Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/2XnL6jRLSx4buguykC86IXzIRcM.roa
File: 2XnL6jRLSx4buguykC86IXzIRcM.roa (raw, json)
Hash identifier: J6glQjksjRr/+D0t+ub+GeNlwOLwTMaCgxkJDW5MS5A=
Subject key identifier: D9:79:CB:EA:34:4B:4B:1E:1B:BA:0B:B2:90:2F:3A:21:7C:C8:45:C3
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 01857082BF3B66605DBBC79D057B4ECB7F14
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/2XnL6jRLSx4buguykC86IXzIRcM.roa
Signing time: Mon 02 Jan 2023 03:24:54 +0000
ROA not before: Mon 02 Jan 2023 03:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2259
IP address blocks: 193.49.237.0/24 maxlen: 24
194.199.214.0/24 maxlen: 24
194.199.215.0/24 maxlen: 24
193.48.89.0/24 maxlen: 24
193.48.90.0/24 maxlen: 24
193.48.86.0/24 maxlen: 24
193.48.87.0/24 maxlen: 24
193.50.8.0/24 maxlen: 24
193.51.107.0/24 maxlen: 24
193.54.209.0/24 maxlen: 24
193.54.210.0/24 maxlen: 24
193.54.211.0/24 maxlen: 24
193.54.214.0/24 maxlen: 24
193.54.229.0/24 maxlen: 24
193.54.230.0/24 maxlen: 24
194.167.188.0/24 maxlen: 24
193.49.5.0/27 maxlen: 27
193.49.5.64/27 maxlen: 27
194.254.52.0/23 maxlen: 23
194.254.54.0/23 maxlen: 23
194.254.56.0/23 maxlen: 23
194.254.1.0/24 maxlen: 24
194.254.2.0/24 maxlen: 24
194.254.3.0/24 maxlen: 24
194.254.4.0/24 maxlen: 24
194.254.11.0/24 maxlen: 24
194.254.12.0/24 maxlen: 24
193.50.153.0/24 maxlen: 24
194.167.107.0/24 maxlen: 24
194.167.108.0/24 maxlen: 24
193.54.148.0/24 maxlen: 24
193.50.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:bf:3b:66:60:5d:bb:c7:9d:05:7b:4e:cb:7f:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 2 03:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d979cbea344b4b1e1bba0bb2902f3a217cc845c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4e:17:0d:65:46:af:78:cf:40:15:39:4d:6d:
36:1b:88:70:4f:7f:28:69:65:a2:67:4f:a9:5e:16:
bd:0f:f0:92:02:1b:ae:df:05:a4:28:e2:d1:33:1c:
e3:42:e4:98:82:bc:aa:63:b7:01:6e:a9:6a:cb:b5:
bc:53:ac:88:be:d6:b1:50:14:a6:9c:e4:68:6a:ef:
0c:14:b6:0d:c2:39:ee:5b:07:89:d8:41:bf:bd:77:
84:5d:cc:7e:d0:8c:e4:f9:f7:6b:40:6b:13:b4:d3:
56:f4:1b:f3:36:84:0b:de:0b:cd:6d:11:92:04:94:
42:90:00:35:bc:cc:e7:5f:50:7e:b9:63:6e:31:40:
cb:8f:c1:9b:34:c9:f6:38:03:20:9d:36:34:b0:94:
40:57:95:86:85:4f:16:bb:13:e3:79:fa:1c:b1:5e:
f8:68:91:ef:5b:57:fd:f3:ab:c4:95:7a:10:74:e1:
be:c4:14:e4:69:e5:1d:b4:53:61:c5:16:b8:2d:13:
d1:15:3a:8a:e1:68:5f:18:6a:7e:40:bf:2b:9a:a3:
44:58:6b:73:21:98:e5:f3:5e:48:0a:88:5e:73:1e:
87:74:b7:31:09:41:c1:c1:55:3b:a8:49:db:dc:42:
ea:f6:7d:96:91:dd:11:0c:30:b8:a2:43:7d:06:73:
35:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:79:CB:EA:34:4B:4B:1E:1B:BA:0B:B2:90:2F:3A:21:7C:C8:45:C3
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/2XnL6jRLSx4buguykC86IXzIRcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.48.86.0/23
193.48.89.0-193.48.90.255
193.49.5.0/27
193.49.5.64/27
193.49.237.0/24
193.50.8.0/24
193.50.153.0/24
193.50.251.0/24
193.51.107.0/24
193.54.148.0/24
193.54.209.0-193.54.211.255
193.54.214.0/24
193.54.229.0-193.54.230.255
194.167.107.0-194.167.108.255
194.167.188.0/24
194.199.214.0/23
194.254.1.0-194.254.4.255
194.254.11.0-194.254.12.255
194.254.52.0-194.254.57.255
Signature Algorithm: sha256WithRSAEncryption
01:ff:62:bc:94:9d:a4:5a:ec:f5:fc:5f:c3:d6:79:52:1b:57:
af:20:55:c9:90:34:a6:4c:a9:39:33:2c:13:c1:69:7e:f2:19:
04:be:ae:13:5c:fc:88:bc:82:1f:ec:fe:e6:94:a9:40:f9:05:
ef:17:d3:a3:c2:ae:f4:31:15:28:0a:b4:f5:94:09:40:37:0b:
95:c1:db:d5:7b:e2:5d:e5:f9:f7:89:ec:52:3c:3b:22:b7:fa:
98:de:31:99:06:dc:72:fd:ac:96:ce:8d:9b:ab:7e:7e:8e:ee:
9b:8d:d1:60:e2:89:a4:0b:64:7e:a3:e6:a5:f4:48:d1:d4:8b:
eb:dc:85:2d:83:6a:4a:51:66:9c:e9:2f:0c:5d:d1:fb:35:ec:
62:e2:95:0c:c9:e0:08:c3:e1:cb:9e:6c:4d:3f:8a:29:e1:f1:
24:78:49:e8:97:48:1a:86:37:87:5c:90:ff:fd:71:2d:7b:46:
f3:72:67:9d:6f:dc:b9:b9:00:e3:f2:21:33:87:04:68:7c:71:
f5:4e:25:71:70:1d:3c:37:6a:88:01:69:d4:bb:2b:13:c2:3b:
3a:0b:68:2c:3c:29:d9:30:32:bf:ea:d8:48:f5:34:91:b8:4c:
22:a5:51:07:e6:5f:9f:7e:82:96:0c:83:e3:ef:b9:cb:cb:78:
56:8c:3d:9f
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYVwgr87ZmBdu8edBXtOy38UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjMwMTAyMDMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc5Y2JlYTM0NGI0YjFlMWJiYTBiYjI5MDJmM2EyMTdjYzg0NWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkE4XDWVGr3jPQBU5TW02G4hwT38o
aWWiZ0+pXha9D/CSAhuu3wWkKOLRMxzjQuSYgryqY7cBbqlqy7W8U6yIvtaxUBSm
nORoau8MFLYNwjnuWweJ2EG/vXeEXcx+0Izk+fdrQGsTtNNW9BvzNoQL3gvNbRGS
BJRCkAA1vMznX1B+uWNuMUDLj8GbNMn2OAMgnTY0sJRAV5WGhU8WuxPjefocsV74
aJHvW1f986vElXoQdOG+xBTkaeUdtFNhxRa4LRPRFTqK4WhfGGp+QL8rmqNEWGtz
IZjl815ICohecx6HdLcxCUHBwVU7qEnb3ELq9n2Wkd0RDDC4okN9BnM1UwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFNl5y+o0S0seG7oLspAvOiF8yEXDMB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvMlhuTDZqUkxTeDRidWd1eWtDODZJWHpJUmNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAHB
MFYwDAMEAMEwWQMEAMEwWgMFBcExBQADBQXBMQVAAwQAwTHtAwQAwTIIAwQAwTKZ
AwQAwTL7AwQAwTNrAwQAwTaUMAwDBADBNtEDBALBNtADBADBNtYwDAMEAME25QME
AME25jAMAwQAwqdrAwQAwqdsAwQAwqe8AwQBwsfWMAwDBADC/gEDBADC/gQwDAME
AML+CwMEAML+DDAMAwQCwv40AwQBwv44MA0GCSqGSIb3DQEBCwUAA4IBAQAB/2K8
lJ2kWuz1/F/D1nlSG1evIFXJkDSmTKk5MywTwWl+8hkEvq4TXPyIvIIf7P7mlKlA
+QXvF9Ojwq70MRUoCrT1lAlANwuVwdvVe+Jd5fn3iexSPDsit/qY3jGZBtxy/ayW
zo2bq35+ju6bjdFg4omkC2R+o+al9EjR1Ivr3IUtg2pKUWac6S8MXdH7Nexi4pUM
yeAIw+HLnmxNP4op4fEkeEnol0gahjeHXJD//XEte0bzcmedb9y5uQDj8iEzhwRo
fHH1TiVxcB08N2qIAWnUuysTwjs6C2gsPCnZMDK/6thI9TSRuEwipVEH5l+ffoKW
DIPj77nLy3hWjD2f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:27 2024 by rpki-client on console-fra.rpki-client.org