Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/K2U5vlnt7E_Wc6nLuJ6TLGAJMaM.roa
File: K2U5vlnt7E_Wc6nLuJ6TLGAJMaM.roa (raw, json)
Hash identifier: ExY9XBM348UpO9mIl+abvZRL3rn4e7aAUbHZJZ+qaEQ=
Subject key identifier: 2B:65:39:BE:59:ED:EC:4F:D6:73:A9:CB:B8:9E:93:2C:60:09:31:A3
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 018CC3494D3C261E8FAE85CEF86ED028A0B6
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/K2U5vlnt7E_Wc6nLuJ6TLGAJMaM.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205059
IP address blocks: 185.129.17.0/24 maxlen: 24
185.129.16.0/24 maxlen: 24
185.231.108.0/24 maxlen: 24
185.231.109.0/24 maxlen: 24
185.231.110.0/24 maxlen: 24
185.231.111.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:3::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:4::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jan 2024 13:24:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4d:3c:26:1e:8f:ae:85:ce:f8:6e:d0:28:a0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b6539be59edec4fd673a9cbb89e932c600931a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d5:2e:68:9f:07:b0:02:6b:ab:43:12:e8:8e:
4e:13:b3:d3:33:23:4c:32:f3:00:fd:69:a5:67:0e:
8b:26:ce:25:ad:ee:98:aa:6c:3a:56:23:25:23:7c:
80:b1:71:7f:74:0e:74:65:f4:3a:a3:a7:fd:4d:44:
fb:4b:7a:ef:57:b1:a2:ab:80:69:06:75:b6:13:0a:
f1:41:1a:aa:9e:66:c1:fb:56:32:75:29:c7:fe:d4:
46:45:81:b2:e9:45:ae:22:b5:41:5e:45:c6:dc:43:
c1:42:7d:81:a4:a3:94:8f:1c:b4:73:25:18:e5:8a:
25:29:4e:57:85:41:c7:05:c1:4f:0f:60:7e:2a:a0:
bd:fb:07:8d:d9:30:f9:bf:99:20:3b:90:4f:b5:1e:
1c:fa:e6:1e:c8:fc:0e:41:a2:4a:71:29:27:de:40:
19:73:2c:e0:7c:ff:80:ad:2b:95:6f:5e:72:45:59:
c1:70:1b:b6:3b:23:9f:6e:ea:eb:ad:c9:fe:9f:75:
f4:f4:09:17:c5:44:3a:bf:2b:6b:21:67:41:e1:13:
c0:1f:9a:10:e9:fa:7e:cf:be:e8:53:bd:af:2d:76:
f1:da:d3:3f:0f:86:53:e6:41:09:47:53:77:07:6f:
79:a9:a6:23:34:ed:45:d8:d9:a2:c0:4d:20:b2:d3:
e2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:65:39:BE:59:ED:EC:4F:D6:73:A9:CB:B8:9E:93:2C:60:09:31:A3
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/K2U5vlnt7E_Wc6nLuJ6TLGAJMaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
185.231.108.0/22
IPv6:
2a0f:aac0::-2a0f:aac0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b4:14:bc:6b:6d:8c:22:8a:e2:bb:f3:24:b4:aa:70:44:5b:67:
90:34:09:7b:7b:8a:cf:0b:ee:90:19:71:a2:19:e0:1d:f2:86:
c4:d3:81:3d:04:64:bf:21:83:21:b9:ac:a4:50:6b:00:23:ee:
0d:62:55:4c:80:ff:f4:a6:43:89:93:45:20:13:d7:3b:52:c6:
d8:05:11:bb:0a:4b:87:59:f7:1a:0f:0e:32:39:aa:0c:cd:8f:
ec:77:4d:9d:9c:43:75:23:d0:9a:d4:85:72:4c:5d:a6:ac:ea:
bd:12:a2:96:95:3f:80:e4:9e:94:e2:0f:01:bb:43:0b:f1:87:
8a:7a:c3:fd:02:11:c6:6e:af:4b:58:3c:68:8a:77:cc:f5:6b:
19:b7:ad:e1:ec:d3:18:82:08:d9:53:23:54:64:ad:1e:de:3f:
89:ae:b6:01:48:d7:17:35:a9:2a:72:2d:42:84:95:6f:90:09:
39:7f:00:09:82:af:d0:f0:d3:d8:0d:1d:a3:f9:1b:51:f0:50:
09:8a:40:27:5d:ed:c8:f4:7e:d4:72:90:85:34:4e:05:20:e8:
b7:c2:12:59:8a:23:38:f9:eb:7f:38:d1:8e:97:f0:1d:7a:ae:
21:b8:b2:9d:79:fe:4b:e4:15:99:ca:a0:e9:84:bc:08:08:6c:
6e:11:61:c2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDSU08Jh6ProXO+G7QKKC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjY1MzliZTU5ZWRlYzRmZDY3M2E5Y2JiODllOTMyYzYwMDkzMWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydUuaJ8HsAJrq0MS6I5OE7PTMyNM
MvMA/WmlZw6LJs4lre6Yqmw6ViMlI3yAsXF/dA50ZfQ6o6f9TUT7S3rvV7Giq4Bp
BnW2EwrxQRqqnmbB+1YydSnH/tRGRYGy6UWuIrVBXkXG3EPBQn2BpKOUjxy0cyUY
5YolKU5XhUHHBcFPD2B+KqC9+weN2TD5v5kgO5BPtR4c+uYeyPwOQaJKcSkn3kAZ
cyzgfP+ArSuVb15yRVnBcBu2OyOfburrrcn+n3X09AkXxUQ6vytrIWdB4RPAH5oQ
6fp+z77oU72vLXbx2tM/D4ZT5kEJR1N3B295qaYjNO1F2NmiwE0gstPiPwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCtlOb5Z7exP1nOpy7iekyxgCTGjMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvSzJVNXZsbnQ3RV9XYzZuTHVKNlRMR0FKTWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBuYEQAwQC
uedsMBgEAgACMBIwEAMFBioPqsADBwAqD6rAAAQwDQYJKoZIhvcNAQELBQADggEB
ALQUvGttjCKK4rvzJLSqcERbZ5A0CXt7is8L7pAZcaIZ4B3yhsTTgT0EZL8hgyG5
rKRQawAj7g1iVUyA//SmQ4mTRSAT1ztSxtgFEbsKS4dZ9xoPDjI5qgzNj+x3TZ2c
Q3Uj0JrUhXJMXaas6r0SopaVP4DknpTiDwG7Qwvxh4p6w/0CEcZur0tYPGiKd8z1
axm3reHs0xiCCNlTI1RkrR7eP4mutgFI1xc1qSpyLUKElW+QCTl/AAmCr9Dw09gN
HaP5G1HwUAmKQCdd7cj0ftRykIU0TgUg6LfCElmKIzj563840Y6X8B16riG4sp15
/kvkFZnKoOmEvAgIbG4RYcI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org