Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/2amVYBbVbyhowXlqsnS9e4P8diU.roa
File: 2amVYBbVbyhowXlqsnS9e4P8diU.roa (raw, json)
Hash identifier: L2/UH+SMWKBtr/s9t2uktrc1XJ7EuCi8e3Q4QpM4QLI=
Subject key identifier: D9:A9:95:60:16:D5:6F:28:68:C1:79:6A:B2:74:BD:7B:83:FC:76:25
Certificate issuer: /CN=73635ae36f2df4f68d3e572a313e1a18aa20b757
Certificate serial: 018570D51A321AB73921AAC6FEFD3BAA4348
Authority key identifier: 73:63:5A:E3:6F:2D:F4:F6:8D:3E:57:2A:31:3E:1A:18:AA:20:B7:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c2Na428t9PaNPlcqMT4aGKogt1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/2amVYBbVbyhowXlqsnS9e4P8diU.roa
Signing time: Mon 02 Jan 2023 04:54:52 +0000
ROA not before: Mon 02 Jan 2023 04:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49278
IP address blocks: 158.112.71.0/24 maxlen: 24
158.112.66.0/23 maxlen: 23
158.112.64.0/18 maxlen: 18
158.112.84.0/22 maxlen: 22
158.112.88.0/24 maxlen: 24
158.112.93.0/24 maxlen: 24
158.112.96.0/21 maxlen: 21
158.112.0.0/18 maxlen: 18
158.112.0.0/16 maxlen: 16
158.112.20.0/22 maxlen: 22
158.112.24.0/21 maxlen: 21
158.112.32.0/22 maxlen: 22
144.84.0.0/18 maxlen: 18
158.112.164.0/23 maxlen: 23
144.84.0.0/16 maxlen: 16
158.112.192.0/18 maxlen: 18
158.112.208.0/23 maxlen: 23
158.112.128.0/18 maxlen: 18
144.84.128.0/18 maxlen: 18
185.155.24.0/23 maxlen: 23
158.112.255.0/24 maxlen: 24
185.155.26.0/23 maxlen: 23
144.84.192.0/18 maxlen: 18
2a02:27b8:1112::/48 maxlen: 48
2a02:27ba:4000::/34 maxlen: 34
2a02:27b8:2003::/48 maxlen: 48
2a02:27b8:1::/48 maxlen: 48
2a02:27b8:2004::/48 maxlen: 48
2a02:27b8:2002::/48 maxlen: 48
2a02:27b8:1111::/48 maxlen: 48
2a02:27b8:2000::/48 maxlen: 48
2a02:27b8:4000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:1a:32:1a:b7:39:21:aa:c6:fe:fd:3b:aa:43:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73635ae36f2df4f68d3e572a313e1a18aa20b757
Validity
Not Before: Jan 2 04:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9a9956016d56f2868c1796ab274bd7b83fc7625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:06:08:d9:45:3a:34:e9:81:1c:69:e4:22:60:
d8:e2:fa:e3:c4:4d:11:17:fe:b1:2f:99:01:86:40:
cb:9f:36:4a:54:0c:a1:20:ab:5b:b5:f7:14:5a:a9:
0c:77:1c:e3:43:39:09:bf:22:27:00:34:6f:5e:7e:
0a:e1:8d:5e:e6:0a:17:a9:59:f2:7a:b0:c3:a3:5b:
59:7d:bf:5e:c0:35:7a:aa:eb:73:81:4c:f6:12:42:
a6:92:e0:4b:cd:22:f6:7e:63:65:a3:db:f1:f1:bd:
80:09:55:d6:56:dc:f7:e8:22:11:42:38:72:db:37:
2c:77:81:19:55:29:9d:81:93:64:0b:c5:14:81:9c:
e9:33:06:d2:c2:36:7f:1d:52:35:d0:18:12:c5:af:
a2:3d:9c:84:01:a4:32:85:23:dd:a5:55:b0:4a:61:
7f:e6:52:66:cb:b6:b1:83:d5:0c:9b:12:13:64:32:
36:b8:79:e7:70:b8:59:4f:34:e3:33:7c:23:b3:bf:
f2:85:fd:e5:72:f4:0c:ac:8f:0f:a8:86:5c:12:14:
2b:25:75:19:d1:f9:14:52:40:19:09:36:48:f4:64:
d7:d9:3e:67:ee:b8:62:0d:f4:15:d5:68:05:c1:15:
1d:6e:35:37:c1:25:be:61:6c:ae:b5:15:88:d0:ce:
54:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A9:95:60:16:D5:6F:28:68:C1:79:6A:B2:74:BD:7B:83:FC:76:25
X509v3 Authority Key Identifier:
keyid:73:63:5A:E3:6F:2D:F4:F6:8D:3E:57:2A:31:3E:1A:18:AA:20:B7:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2Na428t9PaNPlcqMT4aGKogt1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/2amVYBbVbyhowXlqsnS9e4P8diU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/c2Na428t9PaNPlcqMT4aGKogt1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.84.0.0/16
158.112.0.0/16
185.155.24.0/22
IPv6:
2a02:27b8:1::/48
2a02:27b8:1111::-2a02:27b8:1112:ffff:ffff:ffff:ffff:ffff
2a02:27b8:2000::/48
2a02:27b8:2002::-2a02:27b8:2004:ffff:ffff:ffff:ffff:ffff
2a02:27b8:4000::/48
2a02:27ba:4000::/34
Signature Algorithm: sha256WithRSAEncryption
4c:5f:06:3f:e1:ec:26:da:8d:ee:6b:fc:ae:22:72:a4:17:62:
01:c2:7b:57:08:f2:43:9a:31:83:c1:04:a3:a3:7f:9c:64:2d:
d0:f5:7b:94:16:96:96:1e:a0:75:97:6a:f6:30:37:1b:9f:b4:
91:28:fc:75:40:0a:5c:e6:4b:34:ba:34:7d:5f:8c:36:fe:8a:
7d:30:5d:0a:9a:72:8c:a2:85:f2:ff:05:22:ee:5c:c3:6e:f3:
e8:ce:fe:5f:80:ae:a8:7c:2a:5e:20:13:ea:e2:ef:f3:2b:df:
dc:24:b1:43:db:59:a2:5f:21:90:2f:40:ff:7e:b9:7c:a8:cc:
c0:6d:d0:ef:8a:b2:69:b0:c2:49:8e:3f:76:e6:43:5b:d8:8e:
31:b3:d7:16:39:d1:02:5e:e0:cd:2e:6b:18:21:87:e2:84:3d:
26:fb:bf:e3:7b:7f:45:87:59:87:80:a8:5d:4d:b3:ae:ba:d4:
10:f5:25:6b:01:87:cd:2e:61:a9:e1:15:93:a6:85:07:32:0d:
17:e2:2c:a7:5d:98:7a:32:18:07:93:ee:a7:69:2b:a2:57:5f:
7a:59:8a:98:e5:c6:61:f1:28:15:ec:2c:e4:1f:4a:9d:61:d1:
27:2f:e6:85:3a:d7:88:b7:be:83:ee:c5:4f:13:66:51:5d:7b:
bf:22:89:cc
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYVw1RoyGrc5IarG/v07qkNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNjM1YWUzNmYyZGY0ZjY4ZDNlNTcyYTMxM2UxYTE4YWEy
MGI3NTcwHhcNMjMwMTAyMDQ1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWE5OTU2MDE2ZDU2ZjI4NjhjMTc5NmFiMjc0YmQ3YjgzZmM3NjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQYI2UU6NOmBHGnkImDY4vrjxE0R
F/6xL5kBhkDLnzZKVAyhIKtbtfcUWqkMdxzjQzkJvyInADRvXn4K4Y1e5goXqVny
erDDo1tZfb9ewDV6qutzgUz2EkKmkuBLzSL2fmNlo9vx8b2ACVXWVtz36CIRQjhy
2zcsd4EZVSmdgZNkC8UUgZzpMwbSwjZ/HVI10BgSxa+iPZyEAaQyhSPdpVWwSmF/
5lJmy7axg9UMmxITZDI2uHnncLhZTzTjM3wjs7/yhf3lcvQMrI8PqIZcEhQrJXUZ
0fkUUkAZCTZI9GTX2T5n7rhiDfQV1WgFwRUdbjU3wSW+YWyutRWI0M5UmQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFNmplWAW1W8oaMF5arJ0vXuD/HYlMB8GA1UdIwQY
MBaAFHNjWuNvLfT2jT5XKjE+GhiqILdXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzJOYTQyOHQ5UGFOUGxjcU1UNGFHS29ndDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jMGQyODEtZDQwZC00MGUwLTkzZWEt
NWJhZTM3NWNmODVhLzEvMmFtVllCYlZieWhvd1hscXNuUzllNFA4ZGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jMGQyODEtZDQwZC00MGUwLTkzZWEtNWJhZTM3NWNmODVh
LzEvYzJOYTQyOHQ5UGFOUGxjcU1UNGFHS29ndDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazAWBAIAATAQAwMAkFQDAwCe
cAMEArmbGDBRBAIAAjBLAwcAKgInuAABMBIDBwAqAie4EREDBwAqAie4ERIDBwAq
Aie4IAAwEgMHASoCJ7ggAgMHACoCJ7ggBAMHACoCJ7hAAAMGBioCJ7pAMA0GCSqG
SIb3DQEBCwUAA4IBAQBMXwY/4ewm2o3ua/yuInKkF2IBwntXCPJDmjGDwQSjo3+c
ZC3Q9XuUFpaWHqB1l2r2MDcbn7SRKPx1QApc5ks0ujR9X4w2/op9MF0KmnKMooXy
/wUi7lzDbvPozv5fgK6ofCpeIBPq4u/zK9/cJLFD21miXyGQL0D/frl8qMzAbdDv
irJpsMJJjj925kNb2I4xs9cWOdECXuDNLmsYIYfihD0m+7/je39Fh1mHgKhdTbOu
utQQ9SVrAYfNLmGp4RWTpoUHMg0X4iynXZh6MhgHk+6naSuiV196WYqY5cZh8SgV
7CzkH0qdYdEnL+aFOteIt76D7sVPE2ZRXXu/IonM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org