Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/dtsQ32PU2WFDU_g7O8UdTPkAQGU.roa
File: dtsQ32PU2WFDU_g7O8UdTPkAQGU.roa (raw, json)
Hash identifier: XdPo/qhssI8+eoXL73RC+L3zmdZ6b6h1a8eKGkwyh/c=
Subject key identifier: 76:DB:10:DF:63:D4:D9:61:43:53:F8:3B:3B:C5:1D:4C:F9:00:40:65
Certificate issuer: /CN=973bec33ae738c98958819c6c13bb335ee34ab4c
Certificate serial: 01856F9DAC36B7FD477ADC6566F7900EBC68
Authority key identifier: 97:3B:EC:33:AE:73:8C:98:95:88:19:C6:C1:3B:B3:35:EE:34:AB:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lzvsM65zjJiViBnGwTuzNe40q0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/dtsQ32PU2WFDU_g7O8UdTPkAQGU.roa
Signing time: Sun 01 Jan 2023 23:14:42 +0000
ROA not before: Sun 01 Jan 2023 23:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209723
IP address blocks: 2.59.202.0/23 maxlen: 23
2.59.200.0/23 maxlen: 23
88.218.148.0/23 maxlen: 23
88.218.150.0/23 maxlen: 23
5.183.60.0/23 maxlen: 23
5.183.62.0/23 maxlen: 23
147.78.226.0/23 maxlen: 23
147.78.224.0/23 maxlen: 23
85.209.4.0/23 maxlen: 23
85.209.6.0/23 maxlen: 23
2a09:ac80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 20 Jan 2023 13:38:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ac:36:b7:fd:47:7a:dc:65:66:f7:90:0e:bc:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=973bec33ae738c98958819c6c13bb335ee34ab4c
Validity
Not Before: Jan 1 23:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76db10df63d4d9614353f83b3bc51d4cf9004065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d8:4a:29:3d:11:c1:b1:68:19:93:d3:9d:47:
c9:ca:c8:94:1f:ca:a9:3e:6c:9c:02:00:28:81:55:
98:06:f3:6c:0a:58:9c:03:95:19:e2:5b:93:a5:9f:
29:f5:66:f5:e2:0d:0c:ae:70:3b:19:74:64:f1:10:
b6:1b:f9:af:69:1f:dd:79:a1:79:b5:d1:06:5a:72:
a3:b4:6e:db:02:9e:8c:c5:e5:ff:eb:99:18:81:88:
50:bb:a1:e9:b7:82:22:f9:22:c3:41:5b:06:7c:d5:
0b:bf:8f:2b:b3:2a:8f:bd:f7:2f:15:03:bd:6f:58:
7a:79:ee:a2:7c:67:a7:59:78:f9:27:93:56:e3:4f:
d0:b6:86:34:e4:6e:5f:e7:0c:d2:fe:14:f7:92:95:
83:58:f3:1a:f2:38:c4:dd:9e:5d:7b:5d:4b:ba:64:
55:b8:db:7b:50:fc:f2:27:18:25:fd:b9:72:2c:36:
3d:fe:d0:88:c8:d8:7d:e6:28:5a:75:90:94:a9:62:
b7:e8:69:be:5c:db:a3:78:b7:bf:94:c9:8d:10:41:
66:7d:b4:06:74:58:9e:9e:b3:05:75:c3:33:6c:13:
43:70:a7:e8:dc:fb:6d:0e:35:59:ec:6d:cb:ef:88:
c1:3e:6e:10:77:48:20:bc:bd:0e:a2:84:43:c2:b1:
6c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DB:10:DF:63:D4:D9:61:43:53:F8:3B:3B:C5:1D:4C:F9:00:40:65
X509v3 Authority Key Identifier:
keyid:97:3B:EC:33:AE:73:8C:98:95:88:19:C6:C1:3B:B3:35:EE:34:AB:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lzvsM65zjJiViBnGwTuzNe40q0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/dtsQ32PU2WFDU_g7O8UdTPkAQGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/lzvsM65zjJiViBnGwTuzNe40q0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.200.0/22
5.183.60.0/22
85.209.4.0/22
88.218.148.0/22
147.78.224.0/22
IPv6:
2a09:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
18:24:4b:66:e0:ea:92:dc:4d:21:6b:39:05:30:0f:5f:43:99:
73:83:1b:65:69:d2:7f:7e:b6:d9:1f:fe:b0:64:5b:b9:67:a9:
af:2a:69:37:32:f5:f8:29:63:c4:e4:eb:90:6d:c4:ad:e1:26:
7f:e0:cc:04:f6:d4:08:9f:3a:5c:c4:ab:ae:2f:bc:02:8a:23:
a2:0a:92:72:b5:8c:cc:97:5c:30:df:25:c4:9c:ba:05:3d:67:
c4:17:ec:72:b9:01:6e:e9:25:01:87:00:3c:6b:09:80:d1:eb:
35:22:56:04:58:7e:10:0e:ba:7b:76:ab:be:41:5b:b2:ad:c7:
01:ae:52:c9:1c:8a:35:54:43:60:5f:07:50:bc:da:b6:c1:00:
20:ad:b4:17:bc:14:9d:ee:66:7e:45:c8:a1:29:02:82:70:46:
e5:4a:41:cc:20:40:23:c8:2d:69:dd:8f:fb:08:48:94:be:dd:
a9:ce:3a:e8:75:99:2c:87:7b:ec:7b:a8:2a:72:58:c1:94:10:
48:7f:29:61:c6:b6:53:b4:b5:2a:da:92:4e:14:62:ff:c8:41:
5b:f8:e3:06:9b:f4:55:14:54:a7:5e:8b:bf:bd:31:4c:93:36:
4c:1e:d2:58:d9:53:1c:5c:e7:d6:34:f7:60:2f:ca:bd:3f:c1:
a4:ce:32:0e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVvnaw2t/1HetxlZveQDrxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3M2JlYzMzYWU3MzhjOTg5NTg4MTljNmMxM2JiMzM1ZWUz
NGFiNGMwHhcNMjMwMTAxMjMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmRiMTBkZjYzZDRkOTYxNDM1M2Y4M2IzYmM1MWQ0Y2Y5MDA0MDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNhKKT0RwbFoGZPTnUfJysiUH8qp
PmycAgAogVWYBvNsClicA5UZ4luTpZ8p9Wb14g0MrnA7GXRk8RC2G/mvaR/deaF5
tdEGWnKjtG7bAp6MxeX/65kYgYhQu6Hpt4Ii+SLDQVsGfNULv48rsyqPvfcvFQO9
b1h6ee6ifGenWXj5J5NW40/QtoY05G5f5wzS/hT3kpWDWPMa8jjE3Z5de11LumRV
uNt7UPzyJxgl/blyLDY9/tCIyNh95ihadZCUqWK36Gm+XNujeLe/lMmNEEFmfbQG
dFienrMFdcMzbBNDcKfo3PttDjVZ7G3L74jBPm4Qd0ggvL0OooRDwrFsIQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHbbEN9j1NlhQ1P4OzvFHUz5AEBlMB8GA1UdIwQY
MBaAFJc77DOuc4yYlYgZxsE7szXuNKtMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHp2c002NXpqSmlWaUJuR3dUdXpOZTQwcTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8yZjQ2MDUtMzU2YS00YWY2LWIxNWQt
YzQyZjlhYmYxNDc3LzEvZHRzUTMyUFUyV0ZEVV9nN084VWRUUGtBUUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8yZjQ2MDUtMzU2YS00YWY2LWIxNWQtYzQyZjlhYmYxNDc3
LzEvbHp2c002NXpqSmlWaUJuR3dUdXpOZTQwcTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCAjvIAwQC
Bbc8AwQCVdEEAwQCWNqUAwQCk07gMA0EAgACMAcDBQMqCayAMA0GCSqGSIb3DQEB
CwUAA4IBAQAYJEtm4OqS3E0hazkFMA9fQ5lzgxtladJ/frbZH/6wZFu5Z6mvKmk3
MvX4KWPE5OuQbcSt4SZ/4MwE9tQInzpcxKuuL7wCiiOiCpJytYzMl1ww3yXEnLoF
PWfEF+xyuQFu6SUBhwA8awmA0es1IlYEWH4QDrp7dqu+QVuyrccBrlLJHIo1VENg
XwdQvNq2wQAgrbQXvBSd7mZ+RcihKQKCcEblSkHMIEAjyC1p3Y/7CEiUvt2pzjro
dZksh3vse6gqcljBlBBIfylhxrZTtLUq2pJOFGL/yEFb+OMGm/RVFFSnXou/vTFM
kzZMHtJY2VMcXOfWNPdgL8q9P8GkzjIO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:04 2024 by rpki-client on console-ams.rpki-client.org