Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/25Run3szP8ihVm2Uv-fbeI3Uyug.roa
File: 25Run3szP8ihVm2Uv-fbeI3Uyug.roa (raw, json)
Hash identifier: sxuTYEBgwCswcr/kFIYGHpqghcNbjT/Q+ST7qQcYVYE=
Subject key identifier: DB:94:6E:9F:7B:33:3F:C8:A1:56:6D:94:BF:E7:DB:78:8D:D4:CA:E8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019041091DC9122520368C5513190018B98C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/25Run3szP8ihVm2Uv-fbeI3Uyug.roa
Signing time: Sat 22 Jun 2024 17:40:34 +0000
ROA not before: Sat 22 Jun 2024 17:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214783
IP address blocks: 2.59.252.0/25 maxlen: 25
Validation: Failed, certificate revoked on Sun 23 Jun 2024 05:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:41:09:1d:c9:12:25:20:36:8c:55:13:19:00:18:b9:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 22 17:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db946e9f7b333fc8a1566d94bfe7db788dd4cae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cb:e0:41:15:82:45:8e:ad:fc:10:2e:e6:96:
3e:c5:75:b3:20:91:36:30:a2:96:85:09:9e:d4:79:
5c:54:11:52:d5:e6:be:56:5a:45:ff:ce:1b:53:50:
57:24:2e:07:5c:22:14:ac:80:96:ef:3e:e1:0c:15:
30:76:de:21:8c:87:b3:c2:4b:14:97:e9:1a:c0:44:
1a:63:1b:d4:0c:5c:1f:35:9d:cc:61:02:d6:53:8f:
2a:d1:1f:5f:ed:f1:69:24:b0:5c:4f:8f:65:95:30:
ed:69:96:a6:b0:b7:38:10:07:8c:46:07:5a:cf:9f:
e6:7f:86:1e:62:59:2f:fe:49:90:a0:ab:eb:a4:87:
ea:1b:89:87:f7:1d:c3:e6:51:cf:5d:a7:8e:28:33:
c0:31:c7:41:67:b9:d5:e1:53:94:bb:1c:f1:cf:fc:
a0:d4:0d:e1:40:3e:a6:c8:d7:48:b6:b3:98:7e:e0:
07:fb:f0:73:a5:dc:c4:5a:a3:dc:44:5a:cc:55:9f:
0c:ea:2b:3a:0d:6f:ec:c8:b3:1c:92:a4:4c:9d:fa:
d8:49:31:eb:61:7c:55:a2:1a:ef:e1:fc:47:cc:82:
7a:de:c8:be:c1:ab:69:ca:7c:96:7a:00:ac:a0:06:
6b:40:cf:46:6b:97:e0:71:d0:9c:2b:71:fa:4a:36:
eb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:94:6E:9F:7B:33:3F:C8:A1:56:6D:94:BF:E7:DB:78:8D:D4:CA:E8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/25Run3szP8ihVm2Uv-fbeI3Uyug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.252.0/25
Signature Algorithm: sha256WithRSAEncryption
71:e3:05:f9:3d:24:b2:f0:ea:92:74:98:7c:58:40:fd:28:6e:
ab:4d:8c:e2:47:8f:c1:67:c2:91:f9:89:66:82:08:0b:b9:4d:
c1:b4:a3:eb:c4:3a:04:a6:8b:dd:2f:e2:24:f5:79:1e:e0:a1:
15:a9:99:19:16:49:51:b0:07:e8:68:f8:a3:24:31:5d:1e:33:
99:49:f2:08:96:26:33:04:0a:8d:4c:60:60:e2:5c:ed:25:de:
b5:a9:bb:80:d1:36:f7:53:64:67:c5:47:ae:1e:f6:34:34:82:
a5:b5:23:f2:12:de:30:cd:16:eb:67:56:ca:05:14:b1:7b:8d:
62:4e:8e:0b:f3:bc:7b:81:aa:2d:d0:30:44:b4:c1:1d:06:87:
06:c8:8b:43:67:8b:10:e2:71:0f:7b:ea:32:c6:c6:7d:da:5e:
25:bf:21:80:9a:86:ec:6c:47:6b:f9:3c:fa:29:af:13:c9:3a:
39:09:ca:e8:f0:65:e0:cd:35:b5:a9:5f:f1:94:b3:e0:4c:64:
40:19:ef:a8:86:7c:89:69:cb:06:21:ba:bd:39:8f:82:53:ed:
8a:06:56:46:3b:06:ce:a2:2d:61:57:d3:ab:c9:f3:ac:a5:41:
72:9a:aa:1f:de:ab:af:c0:f0:13:7e:a6:ff:8b:47:8b:ce:b9:
f1:c0:6d:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBBCR3JEiUgNoxVExkAGLmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjIyMTc0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjk0NmU5ZjdiMzMzZmM4YTE1NjZkOTRiZmU3ZGI3ODhkZDRjYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcvgQRWCRY6t/BAu5pY+xXWzIJE2
MKKWhQme1HlcVBFS1ea+VlpF/84bU1BXJC4HXCIUrICW7z7hDBUwdt4hjIezwksU
l+kawEQaYxvUDFwfNZ3MYQLWU48q0R9f7fFpJLBcT49llTDtaZamsLc4EAeMRgda
z5/mf4YeYlkv/kmQoKvrpIfqG4mH9x3D5lHPXaeOKDPAMcdBZ7nV4VOUuxzxz/yg
1A3hQD6myNdItrOYfuAH+/BzpdzEWqPcRFrMVZ8M6is6DW/syLMckqRMnfrYSTHr
YXxVohrv4fxHzIJ63si+watpynyWegCsoAZrQM9Ga5fgcdCcK3H6SjbrfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNuUbp97Mz/IoVZtlL/n23iN1MroMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMjVSdW4zc3pQOGloVm0yVXYtZmJlSTNVeXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHAjv8ADAN
BgkqhkiG9w0BAQsFAAOCAQEAceMF+T0ksvDqknSYfFhA/Shuq02M4kePwWfCkfmJ
ZoIIC7lNwbSj68Q6BKaL3S/iJPV5HuChFamZGRZJUbAH6Gj4oyQxXR4zmUnyCJYm
MwQKjUxgYOJc7SXetam7gNE291NkZ8VHrh72NDSCpbUj8hLeMM0W62dWygUUsXuN
Yk6OC/O8e4GqLdAwRLTBHQaHBsiLQ2eLEOJxD3vqMsbGfdpeJb8hgJqG7GxHa/k8
+imvE8k6OQnK6PBl4M01talf8ZSz4ExkQBnvqIZ8iWnLBiG6vTmPglPtigZWRjsG
zqItYVfTq8nzrKVBcpqqH96rr8DwE36m/4tHi8658cBtnQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 06:17:19 2024 by rpki-client on console-fra.rpki-client.org