Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ClWf5HFw7IP9h0KzL6lzlclblY8.roa
File: ClWf5HFw7IP9h0KzL6lzlclblY8.roa (raw, json)
Hash identifier: iQGbnfCgKdMKd4VQE7fowvJju02bYoTABc7oF0Zh868=
Subject key identifier: 0A:55:9F:E4:71:70:EC:83:FD:87:42:B3:2F:A9:73:95:C9:5B:95:8F
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DCC65037EC4F5453057E8E7B6EB65A699
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ClWf5HFw7IP9h0KzL6lzlclblY8.roa
Signing time: Wed 21 Feb 2024 15:59:48 +0000
ROA not before: Wed 21 Feb 2024 15:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 2.59.48.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.80.120.0/22 maxlen: 22
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 17:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:65:03:7e:c4:f5:45:30:57:e8:e7:b6:eb:65:a6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 21 15:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a559fe47170ec83fd8742b32fa97395c95b958f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:38:2e:f0:f2:93:38:e4:6d:ac:18:8d:ab:ff:
36:ca:6f:c5:03:31:07:6a:33:04:5c:07:b3:ae:7a:
51:8d:cb:cd:51:19:9c:48:22:3a:0c:cb:7e:1d:7b:
e3:4e:c0:5f:b8:9d:ce:06:07:99:2a:c4:59:e7:84:
82:ef:a3:a8:3e:e6:98:14:4e:40:15:c6:8a:57:b1:
e3:fe:22:9f:a3:69:80:ed:69:8e:1b:32:88:af:ee:
e3:f2:43:b4:79:50:35:1a:9d:38:20:0b:56:19:09:
67:0e:b1:58:74:70:bf:13:b2:23:15:97:98:62:31:
46:f0:3a:07:aa:ea:da:b6:1b:ef:c3:d0:b7:6f:33:
cc:c9:31:47:b7:8e:b5:4a:18:b9:6f:2a:5c:de:29:
b9:30:f1:b5:5a:29:aa:ae:38:1c:be:d3:b5:a7:98:
d6:da:f2:46:d4:32:0d:ac:f0:dc:af:ec:6d:e2:57:
6e:64:12:6e:74:eb:ca:7b:99:30:95:48:8c:60:a6:
d6:de:93:d3:4d:db:d2:60:99:ff:11:dc:99:cc:a7:
d5:df:13:dd:45:c0:15:5d:ab:02:9d:48:cf:5d:6e:
b0:7e:6e:10:51:0b:64:f8:95:fa:e3:8b:af:65:60:
5c:6f:ff:40:12:2c:6e:d0:5b:e4:9d:09:5e:c4:23:
79:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:55:9F:E4:71:70:EC:83:FD:87:42:B3:2F:A9:73:95:C9:5B:95:8F
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ClWf5HFw7IP9h0KzL6lzlclblY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
37.221.80.0/24
45.11.22.0/24
45.14.220.0/23
45.80.120.0/22
45.89.68.0/24
45.89.71.0/24
94.158.188.0/24
176.124.34.0/24
185.212.112.0/24
193.3.18.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
Signature Algorithm: sha256WithRSAEncryption
68:3a:24:e6:10:10:e2:78:50:ac:df:58:3f:be:8c:a3:8d:3e:
18:62:7b:a8:fb:4c:4b:71:2c:c7:bc:32:96:57:6c:6f:92:38:
1b:cd:72:18:69:1d:c6:88:c6:74:5c:1c:6c:ea:04:ff:b5:93:
fd:16:79:64:b8:59:0d:5e:db:9b:6e:19:26:8c:70:ec:fa:8a:
8f:03:1d:47:62:4c:21:d3:ad:41:3d:24:06:00:73:c6:6a:f9:
e4:09:9b:f6:47:aa:33:ce:8e:33:61:b9:2a:d9:bd:a4:0c:ba:
fc:0e:ef:73:8e:12:03:5a:b8:64:5a:ba:71:94:67:69:bf:c5:
36:47:45:f1:f1:0e:ae:23:f5:0e:2b:ea:2d:6e:30:5f:2d:41:
84:49:db:bc:bc:11:11:96:54:66:96:ae:fd:b9:b3:85:bc:ca:
25:4e:5c:cd:6b:7a:dd:11:39:ba:46:ad:a2:0b:88:5a:b3:04:
1d:83:06:44:bc:b4:a8:58:04:c0:4f:6e:65:4a:c0:42:c6:70:
37:3d:55:f0:8d:b4:9c:a1:44:fd:26:e7:17:79:3e:f0:92:76:
a5:e6:f8:99:31:75:27:ac:97:c0:2f:b0:3e:19:8c:c1:83:30:
bb:9f:0b:63:4e:e9:f5:e1:bf:20:c9:4d:6e:a4:fe:f8:b3:57:
fa:e6:60:b4
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY3MZQN+xPVFMFfo57brZaaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIxMTU1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTU1OWZlNDcxNzBlYzgzZmQ4NzQyYjMyZmE5NzM5NWM5NWI5NThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTgu8PKTOORtrBiNq/82ym/FAzEH
ajMEXAezrnpRjcvNURmcSCI6DMt+HXvjTsBfuJ3OBgeZKsRZ54SC76OoPuaYFE5A
FcaKV7Hj/iKfo2mA7WmOGzKIr+7j8kO0eVA1Gp04IAtWGQlnDrFYdHC/E7IjFZeY
YjFG8DoHqurathvvw9C3bzPMyTFHt461Shi5bypc3im5MPG1WimqrjgcvtO1p5jW
2vJG1DINrPDcr+xt4lduZBJudOvKe5kwlUiMYKbW3pPTTdvSYJn/EdyZzKfV3xPd
RcAVXasCnUjPXW6wfm4QUQtk+JX644uvZWBcb/9AEixu0FvknQlexCN50wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFApVn+RxcOyD/YdCsy+pc5XJW5WPMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvQ2xXZjVIRnc3SVA5aDBLekw2bHpsY2xibFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAAjswAwQA
Jd1QAwQALQsWAwQBLQ7cAwQCLVB4AwQALVlEAwQALVlHAwQAXp68AwQAsHwiAwQA
udRwAwQAwQMSAwQAwiDwAwQAwxIaAwQAw0WUAwQAw0WWMA0GCSqGSIb3DQEBCwUA
A4IBAQBoOiTmEBDieFCs31g/voyjjT4YYnuo+0xLcSzHvDKWV2xvkjgbzXIYaR3G
iMZ0XBxs6gT/tZP9FnlkuFkNXtubbhkmjHDs+oqPAx1HYkwh061BPSQGAHPGavnk
CZv2R6ozzo4zYbkq2b2kDLr8Du9zjhIDWrhkWrpxlGdpv8U2R0Xx8Q6uI/UOK+ot
bjBfLUGESdu8vBERllRmlq79ubOFvMolTlzNa3rdETm6Rq2iC4haswQdgwZEvLSo
WATAT25lSsBCxnA3PVXwjbScoUT9JucXeT7wknal5viZMXUnrJfAL7A+GYzBgzC7
nwtjTun14b8gyU1upP74s1f65mC0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org