Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2Xa_H9YYba7lNLs2QVHS-ypJrFk.roa
File: 2Xa_H9YYba7lNLs2QVHS-ypJrFk.roa (raw, json)
Hash identifier: NQJEjDrzv4Mg6Zg65azWFkqMvrHaQadaaPKKaKDRRIc=
Subject key identifier: D9:76:BF:1F:D6:18:6D:AE:E5:34:BB:36:41:51:D2:FB:2A:49:AC:59
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018BCB0D70CBE8C86A469F8D6FBA792B04DA
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2Xa_H9YYba7lNLs2QVHS-ypJrFk.roa
Signing time: Mon 13 Nov 2023 23:38:57 +0000
ROA not before: Mon 13 Nov 2023 23:38:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 94.190.248.0/22 maxlen: 24
185.172.20.0/22 maxlen: 24
185.64.100.0/22 maxlen: 24
185.77.250.0/23 maxlen: 24
188.240.40.0/23 maxlen: 24
188.211.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cb:0d:70:cb:e8:c8:6a:46:9f:8d:6f:ba:79:2b:04:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Nov 13 23:38:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d976bf1fd6186daee534bb364151d2fb2a49ac59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1e:40:93:98:48:d4:d4:aa:e8:a4:9b:a8:9e:
19:a3:45:be:92:6f:f4:7e:03:75:53:a3:fe:4c:95:
8e:f0:d8:2b:23:73:9a:48:84:6f:47:29:31:f5:0f:
3f:9b:c3:dc:8f:a7:cd:34:42:b8:cd:0a:46:80:be:
75:85:a2:e1:5e:1a:e8:99:62:95:37:18:15:85:f6:
37:d0:df:c6:40:a4:25:b5:a9:63:3b:14:1d:50:92:
e6:04:65:53:98:4c:db:a4:74:0b:6d:90:f7:42:10:
d2:e3:41:14:45:30:57:a3:df:b0:b4:cd:c6:5a:4a:
ac:d7:85:07:0e:f8:2c:61:4e:ef:9b:ce:54:72:ac:
84:63:98:b0:ce:45:5f:a5:db:e3:f8:10:e4:20:af:
26:0c:f7:0f:1b:3a:6a:52:b1:b9:77:42:e7:ac:87:
3c:c8:6c:8b:35:cd:ef:57:68:1e:bc:d9:7f:66:80:
73:15:9c:49:b6:a4:d7:7a:fe:01:ac:4c:dd:97:9d:
95:28:fa:ca:1f:70:9c:f1:c5:93:b4:2f:f4:9d:1e:
56:d8:e5:cf:e6:41:58:df:90:3e:5f:8b:03:12:73:
c5:1e:3a:65:d0:47:a3:54:06:dd:dd:a4:ec:a9:91:
d2:45:ea:f2:ed:e8:cd:8b:a6:dd:18:54:4f:15:26:
e4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:76:BF:1F:D6:18:6D:AE:E5:34:BB:36:41:51:D2:FB:2A:49:AC:59
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2Xa_H9YYba7lNLs2QVHS-ypJrFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.190.248.0/22
185.64.100.0/22
185.77.250.0/23
185.172.20.0/22
188.211.252.0/24
188.240.40.0/23
Signature Algorithm: sha256WithRSAEncryption
89:39:fc:0f:60:5b:61:2b:8f:74:6c:68:b1:5c:66:54:44:8e:
f1:18:08:a4:b5:01:91:d4:fd:cc:c8:86:13:1f:4d:94:28:f8:
27:e1:96:56:f8:83:f9:be:5b:7d:65:8a:f4:df:2c:49:6c:ca:
d6:d7:03:53:a5:21:aa:b7:7f:f9:14:53:e8:d3:fc:a7:f6:6f:
db:8d:c4:5c:6b:14:7f:92:22:87:a5:b0:71:d4:d1:e1:fe:8e:
32:ed:5a:e8:15:e1:9f:cf:30:b8:a7:9e:3b:ad:fc:5b:49:1c:
ce:89:77:e5:cd:5a:ca:80:a5:c7:28:1d:6e:ec:a7:7f:22:6a:
ea:8a:c6:8d:e0:c6:23:3d:b7:7e:0d:91:ac:a7:49:4d:ff:96:
0a:99:e3:86:36:b6:e9:23:4f:6e:27:9e:69:d5:1c:57:06:50:
2f:74:0e:84:c6:63:32:c5:c4:d9:24:d6:6c:ed:d9:4a:99:71:
fc:91:e6:37:81:9e:c8:f0:48:fb:7e:2c:ce:91:0a:7f:50:23:
e2:b7:19:9c:51:cc:aa:b4:9f:67:45:24:ac:2f:5d:bb:41:93:
2b:56:1e:39:fd:21:cc:f7:b8:45:e9:c3:2e:9e:2c:e7:68:a3:
9f:3d:00:21:90:19:18:bf:ff:ca:52:1e:ae:22:7f:43:19:d6:
e7:50:5a:30
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYvLDXDL6MhqRp+Nb7p5KwTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMTEzMjMzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc2YmYxZmQ2MTg2ZGFlZTUzNGJiMzY0MTUxZDJmYjJhNDlhYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh5Ak5hI1NSq6KSbqJ4Zo0W+km/0
fgN1U6P+TJWO8NgrI3OaSIRvRykx9Q8/m8Pcj6fNNEK4zQpGgL51haLhXhromWKV
NxgVhfY30N/GQKQltaljOxQdUJLmBGVTmEzbpHQLbZD3QhDS40EURTBXo9+wtM3G
Wkqs14UHDvgsYU7vm85UcqyEY5iwzkVfpdvj+BDkIK8mDPcPGzpqUrG5d0LnrIc8
yGyLNc3vV2gevNl/ZoBzFZxJtqTXev4BrEzdl52VKPrKH3Cc8cWTtC/0nR5W2OXP
5kFY35A+X4sDEnPFHjpl0EejVAbd3aTsqZHSRery7ejNi6bdGFRPFSbkmQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNl2vx/WGG2u5TS7NkFR0vsqSaxZMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvMlhhX0g5WVliYTdsTkxzMlFWSFMteXBKckZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCXr74AwQC
uUBkAwQBuU36AwQCuawUAwQAvNP8AwQBvPAoMA0GCSqGSIb3DQEBCwUAA4IBAQCJ
OfwPYFthK490bGixXGZURI7xGAiktQGR1P3MyIYTH02UKPgn4ZZW+IP5vlt9ZYr0
3yxJbMrW1wNTpSGqt3/5FFPo0/yn9m/bjcRcaxR/kiKHpbBx1NHh/o4y7VroFeGf
zzC4p547rfxbSRzOiXflzVrKgKXHKB1u7Kd/ImrqisaN4MYjPbd+DZGsp0lN/5YK
meOGNrbpI09uJ55p1RxXBlAvdA6ExmMyxcTZJNZs7dlKmXH8keY3gZ7I8Ej7fizO
kQp/UCPitxmcUcyqtJ9nRSSsL127QZMrVh45/SHM97hF6cMuniznaKOfPQAhkBkY
v//KUh6uIn9DGdbnUFow
-----END CERTIFICATE-----
Generated at Fri Dec 1 09:52:56 2023 by rpki-client on console-fra.rpki-client.org