Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/C7z2G6QRY44IZUD3_PxO3s1Rhz8.roa
File: C7z2G6QRY44IZUD3_PxO3s1Rhz8.roa (raw, json)
Hash identifier: C5JrcT0dtmHBbOR8yIhx4SLgVY9bvVsCbrUAbEq9H90=
Subject key identifier: 0B:BC:F6:1B:A4:11:63:8E:08:65:40:F7:FC:FC:4E:DE:CD:51:87:3F
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 01914A48539FA0C17613AA319C0CB4143DBD
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/C7z2G6QRY44IZUD3_PxO3s1Rhz8.roa
Signing time: Tue 13 Aug 2024 05:48:59 +0000
ROA not before: Tue 13 Aug 2024 05:48:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34471
IP address blocks: 2.59.108.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
37.122.219.0/24 maxlen: 24
45.92.132.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
89.40.84.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
185.4.32.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
185.83.132.0/22 maxlen: 24
185.103.148.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
185.223.216.0/22 maxlen: 24
185.228.124.0/22 maxlen: 24
185.239.160.0/22 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
194.156.72.0/22 maxlen: 24
2a02:5dc0::/32 maxlen: 32
2a02:5fc0::/32 maxlen: 48
2a03:440::/32 maxlen: 32
2a05:9b00::/29 maxlen: 29
2a05:a800::/29 maxlen: 29
2a06:3c00::/29 maxlen: 29
2a09:eac0::/29 maxlen: 29
2a0a:1280::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 30 Oct 2024 15:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4a:48:53:9f:a0:c1:76:13:aa:31:9c:0c:b4:14:3d:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Aug 13 05:48:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bbcf61ba411638e086540f7fcfc4edecd51873f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3e:57:18:53:65:ff:d8:8b:0a:10:85:75:6c:
11:e2:6f:17:f6:2a:9b:b9:b9:9c:3a:0f:f7:6b:d0:
c2:22:e0:89:f5:fe:4b:1c:88:98:46:e7:79:7e:3f:
07:21:5c:56:08:fe:33:92:9d:39:2f:6b:78:26:62:
c0:03:34:db:a2:34:ce:aa:08:87:ae:48:20:98:6c:
4c:2b:25:e7:16:e3:77:3d:91:21:c1:38:86:d7:ec:
7c:ad:d3:6a:e1:34:eb:5a:a7:76:b2:a7:d7:ff:4c:
c7:72:c7:6e:52:01:f3:89:55:12:4b:79:fa:9c:95:
12:60:9b:6f:65:00:2d:c4:4b:9b:60:58:84:c1:67:
01:ab:c0:69:c2:d2:ca:1b:01:01:13:ce:a3:28:28:
41:82:6c:19:c7:de:0e:90:ad:f3:9e:83:d2:61:8b:
65:c6:f1:c0:f7:94:40:43:be:74:d6:89:f0:11:c3:
9f:2a:41:0a:4b:66:cb:5a:1d:73:01:df:97:91:3e:
cb:be:f6:aa:33:5d:7f:40:8e:ac:35:87:b6:68:da:
39:25:35:2e:1f:f7:99:4d:8e:d7:2b:03:04:40:bb:
a7:a4:76:73:f0:54:a0:07:d3:f8:04:e7:b7:88:d9:
67:da:c6:94:5a:fc:7c:95:24:e8:84:59:44:34:05:
43:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BC:F6:1B:A4:11:63:8E:08:65:40:F7:FC:FC:4E:DE:CD:51:87:3F
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/C7z2G6QRY44IZUD3_PxO3s1Rhz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.108.0/22
31.25.176.0/21
37.122.219.0/24
45.92.132.0/22
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.103.148.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.223.216.0/22
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
0b:ba:ca:44:28:4b:d2:49:ea:57:f9:4d:1d:3f:92:45:54:97:
9d:f2:c3:a1:6e:d0:92:e0:47:d1:a1:26:ab:12:96:c8:b6:96:
81:29:4c:20:bd:4a:96:fd:d5:14:c9:27:38:26:21:ea:b5:14:
5a:4b:65:26:b3:b1:cf:46:22:f6:44:8e:d3:1a:7b:fa:a7:80:
c1:0f:ef:30:37:12:21:0c:f1:3d:36:31:ed:0c:f3:85:14:1f:
86:af:3e:e3:98:4a:40:6e:dc:e4:3b:02:80:58:93:6e:3a:96:
ca:f5:55:12:62:79:be:5f:6e:4e:24:ca:c8:3c:9a:5a:7f:bb:
35:89:71:e3:6a:51:99:13:0d:b7:97:fd:08:fb:41:a3:b4:79:
73:24:74:e9:44:98:32:08:96:49:41:cc:c0:ac:47:c6:54:2a:
88:ad:75:f6:4d:47:75:56:d3:b7:a7:dd:90:1c:50:c0:20:a0:
56:46:6d:0d:b8:69:9d:09:f1:a3:a9:e3:94:a6:61:b3:48:ca:
08:ca:45:43:41:eb:65:e1:6a:f5:3b:c8:ab:54:5f:7c:7e:8e:
c3:67:4b:c2:e5:3a:c4:7e:cd:4e:da:13:80:70:f3:d8:3a:ec:
6f:08:52:0b:3d:8d:30:4e:bf:36:f7:4e:13:7d:e8:fe:e4:cd:
b1:b3:6d:42
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAZFKSFOfoMF2E6oxnAy0FD29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjQwODEzMDU0ODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmJjZjYxYmE0MTE2MzhlMDg2NTQwZjdmY2ZjNGVkZWNkNTE4NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsz5XGFNl/9iLChCFdWwR4m8X9iqb
ubmcOg/3a9DCIuCJ9f5LHIiYRud5fj8HIVxWCP4zkp05L2t4JmLAAzTbojTOqgiH
rkggmGxMKyXnFuN3PZEhwTiG1+x8rdNq4TTrWqd2sqfX/0zHcsduUgHziVUSS3n6
nJUSYJtvZQAtxEubYFiEwWcBq8BpwtLKGwEBE86jKChBgmwZx94OkK3znoPSYYtl
xvHA95RAQ7501onwEcOfKkEKS2bLWh1zAd+XkT7LvvaqM11/QI6sNYe2aNo5JTUu
H/eZTY7XKwMEQLunpHZz8FSgB9P4BOe3iNln2saUWvx8lSTohFlENAVDTwIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFAu89hukEWOOCGVA9/z8Tt7NUYc/MB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvQzd6Mkc2UVJZNDRJWlVEM19QeE8zczFSaHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH+BggrBgEFBQcBBwEB/wSB7jCB6zCBoQQCAAEwgZoDBAIC
O2wDBAMfGbADBAAletsDBAItXIQDBAMuHKADBAJZKFQDBAJb8pQDBANt6xADBAWw
OEADBAK5BCADBAK5BVQDBAK5CvgDBAK5RpgDBAK5U4QDBAK5Z5QDBAK5mRADBAK5
sGgwDAMEALnN/QMEALnN/gMEArnf2AMEArnkfAMEArnvoDAMAwQBwfaaAwQBwfac
AwQCwpxIMEUEAgACMD8DBQAqAl3AAwUAKgJfwAMFACoDBEADBQMqBZsAAwUDKgWo
AAMFAyoGPAADBQMqCerAAwUDKgoSgAMFAyoLDEAwDQYJKoZIhvcNAQELBQADggEB
AAu6ykQoS9JJ6lf5TR0/kkVUl53yw6Fu0JLgR9GhJqsSlsi2loEpTCC9Spb91RTJ
JzgmIeq1FFpLZSazsc9GIvZEjtMae/qngMEP7zA3EiEM8T02Me0M84UUH4avPuOY
SkBu3OQ7AoBYk246lsr1VRJieb5fbk4kysg8mlp/uzWJceNqUZkTDbeX/Qj7QaO0
eXMkdOlEmDIIlklBzMCsR8ZUKoitdfZNR3VW07en3ZAcUMAgoFZGbQ24aZ0J8aOp
45SmYbNIygjKRUNB62XhavU7yKtUX3x+jsNnS8LlOsR+zU7aE4Bw89g67G8IUgs9
jTBOvzb3ThN96P7kzbGzbUI=
-----END CERTIFICATE-----
Generated at Wed Oct 30 19:19:41 2024 by rpki-client on console-ams.rpki-client.org