Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/2N-ewhXT0dLKhn4Mqr5GYAhwtII.roa
File: 2N-ewhXT0dLKhn4Mqr5GYAhwtII.roa (raw, json)
Hash identifier: Lzfz3OMBeS7eKVAh3NPVc5j2UfRtrv36wfzwLPVVrYo=
Subject key identifier: D8:DF:9E:C2:15:D3:D1:D2:CA:86:7E:0C:AA:BE:46:60:08:70:B4:82
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 01856F4B69FC7D21F4538F5CF84CB64B8AE1
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/2N-ewhXT0dLKhn4Mqr5GYAhwtII.roa
Signing time: Sun 01 Jan 2023 21:44:51 +0000
ROA not before: Sun 01 Jan 2023 21:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62113
IP address blocks: 185.38.27.0/24 maxlen: 24
194.31.164.0/22 maxlen: 24
45.136.36.0/22 maxlen: 24
185.38.24.0/22 maxlen: 24
2a00:fbe0::/32 maxlen: 48
2a00:fbe0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:69:fc:7d:21:f4:53:8f:5c:f8:4c:b6:4b:8a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Jan 1 21:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8df9ec215d3d1d2ca867e0caabe46600870b482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:86:bc:2b:77:83:40:8c:1d:a7:9c:29:9f:22:
8c:8a:0f:65:cc:a1:6e:22:18:2e:26:05:26:8d:93:
4a:68:6b:be:35:e4:da:25:b6:e1:e5:ee:99:8f:6c:
ec:a9:12:d8:79:f4:3a:40:18:0d:bb:e7:f6:5b:75:
4d:e2:77:16:b4:bc:b2:40:aa:0d:47:b5:1e:a4:72:
ce:cd:94:2c:3a:14:18:66:1e:b1:4c:b3:da:42:6a:
30:94:5c:bf:4b:5d:ee:59:c5:b8:ea:78:69:13:5a:
96:4e:df:e1:5c:ba:37:01:cf:dd:96:ce:90:d8:e7:
76:1b:1a:77:78:62:19:b0:1a:9b:c3:87:d6:38:2c:
c3:8b:73:ca:65:20:02:aa:5b:06:5e:09:7b:ef:98:
db:9e:2c:62:6f:e2:dd:d3:47:d8:43:1b:17:83:86:
c4:a1:12:00:33:c2:81:af:c7:1d:c2:ee:2c:0c:b2:
ad:2c:15:a3:c0:37:4e:01:9c:18:ec:fe:ef:4c:24:
7d:be:30:62:87:c3:6e:14:61:62:22:11:37:7f:dc:
78:8b:75:12:de:03:ca:8f:cb:87:9a:72:72:de:cb:
70:fa:a1:09:ed:a5:b6:43:82:35:4f:e2:8a:2c:19:
00:bc:1f:75:d3:42:21:18:8c:42:03:9e:2f:ab:e9:
a3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DF:9E:C2:15:D3:D1:D2:CA:86:7E:0C:AA:BE:46:60:08:70:B4:82
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/2N-ewhXT0dLKhn4Mqr5GYAhwtII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.36.0/22
185.38.24.0/22
194.31.164.0/22
IPv6:
2a00:fbe0::/32
Signature Algorithm: sha256WithRSAEncryption
35:30:69:6a:6d:d0:ad:35:37:da:b9:4b:9a:d6:18:56:95:af:
1f:e2:ad:d5:15:61:24:a6:56:ad:8d:25:96:9f:85:ee:57:f6:
89:a6:f6:ef:ca:e7:71:f7:8a:57:e4:ed:0a:bb:b0:45:82:1e:
9d:7c:40:ce:d9:ae:58:3f:2d:c6:8a:32:d1:8a:b6:6d:83:66:
3a:57:dc:45:c7:d4:37:5d:a0:89:88:8d:53:76:b5:44:00:65:
9b:62:0a:66:74:2f:61:6f:cc:29:cd:c8:c5:12:7b:3a:ae:aa:
0e:16:7e:8d:72:9e:7a:77:f1:76:5a:fe:75:eb:d9:2d:f4:f1:
76:9a:3c:fe:ee:ba:1a:c9:c2:61:20:5f:37:ce:79:6e:dd:3e:
f9:de:74:95:ff:5f:2b:00:b9:b6:e1:d7:3f:07:f8:f9:1b:53:
1d:a4:a9:39:80:e7:6b:25:e3:91:9c:9c:87:ff:cb:f5:3e:21:
a8:fa:bc:8a:fa:4d:96:70:16:67:ee:2c:10:77:c8:48:0f:05:
05:19:6a:9a:cb:68:6e:4f:8f:41:22:4a:63:9c:4c:1c:14:c6:
50:6c:76:d8:f3:b4:f6:66:ae:3b:0b:4a:8c:4d:c4:a2:1f:27:
b6:fe:0b:53:99:54:32:d3:ad:d7:4c:41:8e:75:20:61:39:3c:
b3:75:1a:1e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvS2n8fSH0U49c+Ey2S4rhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjMwMTAxMjE0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRmOWVjMjE1ZDNkMWQyY2E4NjdlMGNhYWJlNDY2MDA4NzBiNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIa8K3eDQIwdp5wpnyKMig9lzKFu
IhguJgUmjZNKaGu+NeTaJbbh5e6Zj2zsqRLYefQ6QBgNu+f2W3VN4ncWtLyyQKoN
R7UepHLOzZQsOhQYZh6xTLPaQmowlFy/S13uWcW46nhpE1qWTt/hXLo3Ac/dls6Q
2Od2Gxp3eGIZsBqbw4fWOCzDi3PKZSACqlsGXgl775jbnixib+Ld00fYQxsXg4bE
oRIAM8KBr8cdwu4sDLKtLBWjwDdOAZwY7P7vTCR9vjBih8NuFGFiIhE3f9x4i3US
3gPKj8uHmnJy3stw+qEJ7aW2Q4I1T+KKLBkAvB9100IhGIxCA54vq+mjSQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNjfnsIV09HSyoZ+DKq+RmAIcLSCMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvMk4tZXdoWFQwZExLaG40TXFyNUdZQWh3dElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLYgkAwQC
uSYYAwQCwh+kMA0EAgACMAcDBQAqAPvgMA0GCSqGSIb3DQEBCwUAA4IBAQA1MGlq
bdCtNTfauUua1hhWla8f4q3VFWEkplatjSWWn4XuV/aJpvbvyudx94pX5O0Ku7BF
gh6dfEDO2a5YPy3GijLRirZtg2Y6V9xFx9Q3XaCJiI1TdrVEAGWbYgpmdC9hb8wp
zcjFEns6rqoOFn6Ncp56d/F2Wv5169kt9PF2mjz+7roaycJhIF83znlu3T753nSV
/18rALm24dc/B/j5G1MdpKk5gOdrJeORnJyH/8v1PiGo+ryK+k2WcBZn7iwQd8hI
DwUFGWqay2huT49BIkpjnEwcFMZQbHbY87T2Zq47C0qMTcSiHye2/gtTmVQy063X
TEGOdSBhOTyzdRoe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:32 2024 by rpki-client on console-ams.rpki-client.org