Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ke82yS7jwdSNR7gdEWYZc-H_6LQ.roa
File: ke82yS7jwdSNR7gdEWYZc-H_6LQ.roa (raw, json)
Hash identifier: 2pCUutx0D5bGaSyXlvsFN3w5H8fSyDhrtVCcVs8Vvx4=
Subject key identifier: 91:EF:36:C9:2E:E3:C1:D4:8D:47:B8:1D:11:66:19:73:E1:FF:E8:B4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019049677469A5DCD96DD69BC0E68346E4AC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ke82yS7jwdSNR7gdEWYZc-H_6LQ.roa
Signing time: Mon 24 Jun 2024 08:40:35 +0000
ROA not before: Mon 24 Jun 2024 08:40:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 05:58:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:67:74:69:a5:dc:d9:6d:d6:9b:c0:e6:83:46:e4:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 24 08:40:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91ef36c92ee3c1d48d47b81d11661973e1ffe8b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1b:64:5b:56:e1:18:f0:fd:2b:55:55:c0:2f:
2f:64:33:d3:26:20:69:90:4b:4f:d7:0f:99:4c:fa:
fc:97:c9:d5:6a:ce:06:81:aa:2d:9e:e5:91:f4:ef:
ee:6d:c1:bc:cf:3e:68:5e:bf:f4:97:28:cb:68:42:
f6:a0:4f:bf:2f:1e:be:2c:d0:df:65:68:d1:23:6b:
85:1e:c9:02:12:d1:f2:60:96:07:e2:08:f1:ce:16:
6e:f8:ae:05:a1:6a:b4:b2:aa:ed:3b:b4:28:13:7f:
ca:2b:1a:92:37:1d:fe:e0:3e:bc:b5:4f:3b:e8:ce:
bc:37:38:37:a6:34:8e:b7:dd:68:8f:8b:1a:59:d8:
57:b1:a1:d9:1a:ac:09:44:29:0e:08:66:8f:7c:60:
50:37:f2:45:b4:a2:7b:84:9e:c6:f5:27:d9:dd:f7:
29:0d:c3:6b:da:d3:e5:ee:f9:13:51:b9:31:a8:75:
ce:f7:f8:20:1e:a7:33:47:a5:d1:3f:01:a6:39:e7:
d1:3f:49:68:76:84:3c:ad:c2:a4:72:03:97:ff:7e:
3c:08:86:22:ab:75:a5:fb:ed:d3:60:fc:d9:5c:46:
c7:33:be:92:9f:64:8d:61:f1:08:21:18:c0:ba:1d:
d4:3d:a3:57:98:d8:3d:10:a2:38:7b:4c:44:56:a4:
93:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:EF:36:C9:2E:E3:C1:D4:8D:47:B8:1D:11:66:19:73:E1:FF:E8:B4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ke82yS7jwdSNR7gdEWYZc-H_6LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.88.64.0/24
79.110.51.0/24
87.120.166.0/24
94.154.162.0/24
109.206.239.0/24
185.222.161.0-185.222.162.255
185.246.223.0/24
193.37.40.0/24
194.55.225.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:2e:8c:9c:32:ad:b8:1f:6c:9d:2d:ae:56:cb:7d:90:8c:22:
1f:af:36:e5:10:ac:c1:2b:0e:22:45:7e:2a:e6:23:03:d0:a3:
d1:dd:58:77:24:e2:eb:c4:05:70:a3:82:4c:f8:a9:0b:42:7f:
ab:d0:d3:d1:e3:86:17:70:20:12:b1:18:aa:53:91:f9:5c:be:
3c:69:bd:f7:ae:98:f8:df:c6:f8:e3:08:9b:f9:15:f7:cd:d8:
08:dd:da:4f:ba:31:f2:56:bd:34:bc:95:8e:f4:92:27:70:87:
e9:32:fa:3b:52:dc:40:6c:cd:17:fb:9c:06:9e:63:f0:72:60:
fa:ce:87:a5:65:ba:cb:27:b5:cf:e2:11:77:36:39:90:d5:d4:
ba:31:c6:7d:70:c7:ce:e1:a7:09:88:a2:91:51:6c:04:18:d5:
d3:79:42:fe:66:44:ac:da:8a:f0:6d:57:40:82:d7:0c:6a:f5:
d6:12:fe:fc:f6:5f:c2:33:1e:b8:fc:8c:f3:9e:cf:93:0b:81:
4d:70:3e:52:50:06:61:86:d1:c3:ce:2e:aa:2b:95:d9:85:a2:
ff:fc:5b:52:d0:ca:6a:34:12:b3:dd:24:9b:73:ce:af:92:02:
af:a1:e0:b3:25:0a:5f:7a:96:1d:11:e4:5d:f6:67:00:65:58:
ec:7c:d7:ca
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZBJZ3RppdzZbdabwOaDRuSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjI0MDg0MDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWVmMzZjOTJlZTNjMWQ0OGQ0N2I4MWQxMTY2MTk3M2UxZmZlOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphtkW1bhGPD9K1VVwC8vZDPTJiBp
kEtP1w+ZTPr8l8nVas4GgaotnuWR9O/ubcG8zz5oXr/0lyjLaEL2oE+/Lx6+LNDf
ZWjRI2uFHskCEtHyYJYH4gjxzhZu+K4FoWq0sqrtO7QoE3/KKxqSNx3+4D68tU87
6M68Nzg3pjSOt91oj4saWdhXsaHZGqwJRCkOCGaPfGBQN/JFtKJ7hJ7G9SfZ3fcp
DcNr2tPl7vkTUbkxqHXO9/ggHqczR6XRPwGmOefRP0lodoQ8rcKkcgOX/348CIYi
q3Wl++3TYPzZXEbHM76Sn2SNYfEIIRjAuh3UPaNXmNg9EKI4e0xEVqSTMwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJHvNsku48HUjUe4HRFmGXPh/+i0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva2U4MnlTN2p3ZFNOUjdnZEVXWVpjLUhfNkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAAjv9AwQA
LVhAAwQAT24zAwQAV3imAwQAXpqiAwQAbc7vMAwDBAC53qEDBAC53qIDBAC59t8D
BADBJSgDBADCN+EwDQYJKoZIhvcNAQELBQADggEBAJ4ujJwyrbgfbJ0trlbLfZCM
Ih+vNuUQrMErDiJFfirmIwPQo9HdWHck4uvEBXCjgkz4qQtCf6vQ09HjhhdwIBKx
GKpTkflcvjxpvfeumPjfxvjjCJv5FffN2Ajd2k+6MfJWvTS8lY70kidwh+ky+jtS
3EBszRf7nAaeY/ByYPrOh6Vlussntc/iEXc2OZDV1Loxxn1wx87hpwmIopFRbAQY
1dN5Qv5mRKzaivBtV0CC1wxq9dYS/vz2X8IzHrj8jPOez5MLgU1wPlJQBmGG0cPO
LqorldmFov/8W1LQymo0ErPdJJtzzq+SAq+h4LMlCl96lh0R5F32ZwBlWOx818o=
-----END CERTIFICATE-----
Generated at Tue Jun 25 09:54:32 2024 by rpki-client on console-ams.rpki-client.org