Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2jL9SEAFSEDJPCsLXZ9Q4vTNvjI.roa
File: 2jL9SEAFSEDJPCsLXZ9Q4vTNvjI.roa (raw, json)
Hash identifier: aDqaT7E3LX8FAN1E5jCRDmK3rIhGtTu1kYXpWoC6R4E=
Subject key identifier: DA:32:FD:48:40:05:48:40:C9:3C:2B:0B:5D:9F:50:E2:F4:CD:BE:32
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D523A7870A195446FE4E8BB47F8DE6AF6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2jL9SEAFSEDJPCsLXZ9Q4vTNvjI.roa
Signing time: Sun 28 Jan 2024 22:39:40 +0000
ROA not before: Sun 28 Jan 2024 22:39:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.121.12.0/22 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.209.74.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.22.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.240.120.0/23 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 10:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:52:3a:78:70:a1:95:44:6f:e4:e8:bb:47:f8:de:6a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 28 22:39:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da32fd4840054840c93c2b0b5d9f50e2f4cdbe32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d8:5e:43:7a:09:1a:e3:2c:3c:d7:28:24:39:
9b:28:2c:ad:11:5f:a5:5a:c2:af:40:b5:91:13:0d:
99:81:51:f0:1b:35:a4:d7:73:47:5f:0b:1c:b2:63:
bb:69:a5:10:95:cc:90:2d:3e:30:21:19:c4:4d:53:
a2:12:74:fa:dd:bd:e9:cb:1e:08:80:d9:3f:41:be:
fd:a7:7f:16:8a:0a:78:0f:7b:82:3d:bc:1f:48:9f:
ab:99:e0:01:3d:01:f8:61:9c:b1:e4:a4:f7:ab:fa:
4a:27:5c:28:08:05:19:11:76:3e:1e:87:25:18:ac:
d9:d6:24:e5:0e:63:a5:9f:f8:21:99:65:a0:07:fd:
ef:89:b5:5f:1a:3a:82:f9:72:5f:7d:99:67:d9:7e:
fd:66:8c:59:c5:7d:15:e6:ef:af:28:75:6a:37:db:
a4:46:10:af:57:35:74:88:b5:e7:47:67:f4:c7:29:
1a:6b:52:9c:28:af:9a:04:12:4d:80:73:5f:80:97:
1c:02:70:59:51:6c:fe:a1:2d:86:4a:ea:51:7d:14:
87:04:9f:95:40:34:02:ae:1b:63:2e:68:a6:fe:4f:
ac:81:c7:17:27:7f:f4:89:5a:0a:9f:0b:a6:2b:43:
ca:ee:54:ff:26:eb:78:b8:f0:4b:f5:46:cb:99:11:
7c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:32:FD:48:40:05:48:40:C9:3C:2B:0B:5D:9F:50:E2:F4:CD:BE:32
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2jL9SEAFSEDJPCsLXZ9Q4vTNvjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/22
185.199.159.0/24
185.206.248.0/23
185.206.251.0/24
185.209.36.0/23
185.209.74.0/24
185.210.152.0/22
185.218.102.0/24
185.223.76.0/24
185.223.80.0/24
185.225.2.0/24
185.225.22.0/24
185.226.105.0/24
185.226.107.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:35:6f:d7:de:2c:c0:e9:f4:b3:0e:5e:bc:87:34:a8:66:e5:
40:43:e8:11:eb:64:6f:2b:af:4c:48:e0:f0:c4:a3:bd:2e:f8:
52:1e:45:77:4a:2f:f5:53:52:ed:44:44:c9:87:75:8e:47:e4:
90:bd:75:d3:82:6d:97:b4:47:ea:20:4c:80:54:30:80:52:f0:
96:98:32:f7:8f:84:59:17:34:05:f5:52:b5:07:b2:ac:5e:12:
bc:83:0a:bd:7e:01:2b:87:59:c1:d9:52:2b:83:df:63:ac:52:
9a:94:92:17:f2:79:a4:b2:a3:31:74:68:a0:f5:52:81:01:fa:
36:08:b0:19:ce:e5:63:01:d5:59:d6:24:30:e0:61:b1:0d:26:
44:2e:c0:3c:88:eb:0d:79:00:d2:09:39:65:1d:9a:8c:92:24:
5c:ac:13:d7:c8:85:61:ce:66:f3:a2:73:68:dd:a0:5f:fc:7a:
5d:fa:76:e3:7a:56:b6:9c:29:1c:ae:80:03:d8:d8:94:86:6c:
3a:e5:81:f6:c7:b6:3e:f3:81:c0:8a:00:7a:be:dc:58:3e:73:
96:b5:62:c1:f0:3b:93:0e:c0:6f:27:38:95:3c:20:a9:9d:7f:
4e:d8:4a:8b:d2:b0:d6:9a:f3:4c:0a:8f:a2:b4:45:37:e9:4f:
79:c2:79:6a
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY1SOnhwoZVEb+Tou0f43mr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTI4MjIzOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTMyZmQ0ODQwMDU0ODQwYzkzYzJiMGI1ZDlmNTBlMmY0Y2RiZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdheQ3oJGuMsPNcoJDmbKCytEV+l
WsKvQLWREw2ZgVHwGzWk13NHXwscsmO7aaUQlcyQLT4wIRnETVOiEnT63b3pyx4I
gNk/Qb79p38Wigp4D3uCPbwfSJ+rmeABPQH4YZyx5KT3q/pKJ1woCAUZEXY+Hocl
GKzZ1iTlDmOln/ghmWWgB/3vibVfGjqC+XJffZln2X79ZoxZxX0V5u+vKHVqN9uk
RhCvVzV0iLXnR2f0xykaa1KcKK+aBBJNgHNfgJccAnBZUWz+oS2GSupRfRSHBJ+V
QDQCrhtjLmim/k+sgccXJ3/0iVoKnwumK0PK7lT/Jut4uPBL9UbLmRF8hwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFNoy/UhABUhAyTwrC12fUOL0zb4yMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMmpMOVNFQUZTRURKUENzTFhaOVE0dlROdmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEArl5DAME
ALnHnwMEAbnO+AMEALnO+wMEAbnRJAMEALnRSgMEArnSmAMEALnaZgMEALnfTAME
ALnfUAMEALnhAgMEALnhFgMEALniaQMEALniawMEALnjkQMEArnqFAMEArnu5AME
AbnweAMEALn75zANBgkqhkiG9w0BAQsFAAOCAQEAXzVv194swOn0sw5evIc0qGbl
QEPoEetkbyuvTEjg8MSjvS74Uh5Fd0ov9VNS7UREyYd1jkfkkL1104Jtl7RH6iBM
gFQwgFLwlpgy94+EWRc0BfVStQeyrF4SvIMKvX4BK4dZwdlSK4PfY6xSmpSSF/J5
pLKjMXRooPVSgQH6NgiwGc7lYwHVWdYkMOBhsQ0mRC7APIjrDXkA0gk5ZR2ajJIk
XKwT18iFYc5m86JzaN2gX/x6Xfp243pWtpwpHK6AA9jYlIZsOuWB9se2PvOBwIoA
er7cWD5zlrViwfA7kw7Abyc4lTwgqZ1/TthKi9Kw1przTAqPorRFN+lPecJ5ag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org