Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/2kKbO8NDm9GDu7kMuiCpvNOlkl8.roa
File: 2kKbO8NDm9GDu7kMuiCpvNOlkl8.roa (raw, json)
Hash identifier: vqit1g7qoJRiqEoDPjtylZMA7rX8IgPjXDSmEcpHOyo=
Subject key identifier: DA:42:9B:3B:C3:43:9B:D1:83:BB:B9:0C:BA:20:A9:BC:D3:A5:92:5F
Certificate issuer: /CN=021b3ea35edfdd138c15506d74a76022dd37694b
Certificate serial: 018CC5DBEF79A06747FECC6A334872CF4EC6
Authority key identifier: 02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/2kKbO8NDm9GDu7kMuiCpvNOlkl8.roa
Signing time: Mon 01 Jan 2024 16:29:34 +0000
ROA not before: Mon 01 Jan 2024 16:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 553
IP address blocks: 193.197.70.0/24 maxlen: 24
193.197.68.0/23 maxlen: 23
193.197.85.0/24 maxlen: 24
193.197.80.0/22 maxlen: 22
193.197.86.0/23 maxlen: 23
193.197.94.0/24 maxlen: 24
193.197.112.0/22 maxlen: 22
193.197.20.0/23 maxlen: 23
193.197.28.0/22 maxlen: 22
193.197.32.0/19 maxlen: 19
193.197.64.0/22 maxlen: 22
193.197.180.0/22 maxlen: 22
193.197.200.0/21 maxlen: 21
193.197.212.0/24 maxlen: 24
193.197.224.0/19 maxlen: 19
193.197.120.0/21 maxlen: 21
193.197.132.0/22 maxlen: 22
193.197.130.0/24 maxlen: 24
193.197.136.0/21 maxlen: 21
193.197.152.0/22 maxlen: 22
193.197.149.0/24 maxlen: 24
193.197.157.0/24 maxlen: 24
193.197.160.0/22 maxlen: 22
193.197.160.0/23 maxlen: 23
193.197.168.0/21 maxlen: 21
193.196.130.0/23 maxlen: 23
193.196.132.0/22 maxlen: 22
193.196.129.0/24 maxlen: 24
193.196.136.0/21 maxlen: 21
193.196.144.0/21 maxlen: 21
193.196.152.0/24 maxlen: 24
193.196.154.0/23 maxlen: 23
193.196.156.0/22 maxlen: 22
193.196.64.0/18 maxlen: 18
129.143.0.0/16 maxlen: 16
193.197.4.0/23 maxlen: 23
193.197.0.0/24 maxlen: 24
193.197.8.0/22 maxlen: 22
193.196.165.0/24 maxlen: 24
193.196.160.0/22 maxlen: 22
193.196.166.0/23 maxlen: 23
193.196.168.0/21 maxlen: 21
193.196.176.0/20 maxlen: 20
193.196.192.0/18 maxlen: 18
192.67.189.0/24 maxlen: 24
193.196.0.0/21 maxlen: 21
193.196.9.0/24 maxlen: 24
193.196.16.0/20 maxlen: 20
193.196.13.0/24 maxlen: 24
193.196.0.0/15 maxlen: 15
192.67.208.0/24 maxlen: 24
2001:7c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 15 Jan 2024 11:34:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ef:79:a0:67:47:fe:cc:6a:33:48:72:cf:4e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=021b3ea35edfdd138c15506d74a76022dd37694b
Validity
Not Before: Jan 1 16:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da429b3bc3439bd183bbb90cba20a9bcd3a5925f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:33:c9:74:59:25:ba:c2:be:70:f7:14:e7:72:
c7:3d:ff:7a:36:9d:49:65:7f:54:f1:76:0e:0b:26:
bf:b4:e0:59:91:78:8d:18:b8:5e:47:a2:db:b0:ec:
29:d3:dd:e7:52:30:f5:8f:92:78:bd:39:ac:49:6f:
ae:eb:cb:03:77:d5:48:c9:73:05:a2:81:d6:08:e3:
31:61:e3:43:8a:9d:fd:bb:29:de:83:76:b1:21:1f:
a8:d0:31:dc:5c:78:ef:e4:5e:4e:61:3f:e2:9d:c6:
10:10:1b:d2:04:c2:11:7e:f0:2c:ad:c9:94:66:3f:
62:33:2c:f3:8e:e4:25:32:31:ce:fd:51:54:a8:86:
b9:ae:17:7b:49:3b:4b:99:e5:66:57:54:c8:b6:ba:
f3:05:63:58:e3:9a:b9:6c:7c:a2:e8:1a:76:e9:ac:
ce:1b:05:43:cf:89:8a:ff:45:ee:e5:1a:be:62:85:
db:30:75:c3:7e:ff:61:af:ee:0b:91:ef:8b:d7:a7:
2f:2d:86:7a:db:74:6c:d8:23:a4:3a:39:9c:02:88:
89:a1:6a:02:8b:0a:da:d1:70:19:05:b5:b2:3b:f6:
9e:7e:a8:d2:76:d8:76:86:c1:70:49:3a:53:ff:f2:
91:24:6c:64:30:5d:78:49:ee:81:ac:0a:9f:09:8c:
74:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:42:9B:3B:C3:43:9B:D1:83:BB:B9:0C:BA:20:A9:BC:D3:A5:92:5F
X509v3 Authority Key Identifier:
keyid:02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/2kKbO8NDm9GDu7kMuiCpvNOlkl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/Ahs-o17f3ROMFVBtdKdgIt03aUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.143.0.0/16
192.67.189.0/24
192.67.208.0/24
193.196.0.0/15
IPv6:
2001:7c0::/29
Signature Algorithm: sha256WithRSAEncryption
99:e8:2b:bc:73:7a:59:1f:0f:05:51:2e:85:a1:30:09:39:28:
73:62:a7:80:5e:55:87:b7:df:62:00:ac:b4:6b:18:19:28:c9:
db:5c:50:64:e4:f7:38:d5:9b:de:03:cc:b6:fb:17:bb:2b:de:
91:d1:52:30:79:65:37:d4:62:4a:6d:57:b9:0f:a9:19:4b:4f:
00:2b:52:b8:5b:27:5d:b0:f7:39:6b:05:22:a1:c0:59:6c:a1:
17:8f:62:5b:6c:54:16:85:a3:56:a1:68:3f:bf:a0:da:1c:cd:
29:a5:5c:f8:21:6f:e6:f2:a7:ac:d8:f5:6e:4b:f0:e3:5f:dd:
96:8f:16:1a:69:17:1e:4e:c2:1c:69:83:b8:3b:e1:2b:ee:0a:
a3:4a:79:41:10:70:2a:cf:7f:00:aa:e7:05:d3:1d:bd:40:a7:
97:84:4b:2e:db:be:44:23:42:4f:4f:b8:0e:55:64:6a:0c:87:
b5:b6:bd:2a:7a:8c:d6:29:0e:b4:52:8e:6b:f7:4e:76:0a:90:
dc:d4:49:72:51:d4:77:32:20:8c:10:20:7e:ef:03:98:6d:3a:
ef:ac:2e:c5:9c:59:df:d3:2f:02:b2:d0:1b:34:a0:8f:88:e6:
dc:1b:7b:33:37:54:4f:66:62:9b:51:51:b3:26:44:54:95:d6:
cc:41:7d:ac
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzF2+95oGdH/sxqM0hyz07GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMWIzZWEzNWVkZmRkMTM4YzE1NTA2ZDc0YTc2MDIyZGQz
NzY5NGIwHhcNMjQwMTAxMTYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQyOWIzYmMzNDM5YmQxODNiYmI5MGNiYTIwYTliY2QzYTU5MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTPJdFklusK+cPcU53LHPf96Np1J
ZX9U8XYOCya/tOBZkXiNGLheR6LbsOwp093nUjD1j5J4vTmsSW+u68sDd9VIyXMF
ooHWCOMxYeNDip39uyneg3axIR+o0DHcXHjv5F5OYT/incYQEBvSBMIRfvAsrcmU
Zj9iMyzzjuQlMjHO/VFUqIa5rhd7STtLmeVmV1TItrrzBWNY45q5bHyi6Bp26azO
GwVDz4mK/0Xu5Rq+YoXbMHXDfv9hr+4Lke+L16cvLYZ623Rs2COkOjmcAoiJoWoC
iwra0XAZBbWyO/aefqjSdth2hsFwSTpT//KRJGxkMF14Se6BrAqfCYx0QQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFNpCmzvDQ5vRg7u5DLogqbzTpZJfMB8GA1UdIwQY
MBaAFAIbPqNe390TjBVQbXSnYCLdN2lLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAt
YzMyMDRiZGU3NzczLzEvMmtLYk84TkRtOUdEdTdrTXVpQ3B2Tk9sa2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAtYzMyMDRiZGU3Nzcz
LzEvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAcBAIAATAWAwMAgY8DBADA
Q70DBADAQ9ADAwHBxDANBAIAAjAHAwUDIAEHwDANBgkqhkiG9w0BAQsFAAOCAQEA
megrvHN6WR8PBVEuhaEwCTkoc2KngF5Vh7ffYgCstGsYGSjJ21xQZOT3ONWb3gPM
tvsXuyvekdFSMHllN9RiSm1XuQ+pGUtPACtSuFsnXbD3OWsFIqHAWWyhF49iW2xU
FoWjVqFoP7+g2hzNKaVc+CFv5vKnrNj1bkvw41/dlo8WGmkXHk7CHGmDuDvhK+4K
o0p5QRBwKs9/AKrnBdMdvUCnl4RLLtu+RCNCT0+4DlVkagyHtba9KnqM1ikOtFKO
a/dOdgqQ3NRJclHUdzIgjBAgfu8DmG0676wuxZxZ39MvArLQGzSgj4jm3Bt7MzdU
T2Zim1FRsyZEVJXWzEF9rA==
-----END CERTIFICATE-----
Generated at Mon Jan 15 14:19:04 2024 by rpki-client on console-fra.rpki-client.org