Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2Up2VkC_nzDaN3nPX6pZPzE2i3E.roa
File: 2Up2VkC_nzDaN3nPX6pZPzE2i3E.roa (raw, json)
Hash identifier: IRsYNfS0DfcmIYHGentbP0vRP3S0tDKTWIXNsPwBHVs=
Subject key identifier: D9:4A:76:56:40:BF:9F:30:DA:37:79:CF:5F:AA:59:3F:31:36:8B:71
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D7A9314F61010023E5DEA3FA2F94C0550
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2Up2VkC_nzDaN3nPX6pZPzE2i3E.roa
Signing time: Mon 05 Feb 2024 18:41:15 +0000
ROA not before: Mon 05 Feb 2024 18:41:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35048
IP address blocks: 2.59.50.0/24 maxlen: 24
5.183.130.0/24 maxlen: 24
45.84.176.0/24 maxlen: 24
45.84.177.0/24 maxlen: 24
92.119.193.0/24 maxlen: 24
94.158.190.0/24 maxlen: 24
193.53.168.0/24 maxlen: 24
194.32.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 18:11:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:93:14:f6:10:10:02:3e:5d:ea:3f:a2:f9:4c:05:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 5 18:41:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d94a765640bf9f30da3779cf5faa593f31368b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1c:7a:70:32:a0:33:f7:17:43:bc:d9:3f:5d:
88:b0:84:3b:b4:30:0c:92:4c:92:30:92:a1:d2:3c:
3f:0a:25:63:36:cb:7a:8b:b9:d2:04:c2:16:86:e5:
df:f9:76:a6:18:b6:28:8a:f4:0a:19:f7:a2:9d:22:
28:b6:3a:23:26:16:a7:8c:6e:62:b5:33:3d:92:b1:
54:ed:02:0b:a5:64:40:f2:af:0f:dc:2a:b3:d3:a0:
69:d2:8e:61:c8:89:ff:04:73:40:71:ae:db:19:a2:
47:1b:58:bd:1a:1c:94:67:f2:71:87:fd:54:45:5d:
4b:1a:28:98:16:ab:af:0d:92:50:88:f8:3f:b8:db:
4b:a4:5e:8d:36:b7:14:5f:a0:d6:83:ba:5d:07:b2:
ad:fd:84:b9:41:1f:58:d2:52:e8:74:ca:d5:b8:84:
a0:66:61:9a:bd:67:23:21:eb:4a:58:55:3d:35:f3:
19:de:56:22:fc:e5:36:d8:1d:75:0b:66:8d:f0:87:
2e:1e:ab:7f:8b:5a:25:69:0b:65:ce:90:8d:d9:b5:
c7:5e:fb:54:b3:ac:07:85:cd:2a:80:a6:08:75:59:
bc:1b:fd:79:0d:ed:da:8c:59:33:63:c0:93:9e:05:
ea:56:ec:7a:46:f5:c7:d1:3f:41:4d:26:2a:43:58:
30:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:4A:76:56:40:BF:9F:30:DA:37:79:CF:5F:AA:59:3F:31:36:8B:71
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2Up2VkC_nzDaN3nPX6pZPzE2i3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.50.0/24
5.183.130.0/24
45.84.176.0/23
92.119.193.0/24
94.158.190.0/24
193.53.168.0/24
194.32.237.0/24
Signature Algorithm: sha256WithRSAEncryption
62:97:79:a9:3b:44:bb:0c:1b:3f:44:2f:73:2f:4d:49:60:57:
59:1d:66:89:00:76:2c:4a:90:4c:5e:03:fe:27:de:26:35:f7:
4e:ec:86:cf:5e:19:59:22:17:b1:30:d7:f4:0b:73:2b:49:a1:
35:84:f8:15:2d:3d:02:61:d5:f0:61:c0:e3:1e:20:0b:d9:6e:
a0:e8:76:a3:8b:91:70:62:8e:db:d7:45:4a:ed:bf:93:95:2d:
5d:30:68:62:dc:c0:e1:62:c2:2c:2e:a9:c8:8a:91:5b:3e:df:
a8:10:50:52:2e:8c:07:b0:47:7b:99:9c:c7:25:0f:50:6a:8f:
cb:58:12:7b:a1:2e:fd:8b:f6:02:fe:b5:52:52:75:ff:13:1b:
bd:93:2a:ec:6f:15:46:78:7b:2e:80:69:a5:eb:b9:cd:e0:c7:
97:be:e8:fa:64:37:b1:ed:2a:0f:99:b8:84:c9:65:91:fd:6d:
94:2f:8a:e4:0a:3a:1c:14:ac:7b:5b:43:b4:6c:a3:23:46:3e:
19:aa:5b:ff:4a:2b:0d:62:d8:8f:56:0f:e3:87:a6:34:22:a1:
5b:86:b4:35:6c:c6:f7:11:4a:c7:01:cd:86:65:bc:a6:a6:4d:
dc:8a:1b:03:2c:f3:6b:b4:8a:b1:3d:1e:5f:06:ed:3f:fc:32:
e2:77:a5:02
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY16kxT2EBACPl3qP6L5TAVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA1MTg0MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTRhNzY1NjQwYmY5ZjMwZGEzNzc5Y2Y1ZmFhNTkzZjMxMzY4YjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBx6cDKgM/cXQ7zZP12IsIQ7tDAM
kkySMJKh0jw/CiVjNst6i7nSBMIWhuXf+XamGLYoivQKGfeinSIotjojJhanjG5i
tTM9krFU7QILpWRA8q8P3Cqz06Bp0o5hyIn/BHNAca7bGaJHG1i9GhyUZ/Jxh/1U
RV1LGiiYFquvDZJQiPg/uNtLpF6NNrcUX6DWg7pdB7Kt/YS5QR9Y0lLodMrVuISg
ZmGavWcjIetKWFU9NfMZ3lYi/OU22B11C2aN8IcuHqt/i1olaQtlzpCN2bXHXvtU
s6wHhc0qgKYIdVm8G/15De3ajFkzY8CTngXqVux6RvXH0T9BTSYqQ1gwoQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNlKdlZAv58w2jd5z1+qWT8xNotxMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMlVwMlZrQ19uekRhTjNuUFg2cFpQekUyaTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjsyAwQA
BbeCAwQBLVSwAwQAXHfBAwQAXp6+AwQAwTWoAwQAwiDtMA0GCSqGSIb3DQEBCwUA
A4IBAQBil3mpO0S7DBs/RC9zL01JYFdZHWaJAHYsSpBMXgP+J94mNfdO7IbPXhlZ
IhexMNf0C3MrSaE1hPgVLT0CYdXwYcDjHiAL2W6g6Haji5FwYo7b10VK7b+TlS1d
MGhi3MDhYsIsLqnIipFbPt+oEFBSLowHsEd7mZzHJQ9Qao/LWBJ7oS79i/YC/rVS
UnX/Exu9kyrsbxVGeHsugGml67nN4MeXvuj6ZDex7SoPmbiEyWWR/W2UL4rkCjoc
FKx7W0O0bKMjRj4Zqlv/SisNYtiPVg/jh6Y0IqFbhrQ1bMb3EUrHAc2GZbympk3c
ihsDLPNrtIqxPR5fBu0//DLid6UC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org