Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/2fCAGe93Ih9AQNC_pZbYjYHPRtQ.roa
File: 2fCAGe93Ih9AQNC_pZbYjYHPRtQ.roa (raw, json)
Hash identifier: 8LGiTfoqNW1lHL3F3A8lgcz6F9zytawMAO9nvAuI4YA=
Subject key identifier: D9:F0:80:19:EF:77:22:1F:40:40:D0:BF:A5:96:D8:8D:81:CF:46:D4
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01892024345530566220757ADD789E93BF73
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/2fCAGe93Ih9AQNC_pZbYjYHPRtQ.roa
Signing time: Tue 04 Jul 2023 09:03:10 +0000
ROA not before: Tue 04 Jul 2023 09:03:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 94.26.90.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
45.141.232.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jul 2023 09:34:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:24:34:55:30:56:62:20:75:7a:dd:78:9e:93:bf:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jul 4 09:03:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9f08019ef77221f4040d0bfa596d88d81cf46d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:77:a5:50:0b:fc:c3:83:53:50:52:9a:bc:23:
a7:f0:c9:06:59:0f:33:af:0a:63:97:41:09:14:e3:
87:84:32:a7:8a:52:95:be:68:48:94:c7:75:50:52:
7f:0b:13:80:18:d6:9a:f7:7f:39:89:7a:6a:3a:61:
01:a1:d6:73:da:ef:4f:0c:50:8b:25:3e:18:c6:1c:
de:77:83:b2:27:6a:f1:3f:81:31:bf:06:89:53:6b:
65:bf:8b:53:ce:b0:88:ac:68:a3:17:d8:31:4a:af:
d9:ac:90:48:be:82:67:57:de:9d:dc:ea:61:80:86:
87:90:5b:bc:07:05:47:d6:e6:0c:68:e0:24:f8:b2:
9a:25:d9:03:36:fb:81:84:d7:a3:5f:c6:de:ac:6e:
5c:47:19:dc:89:0e:e8:7a:9a:13:23:5b:c3:2f:65:
dc:f9:4e:81:ab:c5:cb:d5:af:50:cb:43:bd:04:7d:
f4:5d:3e:4f:af:93:9e:37:d9:89:c0:f7:aa:df:cd:
c5:0d:f2:ab:fc:63:76:5e:07:93:03:67:38:e9:e0:
42:bf:83:dd:db:cd:a3:f5:d6:46:b9:0a:c0:fe:f6:
a7:b5:78:4c:fd:6e:50:ff:c4:c8:25:ab:c6:20:f9:
5f:d3:7d:62:22:c6:90:b6:97:08:4f:4a:99:b5:85:
ad:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F0:80:19:EF:77:22:1F:40:40:D0:BF:A5:96:D8:8D:81:CF:46:D4
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/2fCAGe93Ih9AQNC_pZbYjYHPRtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
91.92.33.0-91.92.35.255
91.92.49.0/24
93.152.205.0/24
93.152.207.0/24
93.152.219.0/24
93.152.223.0/24
94.26.90.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:24:bf:ab:a6:98:a3:5d:3f:5c:bc:75:42:22:6f:97:60:09:
58:9b:db:36:61:1e:67:84:c7:34:3e:5a:a1:84:93:68:43:a0:
0e:71:1f:1e:19:bb:31:3d:cd:b9:63:93:94:e0:13:f7:42:0f:
1b:af:98:55:09:53:4b:50:64:5c:0b:cf:b5:55:00:13:11:a4:
b6:af:23:17:ec:1a:6c:72:6d:61:79:1e:cd:38:02:de:52:e2:
d3:f4:65:4a:3d:43:f1:eb:c7:03:ef:27:12:72:6d:7c:49:86:
f7:52:ba:59:d6:a2:b4:b1:de:e0:22:58:3d:8a:3d:b0:4f:c2:
48:ca:21:8c:98:08:9b:57:47:33:20:5b:55:d7:0d:dc:07:0a:
2a:50:c0:e1:24:98:d7:1c:30:02:68:ff:ed:e8:09:c9:55:b6:
79:9e:b2:6b:76:f5:f7:e5:46:0a:f6:de:3d:c4:59:c5:04:30:
fa:1c:f1:21:9e:82:78:40:f7:64:3a:66:ca:e6:14:ea:58:cf:
d6:96:17:c9:ce:19:a7:35:2f:98:89:76:6e:9a:1f:78:8d:b4:
ab:0d:2f:2d:4b:3e:a4:21:0f:2c:b2:b1:a2:d5:6a:c4:5d:1a:
1b:de:bb:31:bf:52:05:be:b4:01:e8:e8:59:bf:6a:d0:6b:3a:
05:d3:bf:3f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYkgJDRVMFZiIHV63Xiek79zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwNzA0MDkwMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWYwODAxOWVmNzcyMjFmNDA0MGQwYmZhNTk2ZDg4ZDgxY2Y0NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnelUAv8w4NTUFKavCOn8MkGWQ8z
rwpjl0EJFOOHhDKnilKVvmhIlMd1UFJ/CxOAGNaa9385iXpqOmEBodZz2u9PDFCL
JT4Yxhzed4OyJ2rxP4ExvwaJU2tlv4tTzrCIrGijF9gxSq/ZrJBIvoJnV96d3Oph
gIaHkFu8BwVH1uYMaOAk+LKaJdkDNvuBhNejX8berG5cRxnciQ7oepoTI1vDL2Xc
+U6Bq8XL1a9Qy0O9BH30XT5Pr5OeN9mJwPeq383FDfKr/GN2XgeTA2c46eBCv4Pd
282j9dZGuQrA/vantXhM/W5Q/8TIJavGIPlf031iIsaQtpcIT0qZtYWt8QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNnwgBnvdyIfQEDQv6WW2I2Bz0bUMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvMmZDQUdlOTNJaDlBUU5DX3BaYllqWUhQUnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALY3oMAwD
BABbXCEDBAJbXCADBABbXDEDBABdmM0DBABdmM8DBABdmNsDBABdmN8DBABeGloD
BADUZmswDQYJKoZIhvcNAQELBQADggEBALUkv6ummKNdP1y8dUIib5dgCVib2zZh
HmeExzQ+WqGEk2hDoA5xHx4ZuzE9zbljk5TgE/dCDxuvmFUJU0tQZFwLz7VVABMR
pLavIxfsGmxybWF5Hs04At5S4tP0ZUo9Q/HrxwPvJxJybXxJhvdSulnWorSx3uAi
WD2KPbBPwkjKIYyYCJtXRzMgW1XXDdwHCipQwOEkmNccMAJo/+3oCclVtnmesmt2
9fflRgr23j3EWcUEMPoc8SGegnhA92Q6ZsrmFOpYz9aWF8nOGac1L5iJdm6aH3iN
tKsNLy1LPqQhDyyysaLVasRdGhveuzG/UgW+tAHo6Fm/atBrOgXTvz8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:26 2024 by rpki-client on console-ams.rpki-client.org