Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/rWe46CAVY7aP_PuwUJ8kEwioBdw.roa
File: rWe46CAVY7aP_PuwUJ8kEwioBdw.roa (raw, json)
Hash identifier: fJt97r1M6jG8SjciFFsILUeuQDi/V4JJ2n0a9SbuH7o=
Subject key identifier: AD:67:B8:E8:20:15:63:B6:8F:FC:FB:B0:50:9F:24:13:08:A8:05:DC
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 0190409DFFEBC7C74392AF35C2D632C2BE63
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/rWe46CAVY7aP_PuwUJ8kEwioBdw.roa
Signing time: Sat 22 Jun 2024 15:43:34 +0000
ROA not before: Sat 22 Jun 2024 15:43:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205960
IP address blocks: 2.59.153.0/24 maxlen: 24
2.59.154.0/24 maxlen: 24
45.91.225.0/24 maxlen: 24
91.204.224.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
185.202.101.0/24 maxlen: 24
193.239.151.0/24 maxlen: 24
194.126.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 03:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:40:9d:ff:eb:c7:c7:43:92:af:35:c2:d6:32:c2:be:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jun 22 15:43:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad67b8e8201563b68ffcfbb0509f241308a805dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5d:89:88:dd:48:fd:39:5e:f1:8f:d5:c2:69:
4f:5a:90:5d:b4:82:e8:d0:6c:ed:af:f1:16:1a:91:
3d:01:5d:31:d0:79:21:13:1b:58:2a:3d:3b:d8:1b:
ee:e0:a9:b5:f5:8b:0f:fa:55:60:6e:41:e4:19:4c:
c8:c6:c9:75:14:40:49:83:27:e2:6f:d9:2f:20:db:
fc:48:3a:e0:70:4c:47:86:07:3f:d4:31:97:6f:d5:
2f:bb:98:c5:ff:40:e0:db:24:78:75:4a:34:3e:d3:
8d:5e:16:d1:32:a7:40:f8:55:98:88:80:5c:2c:b0:
6b:6e:b1:bf:af:47:b4:4e:2b:3e:97:f5:fc:f8:fa:
03:cb:26:66:55:b9:98:cf:1b:8b:9f:18:6f:3e:8a:
35:99:27:5b:45:90:1e:41:4a:bd:4d:67:54:0e:22:
81:e2:1b:a1:8d:58:4b:0f:84:18:ef:ea:35:4f:cf:
ca:98:1d:1c:4b:8e:66:7d:6b:5a:f2:36:5e:08:7d:
3d:25:bb:5d:34:77:51:81:bd:31:ff:d7:f4:b6:7a:
a9:a3:b2:3d:89:22:6c:f0:c4:ff:74:4e:72:33:c2:
c9:dc:68:f8:2b:a8:19:c1:f6:2b:bf:bb:65:f1:54:
cb:14:e7:1e:f0:f9:79:ac:25:1d:3a:4c:6c:04:ae:
1c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:67:B8:E8:20:15:63:B6:8F:FC:FB:B0:50:9F:24:13:08:A8:05:DC
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/rWe46CAVY7aP_PuwUJ8kEwioBdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0-2.59.154.255
45.91.225.0/24
91.204.224.0/22
185.202.101.0/24
193.239.151.0/24
194.126.215.0/24
Signature Algorithm: sha256WithRSAEncryption
54:0a:15:a8:4b:81:a6:28:9f:45:bd:93:0c:c1:db:ab:f2:ca:
9f:f7:9e:50:4b:db:83:65:2a:37:aa:0f:e6:0f:50:73:e3:e9:
01:14:63:72:9e:f1:1a:17:cc:1c:c6:80:b0:98:4d:8d:df:50:
1d:16:01:05:96:81:de:a4:e3:a8:e0:53:fa:97:06:65:af:9e:
54:b6:1d:b4:5c:96:1e:00:86:52:a2:a4:ee:40:27:4b:5c:cb:
c6:96:2f:19:a9:1c:bd:0a:b6:76:84:a8:97:6a:79:35:28:4b:
ee:d4:48:c7:5b:c8:a9:ce:f9:33:9d:77:40:d1:06:ab:d2:06:
66:89:d1:a2:f7:25:6a:74:a1:a4:01:9f:8f:f3:90:b1:ee:4a:
e3:0f:5c:45:27:fb:5d:11:d3:05:fb:c7:73:56:af:92:92:62:
00:31:df:7f:1a:55:6b:45:02:75:df:94:7f:3f:e0:39:c2:51:
ca:e0:1c:e4:c9:ac:04:c0:cc:fe:e7:8b:b1:3f:b6:ff:a8:27:
10:59:6e:e2:11:88:e9:32:84:33:3c:3d:d8:53:10:9b:c9:e2:
d1:49:7e:e6:77:b4:3c:bb:a6:8f:5e:7c:94:9e:b6:84:f5:03:
a6:17:0c:05:29:33:67:36:a7:7b:67:e2:1f:e4:cc:e7:51:b4:
a6:fc:26:ab
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZBAnf/rx8dDkq81wtYywr5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwNjIyMTU0MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDY3YjhlODIwMTU2M2I2OGZmY2ZiYjA1MDlmMjQxMzA4YTgwNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4l2JiN1I/Tle8Y/VwmlPWpBdtILo
0Gztr/EWGpE9AV0x0HkhExtYKj072Bvu4Km19YsP+lVgbkHkGUzIxsl1FEBJgyfi
b9kvINv8SDrgcExHhgc/1DGXb9Uvu5jF/0Dg2yR4dUo0PtONXhbRMqdA+FWYiIBc
LLBrbrG/r0e0Tis+l/X8+PoDyyZmVbmYzxuLnxhvPoo1mSdbRZAeQUq9TWdUDiKB
4huhjVhLD4QY7+o1T8/KmB0cS45mfWta8jZeCH09JbtdNHdRgb0x/9f0tnqpo7I9
iSJs8MT/dE5yM8LJ3Gj4K6gZwfYrv7tl8VTLFOce8Pl5rCUdOkxsBK4cNQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFK1nuOggFWO2j/z7sFCfJBMIqAXcMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvcldlNDZDQVZZN2FQX1B1d1VKOGtFd2lvQmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAACO5kD
BAACO5oDBAAtW+EDBAJbzOADBAC5ymUDBADB75cDBADCftcwDQYJKoZIhvcNAQEL
BQADggEBAFQKFahLgaYon0W9kwzB26vyyp/3nlBL24NlKjeqD+YPUHPj6QEUY3Ke
8RoXzBzGgLCYTY3fUB0WAQWWgd6k46jgU/qXBmWvnlS2HbRclh4AhlKipO5AJ0tc
y8aWLxmpHL0KtnaEqJdqeTUoS+7USMdbyKnO+TOdd0DRBqvSBmaJ0aL3JWp0oaQB
n4/zkLHuSuMPXEUn+10R0wX7x3NWr5KSYgAx338aVWtFAnXflH8/4DnCUcrgHOTJ
rATAzP7ni7E/tv+oJxBZbuIRiOkyhDM8PdhTEJvJ4tFJfuZ3tDy7po9efJSetoT1
A6YXDAUpM2c2p3tn4h/kzOdRtKb8Jqs=
-----END CERTIFICATE-----
Generated at Thu Jul 4 05:04:50 2024 by rpki-client on console-ams.rpki-client.org