Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nNEJLydENXAdkrs8Oaia8PPvpe8.roa
File: nNEJLydENXAdkrs8Oaia8PPvpe8.roa (raw, json)
Hash identifier: CGiVmbyEbuP6p6Xr5eWA6Kf21GqbmOkHNBkzuYZNuCg=
Subject key identifier: 9C:D1:09:2F:27:44:35:70:1D:92:BB:3C:39:A8:9A:F0:F3:EF:A5:EF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191514286CD90D16CC206F4F9578D373232
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nNEJLydENXAdkrs8Oaia8PPvpe8.roa
Signing time: Wed 14 Aug 2024 14:20:00 +0000
ROA not before: Wed 14 Aug 2024 14:20:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
87.121.79.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 12:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:51:42:86:cd:90:d1:6c:c2:06:f4:f9:57:8d:37:32:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 14 14:20:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cd1092f274435701d92bb3c39a89af0f3efa5ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a8:7b:9a:a3:35:d3:8f:0f:ba:3d:45:8f:fc:
92:64:1e:54:b0:02:97:d1:db:ca:58:fd:a2:4a:14:
8c:f8:98:85:e2:50:52:48:40:93:10:f6:bb:f6:a3:
7c:42:86:15:c9:01:e5:b6:7f:63:26:d9:4e:b0:9d:
d0:a7:51:de:e1:04:de:1f:c2:2f:bb:10:0e:d9:ad:
b7:90:d4:aa:bd:f9:ce:90:c3:ae:7d:55:6e:7e:ba:
33:ac:c9:9f:0d:4c:e5:c8:42:63:73:46:80:fa:88:
5b:63:32:91:01:e0:3c:75:1d:31:e8:fa:e7:ec:ec:
46:2e:f5:88:7b:6c:aa:17:e0:44:ee:d0:00:74:a4:
54:a1:a2:bd:c0:02:02:a7:be:6d:2c:fe:1b:44:e6:
fb:ea:4c:f9:59:4c:3b:c2:d1:f3:c2:d0:20:7a:71:
49:b8:2b:51:c1:0a:a6:b5:15:c3:1e:d3:5d:c4:f3:
0e:58:9a:5d:5d:0e:80:7e:1e:49:95:8d:58:77:5e:
05:76:52:02:08:73:05:5a:78:7e:9f:9e:ef:36:9f:
cd:02:c4:23:a2:80:91:a8:b6:00:40:ec:1f:73:41:
99:13:87:d2:cc:01:20:e6:c9:bd:4e:b1:60:a6:db:
43:0a:07:c8:2e:56:c9:b9:0c:33:cb:b1:5c:18:2d:
a8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D1:09:2F:27:44:35:70:1D:92:BB:3C:39:A8:9A:F0:F3:EF:A5:EF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nNEJLydENXAdkrs8Oaia8PPvpe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
79.110.51.0/24
87.121.79.0/24
94.154.162.0/24
109.206.239.0/24
193.37.40.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:b8:cc:44:a2:67:ad:0c:4a:7b:58:b2:cf:31:ab:4c:14:3a:
27:d1:92:86:3d:ed:84:c2:60:a2:d3:df:64:db:fc:e8:6e:68:
d0:86:63:f3:36:63:a7:33:09:b0:d6:95:bf:36:cd:f5:54:c0:
bf:5f:a3:9b:ad:25:c4:9b:0e:1d:5a:38:66:82:05:ee:3d:b3:
33:bc:63:17:95:5e:8e:c3:86:08:af:23:0e:62:39:ab:83:e1:
05:82:6a:65:b6:d1:a3:cf:72:e2:fb:9b:a1:af:dc:c5:3a:58:
ec:9b:a2:30:cb:46:12:d5:c2:36:b5:08:68:45:fb:ed:96:5c:
25:cd:60:02:14:2e:ba:29:aa:21:29:7f:b9:1e:42:b9:85:20:
3b:31:d2:14:2b:b8:ac:79:0c:b7:cb:1d:5b:60:ae:80:f1:8b:
34:18:3e:78:c8:b4:aa:4d:11:df:57:24:d4:92:df:3f:1c:de:
e8:a1:54:6a:90:61:dd:00:9a:c8:bc:77:81:24:d4:ab:ca:c9:
5a:95:7b:67:19:cc:d9:6a:8b:2c:92:b0:9b:dc:13:cc:74:a7:
bb:68:50:f1:59:1d:bb:f5:8f:d4:f0:3f:f1:0b:88:10:d9:c9:
8b:12:91:b4:c9:d5:b6:53:3a:be:fe:33:8e:64:c2:5c:2c:e0:
88:1a:3c:79
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZFRQobNkNFswgb0+VeNNzIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODE0MTQyMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2QxMDkyZjI3NDQzNTcwMWQ5MmJiM2MzOWE4OWFmMGYzZWZhNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqh7mqM1048Puj1Fj/ySZB5UsAKX
0dvKWP2iShSM+JiF4lBSSECTEPa79qN8QoYVyQHltn9jJtlOsJ3Qp1He4QTeH8Iv
uxAO2a23kNSqvfnOkMOufVVufrozrMmfDUzlyEJjc0aA+ohbYzKRAeA8dR0x6Prn
7OxGLvWIe2yqF+BE7tAAdKRUoaK9wAICp75tLP4bROb76kz5WUw7wtHzwtAgenFJ
uCtRwQqmtRXDHtNdxPMOWJpdXQ6Afh5JlY1Yd14FdlICCHMFWnh+n57vNp/NAsQj
ooCRqLYAQOwfc0GZE4fSzAEg5sm9TrFgpttDCgfILlbJuQwzy7FcGC2o8QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJzRCS8nRDVwHZK7PDmomvDz76XvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbk5FSkx5ZEVOWEFka3JzOE9haWE4UFB2cGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjv9AwQA
T24zAwQAV3lPAwQAXpqiAwQAbc7vAwQAwSUoMA0GCSqGSIb3DQEBCwUAA4IBAQCl
uMxEometDEp7WLLPMatMFDon0ZKGPe2EwmCi099k2/zobmjQhmPzNmOnMwmw1pW/
Ns31VMC/X6ObrSXEmw4dWjhmggXuPbMzvGMXlV6Ow4YIryMOYjmrg+EFgmplttGj
z3Li+5uhr9zFOljsm6Iwy0YS1cI2tQhoRfvtllwlzWACFC66KaohKX+5HkK5hSA7
MdIUK7iseQy3yx1bYK6A8Ys0GD54yLSqTRHfVyTUkt8/HN7ooVRqkGHdAJrIvHeB
JNSryslalXtnGczZaosskrCb3BPMdKe7aFDxWR279Y/U8D/xC4gQ2cmLEpG0ydW2
Uzq+/jOOZMJcLOCIGjx5
-----END CERTIFICATE-----
Generated at Tue Sep 10 16:43:58 2024 by rpki-client on console-ams.rpki-client.org