Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/DUXeZrrkzCJYQWla3iGXA-3FPY8.roa
File: DUXeZrrkzCJYQWla3iGXA-3FPY8.roa (raw, json)
Hash identifier: 380iWqwDwgB1RxoFsAfpYIM13NNWhK3+5E/Nhhymp5U=
Subject key identifier: 0D:45:DE:66:BA:E4:CC:22:58:41:69:5A:DE:21:97:03:ED:C5:3D:8F
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D692B06346FA643750449A6FEFA3C6FE5
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/DUXeZrrkzCJYQWla3iGXA-3FPY8.roa
Signing time: Fri 02 Feb 2024 09:34:03 +0000
ROA not before: Fri 02 Feb 2024 09:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35048
IP address blocks: 2.59.50.0/24 maxlen: 24
5.183.130.0/24 maxlen: 24
92.119.193.0/24 maxlen: 24
194.32.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 18:41:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:2b:06:34:6f:a6:43:75:04:49:a6:fe:fa:3c:6f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 2 09:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d45de66bae4cc225841695ade219703edc53d8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6c:5d:3c:15:6b:11:f7:79:db:3a:b9:ff:ad:
a1:84:da:4e:d8:43:96:ed:84:0a:91:6b:e9:3b:6d:
ea:eb:df:e8:b7:f9:a9:b6:d0:c4:7d:67:5a:e1:a1:
77:9e:a5:08:fe:34:81:1d:db:50:48:71:e5:c0:fc:
af:c7:0c:f9:f4:1e:96:ca:02:6e:05:81:29:64:a6:
fd:66:89:78:51:bf:42:89:cb:92:2d:89:80:2a:6d:
5a:22:a2:09:ea:69:2d:bc:af:4f:b1:79:3e:ab:14:
2e:46:e1:5b:22:fa:ba:cf:d8:88:88:e8:74:9b:28:
c0:f8:d2:ed:59:69:60:80:1a:4a:7c:2e:aa:6c:9a:
94:ef:fe:42:13:67:3e:01:6e:47:94:ba:43:f9:66:
2e:28:be:74:db:39:91:28:0d:98:2e:09:16:b4:16:
c6:e4:48:b0:34:33:e8:c3:51:33:e0:6e:1d:27:51:
97:ae:8b:43:aa:64:aa:7a:d6:84:b7:32:44:c8:d8:
fa:88:fd:4e:2b:67:4c:ac:2b:6c:34:28:b1:07:46:
29:d7:07:55:d8:41:c8:31:88:f0:7c:bb:78:da:55:
9d:23:ef:79:aa:40:89:44:14:a9:a1:a7:60:26:68:
5a:36:c7:7d:1e:3f:5f:5a:e2:8b:4f:12:1a:85:4d:
c8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:45:DE:66:BA:E4:CC:22:58:41:69:5A:DE:21:97:03:ED:C5:3D:8F
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/DUXeZrrkzCJYQWla3iGXA-3FPY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.50.0/24
5.183.130.0/24
92.119.193.0/24
194.32.237.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:77:f1:43:cd:cc:41:f0:55:63:77:f0:6f:6c:11:8a:1c:65:
b4:88:b8:25:20:8a:13:b3:b3:67:88:e1:7e:67:3a:92:e5:b5:
cb:4f:f8:9b:eb:77:e1:18:40:25:bc:90:37:5d:e6:87:ff:86:
d2:56:34:8a:a3:66:4c:df:80:23:ba:f0:89:30:4d:08:26:64:
53:af:75:96:a1:39:86:cf:01:d2:e3:15:49:eb:56:91:ad:8f:
90:c2:c4:8c:93:9b:78:71:10:d1:3e:20:74:8b:bc:c5:68:0a:
d8:c8:04:a2:94:b9:a8:53:fb:d5:b2:fc:c2:6c:22:15:2f:cf:
02:b1:e2:cc:a6:96:ae:06:e6:8c:2c:a6:ab:b7:97:37:a1:d4:
84:0d:ae:25:f3:70:98:56:36:e9:66:03:16:c3:ad:89:c9:da:
42:bb:11:4a:8e:cf:7c:80:d4:93:2f:8c:39:5f:32:a9:15:50:
6c:e7:db:8a:00:7a:d2:86:8d:69:5c:a6:ab:2d:f9:76:46:2f:
52:cc:16:49:4b:26:1f:f0:8f:4c:8f:e3:6a:96:48:b0:8f:b2:
60:47:90:67:fb:bd:6e:58:c0:4b:9e:bd:f5:57:04:4d:00:aa:
6b:10:a7:a6:0f:62:22:c7:f9:dd:57:54:d6:3b:55:12:b9:f4:
8b:f6:b4:cf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1pKwY0b6ZDdQRJpv76PG/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjAyMDkzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQ1ZGU2NmJhZTRjYzIyNTg0MTY5NWFkZTIxOTcwM2VkYzUzZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWxdPBVrEfd52zq5/62hhNpO2EOW
7YQKkWvpO23q69/ot/mpttDEfWda4aF3nqUI/jSBHdtQSHHlwPyvxwz59B6WygJu
BYEpZKb9Zol4Ub9CicuSLYmAKm1aIqIJ6mktvK9PsXk+qxQuRuFbIvq6z9iIiOh0
myjA+NLtWWlggBpKfC6qbJqU7/5CE2c+AW5HlLpD+WYuKL502zmRKA2YLgkWtBbG
5EiwNDPow1Ez4G4dJ1GXrotDqmSqetaEtzJEyNj6iP1OK2dMrCtsNCixB0Yp1wdV
2EHIMYjwfLt42lWdI+95qkCJRBSpoadgJmhaNsd9Hj9fWuKLTxIahU3IjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA1F3ma65MwiWEFpWt4hlwPtxT2PMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvRFVYZVpycmt6Q0pZUVdsYTNpR1hBLTNGUFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjsyAwQA
BbeCAwQAXHfBAwQAwiDtMA0GCSqGSIb3DQEBCwUAA4IBAQCad/FDzcxB8FVjd/Bv
bBGKHGW0iLglIIoTs7NniOF+ZzqS5bXLT/ib63fhGEAlvJA3XeaH/4bSVjSKo2ZM
34AjuvCJME0IJmRTr3WWoTmGzwHS4xVJ61aRrY+QwsSMk5t4cRDRPiB0i7zFaArY
yASilLmoU/vVsvzCbCIVL88CseLMppauBuaMLKart5c3odSEDa4l83CYVjbpZgMW
w62JydpCuxFKjs98gNSTL4w5XzKpFVBs59uKAHrSho1pXKarLfl2Ri9SzBZJSyYf
8I9Mj+Nqlkiwj7JgR5Bn+71uWMBLnr31VwRNAKprEKemD2Iix/ndV1TWO1USufSL
9rTP
-----END CERTIFICATE-----
Generated at Tue Feb 6 01:26:44 2024 by rpki-client on console-ams.rpki-client.org