Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4dkFtT2qDprTWEu5qw4K7AopCwQ.roa
File: 4dkFtT2qDprTWEu5qw4K7AopCwQ.roa (raw, json)
Hash identifier: 9Woo7epD1wdIClXMDrBAduHgq5uqa0ZeOnXMwuZrGM8=
Subject key identifier: E1:D9:05:B5:3D:AA:0E:9A:D3:58:4B:B9:AB:0E:0A:EC:0A:29:0B:04
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019082DA3D9541548A011B74A11E2151A084
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4dkFtT2qDprTWEu5qw4K7AopCwQ.roa
Signing time: Fri 05 Jul 2024 12:24:19 +0000
ROA not before: Fri 05 Jul 2024 12:24:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Aug 2024 06:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:da:3d:95:41:54:8a:01:1b:74:a1:1e:21:51:a0:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 5 12:24:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1d905b53daa0e9ad3584bb9ab0e0aec0a290b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:50:73:01:0e:ec:a2:7a:fa:e0:b7:76:41:69:
95:77:71:b6:0e:bc:c2:14:18:e8:af:26:0b:b8:dd:
86:4e:bc:c9:33:2e:fb:6b:60:a1:ea:4e:49:0e:c6:
e7:a0:0b:14:60:6a:6d:27:4c:9b:6b:08:1c:fe:59:
ed:a4:b6:4a:2d:be:3c:c3:bb:7e:dc:5d:68:0c:8d:
32:94:ac:ac:3b:3d:d1:07:16:b7:a4:29:ef:9e:fb:
34:ab:b3:27:fe:fd:31:0a:ee:70:85:7d:41:7f:d7:
22:c9:5b:77:3e:38:30:04:13:0c:87:32:65:19:f6:
7e:c1:4c:c3:63:09:b4:c4:fa:18:2f:d0:24:f2:fd:
9e:48:75:0e:52:77:3f:10:35:51:24:9d:2f:c4:87:
8b:13:a4:a6:41:17:29:19:a6:b4:08:9e:b5:56:91:
ed:b3:25:32:59:ad:32:c4:10:a1:91:cb:39:7d:6e:
48:67:44:3d:f8:7e:e4:6b:08:c0:0a:28:8b:7d:3e:
6f:6a:dc:d8:3d:59:b5:ad:b4:d9:ce:0e:29:b5:ef:
8b:4c:ff:61:06:1a:51:8c:14:b3:15:26:82:74:05:
4a:0a:85:91:aa:3e:e4:44:f3:26:fb:c5:4c:da:b8:
04:90:87:b4:53:1b:e3:f2:ce:69:6c:ac:56:17:a1:
96:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D9:05:B5:3D:AA:0E:9A:D3:58:4B:B9:AB:0E:0A:EC:0A:29:0B:04
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4dkFtT2qDprTWEu5qw4K7AopCwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
79.110.51.0/24
94.154.162.0/24
109.206.239.0/24
193.37.40.0/24
Signature Algorithm: sha256WithRSAEncryption
00:7c:53:d8:ae:9b:2d:31:c8:03:62:4c:e8:8f:c9:72:10:03:
89:ed:9e:37:76:04:db:83:04:b3:b9:c4:6e:83:2d:90:b8:8b:
74:66:8f:87:a2:d5:c0:47:f7:59:f7:86:6b:c5:74:b6:95:1b:
41:c5:a5:ff:23:68:92:fc:ff:7d:5c:70:9b:da:24:f3:3a:3e:
81:f4:74:0a:d2:8b:f2:b6:f3:1e:af:27:ff:c2:23:cd:2e:c7:
c4:de:d4:a9:e1:76:ed:69:d0:ee:38:67:8d:58:8a:3f:67:49:
d3:f5:3b:b3:dd:0b:2e:35:2b:c9:92:af:93:79:7c:c0:93:8a:
c2:77:ff:d1:39:16:90:55:cc:76:2b:c0:b5:30:f2:d4:2c:e1:
6c:6b:fd:2e:02:42:d2:74:39:fe:f1:5d:36:33:01:5c:f7:3f:
c0:80:12:0b:d0:81:c5:3c:bf:a5:3b:6f:03:cb:61:5b:07:88:
71:58:7c:fe:7a:11:0b:43:38:c9:d0:71:36:62:3c:14:5d:83:
bc:e5:e1:21:4c:8c:25:ed:fb:a3:65:c6:8c:d7:9d:62:7e:cb:
fe:20:c2:c6:b6:c2:aa:32:07:b7:e2:5a:40:e8:f0:b8:e3:b5:
0f:d2:7e:bc:f0:74:11:5d:fb:fe:48:90:b8:14:8b:95:a8:d1:
dc:7a:7a:02
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZCC2j2VQVSKARt0oR4hUaCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzA1MTIyNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQ5MDViNTNkYWEwZTlhZDM1ODRiYjlhYjBlMGFlYzBhMjkwYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFBzAQ7sonr64Ld2QWmVd3G2DrzC
FBjoryYLuN2GTrzJMy77a2Ch6k5JDsbnoAsUYGptJ0ybawgc/lntpLZKLb48w7t+
3F1oDI0ylKysOz3RBxa3pCnvnvs0q7Mn/v0xCu5whX1Bf9ciyVt3PjgwBBMMhzJl
GfZ+wUzDYwm0xPoYL9Ak8v2eSHUOUnc/EDVRJJ0vxIeLE6SmQRcpGaa0CJ61VpHt
syUyWa0yxBChkcs5fW5IZ0Q9+H7kawjACiiLfT5vatzYPVm1rbTZzg4pte+LTP9h
BhpRjBSzFSaCdAVKCoWRqj7kRPMm+8VM2rgEkIe0Uxvj8s5pbKxWF6GWZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOHZBbU9qg6a01hLuasOCuwKKQsEMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNGRrRnRUMnFEcHJUV0V1NXF3NEs3QW9wQ3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjv9AwQA
T24zAwQAXpqiAwQAbc7vAwQAwSUoMA0GCSqGSIb3DQEBCwUAA4IBAQAAfFPYrpst
McgDYkzoj8lyEAOJ7Z43dgTbgwSzucRugy2QuIt0Zo+HotXAR/dZ94ZrxXS2lRtB
xaX/I2iS/P99XHCb2iTzOj6B9HQK0ovytvMeryf/wiPNLsfE3tSp4XbtadDuOGeN
WIo/Z0nT9Tuz3QsuNSvJkq+TeXzAk4rCd//RORaQVcx2K8C1MPLULOFsa/0uAkLS
dDn+8V02MwFc9z/AgBIL0IHFPL+lO28Dy2FbB4hxWHz+ehELQzjJ0HE2YjwUXYO8
5eEhTIwl7fujZcaM151ifsv+IMLGtsKqMge34lpA6PC447UP0n688HQRXfv+SJC4
FIuVqNHcenoC
-----END CERTIFICATE-----
Generated at Wed Aug 7 08:50:25 2024 by rpki-client on console-ams.rpki-client.org