Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5GnuNwKgeHRyJwRS5GoqNBhAdLU.roa
File: 5GnuNwKgeHRyJwRS5GoqNBhAdLU.roa (raw, json)
Hash identifier: UXyVCwEEU89742dMUj3GgYPY4FlVzfre0etNVO5rMwI=
Subject key identifier: E4:69:EE:37:02:A0:78:74:72:27:04:52:E4:6A:2A:34:18:40:74:B5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DAC5C3B1C1A87774C87CAB7D2FD59FA07
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5GnuNwKgeHRyJwRS5GoqNBhAdLU.roa
Signing time: Thu 15 Feb 2024 10:42:22 +0000
ROA not before: Thu 15 Feb 2024 10:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 2.59.254.0/24 maxlen: 24
37.221.120.0/22 maxlen: 24
85.209.132.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
192.145.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 07:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:5c:3b:1c:1a:87:77:4c:87:ca:b7:d2:fd:59:fa:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 15 10:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e469ee3702a0787472270452e46a2a34184074b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f6:49:56:73:fd:e4:a9:42:31:60:32:08:7e:
fb:da:60:5e:3d:90:b0:8a:56:75:ef:9a:64:6a:38:
4a:22:7e:47:c0:89:61:6f:63:0c:a0:eb:28:85:ae:
d1:2d:31:fd:0f:84:e1:7e:aa:05:12:59:53:30:95:
f6:d2:ff:dc:a2:0a:01:32:d0:b5:c2:2b:49:7e:16:
c0:58:02:14:14:b6:6e:c0:35:0a:4c:97:a0:c1:ce:
df:9f:69:bd:26:1d:6f:3f:7b:ff:c6:d5:b6:7c:30:
6f:29:ff:34:21:a7:66:a5:15:f3:4a:90:1e:71:9e:
b4:40:1a:26:7e:02:44:44:37:b9:78:0a:93:b1:dd:
eb:d8:b5:0d:75:89:d0:07:1d:a9:51:0e:aa:8a:5b:
55:88:2a:24:79:85:ba:ff:bf:d1:3c:d1:51:73:ec:
e5:88:93:81:3f:9c:98:93:38:67:d3:96:97:b2:dd:
58:2b:2d:52:d0:18:4b:9b:7e:f2:a7:9f:48:26:d9:
38:00:bc:9b:6e:d2:23:5a:01:17:ab:a6:a1:39:2a:
9f:89:81:c9:d7:14:8d:89:20:f1:69:8a:3e:df:3b:
17:20:d6:39:b1:71:2e:bd:c8:8f:ec:8a:6b:5f:72:
74:0a:1a:25:88:24:fc:b9:e3:e4:5d:df:c9:e9:9c:
87:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:69:EE:37:02:A0:78:74:72:27:04:52:E4:6A:2A:34:18:40:74:B5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5GnuNwKgeHRyJwRS5GoqNBhAdLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.254.0/24
37.221.120.0/22
85.209.132.0/24
178.215.226.0/24
185.225.73.0/24
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
07:57:06:1c:15:93:86:e0:a4:c4:de:b3:41:19:b9:e6:38:01:
23:d2:e7:c9:9a:e5:71:ab:6a:96:e7:cf:8e:24:f6:40:c5:ec:
2d:0b:ee:05:6a:0d:fc:a1:f8:8d:70:67:3f:85:70:fb:1f:38:
7e:57:7d:6a:29:bb:f1:6d:30:09:34:95:a3:fe:ad:79:0e:0e:
65:1e:12:3f:e9:3e:21:f0:fa:08:cb:33:46:62:37:4a:08:61:
67:4a:43:36:27:b2:2b:7c:6f:00:92:59:c0:2b:ce:7d:a1:d9:
a6:df:f1:30:02:26:a2:01:88:3f:84:9e:ab:94:04:39:a8:c6:
7b:04:30:57:43:dd:d7:45:87:95:a6:5f:b6:9d:fc:c1:24:05:
d9:67:92:a0:18:17:43:89:5c:8f:72:3f:a0:f0:25:22:15:a5:
35:c3:14:3f:34:47:40:c0:9c:a0:1a:02:9c:46:94:92:b5:8c:
13:5d:84:ae:84:4e:8e:b1:bf:a4:fc:fb:73:11:db:39:7c:24:
88:00:7a:f8:5a:32:46:38:be:bb:19:43:79:6c:15:15:e0:47:
f5:72:a2:57:66:e7:d8:4d:da:0b:bf:8f:ce:d2:ae:2f:b7:86:
c4:0c:88:82:8e:1c:14:8d:b3:81:f5:35:60:de:70:d1:8e:88:
71:2a:a8:b5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2sXDscGod3TIfKt9L9WfoHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjE1MTA0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDY5ZWUzNzAyYTA3ODc0NzIyNzA0NTJlNDZhMmEzNDE4NDA3NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vZJVnP95KlCMWAyCH772mBePZCw
ilZ175pkajhKIn5HwIlhb2MMoOsoha7RLTH9D4ThfqoFEllTMJX20v/cogoBMtC1
witJfhbAWAIUFLZuwDUKTJegwc7fn2m9Jh1vP3v/xtW2fDBvKf80IadmpRXzSpAe
cZ60QBomfgJERDe5eAqTsd3r2LUNdYnQBx2pUQ6qiltViCokeYW6/7/RPNFRc+zl
iJOBP5yYkzhn05aXst1YKy1S0BhLm37yp59IJtk4ALybbtIjWgEXq6ahOSqfiYHJ
1xSNiSDxaYo+3zsXINY5sXEuvciP7IprX3J0CholiCT8uePkXd/J6ZyHowIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFORp7jcCoHh0cicEUuRqKjQYQHS1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNUdudU53S2dlSFJ5SndSUzVHb3FOQmhBZExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjv+AwQC
Jd14AwQAVdGEAwQAstfiAwQAueFJAwQCwJEcMA0GCSqGSIb3DQEBCwUAA4IBAQAH
VwYcFZOG4KTE3rNBGbnmOAEj0ufJmuVxq2qW58+OJPZAxewtC+4Fag38ofiNcGc/
hXD7Hzh+V31qKbvxbTAJNJWj/q15Dg5lHhI/6T4h8PoIyzNGYjdKCGFnSkM2J7Ir
fG8AklnAK859odmm3/EwAiaiAYg/hJ6rlAQ5qMZ7BDBXQ93XRYeVpl+2nfzBJAXZ
Z5KgGBdDiVyPcj+g8CUiFaU1wxQ/NEdAwJygGgKcRpSStYwTXYSuhE6Osb+k/Ptz
Eds5fCSIAHr4WjJGOL67GUN5bBUV4Ef1cqJXZufYTdoLv4/O0q4vt4bEDIiCjhwU
jbOB9TVg3nDRjohxKqi1
-----END CERTIFICATE-----
Generated at Tue Feb 20 12:20:05 2024 by rpki-client on console-ams.rpki-client.org