Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/2ywDYswGGlY1iaf1J9zviHNZJb8.roa
File: 2ywDYswGGlY1iaf1J9zviHNZJb8.roa (raw, json)
Hash identifier: upW8+DjVatTnpx6dOoidVdhmO7FBaAVEry+6euPIFkc=
Subject key identifier: DB:2C:03:62:CC:06:1A:56:35:89:A7:F5:27:DC:EF:88:73:59:25:BF
Certificate issuer: /CN=ad2cf03e44da28b7319ea7b7b5b110b9b8cb7a70
Certificate serial: 0185718319020219DCD2DAF395156EF4096D
Authority key identifier: AD:2C:F0:3E:44:DA:28:B7:31:9E:A7:B7:B5:B1:10:B9:B8:CB:7A:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/2ywDYswGGlY1iaf1J9zviHNZJb8.roa
Signing time: Mon 02 Jan 2023 08:04:55 +0000
ROA not before: Mon 02 Jan 2023 08:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2586
IP address blocks: 194.204.0.0/18 maxlen: 20
81.90.112.0/20 maxlen: 23
194.150.64.0/22 maxlen: 24
85.253.0.0/16 maxlen: 16
87.119.160.0/19 maxlen: 21
95.129.192.0/21 maxlen: 23
62.65.192.0/18 maxlen: 18
91.213.43.0/24 maxlen: 24
94.246.216.0/21 maxlen: 22
94.246.224.0/19 maxlen: 19
145.14.32.0/20 maxlen: 20
178.23.112.0/21 maxlen: 23
185.13.16.0/22 maxlen: 24
82.131.0.0/17 maxlen: 17
146.255.176.0/21 maxlen: 23
145.14.16.0/20 maxlen: 20
2001:1bf0::/29 maxlen: 29
2001:1530::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 13 Apr 2023 10:39:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:19:02:02:19:dc:d2:da:f3:95:15:6e:f4:09:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2cf03e44da28b7319ea7b7b5b110b9b8cb7a70
Validity
Not Before: Jan 2 08:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db2c0362cc061a563589a7f527dcef88735925bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6c:46:66:26:a0:b8:15:f7:18:e0:ae:3c:e7:
9c:4b:96:9f:99:95:b3:81:9d:92:56:32:f8:bb:87:
9d:ac:1d:73:b4:e2:d7:69:11:36:91:e0:1c:8b:18:
07:0f:ba:72:fd:ed:f6:ae:88:7d:0d:26:02:be:26:
c8:b2:b9:f7:33:2e:83:29:e6:8e:8d:de:f4:63:0e:
39:21:e1:97:ab:73:69:a6:7b:12:8d:3f:38:01:58:
f5:be:9a:6f:a9:5b:fd:48:cc:85:62:48:46:28:c7:
c8:70:20:fb:c4:df:d6:fb:0a:03:2f:4d:49:6a:d4:
bd:51:4c:45:b6:44:5d:dc:ba:a9:47:8a:ff:ea:1d:
ab:49:7d:33:3e:b7:21:a3:64:80:2e:40:ab:b8:55:
ce:72:39:7e:fb:0f:85:ff:61:a8:08:67:b3:61:4e:
f6:20:86:e4:76:43:2d:5e:b0:fe:4f:5e:78:cb:b0:
b9:fe:26:d7:62:d7:02:7b:1e:d6:21:ce:59:35:02:
59:b6:52:26:fe:a0:f4:6f:d3:55:6f:1d:65:2b:35:
d0:24:f8:62:6a:5b:d3:31:83:00:f4:3e:6e:ed:c0:
fd:85:de:7c:99:6b:b7:79:48:5c:f4:54:24:58:c4:
8f:75:31:32:21:c2:77:e6:55:74:18:32:39:30:db:
6c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:2C:03:62:CC:06:1A:56:35:89:A7:F5:27:DC:EF:88:73:59:25:BF
X509v3 Authority Key Identifier:
keyid:AD:2C:F0:3E:44:DA:28:B7:31:9E:A7:B7:B5:B1:10:B9:B8:CB:7A:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/2ywDYswGGlY1iaf1J9zviHNZJb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/rSzwPkTaKLcxnqe3tbEQubjLenA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.192.0/18
81.90.112.0/20
82.131.0.0/17
85.253.0.0/16
87.119.160.0/19
91.213.43.0/24
94.246.216.0-94.246.255.255
95.129.192.0/21
145.14.16.0-145.14.47.255
146.255.176.0/21
178.23.112.0/21
185.13.16.0/22
194.150.64.0/22
194.204.0.0/18
IPv6:
2001:1530::/32
2001:1bf0::/29
Signature Algorithm: sha256WithRSAEncryption
23:ee:24:47:29:70:65:c4:26:c6:78:46:4e:28:4f:23:94:5b:
8c:b6:6b:fc:47:8b:61:2d:5b:1c:cd:6d:cf:2f:0b:40:ef:33:
75:8a:fe:46:32:cc:11:fb:31:56:da:65:e2:91:06:f7:32:9e:
8b:e1:27:33:1e:1e:f7:19:ef:9d:4c:46:f7:bd:1e:41:fb:a5:
36:3d:ae:81:81:41:f7:a4:ab:46:e4:81:90:e0:0a:28:14:db:
11:7c:23:31:7f:96:a1:6c:c5:57:0a:4a:12:b4:68:2e:15:df:
cc:88:f0:fb:03:26:9d:58:2f:67:7e:7e:c7:99:59:5b:e7:a1:
ff:c4:8a:a8:c3:c6:79:32:54:27:eb:62:a5:9a:b9:72:49:ce:
d0:8b:70:84:0a:a8:7d:a8:b7:68:f7:a5:ac:d8:dc:e7:cf:53:
6e:f2:e9:31:e6:29:83:50:ba:9d:df:ae:0b:86:5e:c2:0e:47:
13:ba:fc:42:ae:f5:4c:75:cf:9e:bf:fa:4f:eb:e1:42:28:b3:
be:f8:63:55:07:9c:2d:92:68:76:7c:68:07:f7:ca:fc:03:c6:
e4:f7:5d:b1:ca:90:7e:e0:65:93:c3:8a:92:e8:5a:09:33:dc:
cd:00:3b:a6:65:cf:13:dc:6d:3b:8d:39:be:6b:ae:40:8e:b7:
88:20:72:77
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYVxgxkCAhnc0trzlRVu9AltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmNmMDNlNDRkYTI4YjczMTllYTdiN2I1YjExMGI5Yjhj
YjdhNzAwHhcNMjMwMTAyMDgwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjJjMDM2MmNjMDYxYTU2MzU4OWE3ZjUyN2RjZWY4ODczNTkyNWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmxGZiaguBX3GOCuPOecS5afmZWz
gZ2SVjL4u4edrB1ztOLXaRE2keAcixgHD7py/e32roh9DSYCvibIsrn3My6DKeaO
jd70Yw45IeGXq3NppnsSjT84AVj1vppvqVv9SMyFYkhGKMfIcCD7xN/W+woDL01J
atS9UUxFtkRd3LqpR4r/6h2rSX0zPrcho2SALkCruFXOcjl++w+F/2GoCGezYU72
IIbkdkMtXrD+T154y7C5/ibXYtcCex7WIc5ZNQJZtlIm/qD0b9NVbx1lKzXQJPhi
alvTMYMA9D5u7cD9hd58mWu3eUhc9FQkWMSPdTEyIcJ35lV0GDI5MNtsawIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFNssA2LMBhpWNYmn9Sfc74hzWSW/MB8GA1UdIwQY
MBaAFK0s8D5E2ii3MZ6nt7WxELm4y3pwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclN6d1BrVGFLTGN4bnFlM3RiRVF1YmpMZW5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9jYWUzMTktNTU3MS00NmY5LWI1N2Qt
YmUwNjVlMWFjMDY3LzEvMnl3RFlzd0dHbFkxaWFmMUo5enZpSE5aSmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9jYWUzMTktNTU3MS00NmY5LWI1N2QtYmUwNjVlMWFjMDY3
LzEvclN6d1BrVGFLTGN4bnFlM3RiRVF1YmpMZW5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiAwQGPkHA
AwQEUVpwAwQHUoMAAwMAVf0DBAVXd6ADBABb1SswCwMEA1722AMDAF72AwQDX4HA
MAwDBASRDhADBASRDiADBAOS/7ADBAOyF3ADBAK5DRADBALClkADBAbCzAAwFAQC
AAIwDgMFACABFTADBQMgARvwMA0GCSqGSIb3DQEBCwUAA4IBAQAj7iRHKXBlxCbG
eEZOKE8jlFuMtmv8R4thLVsczW3PLwtA7zN1iv5GMswR+zFW2mXikQb3Mp6L4Scz
Hh73Ge+dTEb3vR5B+6U2Pa6BgUH3pKtG5IGQ4AooFNsRfCMxf5ahbMVXCkoStGgu
Fd/MiPD7AyadWC9nfn7HmVlb56H/xIqow8Z5MlQn62KlmrlySc7Qi3CECqh9qLdo
96Ws2Nznz1Nu8ukx5imDULqd364Lhl7CDkcTuvxCrvVMdc+ev/pP6+FCKLO++GNV
B5wtkmh2fGgH98r8A8bk912xypB+4GWTw4qS6FoJM9zNADumZc8T3G07jTm+a65A
jreIIHJ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:22 2024 by rpki-client on console-fra.rpki-client.org