Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/cTZ5GKK-uBuzLrSz3GWaAJFO17Q.roa
File: cTZ5GKK-uBuzLrSz3GWaAJFO17Q.roa (raw, json)
Hash identifier: +h/umTjirYMI1IQGNBFM9nsU9zseRyv9e4LNQKm8Vw8=
Subject key identifier: 71:36:79:18:A2:BE:B8:1B:B3:2E:B4:B3:DC:65:9A:00:91:4E:D7:B4
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 0190B6C09BAD0E48EDC88250F1B66D36F3AF
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/cTZ5GKK-uBuzLrSz3GWaAJFO17Q.roa
Signing time: Mon 15 Jul 2024 14:16:34 +0000
ROA not before: Mon 15 Jul 2024 14:16:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136038
IP address blocks: 2.59.152.0/22 maxlen: 22
2.59.154.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
45.91.226.0/24 maxlen: 24
45.91.227.0/24 maxlen: 24
45.142.152.0/24 maxlen: 24
45.142.155.0/24 maxlen: 24
185.202.103.0/24 maxlen: 24
193.239.150.0/24 maxlen: 24
194.126.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 08:33:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b6:c0:9b:ad:0e:48:ed:c8:82:50:f1:b6:6d:36:f3:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jul 15 14:16:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71367918a2beb81bb32eb4b3dc659a00914ed7b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d6:d2:74:b5:56:b1:72:59:03:85:b8:85:e9:
03:02:22:9a:6b:8f:7e:10:64:36:23:97:ed:2f:71:
a4:a7:68:41:cd:c4:4f:8a:cb:b5:a4:59:0b:ab:cf:
50:b0:39:55:ab:02:06:d8:34:40:36:22:3c:43:35:
ce:41:c3:ef:47:bb:68:d8:77:7f:4f:b8:90:0a:1d:
04:fa:7d:c7:17:4b:13:a3:46:1b:32:c0:49:85:0c:
b4:00:ec:4e:2d:d7:6e:f0:ee:26:8b:86:12:63:77:
d6:81:96:34:71:34:e7:03:0d:02:04:35:5b:e0:76:
49:f1:c8:c7:f6:c8:33:0f:c1:f3:98:85:58:da:a9:
f0:06:38:82:8f:f9:a5:8e:26:24:51:28:a4:f6:cd:
22:e9:76:76:72:3e:10:70:a0:7b:22:3a:66:74:0a:
c5:1f:80:e1:85:68:62:0e:fe:ff:b5:af:7d:95:6d:
53:13:76:cd:83:47:66:e0:5f:a0:a9:47:47:dc:b0:
04:fb:8f:6b:02:46:ee:41:46:07:3d:03:fb:20:46:
13:20:8b:27:79:81:0f:fd:91:03:5b:73:c7:78:b8:
51:53:57:61:08:be:66:c4:70:49:50:00:c5:13:af:
90:65:ea:7a:3b:1c:79:0d:97:a7:5d:e9:b0:8b:4b:
ab:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:36:79:18:A2:BE:B8:1B:B3:2E:B4:B3:DC:65:9A:00:91:4E:D7:B4
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/cTZ5GKK-uBuzLrSz3GWaAJFO17Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/22
45.91.226.0/23
45.142.152.0/24
45.142.155.0/24
185.202.103.0/24
193.239.150.0/24
194.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
64:ab:9f:2e:68:52:21:47:34:a7:0f:e9:7d:30:6d:39:73:22:
00:39:0b:c0:66:5f:d2:4d:4c:78:6f:2c:79:79:03:05:97:da:
88:29:7f:47:f4:52:0a:ae:98:fc:4a:59:96:af:72:51:f9:8e:
35:81:0e:86:39:e6:fc:6c:8b:60:d2:2f:b0:2c:04:57:2a:f7:
1f:5f:8f:1e:cd:7a:49:09:e5:cb:c9:5f:db:03:7f:af:0e:72:
db:a6:db:18:a4:3d:44:f4:d1:fd:87:99:03:e7:f5:9b:49:75:
88:b5:14:39:34:c5:d7:f9:21:8e:30:c0:b4:66:10:3e:11:67:
c4:30:be:55:7e:27:c2:fe:1c:62:cd:0b:20:64:ea:e9:12:80:
4c:fa:cf:7c:a7:a5:ff:c1:ca:0d:57:42:8d:2f:fc:05:cb:53:
fd:3e:36:24:ff:76:37:0a:03:c4:fc:43:ad:36:1d:e1:51:bf:
2c:61:1c:85:77:65:5e:21:c2:45:0c:c2:a8:15:18:c2:e9:67:
07:9c:a0:c8:ec:9a:10:9a:07:ba:69:55:01:32:9a:fa:8f:2a:
aa:9b:ab:13:97:e7:4f:bc:26:08:b8:2f:be:05:b1:77:b5:8f:
c9:4a:90:37:ff:04:09:90:63:93:29:86:b2:52:cc:87:aa:8e:
4e:74:6b:60
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZC2wJutDkjtyIJQ8bZtNvOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwNzE1MTQxNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTM2NzkxOGEyYmViODFiYjMyZWI0YjNkYzY1OWEwMDkxNGVkN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNbSdLVWsXJZA4W4hekDAiKaa49+
EGQ2I5ftL3Gkp2hBzcRPisu1pFkLq89QsDlVqwIG2DRANiI8QzXOQcPvR7to2Hd/
T7iQCh0E+n3HF0sTo0YbMsBJhQy0AOxOLddu8O4mi4YSY3fWgZY0cTTnAw0CBDVb
4HZJ8cjH9sgzD8HzmIVY2qnwBjiCj/mljiYkUSik9s0i6XZ2cj4QcKB7IjpmdArF
H4DhhWhiDv7/ta99lW1TE3bNg0dm4F+gqUdH3LAE+49rAkbuQUYHPQP7IEYTIIsn
eYEP/ZEDW3PHeLhRU1dhCL5mxHBJUADFE6+QZep6Oxx5DZenXemwi0urGwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHE2eRiivrgbsy60s9xlmgCRTte0MB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvY1RaNUdLSy11QnV6THJTejNHV2FBSkZPMTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCAjuYAwQB
LVviAwQALY6YAwQALY6bAwQAucpnAwQAwe+WAwQAwn7KMA0GCSqGSIb3DQEBCwUA
A4IBAQBkq58uaFIhRzSnD+l9MG05cyIAOQvAZl/STUx4byx5eQMFl9qIKX9H9FIK
rpj8SlmWr3JR+Y41gQ6GOeb8bItg0i+wLARXKvcfX48ezXpJCeXLyV/bA3+vDnLb
ptsYpD1E9NH9h5kD5/WbSXWItRQ5NMXX+SGOMMC0ZhA+EWfEML5VfifC/hxizQsg
ZOrpEoBM+s98p6X/wcoNV0KNL/wFy1P9PjYk/3Y3CgPE/EOtNh3hUb8sYRyFd2Ve
IcJFDMKoFRjC6WcHnKDI7JoQmge6aVUBMpr6jyqqm6sTl+dPvCYIuC++BbF3tY/J
SpA3/wQJkGOTKYayUsyHqo5OdGtg
-----END CERTIFICATE-----
Generated at Sun Jul 28 10:23:37 2024 by rpki-client on console-ams.rpki-client.org