Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/b72999-0952-4576-b118-21e739563683/1/2s2CWTYRqri2sBTw3y4KuCV6nmE.roa
File: 2s2CWTYRqri2sBTw3y4KuCV6nmE.roa (raw, json)
Hash identifier: Dahg4R4Qc22uR3R48KWTMGfed8LvnDJDHe2995KrVFI=
Subject key identifier: DA:CD:82:59:36:11:AA:B8:B6:B0:14:F0:DF:2E:0A:B8:25:7A:9E:61
Certificate issuer: /CN=7701ee4c1a226f9f62429f35756a78980a5b457a
Certificate serial: 0185BF2FCF079D666983E12E6322A383DEED
Authority key identifier: 77:01:EE:4C:1A:22:6F:9F:62:42:9F:35:75:6A:78:98:0A:5B:45:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dwHuTBoib59iQp81dWp4mApbRXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/b72999-0952-4576-b118-21e739563683/1/2s2CWTYRqri2sBTw3y4KuCV6nmE.roa
Signing time: Tue 17 Jan 2023 10:04:19 +0000
ROA not before: Tue 17 Jan 2023 10:04:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204635
IP address blocks: 91.213.37.0/24 maxlen: 24
185.244.196.0/22 maxlen: 24
2a0d:3d80:245::/48 maxlen: 48
2a0d:3d80:248::/48 maxlen: 48
2a0d:3d80:150::/48 maxlen: 48
2001:67c:26ac::/48 maxlen: 48
2a0d:3d80:246::/48 maxlen: 48
2a0d:3d80:ffff::/48 maxlen: 48
2a0d:3d80::/29 maxlen: 48
2a0d:3d80:232::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:2f:cf:07:9d:66:69:83:e1:2e:63:22:a3:83:de:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7701ee4c1a226f9f62429f35756a78980a5b457a
Validity
Not Before: Jan 17 10:04:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dacd82593611aab8b6b014f0df2e0ab8257a9e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:aa:27:fd:8c:f9:cc:a9:33:26:8c:b8:8c:e7:
dd:e5:96:3c:ee:ac:f8:df:c0:42:7a:0f:c2:c6:6c:
51:f4:e3:31:c1:32:0a:82:5b:8a:e2:05:1c:ff:54:
4b:0c:ca:80:ab:02:33:05:d7:e9:1a:27:5d:0c:e6:
00:16:92:9a:f2:60:1b:dc:e1:2c:25:89:bd:f7:d4:
0e:c5:7d:e4:59:a8:43:57:b7:31:6c:3d:dc:48:aa:
1c:81:79:54:a5:d7:e3:9b:ce:66:84:9a:fb:dc:b6:
8c:58:f9:36:aa:06:e9:45:08:f2:25:b1:b3:67:b7:
12:71:51:a6:0e:16:b0:62:84:75:dd:db:e3:52:f3:
84:12:c2:35:c0:6f:3d:b6:68:43:23:9d:da:37:a9:
04:8f:65:6d:9c:75:33:67:b2:c0:28:95:7a:29:a2:
59:8b:23:7b:a5:22:57:d0:48:49:4b:88:33:b5:b1:
11:f0:98:38:e5:e6:cd:ba:08:9a:ed:25:29:01:32:
8a:0d:31:eb:f2:1a:bf:d9:90:b5:33:0f:a5:71:ab:
75:6d:95:ad:b2:84:98:16:3a:38:fe:66:a0:68:3d:
8a:29:a0:56:81:3b:67:16:58:33:8b:2c:3d:52:67:
da:a2:89:65:c1:14:e5:f6:08:f7:1c:64:6b:b1:af:
4d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CD:82:59:36:11:AA:B8:B6:B0:14:F0:DF:2E:0A:B8:25:7A:9E:61
X509v3 Authority Key Identifier:
keyid:77:01:EE:4C:1A:22:6F:9F:62:42:9F:35:75:6A:78:98:0A:5B:45:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dwHuTBoib59iQp81dWp4mApbRXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/b72999-0952-4576-b118-21e739563683/1/2s2CWTYRqri2sBTw3y4KuCV6nmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/b72999-0952-4576-b118-21e739563683/1/dwHuTBoib59iQp81dWp4mApbRXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.37.0/24
185.244.196.0/22
IPv6:
2001:67c:26ac::/48
2a0d:3d80::/29
Signature Algorithm: sha256WithRSAEncryption
3a:c2:02:81:b1:bf:9b:b8:bd:81:fe:ec:af:b4:b5:ee:46:eb:
e5:8f:f1:ae:9b:41:1c:65:9b:e2:71:b9:f3:32:c5:24:21:c1:
f1:9e:fb:8f:64:62:a2:7d:10:60:1b:28:cf:d4:53:85:05:24:
70:85:20:e2:c8:a7:1d:4b:aa:f9:51:90:4b:68:ed:45:e6:21:
68:22:f1:63:2c:20:b4:fe:e1:34:29:7d:e5:eb:c2:f2:a9:7f:
64:3a:eb:70:6d:a8:09:91:27:e1:30:ce:4c:ef:6e:fa:f7:0a:
c4:df:53:ca:af:d6:11:5d:19:39:03:26:79:9e:09:ae:23:83:
3c:79:c5:14:ba:ee:fc:d3:48:dc:b8:27:e3:26:d9:48:ec:7a:
c2:e1:92:33:b1:89:b8:56:97:13:84:66:cf:38:9f:76:a0:44:
81:ce:a1:ec:da:b3:24:b9:fc:a1:fd:3f:1c:ba:e9:a0:e8:47:
60:dc:a9:69:86:cb:04:23:8a:d1:5c:b7:a1:24:28:7e:9d:94:
dd:b4:b0:1b:c8:15:dc:e6:61:df:6e:ef:72:9c:1d:b5:5d:a8:
0d:5a:2c:50:4c:f6:4b:f9:66:df:d7:45:f2:9d:5e:8f:54:01:
90:86:be:27:d5:44:21:f2:a8:0d:b8:03:75:f0:88:f5:0f:cf:
35:ba:e0:b1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYW/L88HnWZpg+EuYyKjg97tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MDFlZTRjMWEyMjZmOWY2MjQyOWYzNTc1NmE3ODk4MGE1
YjQ1N2EwHhcNMjMwMTE3MTAwNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWNkODI1OTM2MTFhYWI4YjZiMDE0ZjBkZjJlMGFiODI1N2E5ZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6on/Yz5zKkzJoy4jOfd5ZY87qz4
38BCeg/CxmxR9OMxwTIKgluK4gUc/1RLDMqAqwIzBdfpGiddDOYAFpKa8mAb3OEs
JYm999QOxX3kWahDV7cxbD3cSKocgXlUpdfjm85mhJr73LaMWPk2qgbpRQjyJbGz
Z7cScVGmDhawYoR13dvjUvOEEsI1wG89tmhDI53aN6kEj2VtnHUzZ7LAKJV6KaJZ
iyN7pSJX0EhJS4gztbER8Jg45ebNugia7SUpATKKDTHr8hq/2ZC1Mw+lcat1bZWt
soSYFjo4/magaD2KKaBWgTtnFlgziyw9UmfaoollwRTl9gj3HGRrsa9NcQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNrNglk2Eaq4trAU8N8uCrglep5hMB8GA1UdIwQY
MBaAFHcB7kwaIm+fYkKfNXVqeJgKW0V6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHdIdVRCb2liNTlpUXA4MWRXcDRtQXBiUlhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9iNzI5OTktMDk1Mi00NTc2LWIxMTgt
MjFlNzM5NTYzNjgzLzEvMnMyQ1dUWVJxcmkyc0JUdzN5NEt1Q1Y2bm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9iNzI5OTktMDk1Mi00NTc2LWIxMTgtMjFlNzM5NTYzNjgz
LzEvZHdIdVRCb2liNTlpUXA4MWRXcDRtQXBiUlhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAW9UlAwQC
ufTEMBYEAgACMBADBwAgAQZ8JqwDBQMqDT2AMA0GCSqGSIb3DQEBCwUAA4IBAQA6
wgKBsb+buL2B/uyvtLXuRuvlj/Gum0EcZZvicbnzMsUkIcHxnvuPZGKifRBgGyjP
1FOFBSRwhSDiyKcdS6r5UZBLaO1F5iFoIvFjLCC0/uE0KX3l68LyqX9kOutwbagJ
kSfhMM5M72769wrE31PKr9YRXRk5AyZ5ngmuI4M8ecUUuu7800jcuCfjJtlI7HrC
4ZIzsYm4VpcThGbPOJ92oESBzqHs2rMkufyh/T8cuumg6Edg3KlphssEI4rRXLeh
JCh+nZTdtLAbyBXc5mHfbu9ynB21XagNWixQTPZL+Wbf10XynV6PVAGQhr4n1UQh
8qgNuAN18Ij1D881uuCx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:17 2024 by rpki-client on console-ams.rpki-client.org