Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rJn1zsRq2fNtbLBXu36dZlDyt6s.roa
File: rJn1zsRq2fNtbLBXu36dZlDyt6s.roa (raw, json)
Hash identifier: /ncDzIXQEZl3ZSMTZm4YbO0LB04nnJwz1xL3sqqCZG8=
Subject key identifier: AC:99:F5:CE:C4:6A:D9:F3:6D:6C:B0:57:BB:7E:9D:66:50:F2:B7:AB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01912B71D11047A17F66992A111E25E14C2A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rJn1zsRq2fNtbLBXu36dZlDyt6s.roa
Signing time: Wed 07 Aug 2024 06:06:04 +0000
ROA not before: Wed 07 Aug 2024 06:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
87.121.79.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 13:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2b:71:d1:10:47:a1:7f:66:99:2a:11:1e:25:e1:4c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 7 06:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac99f5cec46ad9f36d6cb057bb7e9d6650f2b7ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:a4:9a:e0:f4:f5:6a:ce:9d:8d:78:d7:33:ae:
c0:d3:4a:b9:86:e5:20:64:05:92:aa:91:f6:30:3c:
ef:b8:35:1b:53:ba:c5:5f:3f:35:aa:21:3f:09:47:
82:79:59:90:6a:52:37:85:7a:ae:64:29:81:fe:a7:
d3:49:36:48:eb:71:53:8e:8b:2b:de:31:23:78:87:
9c:ae:58:88:88:ea:0f:fd:bf:0d:e7:ff:76:aa:e3:
52:39:d6:ca:df:c3:26:13:c0:fd:03:a6:d3:71:cc:
6e:2c:ca:44:e3:4b:5f:7a:cd:87:68:28:78:96:29:
d1:66:3d:d1:92:e2:8b:8c:33:13:df:af:50:85:bd:
04:70:e8:74:8f:79:ae:60:18:90:2b:c4:9b:a4:e9:
53:8c:53:89:f0:ec:75:e4:93:a7:e1:6a:05:b7:29:
f1:93:13:cd:44:a4:a7:ad:a0:96:3b:28:8c:ca:e4:
28:4b:b4:b5:f1:3f:a6:e2:e6:aa:6e:2c:39:d5:c3:
6d:df:c9:00:eb:0c:55:64:c7:58:c4:ad:b6:ea:8f:
62:66:50:de:a6:b7:12:9d:a1:5d:a8:5a:5a:ec:1d:
e0:88:73:1d:ba:8e:13:b9:ec:6c:7d:03:31:70:2f:
1d:96:bd:bc:01:41:38:c6:5c:f5:28:6a:8e:55:5f:
9d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:99:F5:CE:C4:6A:D9:F3:6D:6C:B0:57:BB:7E:9D:66:50:F2:B7:AB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rJn1zsRq2fNtbLBXu36dZlDyt6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
79.110.51.0/24
87.121.79.0/24
94.154.162.0/24
109.206.239.0/24
193.37.40.0/24
Signature Algorithm: sha256WithRSAEncryption
16:b1:79:0a:0f:d6:08:11:89:36:75:02:ce:9c:aa:72:a5:a8:
f3:70:58:8a:97:b9:a6:60:31:d9:6e:4e:c9:26:c8:6f:05:c2:
d3:3f:1a:49:76:85:8e:cb:fa:b2:64:7a:82:71:55:3e:2a:c3:
d8:3a:5f:76:2b:0e:3d:80:96:de:f5:aa:b0:8e:81:a8:b7:a6:
8f:89:2c:77:13:44:bf:ec:87:de:ca:3d:68:5a:5c:1b:58:83:
43:33:34:b0:0c:cc:2a:63:22:e1:bc:b3:25:29:2e:27:f4:b9:
ff:96:92:6d:b2:d7:90:f5:5b:20:c1:7f:dd:e4:2d:be:a6:eb:
47:df:00:42:a1:7f:89:33:7a:05:6e:a4:11:40:0d:ad:10:1f:
c4:1b:b7:29:d6:a6:cf:ee:84:56:a9:6c:59:86:89:02:c5:1d:
86:c9:99:eb:8f:7b:b9:6d:0b:9d:2d:e0:86:13:27:2a:08:e1:
72:f3:9a:1b:eb:7b:82:76:b3:56:22:03:7a:39:8f:79:3b:d4:
49:34:f8:a2:0a:9a:9a:f9:bf:a2:97:1a:88:9c:2f:9c:a6:6f:
91:22:bd:ff:72:4c:63:1e:64:9e:6e:45:57:0b:96:84:94:03:
78:54:46:4a:6a:9d:6d:1f:5f:1f:56:26:a4:46:af:8d:7c:53:
48:55:e5:27
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZErcdEQR6F/ZpkqER4l4UwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODA3MDYwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzk5ZjVjZWM0NmFkOWYzNmQ2Y2IwNTdiYjdlOWQ2NjUwZjJiN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76Sa4PT1as6djXjXM67A00q5huUg
ZAWSqpH2MDzvuDUbU7rFXz81qiE/CUeCeVmQalI3hXquZCmB/qfTSTZI63FTjosr
3jEjeIecrliIiOoP/b8N5/92quNSOdbK38MmE8D9A6bTccxuLMpE40tfes2HaCh4
linRZj3RkuKLjDMT369Qhb0EcOh0j3muYBiQK8SbpOlTjFOJ8Ox15JOn4WoFtynx
kxPNRKSnraCWOyiMyuQoS7S18T+m4uaqbiw51cNt38kA6wxVZMdYxK226o9iZlDe
prcSnaFdqFpa7B3giHMduo4TuexsfQMxcC8dlr28AUE4xlz1KGqOVV+d1QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKyZ9c7EatnzbWywV7t+nWZQ8rerMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvckpuMXpzUnEyZk50YkxCWHUzNmRabER5dDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjv9AwQA
T24zAwQAV3lPAwQAXpqiAwQAbc7vAwQAwSUoMA0GCSqGSIb3DQEBCwUAA4IBAQAW
sXkKD9YIEYk2dQLOnKpypajzcFiKl7mmYDHZbk7JJshvBcLTPxpJdoWOy/qyZHqC
cVU+KsPYOl92Kw49gJbe9aqwjoGot6aPiSx3E0S/7Ifeyj1oWlwbWINDMzSwDMwq
YyLhvLMlKS4n9Ln/lpJtsteQ9VsgwX/d5C2+putH3wBCoX+JM3oFbqQRQA2tEB/E
G7cp1qbP7oRWqWxZhokCxR2GyZnrj3u5bQudLeCGEycqCOFy85ob63uCdrNWIgN6
OY95O9RJNPiiCpqa+b+ilxqInC+cpm+RIr3/ckxjHmSebkVXC5aElAN4VEZKap1t
H18fViakRq+NfFNIVeUn
-----END CERTIFICATE-----
Generated at Wed Aug 14 19:04:16 2024 by rpki-client on console-ams.rpki-client.org