Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1-Oneo4YKSKiyfLUzw1OUaVhP718.roa
File: 1-Oneo4YKSKiyfLUzw1OUaVhP718.roa (raw, json)
Hash identifier: 4YCJonCE3qUYzCVkGKmAW+rGKngBob51Xv8KjCNKqQw=
Subject key identifier: F8:E9:DE:A3:86:0A:48:A8:B2:7C:B5:33:C3:53:94:69:58:4F:EF:5F
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CC870005125A21EDEFE6304F0FCD039A5
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1-Oneo4YKSKiyfLUzw1OUaVhP718.roa
Signing time: Tue 02 Jan 2024 04:30:32 +0000
ROA not before: Tue 02 Jan 2024 04:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212921
IP address blocks: 2.59.152.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
45.142.152.0/24 maxlen: 24
193.239.150.0/24 maxlen: 24
194.126.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 04:25:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:00:51:25:a2:1e:de:fe:63:04:f0:fc:d0:39:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 04:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8e9dea3860a48a8b27cb533c3539469584fef5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1d:c3:ae:f9:6b:46:ca:43:d3:fc:de:d2:0a:
9f:59:e4:a3:52:7a:46:7c:60:b4:d7:2e:87:cc:ed:
bb:fc:9e:ca:d4:4a:00:91:7c:89:54:bf:f3:66:a7:
de:7e:c3:99:08:48:df:6a:18:86:ef:94:ac:ed:8a:
ad:4f:1d:30:9b:ac:dd:15:17:af:6a:1e:4e:90:85:
1f:86:13:9b:ab:ce:10:ae:11:32:0d:da:29:72:f6:
13:f9:9d:f4:cb:e6:47:3e:71:cd:35:10:31:bb:c7:
40:f5:14:13:1a:97:0d:26:03:4a:a2:20:f5:db:23:
46:b2:c8:f7:21:11:32:e6:11:29:8f:6e:16:82:e2:
8e:cf:ac:f8:b9:fb:09:b5:26:85:be:d3:05:50:19:
34:fe:22:6f:5d:25:f3:d8:f7:54:de:91:26:50:5c:
82:65:84:8f:ec:64:33:a9:0e:29:8d:28:3a:5b:c0:
52:1b:89:83:72:ba:89:70:ed:34:06:c6:32:b9:ee:
db:2a:ad:68:66:ca:6e:90:b7:0f:51:da:de:c2:28:
79:e9:f3:97:e2:9b:c9:5a:30:ce:0c:0f:35:14:27:
1e:d8:64:b8:94:6f:03:5b:82:f1:fc:e2:6b:5e:fc:
cc:e1:58:bf:7b:2a:0d:6f:30:34:8d:7c:ab:71:c1:
4e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E9:DE:A3:86:0A:48:A8:B2:7C:B5:33:C3:53:94:69:58:4F:EF:5F
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1-Oneo4YKSKiyfLUzw1OUaVhP718.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/24
2.59.155.0/24
45.142.152.0/24
193.239.150.0/24
194.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:65:97:3d:92:94:d4:8d:95:9d:0e:ac:22:2d:58:28:1f:a5:
7e:35:86:ee:c2:0c:62:26:36:bc:72:25:f2:a1:c5:15:95:b5:
81:fb:ee:ed:97:0f:d3:3e:f0:36:9e:7b:8a:58:06:e2:b2:46:
6a:6f:2f:0c:36:65:87:1d:0f:ed:50:0b:e8:9f:7e:1d:ed:1c:
2e:22:f4:67:83:cf:a3:d9:b6:c4:21:a2:d8:18:48:67:00:8b:
0d:9a:28:7e:06:4b:10:8e:14:e4:b6:57:1f:df:81:ba:58:a1:
b8:10:3b:50:90:99:dd:1f:db:32:3f:a3:80:f2:7c:53:9c:d8:
9a:ac:d4:f5:2b:af:33:76:49:a3:b4:3e:4b:42:73:63:5b:be:
52:cd:3e:65:be:cb:d1:9a:4c:c0:9e:8c:46:4e:dc:46:01:55:
91:64:11:ee:db:a7:47:f4:ef:21:ff:ee:34:46:68:a6:5f:ba:
17:b2:83:f2:87:13:6d:f1:89:d2:e4:2b:12:44:e5:d0:b5:75:
ef:5d:35:ff:6c:92:b9:79:db:53:8e:b8:60:68:dc:e3:26:be:
44:39:97:72:27:5f:66:6b:37:9e:1f:e3:3c:25:04:c1:1d:85:
be:54:c6:4f:3e:0d:9c:24:54:4f:ba:46:08:b4:de:fd:cf:03:
e7:57:f8:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzIcABRJaIe3v5jBPD80DmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwMTAyMDQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGU5ZGVhMzg2MGE0OGE4YjI3Y2I1MzNjMzUzOTQ2OTU4NGZlZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh3DrvlrRspD0/ze0gqfWeSjUnpG
fGC01y6HzO27/J7K1EoAkXyJVL/zZqfefsOZCEjfahiG75Ss7YqtTx0wm6zdFRev
ah5OkIUfhhObq84QrhEyDdopcvYT+Z30y+ZHPnHNNRAxu8dA9RQTGpcNJgNKoiD1
2yNGssj3IREy5hEpj24WguKOz6z4ufsJtSaFvtMFUBk0/iJvXSXz2PdU3pEmUFyC
ZYSP7GQzqQ4pjSg6W8BSG4mDcrqJcO00BsYyue7bKq1oZspukLcPUdrewih56fOX
4pvJWjDODA81FCce2GS4lG8DW4Lx/OJrXvzM4Vi/eyoNbzA0jXyrccFO7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjp3qOGCkiosny1M8NTlGlYT+9fMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvMS1PbmVvNFlLU0tpeWZMVXp3MU9VYVZoUDcxOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjcvMzQ4Y2U1LWNhMjAtNDg0OC04ODQ0LWFlNTAyNzM2ODFh
Ny8xL3pSQ01JbDhrZU0xQ01CZVlrTkJ5aEw0V05zMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAAI7mAME
AAI7mwMEAC2OmAMEAMHvlgMEAMJ+yjANBgkqhkiG9w0BAQsFAAOCAQEAXmWXPZKU
1I2VnQ6sIi1YKB+lfjWG7sIMYiY2vHIl8qHFFZW1gfvu7ZcP0z7wNp57ilgG4rJG
am8vDDZlhx0P7VAL6J9+He0cLiL0Z4PPo9m2xCGi2BhIZwCLDZoofgZLEI4U5LZX
H9+BulihuBA7UJCZ3R/bMj+jgPJ8U5zYmqzU9SuvM3ZJo7Q+S0JzY1u+Us0+Zb7L
0ZpMwJ6MRk7cRgFVkWQR7tunR/TvIf/uNEZopl+6F7KD8ocTbfGJ0uQrEkTl0LV1
7101/2ySuXnbU464YGjc4ya+RDmXcidfZms3nh/jPCUEwR2FvlTGTz4NnCRUT7pG
CLTe/c8D51f4Lg==
-----END CERTIFICATE-----
Generated at Thu Jul 4 05:26:53 2024 by rpki-client on console-fra.rpki-client.org