Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/AMcNxl4OWhqxh_Qgwh0YeQ0I1ys.roa
File: AMcNxl4OWhqxh_Qgwh0YeQ0I1ys.roa (raw, json)
Hash identifier: bLOKD37ut4CmT1k1PFfhziL06AqFXl11lY/Um1SOT0Y=
Subject key identifier: 00:C7:0D:C6:5E:0E:5A:1A:B1:87:F4:20:C2:1D:18:79:0D:08:D7:2B
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 01944A5E431610BA1957DE81CA6BFBFF3343
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/AMcNxl4OWhqxh_Qgwh0YeQ0I1ys.roa
Signing time: Thu 09 Jan 2025 09:21:18 +0000
ROA not before: Thu 09 Jan 2025 09:21:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 2.59.22.0/24 maxlen: 24
212.104.140.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
213.254.179.0/24 maxlen: 24
2a01:e943::/48 maxlen: 48
2a01:e945::/48 maxlen: 48
2a01:e947::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Jan 2025 20:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:5e:43:16:10:ba:19:57:de:81:ca:6b:fb:ff:33:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jan 9 09:21:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00c70dc65e0e5a1ab187f420c21d18790d08d72b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:52:89:20:58:cf:e9:fc:e0:e5:f0:4f:99:c8:
53:35:3d:2b:cc:ad:9f:b3:72:0f:d0:1f:c4:1a:d1:
ba:0e:fd:57:a9:13:df:6a:77:8b:8f:e1:65:32:a4:
2b:69:01:8d:83:2a:07:bb:4a:eb:e1:dc:20:9e:ea:
19:13:d7:5c:73:91:01:cc:45:4d:27:f3:9a:2f:a7:
21:d9:0f:52:69:0c:09:d8:42:ad:77:2a:56:30:ee:
33:95:a8:af:d6:8b:50:73:e1:f9:5e:40:5e:4c:c0:
71:ff:da:74:7d:44:c7:5a:72:3e:51:9f:d9:3d:61:
56:b8:3a:11:f2:fc:90:b3:1d:65:40:27:34:44:f5:
bf:0e:75:77:f7:d8:15:cc:1d:ca:e0:54:fa:60:27:
91:c7:25:6d:cd:06:8b:94:7a:58:16:78:46:d2:aa:
e4:f3:d3:5a:fe:71:9a:78:e2:6a:77:08:fd:b3:18:
b0:5c:43:84:d9:95:f5:af:5e:4e:60:89:c1:74:74:
8b:ec:6b:26:02:4c:7e:02:44:ab:85:35:7c:49:a4:
ad:1e:df:fb:81:6a:b3:4d:da:72:f9:7f:cc:1d:90:
1c:f1:03:96:2f:10:4b:16:72:61:96:b4:5e:0e:d5:
a5:9f:de:7e:5f:07:d5:04:3a:1c:ac:2f:37:ac:df:
2e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C7:0D:C6:5E:0E:5A:1A:B1:87:F4:20:C2:1D:18:79:0D:08:D7:2B
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/AMcNxl4OWhqxh_Qgwh0YeQ0I1ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
212.104.140.0/23
213.254.179.0/24
IPv6:
2a01:e943::/48
2a01:e945::/48
2a01:e947::/48
Signature Algorithm: sha256WithRSAEncryption
3c:52:0c:c7:e5:89:1e:d8:76:33:76:c6:f8:4d:6a:17:2e:0b:
e6:7e:c4:0c:9f:b8:9e:61:af:58:2e:33:be:fc:f9:8c:e5:3e:
d7:cc:a1:18:87:3a:10:a8:ab:c0:94:bc:4f:3f:73:11:8c:fa:
d9:81:63:8c:6d:b0:57:e3:2a:50:db:d3:0d:e9:19:66:5f:6a:
2d:e5:84:8c:82:1b:10:a1:74:46:57:a9:8f:62:0a:54:df:f4:
ec:d9:46:fa:61:8e:0c:4e:4c:27:f4:bd:15:4a:92:cc:c7:7a:
d0:bd:a2:48:a5:e1:02:1b:77:d7:2b:21:8b:5b:b3:c8:be:de:
2d:22:e2:61:84:e6:55:74:08:c1:8b:d9:2b:dc:d7:2d:7f:7c:
01:66:e6:8a:94:f0:f5:84:19:72:18:3f:13:7e:b1:92:d8:c6:
0e:c1:63:e3:5f:72:dd:72:6c:a8:17:dd:f8:e2:6e:f0:87:47:
82:f9:94:65:6d:6d:5e:26:19:e0:b4:eb:b4:97:6c:10:57:77:
a6:08:eb:32:ad:61:62:c3:27:97:88:96:aa:cc:61:df:0d:5f:
a6:42:09:73:6b:10:a7:f0:f4:77:0d:70:55:a3:c4:b8:b1:ee:
0f:a1:7f:b5:43:f3:fa:49:40:09:3e:ee:39:f0:69:8f:78:4b:
b7:da:9b:a9
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZRKXkMWELoZV96Bymv7/zNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMTA5MDkyMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGM3MGRjNjVlMGU1YTFhYjE4N2Y0MjBjMjFkMTg3OTBkMDhkNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlKJIFjP6fzg5fBPmchTNT0rzK2f
s3IP0B/EGtG6Dv1XqRPfaneLj+FlMqQraQGNgyoHu0rr4dwgnuoZE9dcc5EBzEVN
J/OaL6ch2Q9SaQwJ2EKtdypWMO4zlaiv1otQc+H5XkBeTMBx/9p0fUTHWnI+UZ/Z
PWFWuDoR8vyQsx1lQCc0RPW/DnV399gVzB3K4FT6YCeRxyVtzQaLlHpYFnhG0qrk
89Na/nGaeOJqdwj9sxiwXEOE2ZX1r15OYInBdHSL7GsmAkx+AkSrhTV8SaStHt/7
gWqzTdpy+X/MHZAc8QOWLxBLFnJhlrReDtWln95+XwfVBDocrC83rN8umQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFADHDcZeDloasYf0IMIdGHkNCNcrMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvQU1jTnhsNE9XaHF4aF9RZ3doMFllUTBJMXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAAjsWAwQB
1GiMAwQA1f6zMCEEAgACMBsDBwAqAelDAAADBwAqAelFAAADBwAqAelHAAAwDQYJ
KoZIhvcNAQELBQADggEBADxSDMfliR7YdjN2xvhNahcuC+Z+xAyfuJ5hr1guM778
+YzlPtfMoRiHOhCoq8CUvE8/cxGM+tmBY4xtsFfjKlDb0w3pGWZfai3lhIyCGxCh
dEZXqY9iClTf9OzZRvphjgxOTCf0vRVKkszHetC9okil4QIbd9crIYtbs8i+3i0i
4mGE5lV0CMGL2Svc1y1/fAFm5oqU8PWEGXIYPxN+sZLYxg7BY+Nfct1ybKgX3fji
bvCHR4L5lGVtbV4mGeC067SXbBBXd6YI6zKtYWLDJ5eIlqrMYd8NX6ZCCXNrEKfw
9HcNcFWjxLix7g+hf7VD8/pJQAk+7jnwaY94S7fam6k=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:32:14 2025 by rpki-client