Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/2VdXUWLu415DZvvDWC-i2xhKghQ.roa
File: 2VdXUWLu415DZvvDWC-i2xhKghQ.roa (raw, json)
Hash identifier: +vD7DMlwdszNctgv5cbPZL4QpElAI9dY8UZ7HZuUqUw=
Subject key identifier: D9:57:57:51:62:EE:E3:5E:43:66:FB:C3:58:2F:A2:DB:18:4A:82:14
Certificate issuer: /CN=2b7ab6569de78d3c4a082fde6dd1d6a3f0d509c2
Certificate serial: 018CCA2A3390E4430C59A0C2A82B7B44129C
Authority key identifier: 2B:7A:B6:56:9D:E7:8D:3C:4A:08:2F:DE:6D:D1:D6:A3:F0:D5:09:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3q2Vp3njTxKCC_ebdHWo_DVCcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/2VdXUWLu415DZvvDWC-i2xhKghQ.roa
Signing time: Tue 02 Jan 2024 12:33:32 +0000
ROA not before: Tue 02 Jan 2024 12:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201540
IP address blocks: 185.120.192.0/22 maxlen: 22
185.120.196.0/22 maxlen: 22
185.120.200.0/24 maxlen: 24
185.120.201.0/24 maxlen: 24
185.120.202.0/24 maxlen: 24
185.120.203.0/24 maxlen: 24
185.120.208.0/22 maxlen: 22
185.71.192.0/23 maxlen: 23
185.71.194.0/23 maxlen: 23
185.109.75.0/24 maxlen: 24
185.109.72.0/24 maxlen: 24
185.109.73.0/24 maxlen: 24
185.112.168.0/22 maxlen: 22
185.109.74.0/24 maxlen: 24
185.109.80.0/23 maxlen: 23
185.109.82.0/23 maxlen: 23
185.111.8.0/22 maxlen: 22
185.111.12.0/22 maxlen: 22
185.120.216.0/22 maxlen: 22
185.120.224.0/22 maxlen: 22
185.120.232.0/22 maxlen: 22
185.120.240.0/22 maxlen: 22
185.109.61.0/24 maxlen: 24
185.109.62.0/23 maxlen: 23
185.109.60.0/24 maxlen: 24
185.111.136.0/22 maxlen: 22
185.111.64.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 21 Feb 2024 04:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:33:90:e4:43:0c:59:a0:c2:a8:2b:7b:44:12:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b7ab6569de78d3c4a082fde6dd1d6a3f0d509c2
Validity
Not Before: Jan 2 12:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d957575162eee35e4366fbc3582fa2db184a8214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:27:81:7a:52:81:3b:b6:9d:17:1b:8c:d0:95:
4b:62:05:b0:a6:13:e9:ac:2b:14:87:29:82:f5:61:
5d:94:86:6b:af:ef:e2:1e:51:e6:76:34:19:49:05:
50:e3:b3:4a:38:c7:ae:63:1b:d5:23:9a:fc:71:eb:
30:ca:40:89:ed:69:85:64:64:d9:78:c3:b5:11:9f:
ba:45:ef:6c:43:1b:a7:8c:09:61:21:1a:37:23:e1:
eb:3d:93:db:40:1e:74:67:84:fd:85:ff:57:d7:32:
90:7b:aa:76:0f:2c:30:8c:22:a9:e7:f1:3e:8d:ac:
59:52:4a:6f:b7:00:ae:e7:cc:0e:92:05:e9:38:c3:
ba:12:ba:ae:9b:bf:f9:d8:fb:f2:6d:c4:1c:c2:9e:
76:0f:92:20:fc:cf:43:b7:86:35:60:08:c9:f0:20:
f4:d2:90:4d:9c:9e:84:41:80:06:c2:27:67:1d:a3:
2c:68:0d:dd:4e:d2:1b:3e:55:02:3a:61:8d:e1:fb:
f6:d9:42:44:e3:7d:c3:4b:38:f0:a1:c8:b7:f7:16:
84:79:c8:e2:32:8b:32:04:92:f3:8a:3e:df:6c:69:
fe:68:c0:83:61:48:23:e6:64:cc:8b:90:7f:9a:4a:
75:e3:57:65:f3:fa:fa:02:12:8f:c6:71:22:55:8a:
de:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:57:57:51:62:EE:E3:5E:43:66:FB:C3:58:2F:A2:DB:18:4A:82:14
X509v3 Authority Key Identifier:
keyid:2B:7A:B6:56:9D:E7:8D:3C:4A:08:2F:DE:6D:D1:D6:A3:F0:D5:09:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3q2Vp3njTxKCC_ebdHWo_DVCcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/2VdXUWLu415DZvvDWC-i2xhKghQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/K3q2Vp3njTxKCC_ebdHWo_DVCcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.192.0/22
185.109.60.0/22
185.109.72.0/22
185.109.80.0/22
185.111.8.0/21
185.111.64.0/23
185.111.136.0/22
185.112.168.0/22
185.120.192.0-185.120.203.255
185.120.208.0/22
185.120.216.0/22
185.120.224.0/22
185.120.232.0/22
185.120.240.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:2f:78:3b:f7:e1:db:5e:ce:a0:89:e5:5e:34:df:9f:65:67:
1b:86:54:f8:a3:39:cc:b0:0c:b8:c2:aa:c7:de:d4:fa:48:d6:
f4:8a:2e:d4:4d:24:da:6e:9c:ad:a2:15:3c:a6:76:17:5b:08:
81:a4:ce:89:55:69:14:e8:62:11:78:6b:5e:ed:80:48:79:e2:
b3:73:cf:0d:70:af:b0:b0:03:d5:f1:f4:bc:d4:fe:c9:94:8d:
45:19:19:94:98:18:f7:6f:9b:41:fa:2e:00:91:3d:85:a9:d1:
44:dd:d4:a9:fb:8c:8b:8a:f9:0a:03:af:bd:6b:24:87:e8:e7:
9b:82:04:72:6c:2a:62:8f:d1:84:20:35:d7:a6:87:63:e7:98:
20:07:09:5b:65:ca:32:43:4a:a6:42:93:b7:b1:6c:9c:4d:09:
7d:b0:e9:13:b8:81:82:8a:cc:9b:c5:5e:4e:04:cf:f2:6c:71:
7a:da:33:6c:f8:fd:98:43:a9:d8:60:42:1d:01:1d:16:78:66:
20:f1:20:85:70:88:d8:bd:2b:2d:09:a2:3b:7a:79:65:a6:8d:
d8:59:6b:0b:69:3d:52:78:2b:bb:33:11:c4:b4:e1:62:70:07:
93:74:c2:b0:53:7f:d0:e5:4d:2f:2c:b3:26:48:49:e9:e1:b5:
d4:7b:e9:ab
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYzKKjOQ5EMMWaDCqCt7RBKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2FiNjU2OWRlNzhkM2M0YTA4MmZkZTZkZDFkNmEzZjBk
NTA5YzIwHhcNMjQwMTAyMTIzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU3NTc1MTYyZWVlMzVlNDM2NmZiYzM1ODJmYTJkYjE4NGE4MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgieBelKBO7adFxuM0JVLYgWwphPp
rCsUhymC9WFdlIZrr+/iHlHmdjQZSQVQ47NKOMeuYxvVI5r8ceswykCJ7WmFZGTZ
eMO1EZ+6Re9sQxunjAlhIRo3I+HrPZPbQB50Z4T9hf9X1zKQe6p2DywwjCKp5/E+
jaxZUkpvtwCu58wOkgXpOMO6Erqum7/52PvybcQcwp52D5Ig/M9Dt4Y1YAjJ8CD0
0pBNnJ6EQYAGwidnHaMsaA3dTtIbPlUCOmGN4fv22UJE433DSzjwoci39xaEecji
MosyBJLzij7fbGn+aMCDYUgj5mTMi5B/mkp141dl8/r6AhKPxnEiVYrekQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFNlXV1Fi7uNeQ2b7w1gvotsYSoIUMB8GA1UdIwQY
MBaAFCt6tlad5408Sggv3m3R1qPw1QnCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzNxMlZwM25qVHhLQ0NfZWJkSFdvX0RWQ2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82ZTQ1NDQtZTY1Zi00YmYwLTk0Yzgt
M2ZjOTY1OTRiNGM1LzEvMlZkWFVXTHU0MTVEWnZ2RFdDLWkyeGhLZ2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82ZTQ1NDQtZTY1Zi00YmYwLTk0YzgtM2ZjOTY1OTRiNGM1
LzEvSzNxMlZwM25qVHhLQ0NfZWJkSFdvX0RWQ2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQCuUfAAwQC
uW08AwQCuW1IAwQCuW1QAwQDuW8IAwQBuW9AAwQCuW+IAwQCuXCoMAwDBAa5eMAD
BAK5eMgDBAK5eNADBAK5eNgDBAK5eOADBAK5eOgDBAK5ePAwDQYJKoZIhvcNAQEL
BQADggEBAHsveDv34dtezqCJ5V40359lZxuGVPijOcywDLjCqsfe1PpI1vSKLtRN
JNpunK2iFTymdhdbCIGkzolVaRToYhF4a17tgEh54rNzzw1wr7CwA9Xx9LzU/smU
jUUZGZSYGPdvm0H6LgCRPYWp0UTd1Kn7jIuK+QoDr71rJIfo55uCBHJsKmKP0YQg
Ndemh2PnmCAHCVtlyjJDSqZCk7exbJxNCX2w6RO4gYKKzJvFXk4Ez/JscXraM2z4
/ZhDqdhgQh0BHRZ4ZiDxIIVwiNi9Ky0Jojt6eWWmjdhZawtpPVJ4K7szEcS04WJw
B5N0wrBTf9DlTS8ssyZISenhtdR76as=
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:09:35 2025 by rpki-client