Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/2ADFmWsYmyIjwVhZf4-gloRL20M.roa
File: 2ADFmWsYmyIjwVhZf4-gloRL20M.roa (raw, json)
Hash identifier: RUKQgHpX9CZGNuLCJz8G/DuNSQeUXCArycgYMbIlteQ=
Subject key identifier: D8:00:C5:99:6B:18:9B:22:23:C1:58:59:7F:8F:A0:96:84:4B:DB:43
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018935AC47EEC4069B70952F04141D61209B
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/2ADFmWsYmyIjwVhZf4-gloRL20M.roa
Signing time: Sat 08 Jul 2023 13:23:50 +0000
ROA not before: Sat 08 Jul 2023 13:23:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136258
IP address blocks: 185.213.23.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
2a11:840:12::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 08 Jul 2023 13:38:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:35:ac:47:ee:c4:06:9b:70:95:2f:04:14:1d:61:20:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jul 8 13:23:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d800c5996b189b2223c158597f8fa096844bdb43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0c:37:2f:f9:d6:0b:e8:90:0e:f0:8b:c0:41:
b3:e3:07:21:49:de:a1:9d:0f:66:22:2d:d9:38:3d:
d2:8c:c9:93:c4:00:6f:64:92:b6:dc:20:ac:a0:60:
11:21:96:38:89:a9:f2:70:e7:cf:79:df:1c:be:85:
e8:c8:db:69:57:72:b6:8a:07:0f:f6:4f:49:4a:65:
0d:b8:7d:3c:fd:e7:22:d8:43:cb:c7:ac:48:e9:22:
65:0c:65:c8:8f:09:a1:14:b3:94:b7:e9:b6:9d:0c:
41:24:5e:5c:f6:0a:bd:7f:c5:eb:8a:24:b9:b5:a6:
5b:f9:1d:f1:d1:07:32:17:6d:5a:5c:f7:90:d0:c5:
8a:44:bc:53:79:d9:2a:11:3d:4e:8b:82:92:7c:4e:
92:64:09:20:0a:b4:2c:ba:24:ec:98:b6:4c:4c:3a:
a5:19:da:f1:9e:74:b8:59:4f:2c:5a:72:9c:cb:ba:
e7:99:15:b9:cf:62:47:99:ad:e6:1d:47:96:87:17:
d3:f3:22:6a:61:fd:0f:6b:ce:47:42:12:29:17:ea:
f9:fa:a1:c9:ae:a2:b1:99:aa:0d:f9:ba:79:4e:1c:
03:d7:72:fd:1b:8a:ec:6e:39:d1:27:de:28:d0:53:
28:16:6d:82:c5:0c:03:9a:53:1f:2a:05:44:18:80:
f6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:00:C5:99:6B:18:9B:22:23:C1:58:59:7F:8F:A0:96:84:4B:DB:43
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/2ADFmWsYmyIjwVhZf4-gloRL20M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/23
147.78.3.0/24
185.126.239.0/24
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:24::/47
2a11:840:40::/47
2a11:840:47::/48
Signature Algorithm: sha256WithRSAEncryption
10:b4:97:f1:41:fd:de:43:fc:79:5c:ca:d4:a2:d8:60:bf:22:
15:21:cb:2f:cf:e3:7b:bd:a6:9a:fd:2a:80:68:66:ce:79:16:
fe:c7:3a:bf:dc:12:be:8e:45:55:ae:aa:aa:11:36:f2:cd:2c:
d7:63:e8:96:33:65:06:d1:d2:e2:5d:86:f6:60:e1:4d:15:c7:
b1:ad:dd:15:ce:05:b0:3c:34:71:9f:05:d3:85:8b:e4:5d:3a:
1a:ce:9f:cd:49:e4:77:86:8e:98:2a:68:82:42:85:5b:c1:97:
fb:4e:ef:12:a8:e0:53:47:b7:e9:00:97:09:3b:59:d8:37:95:
23:1b:1e:18:ea:81:8e:db:06:eb:d1:46:fb:a9:c7:9f:0e:d6:
7e:aa:48:3b:65:43:9b:10:61:ad:77:a5:29:05:11:5c:d2:04:
06:32:ad:44:65:ee:dd:a7:aa:32:b4:94:b8:c8:e2:e5:6a:a6:
39:33:2b:70:f3:dc:99:3d:86:38:bf:21:7e:7b:9c:0b:98:bc:
62:b0:c4:8a:67:8d:43:5d:34:20:a3:5d:3a:a4:83:e8:32:a6:
c3:04:47:9a:bf:3c:2e:33:d7:a2:8a:11:68:e9:0b:09:41:bc:
37:07:68:a9:69:60:35:a9:ed:9f:5f:e3:52:4b:3c:1f:8d:63:
86:da:f4:2d
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYk1rEfuxAabcJUvBBQdYSCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjMwNzA4MTMyMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODAwYzU5OTZiMTg5YjIyMjNjMTU4NTk3ZjhmYTA5Njg0NGJkYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggw3L/nWC+iQDvCLwEGz4wchSd6h
nQ9mIi3ZOD3SjMmTxABvZJK23CCsoGARIZY4ianycOfPed8cvoXoyNtpV3K2igcP
9k9JSmUNuH08/eci2EPLx6xI6SJlDGXIjwmhFLOUt+m2nQxBJF5c9gq9f8XriiS5
taZb+R3x0QcyF21aXPeQ0MWKRLxTedkqET1Oi4KSfE6SZAkgCrQsuiTsmLZMTDql
GdrxnnS4WU8sWnKcy7rnmRW5z2JHma3mHUeWhxfT8yJqYf0Pa85HQhIpF+r5+qHJ
rqKxmaoN+bp5ThwD13L9G4rsbjnRJ94o0FMoFm2CxQwDmlMfKgVEGID2hwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFNgAxZlrGJsiI8FYWX+PoJaES9tDMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvMkFERm1Xc1lteUlqd1ZoWmY0LWdsb1JMMjBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizAqBAIAATAkAwQBbWiY
AwQAbWibAwQBk04AAwQAk04DAwQAuX7vAwQAudUXMF0EAgACMFcwEgMHASoRCEAA
BgMHACoRCEAACDASAwcEKhEIQAAQAwcAKhEIQAAUMBIDBwAqEQhAABcDBwEqEQhA
ABgDBwEqEQhAACQDBwEqEQhAAEADBwAqEQhAAEcwDQYJKoZIhvcNAQELBQADggEB
ABC0l/FB/d5D/HlcytSi2GC/IhUhyy/P43u9ppr9KoBoZs55Fv7HOr/cEr6ORVWu
qqoRNvLNLNdj6JYzZQbR0uJdhvZg4U0Vx7Gt3RXOBbA8NHGfBdOFi+RdOhrOn81J
5HeGjpgqaIJChVvBl/tO7xKo4FNHt+kAlwk7Wdg3lSMbHhjqgY7bBuvRRvupx58O
1n6qSDtlQ5sQYa13pSkFEVzSBAYyrURl7t2nqjK0lLjI4uVqpjkzK3Dz3Jk9hji/
IX57nAuYvGKwxIpnjUNdNCCjXTqkg+gypsMER5q/PC4z16KKEWjpCwlBvDcHaKlp
YDWp7Z9f41JLPB+NY4ba9C0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org