Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k7JOYizpePPle-FBLciruTSJBvI.roa
File: k7JOYizpePPle-FBLciruTSJBvI.roa (raw, json)
Hash identifier: zuxJpAUfBevWf9hurTEHEkLSD607Guk876EkbOUFxi8=
Subject key identifier: 93:B2:4E:62:2C:E9:78:F3:E5:7B:E1:41:2D:C8:AB:B9:34:89:06:F2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01907D7B1DA5B25E64DBE23212DCBF39C2BD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k7JOYizpePPle-FBLciruTSJBvI.roa
Signing time: Thu 04 Jul 2024 11:22:18 +0000
ROA not before: Thu 04 Jul 2024 11:22:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jul 2024 09:21:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:7b:1d:a5:b2:5e:64:db:e2:32:12:dc:bf:39:c2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 4 11:22:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93b24e622ce978f3e57be1412dc8abb9348906f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d8:51:77:ce:64:ef:69:7d:05:0f:81:2e:c3:
80:33:54:44:06:9a:b1:b9:e3:74:e1:d6:c2:90:74:
c0:61:df:d6:1d:3e:d6:e5:60:1c:fc:04:13:dc:e4:
bc:bc:d3:6e:d6:85:0b:bf:36:8c:03:c3:40:45:6b:
08:cc:66:8a:ff:c4:63:8a:fd:95:6c:a8:80:32:d4:
0c:2c:ea:c0:59:37:9e:8f:41:de:c7:4b:cb:49:c7:
8d:28:dd:63:17:bb:35:96:1e:30:1a:5f:bc:ab:0c:
b8:e6:e4:69:0e:75:11:4f:16:9b:29:06:d7:e6:97:
a7:a2:96:30:ea:64:d4:67:84:d9:82:0a:eb:f3:20:
7f:d1:49:60:9c:ca:5c:54:27:e1:9d:c5:f5:12:5d:
ad:35:bb:aa:f4:dd:b5:53:e1:3c:b7:df:e1:67:c2:
c4:42:7e:8a:a7:33:6b:99:cd:63:47:6d:61:37:ce:
47:35:f0:5b:8b:d2:b0:a1:66:95:7c:8a:c3:a4:59:
cf:6e:71:c6:30:ee:9d:78:74:1d:1b:77:93:9b:67:
6e:77:ad:65:f7:bd:b8:81:4c:cc:38:d1:8c:f8:21:
7f:18:f9:54:d9:40:67:2b:f8:26:81:e2:7b:21:f3:
9b:93:4d:11:87:d6:7e:77:59:1d:4f:fe:11:2a:29:
73:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B2:4E:62:2C:E9:78:F3:E5:7B:E1:41:2D:C8:AB:B9:34:89:06:F2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k7JOYizpePPle-FBLciruTSJBvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
79.110.51.0/24
87.120.166.0/24
94.154.162.0/24
109.206.239.0/24
185.222.161.0/24
193.37.40.0/24
194.55.225.0/24
Signature Algorithm: sha256WithRSAEncryption
89:cf:dd:79:39:f7:11:ef:99:b6:5a:74:8f:b0:45:fd:ef:8c:
40:0b:cd:44:a3:81:ee:29:52:4d:1c:ad:f7:0c:d4:ab:fa:af:
00:53:6e:15:5a:94:83:1a:ee:fe:54:f6:d6:63:41:90:83:61:
72:da:66:0b:79:12:48:9c:60:2d:c3:47:cf:3a:83:38:4c:e4:
6d:a2:05:fe:48:f9:77:df:51:38:99:67:1d:d6:c5:81:4e:89:
bc:c8:09:4c:7e:cb:c2:ac:79:63:1c:45:45:62:bd:71:c8:e3:
94:76:aa:ec:c4:81:dd:51:70:47:30:47:3b:57:93:74:10:a4:
c8:f0:da:bf:51:af:4a:59:31:00:31:cb:e4:a3:05:98:be:7e:
fd:97:fb:9a:55:f4:19:97:93:7c:bf:f5:10:d0:05:28:c3:a4:
a1:62:b3:d4:43:85:ee:65:64:fe:66:81:a7:1e:bf:7d:ab:80:
71:64:27:9b:4d:bb:06:3c:82:e2:ab:58:8a:ed:1a:65:17:98:
a6:5c:14:be:54:f1:b3:1b:7a:7d:e8:99:a0:83:2a:2a:18:d0:
b1:45:f5:02:07:3b:a7:59:bd:9f:d3:3d:f2:1e:cb:04:6b:95:
c7:49:83:65:31:9f:6b:27:02:15:a7:a0:d6:51:d7:3b:3d:86:
e9:c1:09:f8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZB9ex2lsl5k2+IyEty/OcK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzA0MTEyMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2IyNGU2MjJjZTk3OGYzZTU3YmUxNDEyZGM4YWJiOTM0ODkwNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNhRd85k72l9BQ+BLsOAM1REBpqx
ueN04dbCkHTAYd/WHT7W5WAc/AQT3OS8vNNu1oULvzaMA8NARWsIzGaK/8Rjiv2V
bKiAMtQMLOrAWTeej0Hex0vLSceNKN1jF7s1lh4wGl+8qwy45uRpDnURTxabKQbX
5penopYw6mTUZ4TZggrr8yB/0UlgnMpcVCfhncX1El2tNbuq9N21U+E8t9/hZ8LE
Qn6KpzNrmc1jR21hN85HNfBbi9KwoWaVfIrDpFnPbnHGMO6deHQdG3eTm2dud61l
9724gUzMONGM+CF/GPlU2UBnK/gmgeJ7IfObk00Rh9Z+d1kdT/4RKilzfwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJOyTmIs6Xjz5XvhQS3Iq7k0iQbyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvazdKT1lpenBlUFBsZS1GQkxjaXJ1VFNKQnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAAjv9AwQA
T24zAwQAV3imAwQAXpqiAwQAbc7vAwQAud6hAwQAwSUoAwQAwjfhMA0GCSqGSIb3
DQEBCwUAA4IBAQCJz915OfcR75m2WnSPsEX974xAC81Eo4HuKVJNHK33DNSr+q8A
U24VWpSDGu7+VPbWY0GQg2Fy2mYLeRJInGAtw0fPOoM4TORtogX+SPl331E4mWcd
1sWBTom8yAlMfsvCrHljHEVFYr1xyOOUdqrsxIHdUXBHMEc7V5N0EKTI8Nq/Ua9K
WTEAMcvkowWYvn79l/uaVfQZl5N8v/UQ0AUow6ShYrPUQ4XuZWT+ZoGnHr99q4Bx
ZCebTbsGPILiq1iK7RplF5imXBS+VPGzG3p96JmggyoqGNCxRfUCBzunWb2f0z3y
HssEa5XHSYNlMZ9rJwIVp6DWUdc7PYbpwQn4
-----END CERTIFICATE-----
Generated at Fri Jul 5 10:30:55 2024 by rpki-client on console-ams.rpki-client.org