Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/L2gCIqPbXGKN9j2c4UgRjKaUyuw.roa
File: L2gCIqPbXGKN9j2c4UgRjKaUyuw.roa (raw, json)
Hash identifier: Q8NfkY/lzAWb5kmKZyZ7nJiRh4tcIqljhNGxyv1pGhg=
Subject key identifier: 2F:68:02:22:A3:DB:5C:62:8D:F6:3D:9C:E1:48:11:8C:A6:94:CA:EC
Certificate issuer: /CN=614b70ff9c22ffe0b77f43f41c08074de6f36e1b
Certificate serial: 01856F5483CDFE2D442EBDA99539BAAC0FA0
Authority key identifier: 61:4B:70:FF:9C:22:FF:E0:B7:7F:43:F4:1C:08:07:4D:E6:F3:6E:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUtw_5wi_-C3f0P0HAgHTebzbhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/L2gCIqPbXGKN9j2c4UgRjKaUyuw.roa
Signing time: Sun 01 Jan 2023 21:54:47 +0000
ROA not before: Sun 01 Jan 2023 21:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57280
IP address blocks: 109.163.200.0/21 maxlen: 21
185.60.172.0/22 maxlen: 22
185.60.174.0/24 maxlen: 24
185.60.175.0/24 maxlen: 24
2a03:5584::/30 maxlen: 30
2a03:5580::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:83:cd:fe:2d:44:2e:bd:a9:95:39:ba:ac:0f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614b70ff9c22ffe0b77f43f41c08074de6f36e1b
Validity
Not Before: Jan 1 21:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f680222a3db5c628df63d9ce148118ca694caec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fc:20:9b:89:4b:45:70:7b:f6:d0:92:8d:b3:
58:fd:2e:49:5e:2f:77:0d:02:14:a4:de:52:d5:62:
30:b8:c3:95:d6:12:d5:ed:62:05:53:f0:e3:c2:dc:
96:ec:16:8c:63:17:5b:f4:fc:0a:f1:7b:a4:77:8b:
80:e7:7d:00:a8:6d:c9:b7:52:c4:6e:ed:b0:48:6c:
8e:e2:6f:5b:c4:cf:4a:5d:1c:ed:10:bd:b0:26:49:
22:a1:c1:f2:7b:02:09:ef:af:6d:20:96:ec:07:de:
04:77:3e:ad:21:62:b1:79:85:2f:89:4b:4f:c7:5f:
4e:1c:3f:c5:df:ae:4f:23:8f:dc:96:79:f2:d8:a6:
f6:66:e5:9b:2e:61:71:ed:e7:5c:73:53:6b:d6:e7:
35:cf:fb:43:88:34:c9:9a:e5:e3:62:4f:26:80:17:
ef:19:20:a5:fb:7f:52:0f:f8:6b:56:6b:e2:7c:d8:
f4:be:ab:56:f8:ff:f6:da:7e:d6:53:b7:2f:21:2d:
8a:5c:ca:12:09:c7:a8:5f:5e:f9:26:2e:f6:d9:7d:
e7:d7:bf:ee:62:2f:c4:f5:37:67:7b:8c:a7:c6:f5:
9c:6b:18:7b:36:a3:af:9b:0b:38:74:e8:a2:c7:0d:
fa:de:6e:6c:5e:79:dc:d1:35:de:f3:16:e9:af:72:
31:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:68:02:22:A3:DB:5C:62:8D:F6:3D:9C:E1:48:11:8C:A6:94:CA:EC
X509v3 Authority Key Identifier:
keyid:61:4B:70:FF:9C:22:FF:E0:B7:7F:43:F4:1C:08:07:4D:E6:F3:6E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUtw_5wi_-C3f0P0HAgHTebzbhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/L2gCIqPbXGKN9j2c4UgRjKaUyuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/YUtw_5wi_-C3f0P0HAgHTebzbhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.163.200.0/21
185.60.172.0/22
IPv6:
2a03:5580::/29
Signature Algorithm: sha256WithRSAEncryption
12:93:0f:e5:f6:c7:c3:4c:fd:fc:27:2d:d9:98:d5:ea:f5:32:
13:df:87:60:c4:48:cf:cd:30:43:55:30:8a:f4:12:9a:82:ad:
86:1d:2b:0e:dd:48:f0:df:11:cd:e6:93:c8:1d:d8:5c:d6:f8:
cf:50:df:ca:f5:9b:47:d9:cd:dc:d3:73:74:84:20:0b:2e:59:
93:85:61:86:38:05:26:e2:2b:aa:4e:7d:d9:ed:e0:44:39:69:
c7:e3:3a:79:a2:5d:be:06:7b:84:22:85:96:84:14:46:26:6d:
1b:79:e1:ed:64:fc:47:af:e1:66:13:f3:75:dc:dc:41:4b:2b:
3c:07:0a:19:3c:b9:dd:b0:40:a4:84:f2:e2:a4:a5:ac:24:ea:
d2:c2:2f:4d:f5:9f:d1:91:a7:ea:19:40:56:1f:1a:19:c0:93:
84:bd:85:3f:40:86:6a:8a:c4:57:31:37:af:6a:d7:48:7f:13:
a1:7a:db:15:32:f5:22:35:97:c6:a0:b8:c6:8b:c9:80:c1:b6:
f6:4b:85:1f:41:7c:77:8b:69:8b:b4:18:c5:3c:9f:7e:a1:e3:
ff:2e:b3:4a:68:9a:89:36:59:68:00:36:d0:d7:12:4d:6b:af:
e7:0f:d0:49:59:11:0e:06:58:8a:82:d2:b9:05:55:e7:bd:a3:
1e:f5:c5:47
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvVIPN/i1ELr2plTm6rA+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGI3MGZmOWMyMmZmZTBiNzdmNDNmNDFjMDgwNzRkZTZm
MzZlMWIwHhcNMjMwMTAxMjE1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjY4MDIyMmEzZGI1YzYyOGRmNjNkOWNlMTQ4MTE4Y2E2OTRjYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovwgm4lLRXB79tCSjbNY/S5JXi93
DQIUpN5S1WIwuMOV1hLV7WIFU/DjwtyW7BaMYxdb9PwK8Xukd4uA530AqG3Jt1LE
bu2wSGyO4m9bxM9KXRztEL2wJkkiocHyewIJ769tIJbsB94Edz6tIWKxeYUviUtP
x19OHD/F365PI4/clnny2Kb2ZuWbLmFx7edcc1Nr1uc1z/tDiDTJmuXjYk8mgBfv
GSCl+39SD/hrVmvifNj0vqtW+P/22n7WU7cvIS2KXMoSCceoX175Ji722X3n17/u
Yi/E9Tdne4ynxvWcaxh7NqOvmws4dOiixw363m5sXnnc0TXe8xbpr3IxwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC9oAiKj21xijfY9nOFIEYymlMrsMB8GA1UdIwQY
MBaAFGFLcP+cIv/gt39D9BwIB03m824bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV0d181d2lfLUMzZjBQMEhBZ0hUZWJ6YmhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi85NzFmMTctMGJmOC00YmExLWI3Njgt
NTVmZWMxMjUyYWIwLzEvTDJnQ0lxUGJYR0tOOWoyYzRVZ1JqS2FVeXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi85NzFmMTctMGJmOC00YmExLWI3NjgtNTVmZWMxMjUyYWIw
LzEvWVV0d181d2lfLUMzZjBQMEhBZ0hUZWJ6YmhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbaPIAwQC
uTysMA0EAgACMAcDBQMqA1WAMA0GCSqGSIb3DQEBCwUAA4IBAQASkw/l9sfDTP38
Jy3ZmNXq9TIT34dgxEjPzTBDVTCK9BKagq2GHSsO3Ujw3xHN5pPIHdhc1vjPUN/K
9ZtH2c3c03N0hCALLlmThWGGOAUm4iuqTn3Z7eBEOWnH4zp5ol2+BnuEIoWWhBRG
Jm0beeHtZPxHr+FmE/N13NxBSys8BwoZPLndsECkhPLipKWsJOrSwi9N9Z/Rkafq
GUBWHxoZwJOEvYU/QIZqisRXMTevatdIfxOhetsVMvUiNZfGoLjGi8mAwbb2S4Uf
QXx3i2mLtBjFPJ9+oeP/LrNKaJqJNlloADbQ1xJNa6/nD9BJWREOBliKgtK5BVXn
vaMe9cVH
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:01 2024 by rpki-client on console-fra.rpki-client.org