Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k_ZH2fw48Z7G0qhkvPDOMwP8hTg.roa
File: k_ZH2fw48Z7G0qhkvPDOMwP8hTg.roa (raw, json)
Hash identifier: rtmPUeSpnVdHqy8twJbOUZVRPgzR90n0907oCIXadV8=
Subject key identifier: 93:F6:47:D9:FC:38:F1:9E:C6:D2:A8:64:BC:F0:CE:33:03:FC:85:38
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F5C9EB9FCA9ADA22C4A21310752970779
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k_ZH2fw48Z7G0qhkvPDOMwP8hTg.roa
Signing time: Thu 09 May 2024 09:10:56 +0000
ROA not before: Thu 09 May 2024 09:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 08:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:9e:b9:fc:a9:ad:a2:2c:4a:21:31:07:52:97:07:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 9 09:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93f647d9fc38f19ec6d2a864bcf0ce3303fc8538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:04:35:f3:ea:b9:18:b2:55:be:21:a6:00:20:
62:fe:f9:09:a1:67:ef:af:cf:2e:a3:ca:71:ac:8b:
fe:d4:47:fc:ad:85:42:dc:6f:c2:28:11:1a:c8:fc:
9e:0c:88:e9:16:5f:15:65:a0:e7:7f:1c:4c:2e:42:
5d:78:58:d8:1b:b5:3f:3a:fa:7c:71:22:e1:06:3d:
5f:fd:d9:be:60:28:3c:50:58:26:20:3d:5e:d9:0a:
16:ec:2f:4e:a3:32:15:1c:84:b7:f3:d0:23:44:55:
fb:c8:c0:01:5d:5e:09:ae:b5:52:b6:33:b6:d5:83:
c8:04:72:73:73:8c:da:99:b7:cc:7f:a3:08:6f:9f:
92:2f:04:96:99:38:45:31:84:6d:7d:31:1b:06:17:
75:35:c7:59:39:43:de:ab:5a:30:0f:47:91:75:15:
45:fe:b5:6f:10:12:7c:97:0a:16:24:f5:fa:68:bf:
28:f1:17:84:e4:b7:d2:86:1d:7a:00:ea:ca:98:71:
06:d7:d9:37:05:c8:e2:93:65:21:5e:93:fa:d1:05:
e9:b1:58:22:b4:cf:90:d3:32:f1:4b:8c:16:6d:29:
cc:94:37:af:27:4e:d5:56:2c:57:36:dd:77:2c:cb:
c1:91:6f:4d:76:eb:b4:4d:51:44:c8:c7:a9:2f:f1:
18:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F6:47:D9:FC:38:F1:9E:C6:D2:A8:64:BC:F0:CE:33:03:FC:85:38
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k_ZH2fw48Z7G0qhkvPDOMwP8hTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.88.64.0/24
79.110.51.0/24
87.120.166.0/24
94.154.162.0/24
109.206.239.0/24
185.222.161.0-185.222.162.255
185.246.223.0/24
193.37.40.0/24
193.37.42.0/24
193.222.97.0/24
194.55.225.0/24
Signature Algorithm: sha256WithRSAEncryption
93:db:bd:d3:f8:2c:74:d0:57:5b:c1:3a:6d:2d:81:8a:10:e3:
08:71:2f:7e:6a:3c:3e:72:4a:ad:5b:78:5a:30:b3:35:56:f0:
e5:7d:87:bb:97:af:bb:cc:18:3e:fb:03:57:d4:9b:bf:4f:37:
ab:76:07:a8:00:e5:33:8e:8e:c2:e0:ab:2d:ca:6a:22:08:05:
09:af:c5:cb:f5:24:3a:6c:40:bf:69:43:a4:1c:e6:d8:d8:f6:
28:dd:0b:74:1a:46:df:02:bd:42:9f:d6:b0:0d:07:b0:c4:0e:
cf:f1:17:7e:28:3d:3c:ce:ca:61:93:ee:09:b9:25:c5:1a:68:
0b:cd:7f:88:96:7e:ae:1c:8b:30:0c:ef:0c:41:52:75:df:88:
b3:b1:45:cf:9f:67:2b:be:f0:2d:de:67:8b:da:04:5f:d0:0d:
a0:d7:3d:d4:2f:49:8c:e5:69:74:4c:81:f0:3c:af:31:6e:ce:
38:99:64:97:e1:fc:34:b2:59:4a:88:4b:9d:e3:30:47:47:40:
d2:dd:77:58:77:44:67:fa:91:12:42:62:1c:15:ca:dc:68:63:
65:62:2c:0e:77:3b:81:20:48:fc:e9:c9:41:23:31:9e:b5:92:
b1:4e:a5:2a:34:dd:1a:ce:44:d4:01:50:63:ff:c4:ca:c5:12:
41:b5:b9:43
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY9cnrn8qa2iLEohMQdSlwd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTA5MDkxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Y2NDdkOWZjMzhmMTllYzZkMmE4NjRiY2YwY2UzMzAzZmM4NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAQ18+q5GLJVviGmACBi/vkJoWfv
r88uo8pxrIv+1Ef8rYVC3G/CKBEayPyeDIjpFl8VZaDnfxxMLkJdeFjYG7U/Ovp8
cSLhBj1f/dm+YCg8UFgmID1e2QoW7C9OozIVHIS389AjRFX7yMABXV4JrrVStjO2
1YPIBHJzc4zambfMf6MIb5+SLwSWmThFMYRtfTEbBhd1NcdZOUPeq1owD0eRdRVF
/rVvEBJ8lwoWJPX6aL8o8ReE5LfShh16AOrKmHEG19k3Bcjik2UhXpP60QXpsVgi
tM+Q0zLxS4wWbSnMlDevJ07VVixXNt13LMvBkW9Nduu0TVFEyMepL/EYUwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFJP2R9n8OPGextKoZLzwzjMD/IU4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva19aSDJmdzQ4WjdHMHFoa3ZQRE9Nd1A4aFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAAjv9AwQA
LVhAAwQAT24zAwQAV3imAwQAXpqiAwQAbc7vMAwDBAC53qEDBAC53qIDBAC59t8D
BADBJSgDBADBJSoDBADB3mEDBADCN+EwDQYJKoZIhvcNAQELBQADggEBAJPbvdP4
LHTQV1vBOm0tgYoQ4whxL35qPD5ySq1beFowszVW8OV9h7uXr7vMGD77A1fUm79P
N6t2B6gA5TOOjsLgqy3KaiIIBQmvxcv1JDpsQL9pQ6Qc5tjY9ijdC3QaRt8CvUKf
1rANB7DEDs/xF34oPTzOymGT7gm5JcUaaAvNf4iWfq4cizAM7wxBUnXfiLOxRc+f
Zyu+8C3eZ4vaBF/QDaDXPdQvSYzlaXRMgfA8rzFuzjiZZJfh/DSyWUqIS53jMEdH
QNLdd1h3RGf6kRJCYhwVytxoY2ViLA53O4EgSPzpyUEjMZ61krFOpSo03RrORNQB
UGP/xMrFEkG1uUM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:41 2024 by rpki-client on console-ams.rpki-client.org