Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/dH0Ha_BGyhNNJt-JUSQ0AvNPp_w.roa
File: dH0Ha_BGyhNNJt-JUSQ0AvNPp_w.roa (raw, json)
Hash identifier: 6YYK31uL7GOBfjdiX9ixRCPof7+/ij1LxcVwcxASsyM=
Subject key identifier: 74:7D:07:6B:F0:46:CA:13:4D:26:DF:89:51:24:34:02:F3:4F:A7:FC
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CDF44F759DBB99CD13A324709158EEDC7
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/dH0Ha_BGyhNNJt-JUSQ0AvNPp_w.roa
Signing time: Sat 06 Jan 2024 14:54:48 +0000
ROA not before: Sat 06 Jan 2024 14:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136038
IP address blocks: 2.59.152.0/22 maxlen: 22
2.59.155.0/24 maxlen: 24
45.142.152.0/24 maxlen: 24
185.202.103.0/24 maxlen: 24
193.239.150.0/24 maxlen: 24
194.126.202.0/24 maxlen: 24
45.91.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 03:35:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:df:44:f7:59:db:b9:9c:d1:3a:32:47:09:15:8e:ed:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 6 14:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=747d076bf046ca134d26df8951243402f34fa7fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:df:66:61:16:90:02:78:29:3c:a3:ed:36:e2:
2f:7b:62:a2:a3:98:83:c0:0c:76:dc:5d:d5:b8:72:
91:a2:ab:10:01:53:c1:ba:a4:ff:f6:07:a1:1b:05:
cd:10:4b:71:cf:1a:28:da:0c:e2:87:28:74:ae:70:
c9:72:92:28:f5:56:dc:f3:8a:c5:bd:5b:62:b8:a9:
01:aa:d2:65:4c:34:1d:3c:71:08:8f:c2:98:ab:0e:
ff:bf:52:97:b2:c2:8e:5f:36:8e:15:63:51:9d:ea:
bf:5e:4c:82:03:4f:24:f4:a5:ce:cf:60:f5:65:1f:
9b:a0:10:26:00:76:a3:a1:28:9b:c2:e5:29:ae:40:
34:72:3d:7a:97:4e:de:bf:91:1f:8e:bb:00:51:18:
1e:76:57:da:85:cd:e9:93:78:cf:bc:d8:69:7c:19:
c2:87:04:2a:20:c6:65:d6:38:98:41:88:09:49:86:
1b:08:41:54:92:0b:09:50:0d:e4:04:94:5b:c4:47:
b2:fc:99:87:8e:a6:8f:ec:08:b5:e6:4a:99:cf:24:
87:a0:3e:f1:de:72:12:54:40:6a:cb:ef:f0:c8:49:
26:98:90:b6:06:11:b9:be:4a:f5:da:15:e7:05:a3:
bb:c6:91:72:27:eb:a1:91:9e:a8:36:67:5c:a4:00:
a3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7D:07:6B:F0:46:CA:13:4D:26:DF:89:51:24:34:02:F3:4F:A7:FC
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/dH0Ha_BGyhNNJt-JUSQ0AvNPp_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/22
45.91.226.0/24
45.142.152.0/24
185.202.103.0/24
193.239.150.0/24
194.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
26:71:1f:6e:0b:6d:e9:cb:78:df:33:2f:bc:a1:75:66:92:b0:
1f:72:13:cb:bd:82:77:5e:24:bc:45:76:80:01:51:1c:42:02:
02:e6:f6:a3:8a:77:49:f5:34:7e:5f:40:93:95:5a:d0:e6:e7:
3f:ef:d1:9c:84:35:3a:92:5b:ad:58:ce:06:d1:45:89:53:b5:
a6:36:53:ea:6c:eb:3e:f1:86:cd:62:fa:40:26:3a:7c:1a:5d:
ca:46:73:29:5a:52:4f:a2:c8:c8:ee:4c:41:e7:f4:2a:0d:87:
f0:b0:c6:ff:87:4d:65:60:f6:dc:4f:f2:03:ab:dd:0b:9c:0b:
d9:bc:54:3e:71:8e:94:1b:8b:2f:5d:71:a2:79:65:2c:b0:19:
5e:d5:96:e5:0b:42:8e:41:3a:0f:ed:81:8e:5d:78:39:19:a5:
c9:95:e8:ab:45:eb:c3:3b:67:51:63:e3:c1:e8:5e:b4:a2:18:
99:83:01:e4:42:d0:0e:a9:0b:23:4c:22:ee:86:9f:37:5d:f4:
a3:08:25:09:39:f4:24:0a:93:a5:a8:fe:fd:93:bd:f5:3d:5e:
3b:48:28:a4:ee:ce:cb:d2:a6:9d:30:c8:90:ff:21:81:7a:ea:
13:4d:43:1b:8f:ae:28:b9:fd:7f:0c:1c:8c:86:2a:0c:75:a8:
43:0d:8e:b4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzfRPdZ27mc0ToyRwkVju3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwMTA2MTQ1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDdkMDc2YmYwNDZjYTEzNGQyNmRmODk1MTI0MzQwMmYzNGZhN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwt9mYRaQAngpPKPtNuIve2Kio5iD
wAx23F3VuHKRoqsQAVPBuqT/9gehGwXNEEtxzxoo2gzihyh0rnDJcpIo9Vbc84rF
vVtiuKkBqtJlTDQdPHEIj8KYqw7/v1KXssKOXzaOFWNRneq/XkyCA08k9KXOz2D1
ZR+boBAmAHajoSibwuUprkA0cj16l07ev5EfjrsAURgedlfahc3pk3jPvNhpfBnC
hwQqIMZl1jiYQYgJSYYbCEFUkgsJUA3kBJRbxEey/JmHjqaP7Ai15kqZzySHoD7x
3nISVEBqy+/wyEkmmJC2BhG5vkr12hXnBaO7xpFyJ+uhkZ6oNmdcpACjoQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHR9B2vwRsoTTSbfiVEkNALzT6f8MB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvZEgwSGFfQkd5aE5OSnQtSlVTUTBBdk5QcF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCAjuYAwQA
LVviAwQALY6YAwQAucpnAwQAwe+WAwQAwn7KMA0GCSqGSIb3DQEBCwUAA4IBAQAm
cR9uC23py3jfMy+8oXVmkrAfchPLvYJ3XiS8RXaAAVEcQgIC5vajindJ9TR+X0CT
lVrQ5uc/79GchDU6klutWM4G0UWJU7WmNlPqbOs+8YbNYvpAJjp8Gl3KRnMpWlJP
osjI7kxB5/QqDYfwsMb/h01lYPbcT/IDq90LnAvZvFQ+cY6UG4svXXGieWUssBle
1ZblC0KOQToP7YGOXXg5GaXJleirRevDO2dRY+PB6F60ohiZgwHkQtAOqQsjTCLu
hp83XfSjCCUJOfQkCpOlqP79k731PV47SCik7s7L0qadMMiQ/yGBeuoTTUMbj64o
uf1/DByMhioMdahDDY60
-----END CERTIFICATE-----
Generated at Thu Jul 4 05:04:50 2024 by rpki-client on console-ams.rpki-client.org