Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/qnBeRomY5i0pMxb1_j1Op4y-vBg.roa
File: qnBeRomY5i0pMxb1_j1Op4y-vBg.roa (raw, json)
Hash identifier: yRMRJo8imd0hMiEtJES0Ur5OFC1p9KjeJsug2skNttU=
Subject key identifier: AA:70:5E:46:89:98:E6:2D:29:33:16:F5:FE:3D:4E:A7:8C:BE:BC:18
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CA7069FD0630909DF4E9C61697853F5BF
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/qnBeRomY5i0pMxb1_j1Op4y-vBg.roa
Signing time: Tue 26 Dec 2023 16:47:58 +0000
ROA not before: Tue 26 Dec 2023 16:47:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136526
IP address blocks: 2.59.154.0/24 maxlen: 24
45.142.155.0/24 maxlen: 24
185.202.103.0/24 maxlen: 24
193.239.154.0/24 maxlen: 24
45.91.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a7:06:9f:d0:63:09:09:df:4e:9c:61:69:78:53:f5:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 26 16:47:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa705e468998e62d293316f5fe3d4ea78cbebc18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:21:18:42:8b:9b:10:14:c4:1e:37:da:18:c1:
e5:7e:f0:da:98:26:b4:da:68:d8:1a:91:0c:5b:e0:
bb:31:a9:de:25:44:33:15:50:74:7b:c8:26:90:e6:
7a:2d:72:1a:db:79:1a:8e:3e:8c:96:c1:5b:f6:83:
16:f7:9c:f8:3c:1b:4f:ca:65:55:a4:90:5e:20:86:
6e:2d:e0:8f:b1:26:9d:ff:80:a4:fa:6d:3a:ef:2f:
99:a0:9c:b6:50:05:16:09:0f:be:47:dd:81:ea:f9:
d3:41:1b:98:21:1f:b7:32:3e:86:67:b0:ec:f5:b6:
ce:a6:9c:db:1f:e7:16:af:99:86:29:02:60:fd:d5:
3f:7f:0d:cd:0d:18:c9:f6:03:ce:75:29:72:51:1a:
89:7b:df:a2:01:af:63:30:83:cc:58:a6:38:e9:2c:
40:a7:39:78:8d:f3:b3:85:68:3a:22:c9:88:10:71:
47:ae:f7:88:97:14:dd:c9:99:75:e8:7b:89:88:34:
90:f7:c5:13:6e:2f:f2:85:b3:04:b9:b3:42:e8:00:
cc:ae:b4:af:98:1d:92:98:b9:c7:29:30:9d:02:2d:
76:08:28:33:2c:fd:73:2b:a4:5a:e7:d2:5f:aa:36:
95:43:a8:14:56:72:2a:8b:7c:23:92:c6:08:2b:21:
bc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:70:5E:46:89:98:E6:2D:29:33:16:F5:FE:3D:4E:A7:8C:BE:BC:18
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/qnBeRomY5i0pMxb1_j1Op4y-vBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.154.0/24
45.91.227.0/24
45.142.155.0/24
185.202.103.0/24
193.239.154.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:3d:c2:70:8c:4b:29:ba:50:3a:0b:fc:13:be:1e:03:38:2c:
ea:07:50:b9:a6:1a:eb:5e:bd:94:88:05:65:36:e0:4d:f2:72:
62:06:d9:b6:28:95:49:50:78:5f:36:a4:0f:90:a3:be:ef:31:
26:4e:15:4c:8e:ec:67:e8:50:c2:e5:1a:00:79:43:0f:4c:aa:
32:28:de:f3:1f:27:4a:59:66:c6:9c:75:64:f1:3b:10:85:fc:
b0:08:56:f5:75:e2:87:2e:d3:5f:7a:fb:05:62:4e:fd:90:74:
b4:08:ad:18:15:5a:56:c4:3b:e3:a3:e8:1d:b5:2d:d0:46:ac:
6d:35:40:58:ab:3a:c6:a1:21:61:a9:6a:18:cd:ea:1d:21:c9:
a5:a2:e1:b6:1d:80:31:c2:a0:9f:49:a4:a3:63:d2:3d:dd:67:
93:05:06:16:8d:a4:66:2e:ca:a7:cf:d2:0c:5c:ad:0f:1e:46:
54:21:f2:36:32:6c:85:75:fc:c6:9b:3a:48:5e:a2:aa:3e:5f:
ef:8e:b9:b5:13:7f:ed:49:a7:5e:40:98:88:f2:19:95:63:60:
f3:39:18:5f:a8:95:47:a0:7f:14:ad:10:02:c1:b7:0c:fe:22:
a7:3d:67:12:37:ec:d5:fd:ef:b7:c1:4f:04:f0:99:48:e6:af:
f1:49:dd:cb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYynBp/QYwkJ306cYWl4U/W/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjI2MTY0NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTcwNWU0Njg5OThlNjJkMjkzMzE2ZjVmZTNkNGVhNzhjYmViYzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyEYQoubEBTEHjfaGMHlfvDamCa0
2mjYGpEMW+C7ManeJUQzFVB0e8gmkOZ6LXIa23kajj6MlsFb9oMW95z4PBtPymVV
pJBeIIZuLeCPsSad/4Ck+m067y+ZoJy2UAUWCQ++R92B6vnTQRuYIR+3Mj6GZ7Ds
9bbOppzbH+cWr5mGKQJg/dU/fw3NDRjJ9gPOdSlyURqJe9+iAa9jMIPMWKY46SxA
pzl4jfOzhWg6IsmIEHFHrveIlxTdyZl16HuJiDSQ98UTbi/yhbMEubNC6ADMrrSv
mB2SmLnHKTCdAi12CCgzLP1zK6Ra59JfqjaVQ6gUVnIqi3wjksYIKyG8GwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKpwXkaJmOYtKTMW9f49TqeMvrwYMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvcW5CZVJvbVk1aTBwTXhiMV9qMU9wNHktdkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjuaAwQA
LVvjAwQALY6bAwQAucpnAwQAwe+aMA0GCSqGSIb3DQEBCwUAA4IBAQB6PcJwjEsp
ulA6C/wTvh4DOCzqB1C5phrrXr2UiAVlNuBN8nJiBtm2KJVJUHhfNqQPkKO+7zEm
ThVMjuxn6FDC5RoAeUMPTKoyKN7zHydKWWbGnHVk8TsQhfywCFb1deKHLtNfevsF
Yk79kHS0CK0YFVpWxDvjo+gdtS3QRqxtNUBYqzrGoSFhqWoYzeodIcmlouG2HYAx
wqCfSaSjY9I93WeTBQYWjaRmLsqnz9IMXK0PHkZUIfI2MmyFdfzGmzpIXqKqPl/v
jrm1E3/tSadeQJiI8hmVY2DzORhfqJVHoH8UrRACwbcM/iKnPWcSN+zV/e+3wU8E
8JlI5q/xSd3L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org