Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/c-cCgSzw1TTqkn-lAM9A-Ri9X0A.roa
File: c-cCgSzw1TTqkn-lAM9A-Ri9X0A.roa (raw, json)
Hash identifier: NjkW1SLSWik4QvjIBPCjIjs7CjcyynUK2ityjyvi9tE=
Subject key identifier: 73:E7:02:81:2C:F0:D5:34:EA:92:7F:A5:00:CF:40:F9:18:BD:5F:40
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AEFDECD1AF3EEB4C2EEFC29B8E1A9C19C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/c-cCgSzw1TTqkn-lAM9A-Ri9X0A.roa
Signing time: Mon 02 Oct 2023 10:11:10 +0000
ROA not before: Mon 02 Oct 2023 10:11:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202685
IP address blocks: 2.58.95.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:de:cd:1a:f3:ee:b4:c2:ee:fc:29:b8:e1:a9:c1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 2 10:11:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73e702812cf0d534ea927fa500cf40f918bd5f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a9:b0:f1:2f:71:4d:c7:25:26:c7:59:b0:ce:
23:d3:04:0e:06:d8:93:b7:33:db:6a:70:59:da:83:
ee:93:61:c0:c3:f6:a6:8a:b3:b2:d6:a1:a8:dd:66:
3a:41:77:9d:c5:c0:ec:13:95:8b:fb:12:3a:60:75:
3b:ab:ee:5d:3b:05:bd:95:d2:87:4a:42:2c:87:2e:
ca:0e:90:cc:8a:59:8f:7a:1a:88:14:04:b7:39:50:
c2:42:01:3d:34:54:55:b9:04:fa:70:dc:f3:0e:ae:
c1:3a:65:c3:a9:5b:37:bb:31:b1:63:88:61:84:e0:
56:f0:18:c7:75:11:d4:05:33:db:61:25:fa:ea:79:
87:dc:72:68:06:1f:f4:1f:10:55:70:fd:d0:26:7d:
cf:75:78:64:e9:c9:65:54:85:8e:70:fb:39:08:20:
bf:4d:6e:95:8e:cd:a3:a7:ea:be:38:41:cc:4c:3d:
40:67:f1:55:d7:88:e0:7d:e8:f9:6d:4e:6c:48:f2:
25:93:63:9f:33:0d:15:09:56:46:58:01:d0:e9:eb:
b4:0a:0e:e9:a0:a6:a5:e2:c9:29:9b:93:c7:a4:19:
1d:6f:5f:55:8d:46:57:2b:77:38:43:75:af:26:04:
3d:78:43:88:f9:4d:55:24:3b:27:3d:86:c1:a9:6b:
d7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E7:02:81:2C:F0:D5:34:EA:92:7F:A5:00:CF:40:F9:18:BD:5F:40
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/c-cCgSzw1TTqkn-lAM9A-Ri9X0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.211.0/24
45.128.232.0/24
84.54.51.0/24
87.121.58.0/24
87.121.69.0/24
94.103.124.0/23
141.98.4.0/24
147.78.102.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
84:cf:40:a9:ab:25:0c:82:cd:a9:d5:bf:a3:81:e3:77:b4:b5:
da:80:47:c7:20:a8:46:c5:8a:2c:39:aa:62:cd:c5:fe:ff:9f:
7f:bb:50:26:f2:36:48:f3:20:ca:db:37:a3:90:e5:77:de:c1:
9d:df:4a:cf:67:88:c1:ae:8b:f1:1d:1d:eb:96:45:f5:27:df:
c3:66:67:dd:7a:1c:6f:67:7c:12:7f:ab:8a:a1:31:4a:c2:7f:
02:c2:b0:36:1b:38:d7:85:92:33:d0:69:fc:ee:ac:0d:2a:9c:
d9:da:f9:23:4a:9f:55:e0:54:08:d5:2b:59:68:4c:f6:05:25:
13:e9:76:68:22:4d:a9:37:78:72:2c:97:9f:9b:eb:8a:fc:22:
f9:14:04:ca:3d:95:72:33:35:47:85:7e:0c:a8:79:1e:06:f3:
12:f5:64:3f:4a:53:45:3d:43:7e:a3:f0:dc:15:3d:67:ba:54:
a3:e1:6a:a8:1e:df:3e:dc:91:ee:37:8a:57:61:fe:0e:fd:8e:
99:91:31:32:7a:1b:df:a9:6a:2f:17:d9:6c:56:16:f6:58:9f:
ef:59:e8:86:66:15:84:ce:80:0d:93:d1:c7:61:3f:65:4e:65:
0d:c7:e4:87:40:27:23:cf:14:b9:57:02:99:f1:35:c1:ee:c6:
52:7f:98:82
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYrv3s0a8+60wu78KbjhqcGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDAyMTAxMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2U3MDI4MTJjZjBkNTM0ZWE5MjdmYTUwMGNmNDBmOTE4YmQ1ZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6mw8S9xTcclJsdZsM4j0wQOBtiT
tzPbanBZ2oPuk2HAw/amirOy1qGo3WY6QXedxcDsE5WL+xI6YHU7q+5dOwW9ldKH
SkIshy7KDpDMilmPehqIFAS3OVDCQgE9NFRVuQT6cNzzDq7BOmXDqVs3uzGxY4hh
hOBW8BjHdRHUBTPbYSX66nmH3HJoBh/0HxBVcP3QJn3PdXhk6cllVIWOcPs5CCC/
TW6Vjs2jp+q+OEHMTD1AZ/FV14jgfej5bU5sSPIlk2OfMw0VCVZGWAHQ6eu0Cg7p
oKal4skpm5PHpBkdb19VjUZXK3c4Q3WvJgQ9eEOI+U1VJDsnPYbBqWvXiQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHPnAoEs8NU06pJ/pQDPQPkYvV9AMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYy1jQ2dTencxVFRxa24tbEFNOUEtUmk5WDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAAjpfAwQA
Hw3TAwQALYDoAwQAVDYzAwQAV3k6AwQAV3lFAwQBXmd8AwQAjWIEAwQAk05mAwQA
wSMSMA0GCSqGSIb3DQEBCwUAA4IBAQCEz0CpqyUMgs2p1b+jgeN3tLXagEfHIKhG
xYosOapizcX+/59/u1Am8jZI8yDK2zejkOV33sGd30rPZ4jBrovxHR3rlkX1J9/D
ZmfdehxvZ3wSf6uKoTFKwn8CwrA2GzjXhZIz0Gn87qwNKpzZ2vkjSp9V4FQI1StZ
aEz2BSUT6XZoIk2pN3hyLJefm+uK/CL5FATKPZVyMzVHhX4MqHkeBvMS9WQ/SlNF
PUN+o/DcFT1nulSj4WqoHt8+3JHuN4pXYf4O/Y6ZkTEyehvfqWovF9lsVhb2WJ/v
WeiGZhWEzoANk9HHYT9lTmUNx+SHQCcjzxS5VwKZ8TXB7sZSf5iC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:38 2024 by rpki-client on console-ams.rpki-client.org