Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NQ2fgIqVINgt3zRk5AIzpjItNBk.roa
File: NQ2fgIqVINgt3zRk5AIzpjItNBk.roa (raw, json)
Hash identifier: Ksm03ncXfrO8Noscj6QUIWs8N2JVo7YWOEgFuUbD6Vk=
Subject key identifier: 35:0D:9F:80:8A:95:20:D8:2D:DF:34:64:E4:02:33:A6:32:2D:34:19
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018963AF7B6F9FB62CACF3FCDFE6E8981E9A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NQ2fgIqVINgt3zRk5AIzpjItNBk.roa
Signing time: Mon 17 Jul 2023 11:49:52 +0000
ROA not before: Mon 17 Jul 2023 11:49:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202685
IP address blocks: 2.58.95.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jul 2023 05:04:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:af:7b:6f:9f:b6:2c:ac:f3:fc:df:e6:e8:98:1e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 17 11:49:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=350d9f808a9520d82ddf3464e40233a6322d3419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:0f:f9:28:93:11:06:3f:24:b1:9f:d7:12:4c:
b1:7a:bf:fd:45:cc:66:77:e4:91:57:f7:a0:b9:5c:
a4:0b:b9:f4:4e:0e:80:79:b0:11:11:56:ba:9e:0a:
f5:8f:72:17:91:00:58:47:ac:67:aa:77:d6:ac:51:
7c:a9:07:5d:27:a0:43:1d:16:6e:f4:6b:04:71:d4:
1f:59:86:f8:00:10:6d:28:2b:e6:8b:30:8b:e0:fd:
ab:f2:89:bf:79:6e:3a:a4:2c:02:9b:5b:15:b0:ec:
64:ca:e2:8b:90:92:c3:22:a3:e1:94:50:4d:a0:43:
11:d6:79:1d:36:97:57:fd:6a:ca:fa:31:95:66:0b:
55:22:da:d7:7f:76:f5:e2:bd:75:46:80:f9:15:32:
23:86:73:4c:ce:68:b5:3c:80:fc:76:5e:c9:fe:21:
34:cd:be:35:f1:74:e5:0c:f8:a8:92:e3:d0:ad:e6:
a9:bc:f3:7c:5c:93:67:9d:e6:cb:6d:25:50:d5:fc:
e5:de:ae:1b:d1:a8:dc:28:0f:25:87:7f:26:68:09:
97:e4:fd:4f:f8:62:d1:e3:11:80:b0:50:5d:69:ca:
15:95:71:6b:8d:52:46:27:51:8b:e0:b2:02:60:25:
0d:7c:29:8e:4c:59:e4:70:22:3b:a0:2f:33:69:95:
e5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0D:9F:80:8A:95:20:D8:2D:DF:34:64:E4:02:33:A6:32:2D:34:19
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NQ2fgIqVINgt3zRk5AIzpjItNBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.211.0/24
45.128.232.0/24
84.54.51.0/24
94.103.124.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ea:21:2b:14:b2:0e:d7:7e:d1:9b:59:b2:b8:04:0d:86:16:
1b:9a:67:dc:12:b8:03:d6:83:db:ae:ad:d7:df:cf:d8:16:6e:
09:e8:0a:01:e1:50:2c:db:7d:64:76:1a:8d:b0:be:81:ee:5b:
13:f7:01:3f:a5:59:44:72:1d:00:80:7a:13:82:6a:79:ac:f4:
b0:41:2a:ad:34:df:84:05:f6:1f:61:4e:fa:4e:ee:65:52:2f:
f7:82:2c:53:44:6e:3f:69:37:13:83:b7:44:3e:ed:49:d2:ca:
61:fb:8d:e1:1c:75:de:21:28:dd:47:25:0d:6a:a5:4a:03:46:
59:10:75:30:ea:6b:ab:f4:c0:c3:da:d4:41:e1:b9:d0:5f:b5:
89:54:f2:02:77:41:9c:a5:39:cc:03:a0:ef:6e:d2:ec:92:f6:
9a:4e:98:47:51:f2:e5:d2:e8:0f:ca:ab:ed:22:c7:12:fa:9b:
eb:25:0f:46:88:5b:ad:e4:4c:ac:9b:49:c9:91:c6:09:ee:12:
60:a6:52:5e:2e:7c:30:8f:85:20:80:a2:be:b0:e0:e1:06:b8:
8c:9c:2c:be:93:8b:e0:3f:f3:46:5f:79:78:27:7d:3e:55:fc:
fd:c2:c3:53:27:64:da:3a:c5:fa:e2:da:d7:80:bd:d1:e3:c9:
69:63:78:0c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYljr3tvn7YsrPP83+bomB6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzE3MTE0OTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTBkOWY4MDhhOTUyMGQ4MmRkZjM0NjRlNDAyMzNhNjMyMmQzNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+g/5KJMRBj8ksZ/XEkyxer/9Rcxm
d+SRV/eguVykC7n0Tg6AebAREVa6ngr1j3IXkQBYR6xnqnfWrFF8qQddJ6BDHRZu
9GsEcdQfWYb4ABBtKCvmizCL4P2r8om/eW46pCwCm1sVsOxkyuKLkJLDIqPhlFBN
oEMR1nkdNpdX/WrK+jGVZgtVItrXf3b14r11RoD5FTIjhnNMzmi1PID8dl7J/iE0
zb418XTlDPiokuPQreapvPN8XJNnnebLbSVQ1fzl3q4b0ajcKA8lh38maAmX5P1P
+GLR4xGAsFBdacoVlXFrjVJGJ1GL4LICYCUNfCmOTFnkcCI7oC8zaZXlRwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDUNn4CKlSDYLd80ZOQCM6YyLTQZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTlEyZmdJcVZJTmd0M3pSazVBSXpwakl0TkJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjpfAwQA
Hw3TAwQALYDoAwQAVDYzAwQAXmd8AwQAwSMSMA0GCSqGSIb3DQEBCwUAA4IBAQCt
6iErFLIO137Rm1myuAQNhhYbmmfcErgD1oPbrq3X38/YFm4J6AoB4VAs231kdhqN
sL6B7lsT9wE/pVlEch0AgHoTgmp5rPSwQSqtNN+EBfYfYU76Tu5lUi/3gixTRG4/
aTcTg7dEPu1J0sph+43hHHXeISjdRyUNaqVKA0ZZEHUw6mur9MDD2tRB4bnQX7WJ
VPICd0GcpTnMA6DvbtLskvaaTphHUfLl0ugPyqvtIscS+pvrJQ9GiFut5Eysm0nJ
kcYJ7hJgplJeLnwwj4UggKK+sODhBriMnCy+k4vgP/NGX3l4J30+Vfz9wsNTJ2Ta
OsX64trXgL3R48lpY3gM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:31 2024 by rpki-client on console-ams.rpki-client.org