Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4DrXti_ymXobk3bQnaMxXvB2KuU.roa
File: 4DrXti_ymXobk3bQnaMxXvB2KuU.roa (raw, json)
Hash identifier: k6AH8tctxzI9dV9DXkypZ53ahH735Vm6ngCvfdE//sg=
Subject key identifier: E0:3A:D7:B6:2F:F2:99:7A:1B:93:76:D0:9D:A3:31:5E:F0:76:2A:E5
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D7A93136E551C75CD27A94A02A161D440
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4DrXti_ymXobk3bQnaMxXvB2KuU.roa
Signing time: Mon 05 Feb 2024 18:41:15 +0000
ROA not before: Mon 05 Feb 2024 18:41:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 2.59.48.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.80.120.0/22 maxlen: 22
94.158.188.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 18:11:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:93:13:6e:55:1c:75:cd:27:a9:4a:02:a1:61:d4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 5 18:41:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e03ad7b62ff2997a1b9376d09da3315ef0762ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:5f:e5:1c:65:0d:4c:e0:8b:c3:21:8e:4d:
ec:3d:ae:d1:e8:7d:7c:d4:ad:ec:49:d4:da:e0:54:
6d:14:51:83:85:e5:91:13:f3:e4:0e:12:d2:a9:55:
fa:db:39:5c:96:79:ee:8f:1f:49:86:cb:85:ff:24:
76:eb:b1:c6:f4:5a:36:04:35:8e:f1:88:c7:40:05:
9c:79:2b:2b:f9:79:da:e4:de:42:22:50:b6:a2:b0:
2e:d1:91:29:96:d8:57:4e:53:db:90:4b:59:ce:02:
4d:d1:a1:c9:4c:be:e2:7b:ed:6d:7c:6d:38:0c:82:
eb:b9:c4:4d:cf:d3:d2:e3:a4:93:6a:1f:d0:8b:ee:
e4:02:9d:36:bb:c1:da:79:3b:6d:c8:18:29:ec:6b:
6e:b9:71:50:ba:cf:00:77:56:5b:ef:11:81:2a:69:
48:46:ca:9a:05:0b:b0:a2:cd:ec:35:ef:e2:50:1a:
89:b9:48:bd:9f:21:9e:fc:95:44:bc:38:0b:26:e3:
b8:c1:33:77:4b:b9:95:23:a3:f8:65:e9:e5:e8:b4:
f8:44:ce:e2:68:ba:56:fc:12:48:23:12:7f:e2:20:
25:56:11:a8:1e:dc:67:29:af:8c:e2:c0:1f:49:c2:
3c:96:96:75:3a:b7:53:06:23:f4:a0:96:95:b0:34:
9c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3A:D7:B6:2F:F2:99:7A:1B:93:76:D0:9D:A3:31:5E:F0:76:2A:E5
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4DrXti_ymXobk3bQnaMxXvB2KuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
45.14.220.0/23
45.80.120.0/22
94.158.188.0/24
194.32.240.0/24
195.69.148.0/24
Signature Algorithm: sha256WithRSAEncryption
07:fb:b8:d2:23:4b:4d:77:e9:9f:1f:87:c2:d5:7c:35:b5:ae:
53:8a:db:fb:a9:21:00:07:26:fd:2b:d8:42:6e:a1:25:85:5b:
0e:f8:bf:c8:3b:37:08:52:81:c4:b1:f4:03:53:b2:d2:16:e9:
8b:68:78:07:07:9a:9d:0e:61:49:69:bd:e7:3e:9b:7f:5b:36:
a3:e0:0b:4d:60:be:a6:00:ad:24:b8:4b:9d:dc:27:f6:16:35:
04:4a:ad:51:30:00:b6:25:e7:9e:e5:35:93:21:f3:9a:61:17:
00:b5:da:c4:f1:3b:83:7b:bf:7c:49:4b:f2:aa:15:49:20:1a:
29:d7:85:f1:af:09:ef:4c:93:c5:3f:20:43:bc:f6:34:68:44:
1f:7e:8d:bf:8b:6a:ec:84:7c:cf:6a:64:c7:a5:ed:4f:6d:a8:
2c:a3:03:46:fb:83:6a:22:c3:63:41:b6:9d:ed:16:e3:38:cb:
51:ad:3c:3f:c4:3a:4a:33:f7:69:cd:5a:ff:56:66:a8:9c:e3:
5c:f3:1b:ec:67:d2:3c:20:99:8e:11:cb:15:76:bb:83:33:d3:
20:e5:40:dd:ef:cc:65:7c:bc:92:47:62:09:11:35:66:3a:fa:
fe:4b:54:4c:c7:70:11:30:6a:78:19:6c:99:fa:cb:2d:9c:44:
24:26:83:14
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY16kxNuVRx1zSepSgKhYdRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA1MTg0MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDNhZDdiNjJmZjI5OTdhMWI5Mzc2ZDA5ZGEzMzE1ZWYwNzYyYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL9f5RxlDUzgi8Mhjk3sPa7R6H18
1K3sSdTa4FRtFFGDheWRE/PkDhLSqVX62zlclnnujx9JhsuF/yR267HG9Fo2BDWO
8YjHQAWceSsr+Xna5N5CIlC2orAu0ZEplthXTlPbkEtZzgJN0aHJTL7ie+1tfG04
DILrucRNz9PS46STah/Qi+7kAp02u8HaeTttyBgp7GtuuXFQus8Ad1Zb7xGBKmlI
RsqaBQuwos3sNe/iUBqJuUi9nyGe/JVEvDgLJuO4wTN3S7mVI6P4Zenl6LT4RM7i
aLpW/BJIIxJ/4iAlVhGoHtxnKa+M4sAfScI8lpZ1OrdTBiP0oJaVsDScuQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOA617Yv8pl6G5N20J2jMV7wdirlMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvNERyWHRpX3ltWG9iazNiUW5hTXhYdkIyS3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjswAwQB
LQ7cAwQCLVB4AwQAXp68AwQAwiDwAwQAw0WUMA0GCSqGSIb3DQEBCwUAA4IBAQAH
+7jSI0tNd+mfH4fC1Xw1ta5Titv7qSEAByb9K9hCbqElhVsO+L/IOzcIUoHEsfQD
U7LSFumLaHgHB5qdDmFJab3nPpt/Wzaj4AtNYL6mAK0kuEud3Cf2FjUESq1RMAC2
Jeee5TWTIfOaYRcAtdrE8TuDe798SUvyqhVJIBop14XxrwnvTJPFPyBDvPY0aEQf
fo2/i2rshHzPamTHpe1PbagsowNG+4NqIsNjQbad7RbjOMtRrTw/xDpKM/dpzVr/
VmaonONc8xvsZ9I8IJmOEcsVdruDM9Mg5UDd78xlfLySR2IJETVmOvr+S1RMx3AR
MGp4GWyZ+sstnEQkJoMU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org