Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1fKjy9KppgcxVgIt6IRPRg3-Jj4.roa
File: 1fKjy9KppgcxVgIt6IRPRg3-Jj4.roa (raw, json)
Hash identifier: fR6wJdWfsMGq+q22N7t2yHGoNp3uoCO6KVdbhmNLYqg=
Subject key identifier: D5:F2:A3:CB:D2:A9:A6:07:31:56:02:2D:E8:84:4F:46:0D:FE:26:3E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DCD530EAD1318BB4D1DE9211FA4DF95C9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1fKjy9KppgcxVgIt6IRPRg3-Jj4.roa
Signing time: Wed 21 Feb 2024 20:19:48 +0000
ROA not before: Wed 21 Feb 2024 20:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60446
IP address blocks: 2.59.252.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 13:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cd:53:0e:ad:13:18:bb:4d:1d:e9:21:1f:a4:df:95:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 21 20:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5f2a3cbd2a9a6073156022de8844f460dfe263e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e0:f9:89:f4:11:04:15:64:f9:2d:fb:cf:00:
50:3d:a4:f5:12:ab:5c:22:9a:e2:5b:d2:fc:88:45:
79:6a:48:f2:5a:fa:32:d3:69:51:fc:17:eb:c4:97:
e2:0d:ae:97:46:ad:98:a4:cc:7a:c2:73:96:6b:e4:
8c:40:18:8e:14:e9:69:4b:07:75:38:2c:af:91:55:
14:48:f4:01:9a:78:94:76:42:1b:78:7e:7e:d7:8e:
bb:cb:43:72:1d:04:e2:72:44:aa:45:6f:30:73:6e:
1f:b2:dc:80:7e:2e:39:4f:76:d7:48:7c:3a:36:0f:
d1:3c:8b:fb:3b:17:eb:1a:0c:d5:7a:88:2c:fb:19:
f8:51:64:2e:b0:65:81:3b:cc:df:c7:c8:12:39:eb:
ae:62:03:6f:88:67:85:a3:d6:e6:d9:e0:64:e8:e4:
6b:82:a4:9e:74:65:e8:d8:33:a3:fc:c0:60:c8:0f:
ad:ce:d3:42:b8:bb:9b:25:25:cb:a5:02:bf:9a:d4:
cc:63:a3:a2:39:68:e5:98:0e:e0:e2:e6:b6:58:a5:
48:9e:bb:6e:d6:44:85:85:0b:cf:21:83:ab:b0:89:
ef:4a:81:95:55:33:7f:6c:af:e3:a2:53:82:73:c4:
51:16:32:f7:48:df:88:62:8e:a2:63:36:c7:cd:1e:
92:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F2:A3:CB:D2:A9:A6:07:31:56:02:2D:E8:84:4F:46:0D:FE:26:3E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1fKjy9KppgcxVgIt6IRPRg3-Jj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.252.0/24
45.9.157.0/24
45.14.164.0/24
45.149.233.0/24
Signature Algorithm: sha256WithRSAEncryption
90:97:13:9e:84:09:a3:fa:b2:86:9a:9a:cb:08:4c:a9:2b:d6:
db:6c:aa:4d:e5:96:5b:ea:3e:90:b8:20:e8:eb:8c:36:e0:fe:
4d:43:e1:d0:34:86:96:49:2c:e9:03:d5:81:93:e4:8d:b3:17:
33:89:6e:be:30:cf:ec:25:1d:fe:aa:b8:9e:08:36:c8:09:94:
42:a9:c0:34:b4:84:b4:98:51:b0:88:d1:2d:22:75:25:ad:5e:
72:32:cf:50:4d:0d:80:06:68:54:c5:de:0d:22:0b:53:e9:2a:
6d:81:9a:bc:9b:87:8a:3a:91:dc:13:de:a2:bd:65:f1:02:1a:
50:a4:60:cd:14:c9:22:e1:69:ca:8c:e2:93:99:0f:37:40:9c:
f0:8f:75:4e:3e:90:35:64:d2:6d:dc:17:2c:8f:61:c0:4e:c2:
48:39:59:b2:ce:d0:9b:76:c4:59:3f:89:e5:6d:b3:fd:57:95:
b7:ce:1e:66:b3:7e:c9:68:f4:32:ae:38:d7:cd:b3:6a:83:d1:
a2:2c:66:d2:78:34:65:9a:e7:bf:4a:e5:63:fb:8c:3f:cc:44:
18:a0:59:00:ad:ac:68:86:55:2c:3c:0c:78:1d:1e:c7:97:63:
28:fd:61:a9:9f:6d:f9:12:3d:c1:0a:e3:4d:d9:70:1c:b1:d1:
35:00:93:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3NUw6tExi7TR3pIR+k35XJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIxMjAxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWYyYTNjYmQyYTlhNjA3MzE1NjAyMmRlODg0NGY0NjBkZmUyNjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheD5ifQRBBVk+S37zwBQPaT1Eqtc
IpriW9L8iEV5akjyWvoy02lR/BfrxJfiDa6XRq2YpMx6wnOWa+SMQBiOFOlpSwd1
OCyvkVUUSPQBmniUdkIbeH5+1467y0NyHQTickSqRW8wc24fstyAfi45T3bXSHw6
Ng/RPIv7OxfrGgzVeogs+xn4UWQusGWBO8zfx8gSOeuuYgNviGeFo9bm2eBk6ORr
gqSedGXo2DOj/MBgyA+tztNCuLubJSXLpQK/mtTMY6OiOWjlmA7g4ua2WKVInrtu
1kSFhQvPIYOrsInvSoGVVTN/bK/jolOCc8RRFjL3SN+IYo6iYzbHzR6SYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNXyo8vSqaYHMVYCLeiET0YN/iY+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMWZLank5S3BwZ2N4VmdJdDZJUlBSZzMtSmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjv8AwQA
LQmdAwQALQ6kAwQALZXpMA0GCSqGSIb3DQEBCwUAA4IBAQCQlxOehAmj+rKGmprL
CEypK9bbbKpN5ZZb6j6QuCDo64w24P5NQ+HQNIaWSSzpA9WBk+SNsxcziW6+MM/s
JR3+qrieCDbICZRCqcA0tIS0mFGwiNEtInUlrV5yMs9QTQ2ABmhUxd4NIgtT6Spt
gZq8m4eKOpHcE96ivWXxAhpQpGDNFMki4WnKjOKTmQ83QJzwj3VOPpA1ZNJt3Bcs
j2HATsJIOVmyztCbdsRZP4nlbbP9V5W3zh5ms37JaPQyrjjXzbNqg9GiLGbSeDRl
mue/SuVj+4w/zEQYoFkAraxohlUsPAx4HR7Hl2Mo/WGpn235Ej3BCuNN2XAcsdE1
AJPN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:22 2024 by rpki-client on console-ams.rpki-client.org