Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/2aXbpZ0XcBNF8qlayeizBwgxLD4.roa
File: 2aXbpZ0XcBNF8qlayeizBwgxLD4.roa (raw, json)
Hash identifier: vqo0uvjD1lLU1r7QhekbcwGm77zrbBI83q7JBs/nLfM=
Subject key identifier: D9:A5:DB:A5:9D:17:70:13:45:F2:A9:5A:C9:E8:B3:07:08:31:2C:3E
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 018A047758182282950984B44E17C30C524D
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/2aXbpZ0XcBNF8qlayeizBwgxLD4.roa
Signing time: Thu 17 Aug 2023 17:07:24 +0000
ROA not before: Thu 17 Aug 2023 17:07:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 188.208.48.0/23 maxlen: 23
93.119.125.0/24 maxlen: 24
46.102.178.0/24 maxlen: 24
46.102.177.0/24 maxlen: 24
46.102.179.0/24 maxlen: 24
89.35.90.0/24 maxlen: 24
86.104.2.0/24 maxlen: 24
86.104.1.0/24 maxlen: 24
86.104.0.0/24 maxlen: 24
176.223.160.0/24 maxlen: 24
93.114.51.0/24 maxlen: 24
89.37.93.0/24 maxlen: 24
89.37.94.0/24 maxlen: 24
86.106.116.0/24 maxlen: 24
89.40.207.0/24 maxlen: 24
86.104.213.0/24 maxlen: 24
86.104.212.0/24 maxlen: 24
188.208.221.0/24 maxlen: 24
188.208.220.0/24 maxlen: 24
188.208.223.0/24 maxlen: 24
188.209.125.0/24 maxlen: 24
188.209.124.0/24 maxlen: 24
193.30.255.0/24 maxlen: 24
89.41.27.0/24 maxlen: 24
77.81.91.0/24 maxlen: 24
77.81.90.0/24 maxlen: 24
89.42.154.0/24 maxlen: 24
89.39.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 06:42:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:04:77:58:18:22:82:95:09:84:b4:4e:17:c3:0c:52:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Aug 17 17:07:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9a5dba59d17701345f2a95ac9e8b30708312c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d5:b1:2e:32:c4:52:2b:05:a2:9b:ca:0b:fd:
cf:dc:6b:49:e1:b0:9f:0b:9a:d9:b7:3a:04:10:39:
e2:e3:3a:44:ed:51:22:ab:e6:09:03:85:49:41:21:
09:4f:41:ed:2a:41:7f:8a:67:ef:3d:4c:33:7a:5c:
fa:05:c3:60:00:ae:01:8c:f6:1b:e7:a2:08:40:c5:
85:b5:73:fd:12:7d:95:91:f7:7d:ff:d3:e1:e4:30:
da:81:39:45:3f:39:1d:ea:c8:ce:38:c9:4a:cb:69:
52:54:a7:48:7d:b8:0f:5b:60:5f:bc:03:24:33:87:
bc:e3:f0:2c:0c:4b:b8:18:94:52:eb:58:8e:95:f8:
1e:d2:93:b5:40:be:f4:b0:bc:2c:e5:6c:f3:44:1a:
22:0e:30:ef:8a:38:38:1f:95:c4:41:39:23:4c:6a:
0f:72:16:ef:82:8e:05:56:16:3a:ad:13:ff:a1:52:
08:bf:6e:43:db:70:88:77:f5:21:fb:36:70:37:8d:
6d:c1:d9:67:36:4f:27:07:5c:93:52:1e:14:c9:81:
15:6d:64:19:7a:04:01:af:1b:bc:bc:f0:d9:48:b2:
05:56:bb:a7:22:54:95:f9:a0:f0:d4:e8:c0:8d:8c:
cf:42:3c:da:fe:7a:01:4a:3e:96:f1:ea:34:40:e1:
d4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A5:DB:A5:9D:17:70:13:45:F2:A9:5A:C9:E8:B3:07:08:31:2C:3E
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/2aXbpZ0XcBNF8qlayeizBwgxLD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.177.0-46.102.179.255
77.81.90.0/23
86.104.0.0-86.104.2.255
86.104.212.0/23
86.106.116.0/24
89.35.90.0/24
89.37.93.0-89.37.94.255
89.39.69.0/24
89.40.207.0/24
89.41.27.0/24
89.42.154.0/24
93.114.51.0/24
93.119.125.0/24
176.223.160.0/24
188.208.48.0/23
188.208.220.0/23
188.208.223.0/24
188.209.124.0/23
193.30.255.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:af:47:43:3d:1e:e7:ee:8e:fe:66:c7:dc:12:0b:8d:d5:ca:
0f:f7:17:bf:03:f0:9c:40:cf:d4:cd:5b:94:65:f7:ce:eb:87:
b1:59:4d:92:7d:33:dd:8e:ea:a8:5a:8a:11:20:e5:13:44:69:
25:70:0b:a6:cf:fc:a1:ec:30:6b:e3:bd:7a:22:f8:63:34:73:
f8:20:86:47:cf:56:a8:b4:6d:82:9c:09:58:98:70:4d:4d:97:
22:4e:93:e6:7d:6f:47:c2:e6:80:47:94:dd:9b:c1:6a:b8:82:
a9:cc:37:71:af:f7:35:9e:3a:bb:18:83:a5:66:27:0a:03:8a:
cb:b0:bf:f3:e0:94:54:dc:76:1b:b9:cc:3e:1c:fe:36:5a:35:
8f:31:fb:a3:5a:9e:e3:39:c1:2f:e1:7c:39:be:4d:6a:4a:73:
8e:74:bb:eb:2c:1b:b1:92:6e:a7:55:5a:e0:a1:d8:c2:02:12:
7d:3f:18:d1:a6:8c:bb:40:26:e0:a5:0f:0d:5f:fe:09:6d:38:
12:7b:bc:b9:c4:a7:8a:34:34:ae:84:bf:cd:0b:6d:ab:e5:0c:
09:ff:f4:4a:c0:45:fc:31:da:0a:95:6f:dc:b3:f2:b6:d5:ad:
f9:f4:cc:05:e4:9d:72:5c:e7:06:01:48:6d:6f:f0:aa:12:c5:
79:8b:f9:cc
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAYoEd1gYIoKVCYS0ThfDDFJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMwODE3MTcwNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWE1ZGJhNTlkMTc3MDEzNDVmMmE5NWFjOWU4YjMwNzA4MzEyYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNWxLjLEUisFopvKC/3P3GtJ4bCf
C5rZtzoEEDni4zpE7VEiq+YJA4VJQSEJT0HtKkF/imfvPUwzelz6BcNgAK4BjPYb
56IIQMWFtXP9En2Vkfd9/9Ph5DDagTlFPzkd6sjOOMlKy2lSVKdIfbgPW2BfvAMk
M4e84/AsDEu4GJRS61iOlfge0pO1QL70sLws5WzzRBoiDjDvijg4H5XEQTkjTGoP
chbvgo4FVhY6rRP/oVIIv25D23CId/Uh+zZwN41twdlnNk8nB1yTUh4UyYEVbWQZ
egQBrxu8vPDZSLIFVrunIlSV+aDw1OjAjYzPQjza/noBSj6W8eo0QOHUNQIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFNml26WdF3ATRfKpWsnoswcIMSw+MB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvMmFYYnBaMFhjQk5GOHFsYXllaXpCd2d4TEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzCBkAQCAAEwgYkwDAME
AC5msQMEAi5msAMEAU1RWjALAwMDVmgDBABWaAIDBAFWaNQDBABWanQDBABZI1ow
DAMEAFklXQMEAFklXgMEAFknRQMEAFkozwMEAFkpGwMEAFkqmgMEAF1yMwMEAF13
fQMEALDfoAMEAbzQMAMEAbzQ3AMEALzQ3wMEAbzRfAMEAMEe/zANBgkqhkiG9w0B
AQsFAAOCAQEADq9HQz0e5+6O/mbH3BILjdXKD/cXvwPwnEDP1M1blGX3zuuHsVlN
kn0z3Y7qqFqKESDlE0RpJXALps/8oewwa+O9eiL4YzRz+CCGR89WqLRtgpwJWJhw
TU2XIk6T5n1vR8LmgEeU3ZvBariCqcw3ca/3NZ46uxiDpWYnCgOKy7C/8+CUVNx2
G7nMPhz+Nlo1jzH7o1qe4znBL+F8Ob5NakpzjnS76ywbsZJup1Va4KHYwgISfT8Y
0aaMu0Am4KUPDV/+CW04Enu8ucSnijQ0roS/zQttq+UMCf/0SsBF/DHaCpVv3LPy
ttWt+fTMBeSdclznBgFIbW/wqhLFeYv5zA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org