Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/2rt1AWDC90AD8HDVdwuCUT-pYf0.roa
File: 2rt1AWDC90AD8HDVdwuCUT-pYf0.roa (raw, json)
Hash identifier: P0bGA7IpPnHP1/ntupSV0M5FCDucUzCh2uw4HZDELnE=
Subject key identifier: DA:BB:75:01:60:C2:F7:40:03:F0:70:D5:77:0B:82:51:3F:A9:61:FD
Certificate issuer: /CN=7e1167886da81524431bbf2efb0572914b686ebc
Certificate serial: 0190311B596E64D0CEB240D09F04B18E5CA5
Authority key identifier: 7E:11:67:88:6D:A8:15:24:43:1B:BF:2E:FB:05:72:91:4B:68:6E:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/2rt1AWDC90AD8HDVdwuCUT-pYf0.roa
Signing time: Wed 19 Jun 2024 15:26:34 +0000
ROA not before: Wed 19 Jun 2024 15:26:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 195.160.0.0/18 maxlen: 18
195.160.96.0/19 maxlen: 19
195.160.148.0/24 maxlen: 24
195.160.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Aug 2024 13:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:31:1b:59:6e:64:d0:ce:b2:40:d0:9f:04:b1:8e:5c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e1167886da81524431bbf2efb0572914b686ebc
Validity
Not Before: Jun 19 15:26:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dabb750160c2f74003f070d5770b82513fa961fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3a:17:0d:c7:18:c6:20:59:e2:0c:9d:d0:a0:
ca:03:95:5e:4c:9a:a4:1e:a3:b7:a9:4c:42:ce:5c:
b9:42:39:12:02:d8:af:1e:1a:d1:80:2b:44:c8:07:
59:8a:66:29:b0:01:77:b6:5c:17:69:18:5a:6d:30:
c3:9f:75:77:1f:ac:2f:31:af:31:ad:d9:f9:26:9e:
f8:8c:fd:32:12:c5:c1:85:1d:c8:8e:af:18:2d:a6:
e0:dd:0b:db:da:68:98:08:ca:71:d9:bb:49:c8:f0:
5e:e4:96:40:ae:5a:37:36:19:d3:65:66:f7:9a:2e:
ed:9a:16:57:be:e9:63:a8:5d:21:78:2f:ba:4b:23:
54:a9:4a:56:5a:b4:69:66:0b:27:bc:a6:ef:e3:04:
03:81:55:eb:8e:1f:69:90:07:fc:e5:d4:39:a7:b7:
be:77:dc:21:c7:83:e9:74:34:9b:f5:a9:e1:1c:98:
cd:0a:2a:5d:a4:90:d0:a4:a9:13:e2:3e:20:8b:7c:
aa:08:fb:df:96:bb:f9:2e:2d:9b:7e:d4:00:87:ef:
c3:6b:1b:33:fc:cb:6e:15:52:ed:f3:fd:ed:02:27:
90:87:3c:3c:3d:41:52:d0:de:d0:fd:03:07:b6:84:
5e:d3:cf:83:26:1b:a0:8c:07:48:35:ed:94:9b:50:
4f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BB:75:01:60:C2:F7:40:03:F0:70:D5:77:0B:82:51:3F:A9:61:FD
X509v3 Authority Key Identifier:
keyid:7E:11:67:88:6D:A8:15:24:43:1B:BF:2E:FB:05:72:91:4B:68:6E:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/2rt1AWDC90AD8HDVdwuCUT-pYf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/fhFniG2oFSRDG78u-wVykUtobrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.0.0/18
195.160.96.0/19
195.160.148.0/23
Signature Algorithm: sha256WithRSAEncryption
04:22:4e:2c:e4:1f:31:b9:bf:4e:c3:7c:28:79:e7:4a:5d:51:
41:8c:49:13:3d:5d:b0:b9:bc:72:71:bc:41:0a:69:77:16:24:
9f:0c:4c:f0:98:67:da:4a:77:96:35:aa:c0:ab:00:e6:f4:0e:
d3:54:c4:4e:3a:4e:57:38:da:63:6c:78:0e:bd:9d:33:ae:3c:
46:5d:35:a7:12:16:69:88:f4:72:35:a6:e9:96:a8:65:20:38:
e9:be:16:e9:e6:3c:59:39:7d:9b:3c:4a:d5:f3:86:58:da:1d:
60:f3:a6:b1:5e:8c:c0:d5:b9:0d:e2:be:2d:f9:05:84:49:e7:
68:db:a6:09:ca:91:9e:58:d2:72:1e:ec:da:42:30:96:47:1a:
f2:5e:bd:46:c0:e9:26:7d:08:2c:65:69:1c:6e:99:26:a2:80:
11:65:62:a6:d3:a4:b7:49:3c:b4:d7:62:33:36:55:0e:9d:10:
33:4c:90:d9:0b:78:b1:4d:7f:78:1a:9c:a0:a3:58:f9:00:ad:
a5:84:e4:b9:6d:ce:70:13:ef:b7:1f:59:b2:9f:ba:25:db:b5:
61:d9:4d:c6:77:e1:60:db:12:20:f3:12:59:6f:3b:67:77:ab:
0a:24:99:6f:ec:bc:99:27:6d:87:76:47:58:b2:39:ea:60:5f:
19:e8:2e:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAxG1luZNDOskDQnwSxjlylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTE2Nzg4NmRhODE1MjQ0MzFiYmYyZWZiMDU3MjkxNGI2
ODZlYmMwHhcNMjQwNjE5MTUyNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJiNzUwMTYwYzJmNzQwMDNmMDcwZDU3NzBiODI1MTNmYTk2MWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDoXDccYxiBZ4gyd0KDKA5VeTJqk
HqO3qUxCzly5QjkSAtivHhrRgCtEyAdZimYpsAF3tlwXaRhabTDDn3V3H6wvMa8x
rdn5Jp74jP0yEsXBhR3Ijq8YLabg3Qvb2miYCMpx2btJyPBe5JZArlo3NhnTZWb3
mi7tmhZXvuljqF0heC+6SyNUqUpWWrRpZgsnvKbv4wQDgVXrjh9pkAf85dQ5p7e+
d9whx4PpdDSb9anhHJjNCipdpJDQpKkT4j4gi3yqCPvflrv5Li2bftQAh+/Daxsz
/MtuFVLt8/3tAieQhzw8PUFS0N7Q/QMHtoRe08+DJhugjAdINe2Um1BPWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNq7dQFgwvdAA/Bw1XcLglE/qWH9MB8GA1UdIwQY
MBaAFH4RZ4htqBUkQxu/LvsFcpFLaG68MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhGbmlHMm9GU1JERzc4dS13VnlrVXRvYnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mOTJjZDctNjQ2Yy00NDFiLWFlNDYt
OWIyODJjNjQzMjU2LzEvMnJ0MUFXREM5MEFEOEhEVmR3dUNVVC1wWWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9mOTJjZDctNjQ2Yy00NDFiLWFlNDYtOWIyODJjNjQzMjU2
LzEvZmhGbmlHMm9GU1JERzc4dS13VnlrVXRvYnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGw6AAAwQF
w6BgAwQBw6CUMA0GCSqGSIb3DQEBCwUAA4IBAQAEIk4s5B8xub9Ow3woeedKXVFB
jEkTPV2wubxycbxBCml3FiSfDEzwmGfaSneWNarAqwDm9A7TVMROOk5XONpjbHgO
vZ0zrjxGXTWnEhZpiPRyNabplqhlIDjpvhbp5jxZOX2bPErV84ZY2h1g86axXozA
1bkN4r4t+QWESedo26YJypGeWNJyHuzaQjCWRxryXr1GwOkmfQgsZWkcbpkmooAR
ZWKm06S3STy012IzNlUOnRAzTJDZC3ixTX94Gpygo1j5AK2lhOS5bc5wE++3H1my
n7ol27Vh2U3Gd+Fg2xIg8xJZbztnd6sKJJlv7LyZJ22HdkdYsjnqYF8Z6C4s
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:37 2025 by rpki-client