Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3ESLlqyciUqLYzs1fN65ZWSvtII.roa
File: 3ESLlqyciUqLYzs1fN65ZWSvtII.roa (raw, json)
Hash identifier: POu8aJv+E3Q9a5OG+Ei0791SJsY40PZPeEtmZJVJvnA=
Subject key identifier: DC:44:8B:96:AC:9C:89:4A:8B:63:3B:35:7C:DE:B9:65:64:AF:B4:82
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191DBE95B5D3552E7484AC705068A62A394
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3ESLlqyciUqLYzs1fN65ZWSvtII.roa
Signing time: Tue 10 Sep 2024 12:29:49 +0000
ROA not before: Tue 10 Sep 2024 12:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 14:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:db:e9:5b:5d:35:52:e7:48:4a:c7:05:06:8a:62:a3:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 10 12:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc448b96ac9c894a8b633b357cdeb96564afb482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:09:96:1a:4d:e2:16:a0:96:a8:b1:31:8c:9c:
b7:b7:98:b9:14:bc:9e:55:49:fb:7b:79:b1:3e:ea:
77:fd:ad:26:c9:c2:7d:0e:79:d8:9c:27:55:b3:0b:
25:82:f6:40:9e:41:ff:5c:f2:cf:57:f9:04:72:e4:
8c:0e:33:a3:1d:af:44:dd:5e:20:dc:6c:f7:3b:ac:
11:02:2a:c9:d1:b5:19:97:16:53:87:8b:12:77:a8:
6c:3c:a5:d0:16:b1:9e:f7:88:b1:1f:d6:22:c0:17:
eb:e9:4a:b9:e0:ce:53:77:e9:70:b4:31:9b:4d:3d:
43:84:15:27:8f:3e:21:e2:39:92:55:c8:25:47:db:
aa:c5:31:32:43:3e:eb:a1:79:2a:f5:c9:19:01:e3:
57:e0:0c:68:41:16:71:bf:43:21:4a:94:a9:b0:a8:
e8:42:74:50:e0:81:19:a2:b0:b2:79:13:b3:e9:55:
76:bf:87:04:51:47:62:4b:aa:03:40:fe:b3:b1:20:
79:59:cd:d7:fd:f3:b4:22:a5:76:bf:6f:a1:48:17:
b9:71:48:de:5f:b2:42:d4:74:47:47:a3:16:cd:87:
b2:cf:c8:ad:56:63:8f:f0:1f:55:9b:98:13:00:72:
16:1a:ce:97:35:fd:35:37:3d:1e:6a:9b:ab:ca:57:
cd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:44:8B:96:AC:9C:89:4A:8B:63:3B:35:7C:DE:B9:65:64:AF:B4:82
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3ESLlqyciUqLYzs1fN65ZWSvtII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
79.110.51.0/24
94.154.162.0/24
109.206.239.0/24
193.37.40.0/24
Signature Algorithm: sha256WithRSAEncryption
92:fe:66:a4:81:8c:f0:6a:7e:52:75:e4:dd:32:b5:b6:44:41:
57:af:6d:8c:b9:ad:d6:d8:ba:c7:5e:d3:76:af:15:b2:b5:b3:
27:d2:8a:0b:bc:e4:bd:54:3c:9a:c3:fa:4a:28:9e:81:13:0f:
15:d4:ca:46:76:26:bb:35:dd:71:fd:65:14:30:ac:db:1d:c5:
ed:a7:7b:51:56:f0:22:fc:05:93:3a:c4:63:7c:03:f6:31:94:
a3:57:9e:37:79:71:be:06:9c:f0:71:b8:e4:6b:0d:cc:fc:77:
7d:11:db:86:69:86:2d:96:ad:68:d7:27:0b:8a:e4:6d:cd:bf:
6e:7d:bc:bb:fd:fa:d2:f2:ba:b4:7a:b4:59:dd:54:62:0b:47:
54:44:34:47:4c:97:ec:bd:ff:31:49:e0:2c:a4:8a:d7:01:8d:
be:08:51:6c:a4:f5:44:b7:44:fe:7a:b5:94:e8:b6:db:48:1b:
22:08:e2:02:cc:83:09:d4:20:1f:95:39:5d:c2:a0:b9:ff:7c:
55:31:b0:f0:52:ca:8b:1e:5f:12:91:cb:b9:62:a6:05:18:72:
f1:7c:73:58:e8:ca:6f:41:29:82:8d:69:23:46:47:6a:e2:02:
57:05:7b:b1:ac:84:08:de:9b:d4:d6:49:00:8c:c3:d5:a5:95:
00:f6:40:54
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZHb6VtdNVLnSErHBQaKYqOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTEwMTIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQ0OGI5NmFjOWM4OTRhOGI2MzNiMzU3Y2RlYjk2NTY0YWZiNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AmWGk3iFqCWqLExjJy3t5i5FLye
VUn7e3mxPup3/a0mycJ9DnnYnCdVswslgvZAnkH/XPLPV/kEcuSMDjOjHa9E3V4g
3Gz3O6wRAirJ0bUZlxZTh4sSd6hsPKXQFrGe94ixH9YiwBfr6Uq54M5Td+lwtDGb
TT1DhBUnjz4h4jmSVcglR9uqxTEyQz7roXkq9ckZAeNX4AxoQRZxv0MhSpSpsKjo
QnRQ4IEZorCyeROz6VV2v4cEUUdiS6oDQP6zsSB5Wc3X/fO0IqV2v2+hSBe5cUje
X7JC1HRHR6MWzYeyz8itVmOP8B9Vm5gTAHIWGs6XNf01Nz0eapurylfN6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNxEi5asnIlKi2M7NXzeuWVkr7SCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM0VTTGxxeWNpVXFMWXpzMWZONjVaV1N2dElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjv9AwQA
T24zAwQAXpqiAwQAbc7vAwQAwSUoMA0GCSqGSIb3DQEBCwUAA4IBAQCS/makgYzw
an5SdeTdMrW2REFXr22Mua3W2LrHXtN2rxWytbMn0ooLvOS9VDyaw/pKKJ6BEw8V
1MpGdia7Nd1x/WUUMKzbHcXtp3tRVvAi/AWTOsRjfAP2MZSjV543eXG+Bpzwcbjk
aw3M/Hd9EduGaYYtlq1o1ycLiuRtzb9ufby7/frS8rq0erRZ3VRiC0dURDRHTJfs
vf8xSeAspIrXAY2+CFFspPVEt0T+erWU6LbbSBsiCOICzIMJ1CAflTldwqC5/3xV
MbDwUsqLHl8Skcu5YqYFGHLxfHNY6MpvQSmCjWkjRkdq4gJXBXuxrIQI3pvU1kkA
jMPVpZUA9kBU
-----END CERTIFICATE-----
Generated at Wed Sep 11 17:40:32 2024 by rpki-client on console-fra.rpki-client.org