Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/xVFBKjhvIMBn-Tn-Stu7xannelc.roa
File: xVFBKjhvIMBn-Tn-Stu7xannelc.roa (raw, json)
Hash identifier: DhF3Z6+vMWXn/D5W936tj/UqgiTJm+AB3MWoDqPEdAM=
Subject key identifier: C5:51:41:2A:38:6F:20:C0:67:F9:39:FE:4A:DB:BB:C5:A9:E7:7A:57
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0192B5EAC1AD059A2FB7A08244CEE7EE39AD
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/xVFBKjhvIMBn-Tn-Stu7xannelc.roa
Signing time: Tue 22 Oct 2024 20:28:33 +0000
ROA not before: Tue 22 Oct 2024 20:28:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 2.59.161.0/24 maxlen: 24
2.59.163.0/24 maxlen: 24
62.133.60.0/24 maxlen: 24
62.133.61.0/24 maxlen: 24
62.133.62.0/24 maxlen: 24
62.133.63.0/24 maxlen: 24
194.156.102.0/24 maxlen: 24
194.156.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 11:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b5:ea:c1:ad:05:9a:2f:b7:a0:82:44:ce:e7:ee:39:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Oct 22 20:28:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c551412a386f20c067f939fe4adbbbc5a9e77a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:72:cb:cf:22:00:40:2d:37:16:ef:85:40:63:
e9:98:e2:6f:b2:80:1b:45:a7:60:49:0c:73:bc:e2:
32:96:0f:d6:98:0b:1d:a2:dc:71:00:27:17:49:39:
f9:94:3c:41:f2:1b:17:95:e3:d3:06:6d:65:09:5a:
2b:3b:fa:d8:4f:8a:86:97:91:41:a6:45:c8:76:16:
3f:3c:f9:57:5d:9b:7f:ae:41:5b:b2:39:85:00:29:
bc:e3:72:9f:73:a8:64:d4:1e:91:2d:57:7c:d9:60:
68:45:0a:a3:02:d8:4e:14:23:c0:fa:0c:4f:d1:17:
eb:7a:78:67:40:c4:bb:98:17:45:fa:cb:a4:31:ec:
bc:e2:10:c8:22:58:c8:3a:8e:a1:c3:5c:08:c6:e8:
3e:5b:0d:2d:e9:88:ab:f9:cd:b2:7f:8a:e2:08:2b:
77:e3:8a:a9:d6:d1:4a:3d:71:d6:0e:7e:bb:cb:a9:
f1:33:31:86:b3:36:88:c5:8f:7b:e7:7e:c4:2b:eb:
bd:c7:cc:d5:cb:53:d3:ea:89:d9:be:69:66:97:d9:
67:63:85:1f:8f:f5:23:4b:56:91:d3:ea:cf:36:dc:
8d:d7:d0:04:68:1e:6c:5d:60:78:c7:7a:74:c6:27:
de:04:f9:67:46:4f:1c:3d:c9:c5:48:8c:2b:05:51:
2b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:51:41:2A:38:6F:20:C0:67:F9:39:FE:4A:DB:BB:C5:A9:E7:7A:57
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/xVFBKjhvIMBn-Tn-Stu7xannelc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.161.0/24
2.59.163.0/24
62.133.60.0/22
194.156.102.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:30:a3:d4:ca:5d:08:51:51:f4:46:60:43:2a:d7:4f:75:fd:
5f:cb:8b:0f:2c:0d:b4:98:4e:10:a2:73:8c:cd:bc:82:b8:4a:
70:a1:2d:59:b3:1e:15:8d:08:19:11:e5:d6:94:da:6c:0f:f0:
d4:17:67:2b:e9:e2:1d:84:f1:6f:63:85:21:44:99:88:51:c1:
4c:98:7b:fc:de:95:40:2b:95:ae:95:d3:30:c0:11:e1:7c:05:
e7:33:30:42:d2:61:25:7e:3a:22:60:81:87:5a:53:e6:a9:98:
5f:d2:04:df:01:6e:d1:96:3e:5f:c6:c3:7d:80:bf:7c:87:b1:
b3:0b:1a:78:8b:60:03:fc:36:b3:0a:f4:82:0c:da:cb:f0:5c:
07:7c:10:02:14:88:8c:ac:77:d4:28:30:81:a7:76:18:c6:43:
a4:4c:91:29:5a:d4:4d:32:e2:16:0f:a5:10:92:94:da:c9:10:
bf:52:bd:50:c4:e5:56:3d:f2:7b:78:5c:3e:ca:04:08:32:c5:
5c:37:ff:58:5b:63:c5:91:2e:ba:f9:a8:58:5a:36:99:48:7f:
3a:59:34:b9:0d:fb:c2:c5:f1:a3:84:09:f5:b1:e8:5f:91:d5:
8f:57:48:db:bd:40:1a:31:17:66:f3:9f:10:2c:97:fc:ac:0f:
b3:86:08:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZK16sGtBZovt6CCRM7n7jmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQxMDIyMjAyODMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTUxNDEyYTM4NmYyMGMwNjdmOTM5ZmU0YWRiYmJjNWE5ZTc3YTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHLLzyIAQC03Fu+FQGPpmOJvsoAb
RadgSQxzvOIylg/WmAsdotxxACcXSTn5lDxB8hsXlePTBm1lCVorO/rYT4qGl5FB
pkXIdhY/PPlXXZt/rkFbsjmFACm843Kfc6hk1B6RLVd82WBoRQqjAthOFCPA+gxP
0RfrenhnQMS7mBdF+sukMey84hDIIljIOo6hw1wIxug+Ww0t6Yir+c2yf4riCCt3
44qp1tFKPXHWDn67y6nxMzGGszaIxY97537EK+u9x8zVy1PT6onZvmlml9lnY4Uf
j/UjS1aR0+rPNtyN19AEaB5sXWB4x3p0xifeBPlnRk8cPcnFSIwrBVErQQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMVRQSo4byDAZ/k5/krbu8Wp53pXMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEveFZGQktqaHZJTUJuLVRuLVN0dTd4YW5uZWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjuhAwQA
AjujAwQCPoU8AwQBwpxmMA0GCSqGSIb3DQEBCwUAA4IBAQAaMKPUyl0IUVH0RmBD
KtdPdf1fy4sPLA20mE4QonOMzbyCuEpwoS1Zsx4VjQgZEeXWlNpsD/DUF2cr6eId
hPFvY4UhRJmIUcFMmHv83pVAK5WuldMwwBHhfAXnMzBC0mElfjoiYIGHWlPmqZhf
0gTfAW7Rlj5fxsN9gL98h7GzCxp4i2AD/DazCvSCDNrL8FwHfBACFIiMrHfUKDCB
p3YYxkOkTJEpWtRNMuIWD6UQkpTayRC/Ur1QxOVWPfJ7eFw+ygQIMsVcN/9YW2PF
kS66+ahYWjaZSH86WTS5DfvCxfGjhAn1sehfkdWPV0jbvUAaMRdm858QLJf8rA+z
hghv
-----END CERTIFICATE-----
Generated at Wed Oct 23 16:02:56 2024 by rpki-client on console-ams.rpki-client.org