Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eUh8-JpKiN671oUrOQbU8OhAv3Y.roa
File: eUh8-JpKiN671oUrOQbU8OhAv3Y.roa (raw, json)
Hash identifier: g2iBs6qKZHElHErHH1b6LEsfjAQJnec7eU72f2ST464=
Subject key identifier: 79:48:7C:F8:9A:4A:88:DE:BB:D6:85:2B:39:06:D4:F0:E8:40:BF:76
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01905068F73C20964EB51505B8FC36F98C6F
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eUh8-JpKiN671oUrOQbU8OhAv3Y.roa
Signing time: Tue 25 Jun 2024 17:19:34 +0000
ROA not before: Tue 25 Jun 2024 17:19:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.91.0/24 maxlen: 24
82.115.9.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
91.132.57.0/24 maxlen: 24
159.255.32.0/22 maxlen: 24
188.214.236.0/22 maxlen: 22
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 30 Jun 2024 09:52:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:50:68:f7:3c:20:96:4e:b5:15:05:b8:fc:36:f9:8c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 25 17:19:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79487cf89a4a88debbd6852b3906d4f0e840bf76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2a:1c:a9:e4:dd:f5:3f:40:04:44:10:47:98:
cc:42:30:bd:99:47:42:30:7a:6b:22:cb:7a:b1:18:
ff:b5:86:fc:93:b6:8f:58:d2:c7:ec:c6:ad:a9:d5:
9e:56:ad:a4:08:2e:bb:d6:ed:6b:cb:e7:a8:a7:29:
4e:13:49:d8:0d:cb:7c:92:55:fc:24:06:5d:b1:ff:
dc:80:b2:ab:64:98:f8:6a:de:28:2d:59:fa:2b:82:
a5:3b:15:8c:14:77:7c:56:07:2e:55:f0:4f:d8:71:
ab:dc:73:e2:60:c5:a2:42:d7:9a:5a:8c:ec:8c:e7:
ba:85:f8:12:a3:10:00:78:05:a6:a2:1d:cb:f7:71:
86:74:0e:25:78:35:e2:f3:66:5c:52:ab:8c:03:8a:
78:a0:c8:8e:2d:b7:59:01:c9:f8:a5:7e:36:97:14:
5c:89:6b:1b:2d:16:2a:82:d0:2a:73:60:04:90:30:
8c:f0:ab:5c:b9:89:ec:b8:5b:d0:14:9e:31:3c:d1:
11:e6:21:7f:6a:56:9a:55:3a:13:f5:0d:16:de:0f:
70:11:02:14:91:29:14:e3:01:17:75:77:9e:8e:f1:
f9:01:3d:46:6c:f5:a9:34:7e:da:83:5f:20:4a:c8:
29:fa:d6:7a:0f:20:7f:ab:64:47:da:f7:71:c3:21:
bc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:48:7C:F8:9A:4A:88:DE:BB:D6:85:2B:39:06:D4:F0:E8:40:BF:76
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eUh8-JpKiN671oUrOQbU8OhAv3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.225.91.0/24
82.115.9.0/24
89.251.10.0/24
91.132.57.0/24
159.255.32.0/22
188.214.236.0/22
188.253.8.0/21
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
79:35:88:90:57:75:92:c0:bb:f4:9e:d2:cd:10:6c:24:ad:3b:
49:84:83:5b:bf:ef:57:0e:fd:91:93:9b:00:86:99:e8:01:94:
17:9b:e5:a4:4d:c0:77:7f:14:d2:b4:a1:07:b8:4c:99:93:87:
93:ba:ca:9d:da:17:54:74:5d:10:f8:d8:da:9b:7e:8f:e4:7f:
7d:62:2a:13:fa:2c:a1:69:3d:a4:34:8a:63:e0:2e:dd:ae:dc:
e8:4f:c0:d2:6b:c5:c5:4f:9d:2f:c9:85:08:54:6f:3e:40:3c:
ca:c9:d0:18:0e:35:62:18:1f:56:7c:82:2d:34:2d:e4:46:65:
60:0f:d3:6d:55:5b:f6:72:c1:5b:fd:67:8f:bc:1b:1c:2f:d1:
05:71:bc:04:b3:47:80:ab:00:58:7a:4f:51:fa:72:2d:94:0e:
5c:93:9f:43:97:ae:6e:d6:a9:33:00:07:f7:19:a7:bd:00:f0:
aa:ad:4d:eb:77:ac:4c:4b:52:ff:fc:12:bf:fd:52:b9:b3:d9:
ce:3c:a0:68:35:0d:44:de:b1:c7:f0:27:93:73:f4:94:4b:f1:
c8:96:76:41:78:d4:21:b7:a3:da:2d:5b:da:6a:b7:cf:56:48:
3f:57:d0:ae:dc:c3:8b:62:0d:52:a7:17:f0:eb:04:ba:da:65:
d2:08:00:39
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZBQaPc8IJZOtRUFuPw2+YxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjI1MTcxOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTQ4N2NmODlhNGE4OGRlYmJkNjg1MmIzOTA2ZDRmMGU4NDBiZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCocqeTd9T9ABEQQR5jMQjC9mUdC
MHprIst6sRj/tYb8k7aPWNLH7MatqdWeVq2kCC671u1ry+eopylOE0nYDct8klX8
JAZdsf/cgLKrZJj4at4oLVn6K4KlOxWMFHd8VgcuVfBP2HGr3HPiYMWiQteaWozs
jOe6hfgSoxAAeAWmoh3L93GGdA4leDXi82ZcUquMA4p4oMiOLbdZAcn4pX42lxRc
iWsbLRYqgtAqc2AEkDCM8KtcuYnsuFvQFJ4xPNER5iF/alaaVToT9Q0W3g9wEQIU
kSkU4wEXdXeejvH5AT1GbPWpNH7ag18gSsgp+tZ6DyB/q2RH2vdxwyG8jQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHlIfPiaSojeu9aFKzkG1PDoQL92MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZVVoOC1KcEtpTjY3MW9Vck9RYlU4T2hBdjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAK+FbAwQA
UnMJAwQAWfsKAwQAW4Q5AwQCn/8gAwQCvNbsAwQDvP0IAwQByoVaAwQC1a0gMA0G
CSqGSIb3DQEBCwUAA4IBAQB5NYiQV3WSwLv0ntLNEGwkrTtJhINbv+9XDv2Rk5sA
hpnoAZQXm+WkTcB3fxTStKEHuEyZk4eTusqd2hdUdF0Q+Njam36P5H99YioT+iyh
aT2kNIpj4C7drtzoT8DSa8XFT50vyYUIVG8+QDzKydAYDjViGB9WfIItNC3kRmVg
D9NtVVv2csFb/WePvBscL9EFcbwEs0eAqwBYek9R+nItlA5ck59Dl65u1qkzAAf3
Gae9APCqrU3rd6xMS1L//BK//VK5s9nOPKBoNQ1E3rHH8CeTc/SUS/HIlnZBeNQh
t6PaLVvaarfPVkg/V9Cu3MOLYg1Spxfw6wS62mXSCAA5
-----END CERTIFICATE-----
Generated at Sun Jun 30 14:05:45 2024 by rpki-client on console-fra.rpki-client.org