Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/KaU2Q31nlxA6cYScjLCdMIAlaNU.roa
File: KaU2Q31nlxA6cYScjLCdMIAlaNU.roa (raw, json)
Hash identifier: B1UpW/lGe46pq6HlkLMscSALi0xp7cvZ6R2fw3vIXKQ=
Subject key identifier: 29:A5:36:43:7D:67:97:10:3A:71:84:9C:8C:B0:9D:30:80:25:68:D5
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CC86FFF77AAA5AC4360B6AA698B1FAE1B
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/KaU2Q31nlxA6cYScjLCdMIAlaNU.roa
Signing time: Tue 02 Jan 2024 04:30:32 +0000
ROA not before: Tue 02 Jan 2024 04:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136526
IP address blocks: 2.59.154.0/24 maxlen: 24
45.142.155.0/24 maxlen: 24
185.202.103.0/24 maxlen: 24
193.239.154.0/24 maxlen: 24
45.91.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 15:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ff:77:aa:a5:ac:43:60:b6:aa:69:8b:1f:ae:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 04:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29a536437d6797103a71849c8cb09d30802568d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:48:11:be:fc:63:05:f9:f7:30:63:17:2d:de:
34:de:86:11:45:78:be:56:0e:ee:f8:e0:f0:9c:d3:
ac:67:3a:07:e6:47:3b:19:19:aa:26:ee:c0:a5:da:
a3:7e:71:e2:22:a5:8c:77:06:fd:9c:b0:78:e7:92:
a6:ae:45:4e:04:8f:01:26:31:3f:1c:14:99:8d:42:
91:0c:eb:5a:a0:19:04:41:99:0e:7e:52:fb:96:a1:
e2:d9:91:a5:1a:fe:93:c4:77:c5:d7:f3:09:a7:61:
72:56:0f:cb:93:37:c2:57:38:91:42:fc:4c:02:52:
d9:42:e2:e2:2a:fc:03:2e:62:dc:7d:d1:f7:ed:7d:
42:83:3e:0c:18:9b:88:a9:87:a7:cf:1d:4a:df:20:
36:a0:69:82:ff:d3:45:3f:1a:97:de:c6:d2:8a:32:
34:60:7c:b7:39:28:8b:9d:ce:b6:7d:06:17:25:de:
d5:eb:54:fb:0f:b5:41:ff:b0:40:a5:68:7a:47:10:
b8:e8:4b:9a:52:d8:4e:ce:aa:49:f8:0b:e2:32:7f:
40:0f:3b:fc:32:85:26:3d:46:cb:ae:59:f8:14:ab:
14:70:93:cf:8e:3e:c7:11:40:91:20:e9:18:b9:dd:
cc:10:8e:6a:e8:44:21:76:9a:da:5b:b3:bb:f3:13:
c4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A5:36:43:7D:67:97:10:3A:71:84:9C:8C:B0:9D:30:80:25:68:D5
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/KaU2Q31nlxA6cYScjLCdMIAlaNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.154.0/24
45.91.227.0/24
45.142.155.0/24
185.202.103.0/24
193.239.154.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:40:f6:39:81:7b:67:14:ac:5b:34:84:9e:61:fc:74:84:40:
0b:a3:0a:05:df:3d:7c:c5:94:33:7d:39:14:b4:07:dc:77:e3:
9b:96:78:ee:12:1d:2a:73:c8:8f:dc:50:e9:d9:df:3b:25:36:
27:1f:77:b6:0c:7b:28:c5:5a:21:c9:6b:59:e7:8b:f7:ab:5f:
79:b9:ba:d0:3e:1c:aa:e0:96:2c:8d:1f:a5:27:02:d0:f6:a4:
be:08:14:d2:86:e4:b5:c3:94:ba:42:06:83:46:85:52:20:7d:
c1:6f:c3:43:c2:02:70:6f:f6:29:32:de:ad:85:e1:ff:bc:40:
82:21:a7:6f:38:d3:64:7e:bd:65:ac:43:4f:f3:4e:b3:3f:a7:
53:3d:0d:36:f9:e2:1e:de:79:62:52:0e:b5:6c:5f:a0:41:15:
ec:6b:8c:97:c9:21:58:3e:4d:15:be:ff:25:31:ce:49:85:f0:
e3:8f:ae:1c:58:5b:4a:8a:7d:de:d1:85:2c:97:86:a5:06:45:
6a:2c:bd:21:73:71:0b:22:69:a7:cf:b1:b2:34:31:1f:36:38:
a1:96:bc:66:a6:24:27:33:be:63:93:cb:e1:04:74:33:1b:44:
8e:36:4b:ea:3f:ce:f0:94:2c:62:fe:b5:e5:92:bf:1f:d9:fd:
08:9e:85:41
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIb/93qqWsQ2C2qmmLH64bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwMTAyMDQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE1MzY0MzdkNjc5NzEwM2E3MTg0OWM4Y2IwOWQzMDgwMjU2OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEgRvvxjBfn3MGMXLd403oYRRXi+
Vg7u+ODwnNOsZzoH5kc7GRmqJu7ApdqjfnHiIqWMdwb9nLB455KmrkVOBI8BJjE/
HBSZjUKRDOtaoBkEQZkOflL7lqHi2ZGlGv6TxHfF1/MJp2FyVg/LkzfCVziRQvxM
AlLZQuLiKvwDLmLcfdH37X1Cgz4MGJuIqYenzx1K3yA2oGmC/9NFPxqX3sbSijI0
YHy3OSiLnc62fQYXJd7V61T7D7VB/7BApWh6RxC46EuaUthOzqpJ+AviMn9ADzv8
MoUmPUbLrln4FKsUcJPPjj7HEUCRIOkYud3MEI5q6EQhdpraW7O78xPEEQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCmlNkN9Z5cQOnGEnIywnTCAJWjVMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvS2FVMlEzMW5seEE2Y1lTY2pMQ2RNSUFsYU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjuaAwQA
LVvjAwQALY6bAwQAucpnAwQAwe+aMA0GCSqGSIb3DQEBCwUAA4IBAQAsQPY5gXtn
FKxbNISeYfx0hEALowoF3z18xZQzfTkUtAfcd+OblnjuEh0qc8iP3FDp2d87JTYn
H3e2DHsoxVohyWtZ54v3q195ubrQPhyq4JYsjR+lJwLQ9qS+CBTShuS1w5S6QgaD
RoVSIH3Bb8NDwgJwb/YpMt6theH/vECCIadvONNkfr1lrENP806zP6dTPQ02+eIe
3nliUg61bF+gQRXsa4yXySFYPk0Vvv8lMc5JhfDjj64cWFtKin3e0YUsl4alBkVq
LL0hc3ELImmnz7GyNDEfNjihlrxmpiQnM75jk8vhBHQzG0SONkvqP87wlCxi/rXl
kr8f2f0InoVB
-----END CERTIFICATE-----
Generated at Sat Jun 22 17:58:21 2024 by rpki-client on console-fra.rpki-client.org