Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/paB5A2csOIWOJdzWfn1cWyK09K4.roa
File: paB5A2csOIWOJdzWfn1cWyK09K4.roa (raw, json)
Hash identifier: vhDLbicNZ/i+N5AAaaCY0TgnILaoBalvMnhkIcN1vqM=
Subject key identifier: A5:A0:79:03:67:2C:38:85:8E:25:DC:D6:7E:7D:5C:5B:22:B4:F4:AE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD02D735715111FC67649C6169D916
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/paB5A2csOIWOJdzWfn1cWyK09K4.roa
Signing time: Tue 02 Jan 2024 06:29:36 +0000
ROA not before: Tue 02 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202685
IP address blocks: 2.58.95.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 07:21:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:02:d7:35:71:51:11:fc:67:64:9c:61:69:d9:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5a07903672c38858e25dcd67e7d5c5b22b4f4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:13:aa:9d:c9:3f:db:39:4c:ba:84:0b:bb:4a:
9c:b5:87:52:e0:4c:4c:78:d9:62:4e:52:09:82:3d:
3c:52:cc:ea:f0:4b:3c:cc:0f:e2:3d:2f:fc:f2:13:
81:71:fe:3d:af:70:9d:b3:45:b8:70:82:3f:2e:9e:
b8:db:74:b8:96:48:b8:98:7b:3d:71:83:fa:d3:0b:
63:1a:79:99:6a:c6:3c:89:cc:6a:3f:c1:a4:1d:76:
d4:3e:34:b1:f7:3d:9b:b8:2f:74:b4:49:62:72:5f:
38:af:38:72:37:be:2e:b2:a3:7c:44:66:51:4c:f0:
7f:7c:75:4b:ac:e4:f0:7a:84:7d:2c:a8:ad:3a:1c:
a5:67:0b:48:b3:1a:e8:3a:39:5c:da:f7:01:f5:c0:
5c:24:8e:57:2b:41:30:32:bf:65:30:5e:82:b7:2b:
7c:29:8f:91:5c:34:a0:af:59:88:11:eb:cc:6e:94:
e7:e0:9d:94:f3:f7:8e:a8:e5:50:c1:ed:d4:22:7a:
9c:de:ff:1e:57:be:c7:87:5f:36:d2:40:62:f0:66:
b8:bf:ce:95:8e:96:e9:7a:68:9d:33:ff:5a:4b:d0:
b4:e5:16:e1:5d:43:21:be:56:ea:f2:6b:2e:fe:b0:
fb:67:e3:8a:52:94:87:2c:8d:1d:5a:4d:e7:d9:16:
b8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A0:79:03:67:2C:38:85:8E:25:DC:D6:7E:7D:5C:5B:22:B4:F4:AE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/paB5A2csOIWOJdzWfn1cWyK09K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.211.0/24
45.128.232.0/24
84.54.51.0/24
87.121.58.0/24
87.121.69.0/24
94.103.124.0/23
141.98.4.0/24
147.78.102.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:2d:80:7e:5c:0c:3a:fc:14:9a:d2:8b:89:3e:d1:d2:95:c3:
28:21:a6:97:35:9a:3b:1c:6e:07:0e:5e:12:ee:d7:89:ad:e4:
e4:d3:88:4a:2b:f3:6d:9f:7b:5b:39:dc:e0:60:77:12:43:74:
40:52:f5:77:a7:71:65:f9:b8:4a:2e:48:1e:aa:6a:4b:a9:29:
19:92:a2:de:a6:ca:43:16:f4:3e:5f:ec:43:36:45:5e:bc:5c:
9b:be:1c:5e:9a:d5:ec:06:d8:88:4f:c6:d8:bc:8b:9f:51:8d:
36:66:8c:79:60:64:a0:aa:8f:ab:e5:e4:6f:95:29:bc:2a:13:
b2:4e:5c:af:08:e3:6c:60:df:d6:bd:30:52:37:85:4e:dd:a7:
f2:e5:b7:55:38:ec:fa:a1:9a:f8:be:17:8a:6e:fd:ef:ea:71:
4a:9d:00:ac:a2:c1:04:0a:c7:5c:b2:d9:46:b8:b7:28:ee:47:
e3:4c:36:cd:dd:19:41:21:eb:45:bb:f5:f3:b6:b5:f6:39:ab:
83:92:f7:e4:cd:17:f2:40:8b:84:ad:b2:46:13:88:ec:da:b8:
d7:56:4b:e4:08:37:17:14:2b:ea:f2:5c:3c:df:e3:50:25:63:
64:30:4d:51:f9:46:f7:08:2a:f7:40:f4:d6:f1:b9:9a:11:09:
ad:82:50:7c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzI3QLXNXFREfxnZJxhadkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWEwNzkwMzY3MmMzODg1OGUyNWRjZDY3ZTdkNWM1YjIyYjRmNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBOqnck/2zlMuoQLu0qctYdS4ExM
eNliTlIJgj08Uszq8Es8zA/iPS/88hOBcf49r3Cds0W4cII/Lp6423S4lki4mHs9
cYP60wtjGnmZasY8icxqP8GkHXbUPjSx9z2buC90tElicl84rzhyN74usqN8RGZR
TPB/fHVLrOTweoR9LKitOhylZwtIsxroOjlc2vcB9cBcJI5XK0EwMr9lMF6Ctyt8
KY+RXDSgr1mIEevMbpTn4J2U8/eOqOVQwe3UInqc3v8eV77Hh1820kBi8Ga4v86V
jpbpemidM/9aS9C05RbhXUMhvlbq8msu/rD7Z+OKUpSHLI0dWk3n2Ra4QQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKWgeQNnLDiFjiXc1n59XFsitPSuMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcGFCNUEyY3NPSVdPSmR6V2ZuMWNXeUswOUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAAjpfAwQA
Hw3TAwQALYDoAwQAVDYzAwQAV3k6AwQAV3lFAwQBXmd8AwQAjWIEAwQAk05mAwQA
wSMSMA0GCSqGSIb3DQEBCwUAA4IBAQCbLYB+XAw6/BSa0ouJPtHSlcMoIaaXNZo7
HG4HDl4S7teJreTk04hKK/Ntn3tbOdzgYHcSQ3RAUvV3p3Fl+bhKLkgeqmpLqSkZ
kqLepspDFvQ+X+xDNkVevFybvhxemtXsBtiIT8bYvIufUY02Zox5YGSgqo+r5eRv
lSm8KhOyTlyvCONsYN/WvTBSN4VO3afy5bdVOOz6oZr4vheKbv3v6nFKnQCsosEE
CsdcstlGuLco7kfjTDbN3RlBIetFu/XztrX2OauDkvfkzRfyQIuErbJGE4js2rjX
VkvkCDcXFCvq8lw83+NQJWNkME1R+Ub3CCr3QPTW8bmaEQmtglB8
-----END CERTIFICATE-----
Generated at Tue Jan 9 11:02:42 2024 by rpki-client on console-ams.rpki-client.org