Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/t0z2lzmtGsS0Wkf1bGPEI-H9rpM.roa
File: t0z2lzmtGsS0Wkf1bGPEI-H9rpM.roa (raw, json)
Hash identifier: 2aAN6MnxTYcs2TEL26OozHuoGB4BFF+gY5RL3taFgEI=
Subject key identifier: B7:4C:F6:97:39:AD:1A:C4:B4:5A:47:F5:6C:63:C4:23:E1:FD:AE:93
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 018C3E50D854C0BE596D04BC89598366AA25
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/t0z2lzmtGsS0Wkf1bGPEI-H9rpM.roa
Signing time: Wed 06 Dec 2023 08:48:54 +0000
ROA not before: Wed 06 Dec 2023 08:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56910
IP address blocks: 185.36.232.0/22 maxlen: 24
185.4.236.0/22 maxlen: 24
31.177.56.0/21 maxlen: 24
185.109.16.0/22 maxlen: 24
185.106.36.0/22 maxlen: 24
91.220.184.0/24 maxlen: 24
86.106.173.0/24 maxlen: 24
188.214.127.0/24 maxlen: 24
2a04:3e00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:50:d8:54:c0:be:59:6d:04:bc:89:59:83:66:aa:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Dec 6 08:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b74cf69739ad1ac4b45a47f56c63c423e1fdae93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d8:2a:21:2f:42:17:8f:43:88:1f:23:36:05:
0f:0d:6c:29:43:8c:3e:9c:b2:23:18:bb:2a:e1:46:
e3:a2:76:a6:a3:74:65:67:07:06:b6:cd:e7:fd:a3:
25:ab:cf:ef:2d:41:ea:3f:a1:49:0e:42:50:f7:9a:
e7:51:93:58:7b:e5:17:e9:0e:b9:ed:13:63:51:ec:
6b:8d:54:e7:6e:42:61:82:46:e0:a4:fe:d2:5c:54:
38:e9:12:f0:c6:7b:be:b9:3a:2b:a1:b0:ff:bc:e4:
1a:0e:91:ac:61:62:36:37:a9:df:e1:f5:b2:2e:1b:
36:17:14:75:8e:2a:9e:8c:67:c2:4a:3e:5e:8e:59:
55:23:f8:10:d8:68:58:bb:91:df:3c:ff:45:8b:f9:
5a:27:a1:77:98:25:92:42:f8:cd:c3:a1:ed:60:68:
61:f3:74:2c:cb:ce:a2:f1:12:bd:3c:31:c3:82:91:
3b:3b:47:ec:0b:42:0c:a3:7d:a6:1c:ad:64:9c:a3:
27:00:3a:57:67:be:6a:d1:a6:33:7b:23:ab:0c:85:
f8:9e:77:79:d4:71:a4:46:df:59:97:03:6e:64:b4:
59:5e:ef:1f:7b:7c:ab:7e:ba:8d:7a:03:e8:76:c5:
30:e7:ac:b5:63:26:ec:ae:de:ae:ab:3b:82:db:80:
aa:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:4C:F6:97:39:AD:1A:C4:B4:5A:47:F5:6C:63:C4:23:E1:FD:AE:93
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/t0z2lzmtGsS0Wkf1bGPEI-H9rpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.56.0/21
86.106.173.0/24
91.220.184.0/24
185.4.236.0/22
185.36.232.0/22
185.106.36.0/22
185.109.16.0/22
188.214.127.0/24
IPv6:
2a04:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
6b:ce:2d:9a:8f:4a:70:76:67:ed:d7:78:e7:84:35:9c:c0:e0:
1b:0d:d2:a7:56:28:d9:ed:a8:66:50:8a:2f:95:0d:cf:4f:9f:
2d:cd:44:26:e4:6f:97:74:59:2b:4e:96:c1:dc:8f:ea:a8:67:
34:d1:61:82:c8:e6:01:70:05:00:a0:12:86:b8:78:c2:af:d0:
f6:df:24:cf:a1:67:a9:dc:dc:c4:45:92:13:f3:03:19:95:1e:
b2:5a:07:11:d0:bf:15:26:a0:3d:21:8e:61:95:48:c0:57:0b:
5d:1d:03:b4:2f:ab:f8:5c:73:c5:57:b5:a7:33:b6:1a:46:68:
18:6a:3e:8a:9d:45:e1:90:ce:87:6a:3a:51:cd:8e:b3:65:3c:
7f:fc:8c:d5:2e:c0:03:ce:99:3a:70:a7:4f:39:db:bf:96:ab:
1d:1b:3f:3e:5a:11:aa:0c:a5:81:5f:15:89:93:02:aa:68:70:
6a:db:6a:fe:0c:0b:b4:ec:c7:46:62:00:52:83:f1:71:3a:1c:
d7:c1:90:b3:b4:34:2d:b2:8b:79:66:50:cb:80:ca:4f:64:d3:
49:19:08:6e:4d:dd:40:0d:6e:06:c9:23:d8:f3:89:28:8c:81:
16:0d:c9:bf:53:df:8c:d1:72:91:5c:f1:63:70:fa:ab:47:c0:
09:88:10:36
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYw+UNhUwL5ZbQS8iVmDZqolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjMxMjA2MDg0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzRjZjY5NzM5YWQxYWM0YjQ1YTQ3ZjU2YzYzYzQyM2UxZmRhZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdgqIS9CF49DiB8jNgUPDWwpQ4w+
nLIjGLsq4Ubjonamo3RlZwcGts3n/aMlq8/vLUHqP6FJDkJQ95rnUZNYe+UX6Q65
7RNjUexrjVTnbkJhgkbgpP7SXFQ46RLwxnu+uTorobD/vOQaDpGsYWI2N6nf4fWy
Lhs2FxR1jiqejGfCSj5ejllVI/gQ2GhYu5HfPP9Fi/laJ6F3mCWSQvjNw6HtYGhh
83Qsy86i8RK9PDHDgpE7O0fsC0IMo32mHK1knKMnADpXZ75q0aYzeyOrDIX4nnd5
1HGkRt9ZlwNuZLRZXu8fe3yrfrqNegPodsUw56y1Yybsrt6uqzuC24CqQwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFLdM9pc5rRrEtFpH9WxjxCPh/a6TMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvdDB6Mmx6bXRHc1MwV2tmMWJHUEVJLUg5cnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDH7E4AwQA
VmqtAwQAW9y4AwQCuQTsAwQCuSToAwQCuWokAwQCuW0QAwQAvNZ/MA0EAgACMAcD
BQMqBD4AMA0GCSqGSIb3DQEBCwUAA4IBAQBrzi2aj0pwdmft13jnhDWcwOAbDdKn
VijZ7ahmUIovlQ3PT58tzUQm5G+XdFkrTpbB3I/qqGc00WGCyOYBcAUAoBKGuHjC
r9D23yTPoWep3NzERZIT8wMZlR6yWgcR0L8VJqA9IY5hlUjAVwtdHQO0L6v4XHPF
V7WnM7YaRmgYaj6KnUXhkM6HajpRzY6zZTx//IzVLsADzpk6cKdPOdu/lqsdGz8+
WhGqDKWBXxWJkwKqaHBq22r+DAu07MdGYgBSg/FxOhzXwZCztDQtsot5ZlDLgMpP
ZNNJGQhuTd1ADW4GySPY84kojIEWDcm/U9+M0XKRXPFjcPqrR8AJiBA2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:16 2024 by rpki-client on console-ams.rpki-client.org