Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XDrF2t5uKgGsE1uz48soB8WqrS8.roa
File: XDrF2t5uKgGsE1uz48soB8WqrS8.roa (raw, json)
Hash identifier: sMHQeGcN+BZcmpLd+cLonyScmkmYl40TaAVGhWcMQnE=
Subject key identifier: 5C:3A:C5:DA:DE:6E:2A:01:AC:13:5B:B3:E3:CB:28:07:C5:AA:AD:2F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FCED92603890639D4DE11740C5575FC36
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XDrF2t5uKgGsE1uz48soB8WqrS8.roa
Signing time: Fri 31 May 2024 13:31:28 +0000
ROA not before: Fri 31 May 2024 13:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 10:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:d9:26:03:89:06:39:d4:de:11:74:0c:55:75:fc:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 31 13:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c3ac5dade6e2a01ac135bb3e3cb2807c5aaad2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f4:51:5c:13:ca:56:2d:c4:bb:33:7e:4b:dc:
c0:ad:6d:ae:eb:fa:59:d9:1b:6b:4b:ab:c0:d9:19:
7a:0a:e2:36:28:09:44:d6:2b:71:ca:e2:2d:e6:3c:
45:cd:af:f9:91:20:5e:57:b5:f1:54:1c:50:e7:91:
8a:ed:d0:99:87:50:ed:df:80:16:cb:b9:a7:10:46:
9b:38:aa:30:09:1c:9f:cc:f1:8a:32:db:62:5a:7a:
14:02:26:bf:5d:44:b5:f5:a0:09:c6:31:78:92:4e:
84:8d:1b:da:20:fd:04:e2:d4:64:00:34:01:2c:9a:
f5:79:95:e9:df:ba:09:95:58:d7:e8:1a:ee:2b:24:
44:22:a4:e5:bb:28:b9:e5:81:c2:b5:bd:1f:23:2d:
b3:59:36:77:3c:dd:a8:9e:d0:39:59:02:a9:9a:3a:
31:d5:c4:79:58:c2:dc:1e:3c:c5:85:59:55:9a:36:
f5:da:a9:4e:b7:b6:9e:77:79:30:48:b4:5a:ec:6d:
9d:95:cd:d7:2c:b9:90:2d:47:a2:05:49:65:9c:27:
95:e8:d2:d2:0c:50:a8:d7:ac:61:6f:9a:4e:98:da:
bc:9f:d7:0d:e5:9d:0a:1d:e4:54:f0:a6:53:42:82:
95:4f:ce:ea:f9:e0:14:4a:3b:29:0c:e6:1e:84:1d:
49:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3A:C5:DA:DE:6E:2A:01:AC:13:5B:B3:E3:CB:28:07:C5:AA:AD:2F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XDrF2t5uKgGsE1uz48soB8WqrS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.88.64.0/24
79.110.51.0/24
94.154.162.0/24
109.206.239.0/24
178.215.227.0/24
185.222.161.0-185.222.162.255
193.37.40.0/24
193.37.42.0/24
193.222.97.0/24
194.55.225.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:31:75:73:fa:14:38:78:c7:cf:7c:22:9a:76:0f:d4:69:e2:
fd:3f:91:8d:fb:54:e0:8c:53:3d:e7:e9:16:a0:aa:e5:c9:cb:
03:4f:0f:4f:f0:72:cf:da:df:49:0d:40:6b:5e:69:64:18:47:
c5:a1:5c:b0:4c:0c:fe:84:be:b3:b8:47:4a:4e:85:63:6d:a5:
ef:13:a8:4b:a8:ed:d3:4c:7d:c8:91:8e:6a:87:3a:f2:6c:8e:
dd:94:6f:66:52:5c:9b:45:14:01:a2:d3:c7:2c:03:c8:ce:21:
ba:e3:e0:6d:99:fa:67:d8:d4:7c:e1:b3:50:ff:e3:55:5d:14:
cc:19:ad:a2:bf:96:6b:37:db:f9:9f:5a:45:1d:c2:e6:90:70:
a9:77:7a:62:27:3c:39:9b:18:ea:41:f6:21:02:ee:80:52:a4:
30:2e:2f:2c:fc:f0:6d:45:fc:28:93:0b:8a:fb:60:06:8f:d6:
88:c3:8c:be:68:4e:fe:ba:27:b7:a9:9b:cc:cb:86:58:ab:2b:
fc:cc:de:e4:00:92:63:bf:83:cf:dd:f2:58:7e:01:b6:d1:17:
16:2d:1c:00:65:e8:d5:1c:62:6c:da:11:15:77:8d:32:33:e6:
30:5d:4c:6e:84:48:27:99:fc:00:63:61:c6:3f:c4:75:50:0f:
b7:68:f9:be
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAY/O2SYDiQY51N4RdAxVdfw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTMxMTMzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNhYzVkYWRlNmUyYTAxYWMxMzViYjNlM2NiMjgwN2M1YWFhZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/RRXBPKVi3EuzN+S9zArW2u6/pZ
2RtrS6vA2Rl6CuI2KAlE1itxyuIt5jxFza/5kSBeV7XxVBxQ55GK7dCZh1Dt34AW
y7mnEEabOKowCRyfzPGKMttiWnoUAia/XUS19aAJxjF4kk6EjRvaIP0E4tRkADQB
LJr1eZXp37oJlVjX6BruKyREIqTluyi55YHCtb0fIy2zWTZ3PN2ontA5WQKpmjox
1cR5WMLcHjzFhVlVmjb12qlOt7aed3kwSLRa7G2dlc3XLLmQLUeiBUllnCeV6NLS
DFCo16xhb5pOmNq8n9cN5Z0KHeRU8KZTQoKVT87q+eAUSjspDOYehB1JXQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFFw6xdrebioBrBNbs+PLKAfFqq0vMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWERyRjJ0NXVLZ0dzRTF1ejQ4c29COFdxclM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAAjv9AwQA
LVhAAwQAT24zAwQAXpqiAwQAbc7vAwQAstfjMAwDBAC53qEDBAC53qIDBADBJSgD
BADBJSoDBADB3mEDBADCN+EwDQYJKoZIhvcNAQELBQADggEBAEsxdXP6FDh4x898
Ipp2D9Rp4v0/kY37VOCMUz3n6RagquXJywNPD0/wcs/a30kNQGteaWQYR8WhXLBM
DP6EvrO4R0pOhWNtpe8TqEuo7dNMfciRjmqHOvJsjt2Ub2ZSXJtFFAGi08csA8jO
Ibrj4G2Z+mfY1Hzhs1D/41VdFMwZraK/lms32/mfWkUdwuaQcKl3emInPDmbGOpB
9iEC7oBSpDAuLyz88G1F/CiTC4r7YAaP1ojDjL5oTv66J7epm8zLhlirK/zM3uQA
kmO/g8/d8lh+AbbRFxYtHABl6NUcYmzaERV3jTIz5jBdTG6ESCeZ/ABjYcY/xHVQ
D7do+b4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org