Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aiKoL9pY9NsiarY8g1A5TPgZvws.roa
File: aiKoL9pY9NsiarY8g1A5TPgZvws.roa (raw, json)
Hash identifier: QQ7/ZsbMV/QqHcuYnOOyrTtLlrNQbBVqipcbMwJIxsk=
Subject key identifier: 6A:22:A8:2F:DA:58:F4:DB:22:6A:B6:3C:83:50:39:4C:F8:19:BF:0B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019043873D70AB042960EBFF78296848FB19
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aiKoL9pY9NsiarY8g1A5TPgZvws.roa
Signing time: Sun 23 Jun 2024 05:17:34 +0000
ROA not before: Sun 23 Jun 2024 05:17:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214783
IP address blocks: 2.59.252.0/25 maxlen: 25
2.59.252.64/26 maxlen: 26
Validation: Failed, certificate revoked on Tue 25 Jun 2024 03:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:43:87:3d:70:ab:04:29:60:eb:ff:78:29:68:48:fb:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 23 05:17:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a22a82fda58f4db226ab63c8350394cf819bf0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:e7:47:b2:a9:e0:d2:7d:cf:84:fc:ed:ec:
55:9f:cb:35:a9:b3:c3:1c:8f:16:02:b2:b0:3a:47:
c6:30:ab:17:8b:32:6a:b4:76:0f:3f:75:44:69:26:
78:ff:4f:00:be:93:3f:02:48:c5:06:cf:1f:81:c2:
44:90:c8:d9:0b:56:01:80:e8:bf:bd:47:c9:c5:30:
ef:37:48:94:73:a1:38:8c:ce:88:54:8c:e4:ac:b9:
0e:78:f8:69:04:99:8d:ee:b5:4a:95:7b:ac:e7:14:
80:63:fa:ba:5c:52:c3:da:56:08:7b:c1:2d:e4:7a:
ad:ff:45:3e:6a:a3:53:f3:53:4c:e6:a1:10:8a:4a:
fc:ae:bf:4c:33:d7:72:ae:a4:0f:4a:e7:fa:6f:94:
db:6c:4e:fc:df:4f:41:44:17:2a:11:31:04:d8:af:
fe:57:dc:aa:15:1c:52:79:27:fe:21:54:e9:28:c6:
f4:f9:14:b2:ed:24:2d:94:27:cf:71:c9:05:4c:b6:
9a:55:29:6b:31:07:41:2b:aa:ef:f8:a7:96:f3:9a:
2f:5b:0d:82:81:3e:51:cb:a0:f8:c1:e0:5e:23:3a:
47:b8:b6:66:ca:95:03:de:da:f3:ff:2f:d3:7d:df:
7a:95:a3:3a:37:27:bd:fe:de:e4:3e:81:1e:e9:ae:
45:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:22:A8:2F:DA:58:F4:DB:22:6A:B6:3C:83:50:39:4C:F8:19:BF:0B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aiKoL9pY9NsiarY8g1A5TPgZvws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.252.0/25
Signature Algorithm: sha256WithRSAEncryption
78:f7:a1:68:60:a1:f8:22:75:15:a1:3d:0e:6d:63:da:7f:8c:
75:d2:82:c7:40:b3:03:15:29:5a:fe:76:a4:8f:ed:97:7d:80:
19:dd:38:e0:4a:7f:d6:6e:a5:8b:e9:07:00:b8:2f:ae:6a:8c:
38:ce:64:70:8e:b9:34:6b:9f:eb:6f:87:83:18:28:8e:39:2d:
9c:a2:84:fa:5e:5a:db:a5:60:8a:32:62:06:a4:4e:af:12:2b:
10:bb:82:a6:b1:58:18:95:a8:51:3f:0d:83:1a:c2:69:d8:01:
7a:5d:4a:4e:af:7b:f1:4a:c2:0b:74:ac:c2:39:2a:b4:99:1b:
77:eb:c0:8c:c2:5d:53:cb:dc:a7:bb:a0:ac:03:86:c5:b4:f0:
32:d5:7f:b5:08:a2:d0:4c:a6:96:5f:93:ab:82:12:c2:26:b9:
9f:cf:54:69:5b:19:ff:03:f6:c3:a9:f8:2c:5a:db:b7:da:81:
50:86:16:6d:9c:c3:43:e9:71:d0:e2:1c:89:d9:db:e5:c2:5e:
ff:20:d7:1f:01:5f:82:f6:ee:af:1e:94:08:dc:17:11:6f:ad:
8b:02:b0:71:9f:45:84:9c:b7:df:d4:ca:76:4c:ff:4b:87:eb:
6d:bf:d0:5a:c6:08:3c:37:ca:db:08:4e:ce:0c:85:82:da:19:
a7:cc:51:4f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBDhz1wqwQpYOv/eCloSPsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjIzMDUxNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTIyYTgyZmRhNThmNGRiMjI2YWI2M2M4MzUwMzk0Y2Y4MTliZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE3nR7Kp4NJ9z4T87exVn8s1qbPD
HI8WArKwOkfGMKsXizJqtHYPP3VEaSZ4/08AvpM/AkjFBs8fgcJEkMjZC1YBgOi/
vUfJxTDvN0iUc6E4jM6IVIzkrLkOePhpBJmN7rVKlXus5xSAY/q6XFLD2lYIe8Et
5Hqt/0U+aqNT81NM5qEQikr8rr9MM9dyrqQPSuf6b5TbbE78309BRBcqETEE2K/+
V9yqFRxSeSf+IVTpKMb0+RSy7SQtlCfPcckFTLaaVSlrMQdBK6rv+KeW85ovWw2C
gT5Ry6D4weBeIzpHuLZmypUD3trz/y/Tfd96laM6Nye9/t7kPoEe6a5FTQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGoiqC/aWPTbImq2PINQOUz4Gb8LMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYWlLb0w5cFk5TnNpYXJZOGcxQTVUUGdadndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHAjv8ADAN
BgkqhkiG9w0BAQsFAAOCAQEAePehaGCh+CJ1FaE9Dm1j2n+MddKCx0CzAxUpWv52
pI/tl32AGd044Ep/1m6li+kHALgvrmqMOM5kcI65NGuf62+HgxgojjktnKKE+l5a
26VgijJiBqROrxIrELuCprFYGJWoUT8NgxrCadgBel1KTq978UrCC3SswjkqtJkb
d+vAjMJdU8vcp7ugrAOGxbTwMtV/tQii0Eymll+Tq4ISwia5n89UaVsZ/wP2w6n4
LFrbt9qBUIYWbZzDQ+lx0OIcidnb5cJe/yDXHwFfgvburx6UCNwXEW+tiwKwcZ9F
hJy339TKdkz/S4frbb/QWsYIPDfK2whOzgyFgtoZp8xRTw==
-----END CERTIFICATE-----
Generated at Tue Jun 25 06:41:01 2024 by rpki-client on console-ams.rpki-client.org