Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/2dbsN5X085OyzA6ohjxPHAwxJYc.roa
File: 2dbsN5X085OyzA6ohjxPHAwxJYc.roa (raw, json)
Hash identifier: pk1H5tucfJATejWYiyv3WVX81qTLL+pVGTFHfhDynBI=
Subject key identifier: D9:D6:EC:37:95:F4:F3:93:B2:CC:0E:A8:86:3C:4F:1C:0C:31:25:87
Certificate issuer: /CN=10e8da8407f9f748e81fe9da9eb06b3b17d067dd
Certificate serial: 018CC64B5762F8130B4670934E76FC9CDF0F
Authority key identifier: 10:E8:DA:84:07:F9:F7:48:E8:1F:E9:DA:9E:B0:6B:3B:17:D0:67:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EOjahAf590joH-nanrBrOxfQZ90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/2dbsN5X085OyzA6ohjxPHAwxJYc.roa
Signing time: Mon 01 Jan 2024 18:31:15 +0000
ROA not before: Mon 01 Jan 2024 18:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57468
IP address blocks: 194.60.240.0/23 maxlen: 23
45.15.220.0/22 maxlen: 22
194.60.241.0/24 maxlen: 24
185.6.210.0/24 maxlen: 24
185.6.211.0/24 maxlen: 24
185.6.208.0/22 maxlen: 22
185.6.209.0/24 maxlen: 24
185.144.32.0/22 maxlen: 22
2a03:1040::/32 maxlen: 32
2a07:3a80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 26 Apr 2024 09:46:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:57:62:f8:13:0b:46:70:93:4e:76:fc:9c:df:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10e8da8407f9f748e81fe9da9eb06b3b17d067dd
Validity
Not Before: Jan 1 18:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9d6ec3795f4f393b2cc0ea8863c4f1c0c312587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:59:2e:25:d3:e0:c2:a0:13:87:0b:b4:cc:f0:
4f:0c:51:ad:ec:cf:72:d5:9d:0c:94:f5:44:b9:de:
96:11:fa:46:38:e9:f0:2f:29:9f:85:0d:0c:33:a2:
57:33:01:fc:f6:a1:d6:16:56:5b:c1:39:4f:1c:bf:
4c:1c:f1:9d:1d:b0:93:44:90:da:e3:e2:e0:fb:1f:
c3:fc:53:27:cf:a2:20:b6:66:bf:6a:9b:71:5a:59:
5d:cb:e8:5e:66:46:33:45:76:2f:29:22:85:c5:d7:
8f:b5:33:42:d0:32:42:5d:ab:a2:80:94:7d:17:c8:
da:57:4f:9d:8e:6f:45:58:45:05:71:cb:f4:7a:2a:
09:d1:1a:33:43:ae:7a:9b:7a:61:1f:ce:2e:2d:c5:
2a:c0:a7:47:9c:58:c5:51:00:90:24:09:90:3e:63:
b3:cb:8e:8a:b5:60:40:f4:67:49:47:e6:fb:62:d5:
d4:b8:dc:05:5e:89:d3:01:8f:87:14:62:a1:5f:50:
71:5b:4c:86:62:aa:26:b6:6d:e1:ba:c0:c3:96:74:
df:0d:1a:05:6e:95:4e:3d:68:d9:75:05:76:12:4f:
50:51:69:48:7f:d8:8f:9b:c6:9e:a1:65:2a:87:95:
ae:a6:09:3c:e9:e2:99:fe:66:a4:72:aa:d8:d8:63:
a2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D6:EC:37:95:F4:F3:93:B2:CC:0E:A8:86:3C:4F:1C:0C:31:25:87
X509v3 Authority Key Identifier:
keyid:10:E8:DA:84:07:F9:F7:48:E8:1F:E9:DA:9E:B0:6B:3B:17:D0:67:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EOjahAf590joH-nanrBrOxfQZ90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/2dbsN5X085OyzA6ohjxPHAwxJYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/EOjahAf590joH-nanrBrOxfQZ90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.220.0/22
185.6.208.0/22
185.144.32.0/22
194.60.240.0/23
IPv6:
2a03:1040::/32
2a07:3a80::/29
Signature Algorithm: sha256WithRSAEncryption
7d:aa:b4:67:f4:a9:c0:c5:22:28:e9:4d:f2:8f:1f:84:4c:40:
68:da:dd:9a:09:89:0f:39:9a:7d:f9:c8:d2:77:89:3c:e5:08:
e0:ae:44:e9:b9:d1:1f:eb:1b:18:aa:07:96:3a:c3:84:a6:c0:
2e:80:62:52:a3:00:44:fe:3a:d0:96:cc:d1:9c:cd:ef:a6:f5:
fe:dd:0e:8d:dd:36:11:ea:0c:1f:da:33:a2:74:64:3f:35:5a:
7a:41:80:4a:97:94:9f:9a:d5:ab:d8:7b:ff:9e:82:5d:72:c7:
f3:db:10:49:0c:89:05:57:8b:98:c7:95:8d:74:77:2c:c1:0f:
e1:1d:1a:91:9f:f4:56:be:98:df:ec:ed:b3:7e:89:5b:5e:17:
2d:5f:32:48:99:d4:72:f5:15:1f:42:b2:12:15:a0:5b:39:a3:
f4:4c:a0:ed:b1:61:0e:7b:d0:91:88:48:95:54:1f:5e:e2:34:
f6:d2:6e:57:69:60:d8:02:da:6c:3b:45:46:51:42:25:4c:4a:
32:88:af:0e:70:00:56:0b:7a:3c:97:c5:29:4e:1c:0c:05:1c:
49:21:f8:33:9e:76:f5:28:6d:f1:16:68:58:ca:3c:46:e5:85:
d3:54:8c:ba:9d:04:c6:a9:90:3c:2e:c4:46:43:bb:5e:9b:3e:
bc:83:b8:e1
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzGS1di+BMLRnCTTnb8nN8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZThkYTg0MDdmOWY3NDhlODFmZTlkYTllYjA2YjNiMTdk
MDY3ZGQwHhcNMjQwMTAxMTgzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ2ZWMzNzk1ZjRmMzkzYjJjYzBlYTg4NjNjNGYxYzBjMzEyNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1kuJdPgwqAThwu0zPBPDFGt7M9y
1Z0MlPVEud6WEfpGOOnwLymfhQ0MM6JXMwH89qHWFlZbwTlPHL9MHPGdHbCTRJDa
4+Lg+x/D/FMnz6Igtma/aptxWlldy+heZkYzRXYvKSKFxdePtTNC0DJCXauigJR9
F8jaV0+djm9FWEUFccv0eioJ0RozQ656m3phH84uLcUqwKdHnFjFUQCQJAmQPmOz
y46KtWBA9GdJR+b7YtXUuNwFXonTAY+HFGKhX1BxW0yGYqomtm3husDDlnTfDRoF
bpVOPWjZdQV2Ek9QUWlIf9iPm8aeoWUqh5Wupgk86eKZ/makcqrY2GOiQQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNnW7DeV9POTsswOqIY8TxwMMSWHMB8GA1UdIwQY
MBaAFBDo2oQH+fdI6B/p2p6wazsX0GfdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRU9qYWhBZjU5MGpvSC1uYW5yQnJPeGZRWjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81NTQ5ODgtZDFhOS00YjU0LTkzZWUt
MmNlZWE1Y2FmM2EwLzEvMmRic041WDA4NU95ekE2b2hqeFBIQXd4SlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81NTQ5ODgtZDFhOS00YjU0LTkzZWUtMmNlZWE1Y2FmM2Ew
LzEvRU9qYWhBZjU5MGpvSC1uYW5yQnJPeGZRWjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLQ/cAwQC
uQbQAwQCuZAgAwQBwjzwMBQEAgACMA4DBQAqAxBAAwUDKgc6gDANBgkqhkiG9w0B
AQsFAAOCAQEAfaq0Z/SpwMUiKOlN8o8fhExAaNrdmgmJDzmaffnI0neJPOUI4K5E
6bnRH+sbGKoHljrDhKbALoBiUqMARP460JbM0ZzN76b1/t0Ojd02EeoMH9ozonRk
PzVaekGASpeUn5rVq9h7/56CXXLH89sQSQyJBVeLmMeVjXR3LMEP4R0akZ/0Vr6Y
3+zts36JW14XLV8ySJnUcvUVH0KyEhWgWzmj9Eyg7bFhDnvQkYhIlVQfXuI09tJu
V2lg2ALabDtFRlFCJUxKMoivDnAAVgt6PJfFKU4cDAUcSSH4M5529Sht8RZoWMo8
RuWF01SMup0ExqmQPC7ERkO7Xps+vIO44Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:04 2024 by rpki-client on console-fra.rpki-client.org