Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/M2jfD-GusxsD887nTw3kKi0tp4A.roa
File: M2jfD-GusxsD887nTw3kKi0tp4A.roa (raw, json)
Hash identifier: lbWvyrY649WOf2xTabk0BmXSNAwgEhOz+sHx4XF+Svc=
Subject key identifier: 33:68:DF:0F:E1:AE:B3:1B:03:F3:CE:E7:4F:0D:E4:2A:2D:2D:A7:80
Certificate issuer: /CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Certificate serial: 01856F1D9D6F268B72BA6A471E56C56C67D0
Authority key identifier: 54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/M2jfD-GusxsD887nTw3kKi0tp4A.roa
Signing time: Sun 01 Jan 2023 20:54:49 +0000
ROA not before: Sun 01 Jan 2023 20:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35394
IP address blocks: 185.220.44.0/22 maxlen: 22
185.196.56.0/22 maxlen: 22
185.186.28.0/22 maxlen: 22
185.236.168.0/22 maxlen: 22
185.172.168.0/22 maxlen: 22
185.93.152.0/22 maxlen: 22
193.27.246.0/23 maxlen: 23
193.27.248.0/23 maxlen: 23
185.245.176.0/24 maxlen: 24
80.67.44.0/22 maxlen: 22
185.245.177.0/24 maxlen: 24
185.245.178.0/24 maxlen: 24
185.245.179.0/24 maxlen: 24
213.217.24.0/22 maxlen: 22
185.79.36.0/22 maxlen: 22
45.85.136.0/22 maxlen: 22
185.72.44.0/22 maxlen: 22
185.143.96.0/22 maxlen: 22
185.240.232.0/22 maxlen: 22
130.185.88.0/21 maxlen: 21
193.161.220.0/22 maxlen: 22
194.61.16.0/22 maxlen: 22
185.93.44.0/22 maxlen: 22
185.217.204.0/22 maxlen: 22
2a03:3d60::/29 maxlen: 29
2a0c:8f80::/29 maxlen: 29
2a09:5000::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:9d:6f:26:8b:72:ba:6a:47:1e:56:c5:6c:67:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Validity
Not Before: Jan 1 20:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3368df0fe1aeb31b03f3cee74f0de42a2d2da780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:69:ea:aa:8e:3a:ce:5b:a3:38:ff:80:de:6a:
43:33:cc:7e:4c:67:49:67:0f:d6:18:a3:35:30:a5:
96:bc:dc:78:5d:10:24:4c:a4:5b:37:ea:e4:31:8e:
f4:27:cc:8d:80:e6:6d:ff:e9:46:2e:27:a7:69:ca:
e9:6e:af:b1:67:5f:47:73:2b:cd:b0:f8:13:03:04:
9a:26:a8:c2:23:04:b9:74:68:02:d5:5d:3d:d4:35:
fe:4b:3e:10:85:0e:9f:4d:d7:a9:a6:a3:b1:90:b4:
d2:62:b5:76:69:89:21:16:46:22:f2:37:97:1f:48:
d1:ac:a4:12:59:a4:d6:90:d9:e7:05:da:e3:6a:de:
bc:eb:18:18:3b:ce:00:17:19:ec:23:a9:11:98:96:
c0:14:50:08:0a:00:bc:3f:ad:e1:f3:c0:8b:52:3c:
93:79:09:7a:58:42:c2:9c:e4:10:4a:33:8d:e6:3e:
9a:bd:4a:52:ea:68:36:37:4a:b1:d5:d9:5b:52:15:
49:f9:42:31:0b:dc:b9:98:18:ac:9a:53:3d:ee:71:
ea:6c:ff:0a:df:86:7b:30:6d:76:0a:22:04:2d:91:
89:d4:fc:d6:05:f7:16:a0:65:8c:48:c1:9a:69:2d:
0e:48:14:ea:ba:57:61:3a:f0:70:dc:e0:a1:78:11:
ed:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:68:DF:0F:E1:AE:B3:1B:03:F3:CE:E7:4F:0D:E4:2A:2D:2D:A7:80
X509v3 Authority Key Identifier:
keyid:54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/M2jfD-GusxsD887nTw3kKi0tp4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/VNb_E0vWVvDOFNQQsCvsVR62miw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.136.0/22
80.67.44.0/22
130.185.88.0/21
185.72.44.0/22
185.79.36.0/22
185.93.44.0/22
185.93.152.0/22
185.143.96.0/22
185.172.168.0/22
185.186.28.0/22
185.196.56.0/22
185.217.204.0/22
185.220.44.0/22
185.236.168.0/22
185.240.232.0/22
185.245.176.0/22
193.27.246.0-193.27.249.255
193.161.220.0/22
194.61.16.0/22
213.217.24.0/22
IPv6:
2a03:3d60::/29
2a09:5000::/29
2a0c:8f80::/29
Signature Algorithm: sha256WithRSAEncryption
34:6f:57:ef:fd:02:e8:59:11:4c:19:5b:10:c2:89:d9:18:fc:
ee:05:fc:9f:8a:ec:dd:b7:81:15:8f:ae:ad:cf:01:ea:d5:7d:
88:d9:56:41:17:dc:2a:51:9b:d6:d0:b4:a4:8c:4d:aa:67:15:
85:4e:bd:de:9d:95:0f:38:dc:d5:8d:a9:fc:a2:ba:a7:40:da:
73:04:46:9f:90:75:44:f4:ed:66:a8:74:43:d9:94:00:6a:6a:
c0:9d:b2:08:eb:e2:ca:23:f1:a3:f5:69:5f:7b:fb:ad:c7:60:
7b:81:a6:55:68:b9:f2:29:01:82:e3:45:15:d2:3e:49:6d:25:
29:a2:a9:fd:50:d5:db:99:a5:e1:1f:22:10:04:fc:84:23:22:
f1:7a:4d:fd:94:cb:b9:c2:0c:48:a4:89:50:3e:5e:a8:29:09:
36:0a:4a:81:79:32:60:d4:8c:28:40:8d:75:56:81:5e:da:4b:
00:b4:a5:8f:f2:1c:87:ca:d4:d7:77:6b:c3:2f:bd:b5:be:cc:
34:d6:80:14:8a:b9:e4:4c:bd:c7:10:96:b2:bd:bc:54:15:ef:
e8:70:58:45:40:59:3e:f0:19:de:9a:61:67:7b:3d:c3:49:af:
19:0f:68:0a:b9:06:8f:66:0a:ad:7b:c6:b1:59:71:39:84:73:
ad:1a:a4:c9
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYVvHZ1vJotyumpHHlbFbGfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZDZmZjEzNGJkNjU2ZjBjZTE0ZDQxMGIwMmJlYzU1MWVi
NjlhMmMwHhcNMjMwMTAxMjA1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzY4ZGYwZmUxYWViMzFiMDNmM2NlZTc0ZjBkZTQyYTJkMmRhNzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumnqqo46zlujOP+A3mpDM8x+TGdJ
Zw/WGKM1MKWWvNx4XRAkTKRbN+rkMY70J8yNgOZt/+lGLienacrpbq+xZ19HcyvN
sPgTAwSaJqjCIwS5dGgC1V091DX+Sz4QhQ6fTdeppqOxkLTSYrV2aYkhFkYi8jeX
H0jRrKQSWaTWkNnnBdrjat686xgYO84AFxnsI6kRmJbAFFAICgC8P63h88CLUjyT
eQl6WELCnOQQSjON5j6avUpS6mg2N0qx1dlbUhVJ+UIxC9y5mBismlM97nHqbP8K
34Z7MG12CiIELZGJ1PzWBfcWoGWMSMGaaS0OSBTquldhOvBw3OCheBHt8QIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFDNo3w/hrrMbA/PO508N5CotLaeAMB8GA1UdIwQY
MBaAFFTW/xNL1lbwzhTUELAr7FUetposMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk5iX0UwdldWdkRPRk5RUXNDdnNWUjYybWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMjFlZTctNDkyNS00ZGQ2LWIyMDIt
NjQyNzhjMGQ4ZWJmLzEvTTJqZkQtR3VzeHNEODg3blR3M2tLaTB0cDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMjFlZTctNDkyNS00ZGQ2LWIyMDItNjQyNzhjMGQ4ZWJm
LzEvVk5iX0UwdldWdkRPRk5RUXNDdnNWUjYybWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBhwQCAAEwgYADBAIt
VYgDBAJQQywDBAOCuVgDBAK5SCwDBAK5TyQDBAK5XSwDBAK5XZgDBAK5j2ADBAK5
rKgDBAK5uhwDBAK5xDgDBAK52cwDBAK53CwDBAK57KgDBAK58OgDBAK59bAwDAME
AcEb9gMEAcEb+AMEAsGh3AMEAsI9EAMEAtXZGDAbBAIAAjAVAwUDKgM9YAMFAyoJ
UAADBQMqDI+AMA0GCSqGSIb3DQEBCwUAA4IBAQA0b1fv/QLoWRFMGVsQwonZGPzu
Bfyfiuzdt4EVj66tzwHq1X2I2VZBF9wqUZvW0LSkjE2qZxWFTr3enZUPONzVjan8
orqnQNpzBEafkHVE9O1mqHRD2ZQAamrAnbII6+LKI/Gj9Wlfe/utx2B7gaZVaLny
KQGC40UV0j5JbSUpoqn9UNXbmaXhHyIQBPyEIyLxek39lMu5wgxIpIlQPl6oKQk2
CkqBeTJg1IwoQI11VoFe2ksAtKWP8hyHytTXd2vDL721vsw01oAUirnkTL3HEJay
vbxUFe/ocFhFQFk+8BnemmFnez3DSa8ZD2gKuQaPZgqte8axWXE5hHOtGqTJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:32 2024 by rpki-client on console-ams.rpki-client.org