Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/3vL54CcmSqQff8eMRv0AFPhZY6o.roa
File: 3vL54CcmSqQff8eMRv0AFPhZY6o.roa (raw, json)
Hash identifier: 9DoDfPhSYdHmZHw1rP75r5G7ns+1K8JGugdlzsGWVTY=
Subject key identifier: DE:F2:F9:E0:27:26:4A:A4:1F:7F:C7:8C:46:FD:00:14:F8:59:63:AA
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 0190B6C09C11195259A1CFE40DB30F26A23F
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/3vL54CcmSqQff8eMRv0AFPhZY6o.roa
Signing time: Mon 15 Jul 2024 14:16:34 +0000
ROA not before: Mon 15 Jul 2024 14:16:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137427
IP address blocks: 2.59.153.0/24 maxlen: 24
45.91.225.0/24 maxlen: 24
91.204.224.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
185.202.101.0/24 maxlen: 24
193.239.151.0/24 maxlen: 24
194.126.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b6:c0:9c:11:19:52:59:a1:cf:e4:0d:b3:0f:26:a2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jul 15 14:16:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=def2f9e027264aa41f7fc78c46fd0014f85963aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f3:a2:e9:b8:d9:55:f6:a1:c9:60:d6:2c:1e:
ed:5e:71:3a:46:ac:73:f1:84:98:bf:1c:04:d8:5f:
cf:3d:61:8b:27:20:a0:57:b1:10:ce:7a:10:4d:42:
f7:eb:80:dc:9c:82:a7:20:38:a6:62:fc:4c:c3:1f:
74:42:bd:23:88:7d:f8:b0:f8:53:7e:29:af:4a:48:
74:6f:96:2f:16:b6:96:fa:1e:15:ff:24:87:ca:a7:
a7:cb:39:32:ef:ba:1c:9b:63:26:ca:a9:14:23:bb:
c0:90:c3:c8:8f:b5:75:56:20:7e:af:8b:d7:59:8e:
e6:ae:6e:9f:ae:ee:95:52:8d:64:7a:8e:30:bf:d4:
3d:be:f4:e0:60:9e:4e:92:39:e7:e0:1d:89:05:81:
9a:17:b2:49:b7:31:ad:ab:fd:0d:4c:9d:8e:30:1e:
8a:fb:26:91:ce:ad:b0:14:c5:07:c1:46:c2:eb:fc:
60:ad:a1:f2:fb:ba:cf:cf:2b:3b:ab:e5:9d:7f:4e:
6b:73:4c:07:53:1e:82:97:f1:6e:69:98:a4:49:7b:
c2:09:b6:2b:b4:d5:df:01:d9:a3:9c:b1:68:29:7f:
ef:28:6e:08:bb:7f:0f:63:64:e7:3c:f3:19:f9:db:
b5:10:c3:6a:15:13:8a:ab:6d:72:aa:8d:eb:5c:cf:
3c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F2:F9:E0:27:26:4A:A4:1F:7F:C7:8C:46:FD:00:14:F8:59:63:AA
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/3vL54CcmSqQff8eMRv0AFPhZY6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0/24
45.91.225.0/24
91.204.224.0/22
185.202.101.0/24
193.239.151.0/24
194.126.215.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:3b:56:93:a7:ef:2e:df:8c:31:ae:ec:05:b2:db:7a:66:dc:
08:7a:54:a2:c0:36:6a:61:7b:da:07:4e:a8:df:a8:e5:69:26:
2a:bc:0d:fc:64:0e:d4:9c:c8:76:63:c8:67:23:62:5a:fb:1b:
45:2b:1d:a5:73:6a:1a:ba:5f:fb:b8:c1:08:17:51:d7:af:3c:
5f:84:23:63:66:99:dd:ec:1f:27:b5:ea:99:a2:e2:17:a1:83:
3e:42:ec:0e:80:bc:69:42:46:49:95:a5:17:ab:87:20:e7:90:
b4:5e:f0:fd:4e:bb:d3:19:ce:02:da:c8:26:0e:b6:5d:eb:87:
b2:8f:3b:19:45:f4:c9:5f:fc:ee:88:9f:ab:ab:73:b7:10:21:
a3:db:31:1a:7a:12:8c:69:32:b9:af:84:81:31:b8:1e:aa:ff:
81:fd:6d:66:58:25:30:77:e0:b6:9c:3f:65:18:7a:a4:09:77:
f5:c1:6d:16:b0:16:50:f0:7f:a2:44:a4:03:6b:27:fb:0b:47:
ba:bd:47:76:55:6e:a6:9b:5b:d6:51:6a:26:54:b6:73:f5:05:
58:31:8b:2d:83:45:74:ab:e3:53:b1:47:c3:2f:d2:12:32:5f:
12:71:73:38:88:78:2d:02:97:73:11:03:0f:24:6d:15:e9:ee:
06:fc:88:63
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZC2wJwRGVJZoc/kDbMPJqI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwNzE1MTQxNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWYyZjllMDI3MjY0YWE0MWY3ZmM3OGM0NmZkMDAxNGY4NTk2M2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/Oi6bjZVfahyWDWLB7tXnE6Rqxz
8YSYvxwE2F/PPWGLJyCgV7EQznoQTUL364DcnIKnIDimYvxMwx90Qr0jiH34sPhT
fimvSkh0b5YvFraW+h4V/ySHyqenyzky77ocm2MmyqkUI7vAkMPIj7V1ViB+r4vX
WY7mrm6fru6VUo1keo4wv9Q9vvTgYJ5Okjnn4B2JBYGaF7JJtzGtq/0NTJ2OMB6K
+yaRzq2wFMUHwUbC6/xgraHy+7rPzys7q+Wdf05rc0wHUx6Cl/FuaZikSXvCCbYr
tNXfAdmjnLFoKX/vKG4Iu38PY2TnPPMZ+du1EMNqFROKq21yqo3rXM88PQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN7y+eAnJkqkH3/HjEb9ABT4WWOqMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvM3ZMNTRDY21TcVFmZjhlTVJ2MEFGUGhaWTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjuZAwQA
LVvhAwQCW8zgAwQAucplAwQAwe+XAwQAwn7XMA0GCSqGSIb3DQEBCwUAA4IBAQAL
O1aTp+8u34wxruwFstt6ZtwIelSiwDZqYXvaB06o36jlaSYqvA38ZA7UnMh2Y8hn
I2Ja+xtFKx2lc2oaul/7uMEIF1HXrzxfhCNjZpnd7B8nteqZouIXoYM+QuwOgLxp
QkZJlaUXq4cg55C0XvD9TrvTGc4C2sgmDrZd64eyjzsZRfTJX/zuiJ+rq3O3ECGj
2zEaehKMaTK5r4SBMbgeqv+B/W1mWCUwd+C2nD9lGHqkCXf1wW0WsBZQ8H+iRKQD
ayf7C0e6vUd2VW6mm1vWUWomVLZz9QVYMYstg0V0q+NTsUfDL9ISMl8ScXM4iHgt
ApdzEQMPJG0V6e4G/Ihj
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:50:46 2025 by rpki-client