.255
45.134.228.0/22
45.139.12.0/22
45.141.132.0/22
45.145.48.0/22
45.149.188.0/22
45.152.232.0/22
80.249.16.0/20
95.141.16.0/20
160.19.180.0/22
176.97.152.0/22
185.14.88.0/22
185.106.72.0/22
185.111.72.0/22
185.159.76.0/22
185.176.160.0/22
185.222.80.0/22
185.225.44.0/22
185.226.36.0/22
185.236.184.0/22
185.239.32.0/22
185.240.108.0/22
185.247.172.0/22
185.248.104.0/22
185.250.188.0/22
185.254.136.0/22
193.29.28.0/22
193.39.240.0/22
194.6.251.0-194.6.252.255
194.6.254.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:27:b6:d4:50:ad:d9:52:16:5c:08:2e:2f:b4:24:41:d1:19:
6e:3c:5c:6e:52:95:52:e5:5a:9a:73:21:93:34:d6:55:3e:06:
ef:af:5f:42:1e:c9:0e:45:d9:ca:79:dd:e3:f5:e6:27:c9:1b:
9a:74:cf:1e:3b:c1:93:88:cc:f0:c3:d9:77:f5:37:57:c5:d8:
19:5a:78:7f:2c:c8:df:e3:b2:a6:32:b8:86:dd:24:80:7a:d0:
b0:12:57:cd:b8:8e:5c:a4:c5:af:af:18:90:ff:3e:6e:7c:9c:
e1:9b:10:d7:8c:d4:aa:60:4d:16:8b:32:ac:d6:85:fc:aa:b6:
e5:2d:59:a5:6f:f0:9a:5d:86:0b:b6:35:62:fb:e0:d9:a1:9b:
69:54:bb:d4:42:0e:0d:4c:fa:68:85:f3:c8:35:3c:ea:11:ad:
5d:e6:8f:88:69:6f:b2:b7:46:5f:54:9c:db:a1:ba:f7:04:15:
45:54:a5:87:f3:2a:9f:b6:a2:ac:5f:19:e3:45:bd:0c:c3:55:
c8:eb:4b:aa:3f:1a:3a:09:8c:aa:57:17:be:80:4c:0c:bc:83:
b7:3f:b9:51:7b:46:eb:e1:40:f4:3e:ed:4c:9c:47:51:08:b8:
ab:ea:5d:c4:91:cb:66:5c:0f:49:30:51:fe:4d:1e:56:60:c2:
66:77:ef:25
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAYVu1J075CECs1/wg765EGJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZmRmY2RjMzI2MWI1N2FmYWRmZWQ3MzBmYjJkZWRiMjg2
NDlmY2YwHhcNMjMwMTAxMTkzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODM4MTVjOTBhMWQzNDIyNmM1Njc0ZjMyZDgxMDkyOWZkNjk2MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma1imZLNymcVP2iHf2gj0mMFk1i7
wbQHbcrECOHCT6c240baBnEsNMNDXuU702tFDTE+3NmeCFjoZD4wqc8zqG8XtGDN
tmE8ggZVFgzNZ7YLM727iFD9toiNlUF+JREYMk6ie8uxz1cOzbJ6WIDKLUUO1kic
oPR3lFTowLrT+mlJSxXf1Cy/2dx/ZuIaDeUjIj9W7VrkNqhqfGZwg6BM7dDt3aBv
gb3tlPGSlqR6nJeVsPOrSWM5YfZupVhjoCUMFXfyOnpOjcF1M1FUleOTMZYpNpJY
5SPwkLWB6XxFpA9/SMHN6okrTxsjvPU5zk4BXgMuOZ70haTdMvY8RwAKXwIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFNg4FckKHTQibFZ08y2BCSn9aWHhMB8GA1UdIwQY
MBaAFOn9/NwyYbV6+t/tcw+y3tsoZJ/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmYzODNESmh0WHI2My0xekQ3TGUyeWhrbjg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xYmExOTEtYTQyYS00NTA5LWJiMjgt
MGJjN2U3ZWYwNzYzLzEvMkRnVnlRb2ROQ0pzVm5UekxZRUpLZjFwWWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xYmExOTEtYTQyYS00NTA5LWJiMjgtMGJjN2U3ZWYwNzYz
LzEvNmYzODNESmh0WHI2My0xekQ3TGUyeWhrbjg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBAIt
DPADBAItUPQDBAItXHgDBAItX5wwDAMEAy2FeAMEAi2FgAMEAi2G5AMEAi2LDAME
Ai2NhAMEAi2RMAMEAi2VvAMEAi2Y6AMEBFD5EAMEBF+NEAMEAqATtAMEArBhmAME
ArkOWAMEArlqSAMEArlvSAMEArmfTAMEArmwoAMEArneUAMEArnhLAMEArniJAME
ArnsuAMEArnvIAMEArnwbAMEArn3rAMEArn4aAMEArn6vAMEArn+iAMEAsEdHAME
AsEn8DAMAwQAwgb7AwQAwgb8AwQAwgb+MA0GCSqGSIb3DQEBCwUAA4IBAQBKJ7bU
UK3ZUhZcCC4vtCRB0RluPFxuUpVS5VqacyGTNNZVPgbvr19CHskORdnKed3j9eYn
yRuadM8eO8GTiMzww9l39TdXxdgZWnh/LMjf47KmMriG3SSAetCwElfNuI5cpMWv
rxiQ/z5ufJzhmxDXjNSqYE0WizKs1oX8qrblLVmlb/CaXYYLtjVi++DZoZtpVLvU
Qg4NTPpohfPINTzqEa1d5o+IaW+yt0ZfVJzbobr3BBVFVKWH8yqftqKsXxnjRb0M
w1XI60uqPxo6CYyqVxe+gEwMvIO3P7lRe0br4UD0Pu1MnEdRCLir6l3EkctmXA9J
MFH+TR5WYMJmd+8l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org