Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/qCuVIBBdMszTjnvnU3ReQCa1-co.roa
File: qCuVIBBdMszTjnvnU3ReQCa1-co.roa (raw, json)
Hash identifier: 7uwDRnjHXnI67frfevbwxnqsmPnAW2y/pln5jOU0TSk=
Subject key identifier: A8:2B:95:20:10:5D:32:CC:D3:8E:7B:E7:53:74:5E:40:26:B5:F9:CA
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CA7012144883781BC0BBEE9E7615F6170
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/qCuVIBBdMszTjnvnU3ReQCa1-co.roa
Signing time: Tue 26 Dec 2023 16:41:58 +0000
ROA not before: Tue 26 Dec 2023 16:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137427
IP address blocks: 2.59.153.0/24 maxlen: 24
91.204.224.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
185.202.101.0/24 maxlen: 24
193.239.151.0/24 maxlen: 24
45.91.225.0/24 maxlen: 24
194.126.215.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a7:01:21:44:88:37:81:bc:0b:be:e9:e7:61:5f:61:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 26 16:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a82b9520105d32ccd38e7be753745e4026b5f9ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:54:d2:0d:86:9b:c3:13:ef:e9:62:99:11:bc:
10:9e:48:d1:8c:ef:1b:63:f6:8c:2e:a3:5f:12:df:
85:aa:4d:82:30:b5:ad:20:9c:34:22:60:bf:34:2f:
7f:53:f8:03:ec:7c:fc:47:35:b0:91:f2:1d:55:10:
31:64:3f:b8:c9:44:4b:94:ae:17:a5:9b:15:54:68:
25:44:bd:86:56:18:c9:1d:9a:4e:54:8c:8d:4b:04:
0e:dc:e5:8a:e7:c7:a1:10:3d:dd:18:2c:43:0c:c2:
eb:9f:b4:4f:46:02:ea:42:a1:ec:17:6f:37:e4:1c:
d9:53:90:74:2d:56:8a:54:a3:1f:79:45:26:c2:0f:
05:4e:72:46:33:02:ad:de:3c:f0:4e:3c:0c:f2:4b:
40:09:89:0e:40:61:50:8f:a9:b7:78:e3:b2:fa:48:
15:f9:b8:55:a7:92:fe:14:5b:b2:45:2e:54:18:7b:
e5:5e:c2:ce:7a:d0:18:60:f2:c3:82:df:5d:ee:63:
3d:1e:68:8d:c4:5d:56:f7:6e:69:c3:ed:64:7e:4b:
d5:a4:a1:a5:37:01:0e:79:f4:9f:af:70:1c:ec:76:
27:88:11:03:31:91:ad:07:46:bd:24:df:ec:76:74:
03:30:43:f1:00:bf:bf:64:3d:2e:0e:96:e7:fa:67:
f5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2B:95:20:10:5D:32:CC:D3:8E:7B:E7:53:74:5E:40:26:B5:F9:CA
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/qCuVIBBdMszTjnvnU3ReQCa1-co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0/24
45.91.225.0/24
91.204.224.0/22
185.202.101.0/24
193.239.151.0/24
194.126.215.0/24
Signature Algorithm: sha256WithRSAEncryption
07:26:29:95:a4:ca:04:61:06:8b:e1:72:9e:80:24:df:62:d7:
60:8f:09:43:05:2c:66:2c:76:b4:a1:48:eb:2f:ac:a6:31:f9:
13:d2:70:30:19:19:12:15:ba:7a:b1:fa:23:0a:2e:84:4f:f6:
87:65:bb:b5:02:96:5d:47:7a:ff:3c:df:44:db:e6:3c:14:1f:
e9:bf:da:21:65:53:00:53:31:a8:f2:b1:db:19:e5:5e:29:22:
55:f4:18:1e:60:3e:67:f6:83:bc:8b:72:e5:97:c6:5d:71:68:
13:be:6f:1c:70:f7:6b:b4:8a:f7:59:9a:d1:b0:b0:b5:17:18:
c9:7e:ae:b4:64:0e:de:05:0e:98:34:fd:e2:99:41:0f:fa:77:
5f:b2:b1:a7:c4:79:b6:52:f2:b4:f2:04:39:55:ad:f9:26:28:
df:79:a4:aa:7c:b2:ed:ce:bc:2f:49:8d:37:93:68:40:fc:e2:
80:e5:a4:55:1e:03:07:9c:f4:10:12:23:d7:13:e7:64:49:71:
49:78:27:ac:8f:03:03:fb:6f:63:65:11:7f:8b:b7:81:06:59:
c5:95:74:ef:c0:1c:08:70:fe:43:48:f8:12:94:da:d8:cc:8b:
89:de:02:cc:20:5a:05:84:65:8e:30:75:cb:89:5d:3b:8d:35:
34:95:cb:9e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYynASFEiDeBvAu+6edhX2FwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjI2MTY0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODJiOTUyMDEwNWQzMmNjZDM4ZTdiZTc1Mzc0NWU0MDI2YjVmOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1TSDYabwxPv6WKZEbwQnkjRjO8b
Y/aMLqNfEt+Fqk2CMLWtIJw0ImC/NC9/U/gD7Hz8RzWwkfIdVRAxZD+4yURLlK4X
pZsVVGglRL2GVhjJHZpOVIyNSwQO3OWK58ehED3dGCxDDMLrn7RPRgLqQqHsF283
5BzZU5B0LVaKVKMfeUUmwg8FTnJGMwKt3jzwTjwM8ktACYkOQGFQj6m3eOOy+kgV
+bhVp5L+FFuyRS5UGHvlXsLOetAYYPLDgt9d7mM9HmiNxF1W925pw+1kfkvVpKGl
NwEOefSfr3Ac7HYniBEDMZGtB0a9JN/sdnQDMEPxAL+/ZD0uDpbn+mf1iwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKgrlSAQXTLM045751N0XkAmtfnKMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvcUN1VklCQmRNc3pUam52blUzUmVRQ2ExLWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjuZAwQA
LVvhAwQCW8zgAwQAucplAwQAwe+XAwQAwn7XMA0GCSqGSIb3DQEBCwUAA4IBAQAH
JimVpMoEYQaL4XKegCTfYtdgjwlDBSxmLHa0oUjrL6ymMfkT0nAwGRkSFbp6sfoj
Ci6ET/aHZbu1ApZdR3r/PN9E2+Y8FB/pv9ohZVMAUzGo8rHbGeVeKSJV9BgeYD5n
9oO8i3Lll8ZdcWgTvm8ccPdrtIr3WZrRsLC1FxjJfq60ZA7eBQ6YNP3imUEP+ndf
srGnxHm2UvK08gQ5Va35JijfeaSqfLLtzrwvSY03k2hA/OKA5aRVHgMHnPQQEiPX
E+dkSXFJeCesjwMD+29jZRF/i7eBBlnFlXTvwBwIcP5DSPgSlNrYzIuJ3gLMIFoF
hGWOMHXLiV07jTU0lcue
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:03 2024 by rpki-client on console-fra.rpki-client.org