Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/2y75mGUyw3n5asAACt1oMtNMOAg.roa
File: 2y75mGUyw3n5asAACt1oMtNMOAg.roa (raw, json)
Hash identifier: W8YwnY/P1SthEw1734uAT2mgYzcSe9X0/cjoCyazFvQ=
Subject key identifier: DB:2E:F9:98:65:32:C3:79:F9:6A:C0:00:0A:DD:68:32:D3:4C:38:08
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 0191B2FC931A867132475EC1325BB8DDD980
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/2y75mGUyw3n5asAACt1oMtNMOAg.roa
Signing time: Mon 02 Sep 2024 13:46:22 +0000
ROA not before: Mon 02 Sep 2024 13:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203596
IP address blocks: 91.213.223.0/24 maxlen: 24
91.216.15.0/24 maxlen: 24
185.14.176.0/24 maxlen: 24
185.14.178.0/24 maxlen: 24
185.122.100.0/22 maxlen: 24
185.222.88.0/22 maxlen: 24
2a06:a400::/29 maxlen: 29
2a06:a400:20::/44 maxlen: 48
2a06:a400:22::/48 maxlen: 48
2a06:a402::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 03 Sep 2024 13:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:fc:93:1a:86:71:32:47:5e:c1:32:5b:b8:dd:d9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Sep 2 13:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db2ef9986532c379f96ac0000add6832d34c3808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5d:7e:35:68:d9:61:d6:66:b5:0e:94:95:13:
59:f9:1f:24:1e:ea:9f:19:9f:e3:fa:3d:69:46:8e:
06:a7:0f:5e:8d:20:2d:a3:cf:d1:84:28:2c:b4:e8:
04:b0:cf:5e:df:50:53:69:d3:02:07:36:72:b2:c4:
df:fd:11:cf:33:29:71:fe:e2:63:36:bb:ad:86:93:
74:d4:ae:e5:c2:6e:4e:70:5c:d5:d8:d7:73:d4:ed:
c6:77:db:74:7d:82:53:95:2d:56:17:7b:3d:6b:11:
6f:2f:67:f8:2d:c5:7e:a8:f8:e5:64:4c:81:bb:27:
f8:73:77:93:2a:8b:de:42:24:1c:b7:6d:c9:0f:de:
95:5c:50:7f:1a:07:40:0c:6a:1e:88:bf:9b:7b:fe:
86:a0:86:8d:fb:78:5a:a0:61:3c:b5:26:dc:b4:93:
76:c3:84:e7:ad:44:51:0d:9c:40:e2:97:32:58:f4:
30:07:9f:fb:22:89:f7:f2:67:29:8d:a0:f1:6e:6d:
8a:c9:98:25:74:09:c6:72:d8:4d:c2:22:7e:ba:16:
4a:f7:0c:cd:57:7c:d8:69:76:aa:a2:51:c2:d8:5c:
b8:04:6a:6e:3a:07:78:86:11:37:ed:31:2e:c6:39:
2d:d6:26:6c:08:e4:99:0c:e6:ea:0a:8c:81:6d:11:
1b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:2E:F9:98:65:32:C3:79:F9:6A:C0:00:0A:DD:68:32:D3:4C:38:08
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/2y75mGUyw3n5asAACt1oMtNMOAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.223.0/24
91.216.15.0/24
185.14.176.0/24
185.14.178.0/24
185.122.100.0/22
185.222.88.0/22
IPv6:
2a06:a400::/29
Signature Algorithm: sha256WithRSAEncryption
07:04:50:de:a2:36:66:5c:e5:6e:d6:3d:ad:9e:df:d7:70:5b:
23:a9:14:dd:c1:31:dd:89:f9:19:44:7d:39:10:65:db:3f:5b:
bb:c3:41:43:97:3e:c8:db:15:05:84:d1:2a:d2:30:e0:45:c0:
ec:57:03:65:fb:00:9f:42:a4:b6:28:43:cd:c7:42:7e:5a:b9:
a1:79:1b:57:4e:a4:b7:46:e2:a0:2b:4d:ed:55:c5:a9:d3:d6:
62:0a:50:45:3c:26:c8:c2:3d:82:c6:e8:43:37:ea:dd:c0:9f:
fa:7a:cd:17:55:68:04:ee:f4:80:be:f1:81:e2:7a:cc:54:ea:
5b:28:54:6e:8a:57:77:35:e0:72:f3:bb:06:1b:c0:e1:e1:63:
34:bc:5a:36:9c:54:2d:2c:05:74:e0:62:86:45:0f:fd:28:f4:
63:4f:0e:f6:c0:eb:09:b9:02:bb:ab:c3:9f:28:d5:42:4c:a8:
35:0c:b9:08:1c:00:06:75:84:3b:c9:84:0c:09:3b:91:cb:56:
47:d6:16:4e:da:7a:7d:29:d6:91:68:79:cc:6e:28:c7:b3:29:
ce:6f:13:54:a4:4c:b9:5a:54:9f:c1:19:6d:a9:17:ed:bf:b2:
a0:1a:35:90:f3:cf:c3:7b:6d:65:28:d6:bf:5f:a7:6b:44:74:
e5:3c:ff:c0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZGy/JMahnEyR17BMlu43dmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjQwOTAyMTM0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjJlZjk5ODY1MzJjMzc5Zjk2YWMwMDAwYWRkNjgzMmQzNGMzODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV1+NWjZYdZmtQ6UlRNZ+R8kHuqf
GZ/j+j1pRo4Gpw9ejSAto8/RhCgstOgEsM9e31BTadMCBzZyssTf/RHPMylx/uJj
NruthpN01K7lwm5OcFzV2Ndz1O3Gd9t0fYJTlS1WF3s9axFvL2f4LcV+qPjlZEyB
uyf4c3eTKoveQiQct23JD96VXFB/GgdADGoeiL+be/6GoIaN+3haoGE8tSbctJN2
w4TnrURRDZxA4pcyWPQwB5/7Ion38mcpjaDxbm2KyZgldAnGcthNwiJ+uhZK9wzN
V3zYaXaqolHC2Fy4BGpuOgd4hhE37TEuxjkt1iZsCOSZDObqCoyBbREbrwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNsu+ZhlMsN5+WrAAArdaDLTTDgIMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvMnk3NW1HVXl3M241YXNBQUN0MW9NdE5NT0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9XfAwQA
W9gPAwQAuQ6wAwQAuQ6yAwQCuXpkAwQCud5YMA0EAgACMAcDBQMqBqQAMA0GCSqG
SIb3DQEBCwUAA4IBAQAHBFDeojZmXOVu1j2tnt/XcFsjqRTdwTHdifkZRH05EGXb
P1u7w0FDlz7I2xUFhNEq0jDgRcDsVwNl+wCfQqS2KEPNx0J+WrmheRtXTqS3RuKg
K03tVcWp09ZiClBFPCbIwj2CxuhDN+rdwJ/6es0XVWgE7vSAvvGB4nrMVOpbKFRu
ild3NeBy87sGG8Dh4WM0vFo2nFQtLAV04GKGRQ/9KPRjTw72wOsJuQK7q8OfKNVC
TKg1DLkIHAAGdYQ7yYQMCTuRy1ZH1hZO2np9KdaRaHnMbijHsynObxNUpEy5WlSf
wRltqRftv7KgGjWQ88/De21lKNa/X6drRHTlPP/A
-----END CERTIFICATE-----
Generated at Tue Sep 3 14:33:42 2024 by rpki-client on console-fra.rpki-client.org