Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/2hwZLGTmFonyDlK8qTJmkOtlSJY.roa
File: 2hwZLGTmFonyDlK8qTJmkOtlSJY.roa (raw, json)
Hash identifier: 3P2E3k5uhzFGSSFE8kdzMTI4JAAMxqjuOEuM7WOScs0=
Subject key identifier: DA:1C:19:2C:64:E6:16:89:F2:0E:52:BC:A9:32:66:90:EB:65:48:96
Certificate issuer: /CN=33b1b31396083ce9ed51e462898e294ed8215ae7
Certificate serial: 018CC64B69471739908DDDBA08CE5465CE18
Authority key identifier: 33:B1:B3:13:96:08:3C:E9:ED:51:E4:62:89:8E:29:4E:D8:21:5A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7GzE5YIPOntUeRiiY4pTtghWuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/2hwZLGTmFonyDlK8qTJmkOtlSJY.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44092
IP address blocks: 195.36.17.0/24 maxlen: 24
195.36.16.0/24 maxlen: 24
195.36.24.0/24 maxlen: 24
195.36.18.0/24 maxlen: 24
195.36.23.0/24 maxlen: 24
195.36.21.0/24 maxlen: 24
195.36.22.0/24 maxlen: 24
195.36.19.0/24 maxlen: 24
195.36.20.0/24 maxlen: 24
195.36.31.0/24 maxlen: 24
195.36.25.0/24 maxlen: 24
195.36.30.0/24 maxlen: 24
195.36.28.0/24 maxlen: 24
195.36.29.0/24 maxlen: 24
195.36.26.0/24 maxlen: 24
195.36.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 07:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:69:47:17:39:90:8d:dd:ba:08:ce:54:65:ce:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b1b31396083ce9ed51e462898e294ed8215ae7
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da1c192c64e61689f20e52bca9326690eb654896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5d:38:f4:e7:68:9e:52:7d:78:0c:d1:c0:2f:
6d:ee:ab:80:6c:5f:de:09:4c:2b:77:95:be:d0:14:
2b:24:9b:e5:0a:b8:90:71:34:8f:ca:af:01:76:43:
5c:bc:75:98:b5:e1:2c:7d:e0:fb:30:a3:b7:63:0d:
fc:74:94:92:5c:c8:ca:2e:2d:37:63:f7:4d:e1:09:
b6:69:55:33:30:25:28:e2:1f:9c:8c:0f:29:e9:f5:
11:1b:5e:f4:bd:2a:2f:0f:a7:ca:c6:7d:48:ef:24:
03:d6:83:6c:d8:ff:1f:16:8b:30:a2:db:7e:01:df:
e2:45:b8:7f:ca:b7:c4:9d:7c:c4:12:4c:4a:96:28:
8b:8c:f7:ce:b5:5b:45:9e:86:e9:2a:db:9c:91:54:
5d:31:dc:d9:d8:7a:44:8e:00:55:b0:9c:f1:c7:4e:
90:16:03:eb:1e:b3:85:c2:db:be:28:60:6f:f8:d3:
6c:09:8d:e9:0a:56:b0:bf:c3:41:15:eb:7f:c6:da:
3d:1f:10:ef:97:8c:dd:5c:8f:52:62:c9:8a:2a:f0:
dd:89:ab:a4:2b:04:f0:97:b4:f8:04:41:31:43:b9:
f3:c3:e4:5a:e1:02:d4:cb:83:78:49:35:fe:b4:9a:
b7:6c:64:d9:14:da:86:d3:79:85:5d:b3:0b:ec:b8:
f6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1C:19:2C:64:E6:16:89:F2:0E:52:BC:A9:32:66:90:EB:65:48:96
X509v3 Authority Key Identifier:
keyid:33:B1:B3:13:96:08:3C:E9:ED:51:E4:62:89:8E:29:4E:D8:21:5A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7GzE5YIPOntUeRiiY4pTtghWuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/2hwZLGTmFonyDlK8qTJmkOtlSJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/M7GzE5YIPOntUeRiiY4pTtghWuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.36.16.0/20
Signature Algorithm: sha256WithRSAEncryption
0a:9c:ff:46:6e:e0:47:f6:73:eb:5c:d8:14:86:75:8a:30:45:
3f:53:91:80:c4:8a:f3:ac:72:1a:20:c4:7e:39:99:d6:70:08:
51:af:50:d7:11:7b:d3:6d:4f:37:75:f4:95:e3:f2:8b:70:41:
c7:19:ba:4e:88:fd:83:04:68:eb:06:d0:4f:a1:16:c6:7b:bc:
6d:fe:cf:8f:c4:0b:78:80:d7:8f:11:23:4c:0b:7e:93:ee:5d:
b3:b3:51:ae:19:6f:50:ff:02:e2:ec:70:02:e0:1b:80:24:87:
13:30:44:d2:d5:30:97:e0:63:7d:fc:af:7f:9a:97:b9:77:b6:
c5:f1:66:0f:f0:88:f2:8d:af:33:15:9a:21:54:76:aa:0c:45:
c7:96:96:9b:13:39:6a:51:e6:b6:00:90:b7:5f:80:59:36:87:
f0:7e:01:60:ca:40:43:b1:e2:86:41:be:36:df:57:1d:ab:7a:
27:ed:4a:ab:5e:85:8c:1a:70:ad:8d:f1:6c:e0:de:e4:0d:4d:
74:56:ff:48:ea:b3:7b:0c:0a:c2:80:21:3a:2a:f6:35:18:8d:
b2:fd:48:3f:70:b9:ad:62:6f:de:db:e8:87:ff:b8:ab:c5:95:
08:83:a6:62:ff:4a:ee:19:0a:41:a0:d8:97:82:06:aa:84:ad:
37:78:ca:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS2lHFzmQjd26CM5UZc4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjFiMzEzOTYwODNjZTllZDUxZTQ2Mjg5OGUyOTRlZDgy
MTVhZTcwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTFjMTkyYzY0ZTYxNjg5ZjIwZTUyYmNhOTMyNjY5MGViNjU0ODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF049OdonlJ9eAzRwC9t7quAbF/e
CUwrd5W+0BQrJJvlCriQcTSPyq8BdkNcvHWYteEsfeD7MKO3Yw38dJSSXMjKLi03
Y/dN4Qm2aVUzMCUo4h+cjA8p6fURG170vSovD6fKxn1I7yQD1oNs2P8fFoswott+
Ad/iRbh/yrfEnXzEEkxKliiLjPfOtVtFnobpKtuckVRdMdzZ2HpEjgBVsJzxx06Q
FgPrHrOFwtu+KGBv+NNsCY3pClawv8NBFet/xto9HxDvl4zdXI9SYsmKKvDdiauk
KwTwl7T4BEExQ7nzw+Ra4QLUy4N4STX+tJq3bGTZFNqG03mFXbML7Lj24wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNocGSxk5haJ8g5SvKkyZpDrZUiWMB8GA1UdIwQY
MBaAFDOxsxOWCDzp7VHkYomOKU7YIVrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdHekU1WUlQT250VWVSaWlZNHBUdGdoV3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8xY2MxZmEtMjhkZC00NGQ0LTk4YTAt
MzNlNjFiZDkxMmVhLzEvMmh3WkxHVG1Gb255RGxLOHFUSm1rT3RsU0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8xY2MxZmEtMjhkZC00NGQ0LTk4YTAtMzNlNjFiZDkxMmVh
LzEvTTdHekU1WUlQT250VWVSaWlZNHBUdGdoV3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwyQQMA0G
CSqGSIb3DQEBCwUAA4IBAQAKnP9GbuBH9nPrXNgUhnWKMEU/U5GAxIrzrHIaIMR+
OZnWcAhRr1DXEXvTbU83dfSV4/KLcEHHGbpOiP2DBGjrBtBPoRbGe7xt/s+PxAt4
gNePESNMC36T7l2zs1GuGW9Q/wLi7HAC4BuAJIcTMETS1TCX4GN9/K9/mpe5d7bF
8WYP8Ijyja8zFZohVHaqDEXHlpabEzlqUea2AJC3X4BZNofwfgFgykBDseKGQb42
31cdq3on7UqrXoWMGnCtjfFs4N7kDU10Vv9I6rN7DArCgCE6KvY1GI2y/Ug/cLmt
Ym/e2+iH/7irxZUIg6Zi/0ruGQpBoNiXggaqhK03eMpH
-----END CERTIFICATE-----
Generated at Fri Mar 8 13:55:25 2024 by rpki-client on console.sobornost.net